checkPermissions() public static method

public static checkPermissions ( string $filter, integer $permission = Horde_Perms::READ, mixed $in = null ) : mixed
$filter string The type of channel
$permission integer Horde_Perms:: constant
$in mixed ??
return mixed An array of results or a single boolean?
Esempio n. 1
0
 /**
  * Expects:
  *   $vars
  *   $registry
  *   $notification
  */
 public function run()
 {
     extract($this->_params, EXTR_REFS);
     /* Set up the form variables and the form. */
     $form_submit = $vars->get('submitbutton');
     $channel_id = $vars->get('channel_id');
     try {
         $channel = $GLOBALS['injector']->getInstance('Jonah_Driver')->getChannel($channel_id);
     } catch (Exception $e) {
         Horde::log($e, 'ERR');
         $notification->push(_("Invalid channel specified for deletion."), 'horde.message');
         Horde::url('channels')->redirect();
         exit;
     }
     /* If not yet submitted set up the form vars from the fetched channel. */
     if (empty($form_submit)) {
         $vars = new Horde_Variables($channel);
     }
     /* Check permissions and deny if not allowed. */
     if (!Jonah::checkPermissions(Jonah::typeToPermName($channel['channel_type']), Horde_Perms::DELETE, $channel_id)) {
         $notification->push(_("You are not authorised for this action."), 'horde.warning');
         throw new Horde_Exception_AuthenticationFailure();
     }
     $title = sprintf(_("Delete News Channel \"%s\"?"), $vars->get('channel_name'));
     $form = new Horde_Form($vars, $title);
     $form->setButtons(array(_("Delete"), _("Do not delete")));
     $form->addHidden('', 'channel_id', 'int', true, true);
     $msg = _("Really delete this News Channel? All stories created in this channel will be lost!");
     $form->addVariable($msg, 'confirm', 'description', false);
     if ($form_submit == _("Delete")) {
         if ($form->validate($vars)) {
             $form->getInfo($vars, $info);
             try {
                 $delete = $GLOBALS['injector']->getInstance('Jonah_Driver')->deleteChannel($info);
                 $notification->push(_("The channel has been deleted."), 'horde.success');
                 Horde::url('channels')->redirect();
                 exit;
             } catch (Exception $e) {
                 $notification->push(sprintf(_("There was an error deleting the channel: %s"), $e->getMessage()), 'horde.error');
             }
         }
     } elseif (!empty($form_submit)) {
         $notification->push(_("Channel has not been deleted."), 'horde.message');
         Horde::url('channels')->redirect();
         exit;
     }
     $GLOBALS['page_output']->header(array('title' => $title));
     $notification->notify(array('listeners' => 'status'));
     $form->renderActive(null, $vars, Horde::selfUrl(), 'post');
     $GLOBALS['page_output']->footer();
 }
Esempio n. 2
0
 /**
  * $notification
  * $registry
  * $vars
  *
  */
 public function run()
 {
     extract($this->_params, EXTR_REFS);
     $driver = $GLOBALS['injector']->getInstance('Jonah_Driver');
     /* Set up the form variables. */
     $channel_id = $vars->get('channel_id');
     /* Fetch the channel details, needed for later and to check if valid
      * channel has been requested. */
     try {
         $channel = $driver->getChannel($channel_id);
     } catch (Exception $e) {
         $notification->push(sprintf(_("Story editing failed: %s"), $e->getMessage()), 'horde.error');
         Horde::url('channels/index.php', true)->redirect();
         exit;
     }
     /* Check permissions. */
     if (!Jonah::checkPermissions(Jonah::typeToPermName($channel['channel_type']), Horde_Perms::EDIT, $channel_id)) {
         $notification->push(_("You are not authorised for this action."), 'horde.warning');
         throw new Horde_Exception_AuthenticationFailure();
     }
     /* Check if a story is being edited. */
     $story_id = $vars->get('id');
     if ($story_id && !$vars->get('formname')) {
         $story = $driver->getStory($channel_id, $story_id);
         $story['tags'] = implode(',', array_values($story['tags']));
         $vars = new Horde_Variables($story);
     }
     /* Set up the form. */
     $form = new Jonah_Form_Story($vars);
     if ($form->validate($vars)) {
         $form->getInfo($vars, $info);
         $info['author'] = $registry->getAuth();
         try {
             $result = $driver->saveStory($info);
             $notification->push(sprintf(_("The story \"%s\" has been saved."), $info['title']), 'horde.success');
             Horde::url('stories/index.php')->add('channel_id', $channel_id)->redirect();
             exit;
         } catch (Exception $e) {
             $notification->push(sprintf(_("There was an error saving the story: %s"), $e->getMessage()), 'horde.error');
         }
     }
     /* Needed javascript. */
     global $page_output;
     $page_output->header(array('title' => $form->getTitle()));
     $notification->notify(array('listeners' => 'status'));
     $form->renderActive($form->getRenderer(), $vars, Horde::url('stories/edit.php'), 'post');
     $page_output->footer();
 }
Esempio n. 3
0
 /**
  *
  */
 public function run()
 {
     extract($this->_params, EXTR_REFS);
     try {
         $channels = $GLOBALS['injector']->getInstance('Jonah_Driver')->getChannels();
     } catch (Exception $e) {
         $notification->push(sprintf(_("An error occurred fetching channels: %s"), $e->getMessage()), 'horde.error');
         $channels = false;
     }
     if ($channels) {
         $channels = Jonah::checkPermissions('channels', Horde_Perms::SHOW, $channels);
         /* Build channel specific fields. */
         foreach ($channels as $key => $channel) {
             /* Edit channel link. */
             $url = Horde::url('channels/edit.php')->add('channel_id', $channel['channel_id']);
             $channels[$key]['edit_link'] = $url->link(array('title' => _("Edit channel"))) . Horde::img('edit.png') . '</a>';
             /* Delete channel link. */
             $url = Horde::url('channels/delete.php')->add('channel_id', $channel['channel_id']);
             $channels[$key]['delete_link'] = $url->link(array('title' => _("Delete channel"))) . Horde::img('delete.png') . '</a>';
             /* View stories link. */
             $channels[$key]['stories_url'] = Horde::url('stories/index.php')->add('channel_id', $channel['channel_id']);
             /* Channel type specific links. */
             $channels[$key]['addstory_link'] = '';
             $channels[$key]['refresh_link'] = '';
             switch ($channel['channel_type']) {
                 case Jonah::INTERNAL_CHANNEL:
                     /* Add story link. */
                     $url = Horde::url('stories/edit.php')->add('channel_id', $channel['channel_id']);
                     $channels[$key]['addstory_link'] = $url->link(array('title' => _("Add story"))) . Horde::img('new.png') . '</a>';
                     break;
             }
             $channels[$key]['channel_type'] = Jonah::getChannelTypeLabel($channel['channel_type']);
             $channels[$key]['channel_updated'] = $channel['channel_updated'] ? strftime($prefs->getValue('date_format'), (int) $channel['channel_updated']) : '-';
         }
     }
     $view = new Horde_View(array('templatePath' => JONAH_TEMPLATES . '/view'));
     $view->addHelper('Tag');
     $view->channels = $channels;
     $view->search_img = Horde::img('search.png');
     global $page_output;
     $page_output->addScriptFile('tables.js', 'horde');
     $page_output->addScriptFile('quickfinder.js', 'horde');
     $page_output->header(array('title' => _("Feeds")));
     $notification->notify(array('listeners' => 'status'));
     echo $view->render('channellist');
     $page_output->footer();
 }
Esempio n. 4
0
 /**
  * expects
  *   $notification
  *   $registry
  *   $vars
  */
 public function run()
 {
     extract($this->_params, EXTR_REFS);
     $form = new Jonah_Form_Feed($vars);
     /* Set up some variables. */
     $formname = $vars->get('formname');
     $channel_id = $vars->get('channel_id');
     /* Form not yet submitted and is being edited. */
     if (!$formname && $channel_id) {
         $vars = new Horde_Variables($GLOBALS['injector']->getInstance('Jonah_Driver')->getChannel($channel_id));
     }
     /* Get the vars for channel type. */
     $channel_type = $vars->get('channel_type');
     /* Check permissions and deny if not allowed. */
     if (!Jonah::checkPermissions(Jonah::typeToPermName($channel_type), Horde_Perms::EDIT, $channel_id)) {
         $notification->push(_("You are not authorised for this action."), 'horde.warning');
         throw new Horde_Exception_AuthenticationFailure();
     }
     /* Output the extra fields required for this channel type. */
     $form->setExtraFields($channel_id);
     if ($formname && empty($changed_type)) {
         if ($form->validate($vars)) {
             $form->getInfo($vars, $info);
             try {
                 $save = $GLOBALS['injector']->getInstance('Jonah_Driver')->saveChannel($info);
                 $notification->push(sprintf(_("The feed \"%s\" has been saved."), $info['channel_name']), 'horde.success');
                 Horde::url('channels')->redirect();
                 exit;
             } catch (Exception $e) {
                 $notification->push(sprintf(_("There was an error saving the feed: %s"), $e->getMessage()), 'horde.error');
             }
         }
     }
     $GLOBALS['page_output']->header(array('title' => $form->getTitle()));
     $notification->notify(array('listeners' => 'status'));
     $form->renderActive(new Horde_Form_Renderer(), $vars, Horde::url('channels/edit.php'), 'post');
     $GLOBALS['page_output']->footer();
 }
Esempio n. 5
0
 /**
  * Publish a new story
  *
  * @param integer $channel_id  The channel id
  * @param array $story         The story array. Can contain:
  * <pre>
  *  (string)title       [REQUIRED]    The story title.
  *  (string)description [REQUIRED]    The short description.
  *  (string)body_type   [OPTIONAL]    The body type (text/html).
  *  (string)body        [OPTIONAL]    The story body.
  *  (string)url         [OPTIONAL]    The url for the story link.
  *  (array)tags         [OPTIONAL]    Tags
  *</pre>
  *
  *
  * @throws Horde_Exception_PermissionDenied
  */
 public function publish($channel_id, $story)
 {
     $driver = $GLOBALS['injector']->getInstance('Jonah_Driver');
     $channel = $driver->getChannel($channel_id);
     /* Check permissions. */
     if (!Jonah::checkPermissions(Jonah::typeToPermName($channel['channel_type']), Horde_Perms::EDIT, $channel_id)) {
         throw new Horde_Exception_PermissionDenied(_("You are not authorised for this action."));
     }
     $story['author'] = $GLOBALS['registry']->getAuth();
     $story['channel_id'] = $channel_id;
     $story['published'] = time();
     if (empty($body) || empty($body_type)) {
         $story['body_type'] = 'text';
     }
     $driver->saveStory($story);
 }
Esempio n. 6
0
 /**
  * expects
  *   $registry
  *   $notification
  *   $prefs
  *   $conf
  *   $channel_id
  */
 public function run()
 {
     extract($this->_params, EXTR_REFS);
     $driver = $GLOBALS['injector']->getInstance('Jonah_Driver');
     /* Use the passed channel_id, or use all public channels */
     if (!is_null($channel_id)) {
         $channel = $driver->getChannel($channel_id);
         if (!Jonah::checkPermissions(Jonah::typeToPermName($channel['channel_type']), Horde_Perms::SHOW, $channel_id)) {
             $notification->push(_("You are not authorised for this action."), 'horde.warning');
             throw new Horde_Exception_AuthenticationFailure();
         }
         $channel_ids = array($channel_id);
     } else {
         $channel_ids = array();
         $channels = $driver->getChannels();
         foreach ($channels as $ch) {
             if (Jonah::checkPermissions(Jonah::typeToPermName($ch['channel_type']), Horde_Perms::SHOW, $ch['channel_id'])) {
                 $channel_ids[] = $ch['channel_id'];
             }
         }
     }
     $tag_name = array_shift($driver->getTagNames(array($tag_id)));
     try {
         $stories = $driver->searchTagsById(array($tag_id), 10, 0, $channel_ids);
     } catch (Exception $e) {
         $notification->push(sprintf(_("Invalid channel requested. %s"), $e->getMessage()), 'horde.error');
         Horde::url('channels/index.php', true)->redirect();
         exit;
     }
     /* Do some state tests. */
     if (empty($stories)) {
         $notification->push(_("No available stories."), 'horde.warning');
     }
     foreach ($stories as $key => $story) {
         /* Use the channel_id from the story hash since we might be dealing
            with more than one channel. */
         $channel_id = $story['channel_id'];
         if (!empty($stories[$key]['published'])) {
             $stories[$key]['published_date'] = strftime($prefs->getValue('date_format') . ', ' . ($prefs->getValue('twentyFour') ? '%H:%M' : '%I:%M%p'), $stories[$key]['published']);
         } else {
             $stories[$key]['published_date'] = '';
         }
         /* Default to no links. */
         $stories[$key]['pdf_link'] = '';
         $stories[$key]['edit_link'] = '';
         $stories[$key]['delete_link'] = '';
         $stories[$key]['view_link'] = Horde::url($story['link'])->link(array('title' => $story['description'])) . htmlspecialchars($story['title']) . '</a>';
         /* PDF link. */
         $url = Horde::url('stories/pdf.php')->add(array('id' => $story['id'], 'channel_id' => $channel_id));
         $stories[$key]['pdf_link'] = $url->link(array('title' => _("PDF version"))) . Horde::img('mime/pdf.png') . '</a>';
         /* Edit story link. */
         if (Jonah::checkPermissions(Jonah::typeToPermName(Jonah::INTERNAL_CHANNEL), Horde_Perms::EDIT, $channel_id)) {
             $url = Horde::url('stories/edit.php')->add(array('id' => $story['id'], 'channel_id' => $channel_id));
             $stories[$key]['edit_link'] = $url->link(array('title' => _("Edit story"))) . Horde::img('edit.png') . '</a>';
         }
         /* Delete story link. */
         if (Jonah::checkPermissions(Jonah::typeToPermName(Jonah::INTERNAL_CHANNEL), Horde_Perms::DELETE, $channel_id)) {
             $url = Horde::url('stories/delete.php')->add(array('id' => $story['id'], 'channel_id' => $channel_id));
             $stories[$key]['delete_link'] = $url->link(array('title' => _("Delete story"))) . Horde::img('delete.png') . '</a>';
         }
         /* Comment counter. */
         if ($conf['comments']['allow'] && $registry->hasMethod('forums/numMessages')) {
             try {
                 $comments = $registry->call('forums/numMessages', array($stories[$key]['id'], 'jonah'));
             } catch (Exception $e) {
             }
             $stories[$key]['comments'] = $comments;
         }
     }
     /* Render page */
     //$title = $channel['channel_name'];
     $view = new Horde_View(array('templatePath' => JONAH_TEMPLATES . '/stories'));
     $view->stories = $stories;
     $view->read = true;
     $view->comments = $conf['comments']['allow'] && $registry->hasMethod('forums/numMessages') && $channel['channel_type'] == Jonah::INTERNAL_CHANNEL;
     $GLOBALS['page_output']->header(array('title' => $title));
     $notification->notify(array('listeners' => 'status'));
     echo $view->render('index');
     $GLOBALS['page_output']->footer();
 }
Esempio n. 7
0
 /**
  */
 public function topbarCreate(Horde_Tree_Renderer_Base $tree, $parent = null, array $params = array())
 {
     if (!Jonah::checkPermissions('jonah:news', Horde_Perms::EDIT)) {
         return;
     }
     $url = Horde::url('stories/');
     $driver = $GLOBALS['injector']->getInstance('Jonah_Driver');
     try {
         $channels = $driver->getChannels('internal');
     } catch (Jonah_Exception $e) {
         return;
     }
     $channels = Jonah::checkPermissions('channels', Horde_Perms::SHOW, $channels);
     $story_img = Horde_Themes::img('editstory.png');
     foreach ($channels as $channel) {
         $tree->addNode(array('id' => $parent . $channel['channel_id'], 'parent' => $parent, 'label' => $channel['channel_name'], 'expanded' => false, 'params' => array('icon' => $story_img, 'url' => $url->add('channel_id', $channel['channel_id']))));
     }
 }
Esempio n. 8
0
 public function run()
 {
     extract($this->_params, EXTR_REFS);
     $form_submit = $vars->get('submitbutton');
     $channel_id = $vars->get('channel_id');
     $story_id = $vars->get('id');
     /* Driver */
     $driver = $GLOBALS['injector']->getInstance('Jonah_Driver');
     /* Fetch the channel details, needed for later and to check if valid
      * channel has been requested. */
     try {
         $channel = $driver->getChannel($channel_id);
     } catch (Exception $e) {
         $notification->push(sprintf(_("Story editing failed: %s"), $e->getMessage()), 'horde.error');
         Horde::url('channels/index.php', true)->redirect();
         exit;
     }
     /* Check permissions. */
     if (!Jonah::checkPermissions(Jonah::typeToPermName($channel['channel_type']), Horde_Perms::DELETE, $channel_id)) {
         $notification->push(_("You are not authorised for this action."), 'horde.warning');
         throw new Horde_Exception_AuthenticationFailure();
     }
     try {
         $story = $driver->getStory($channel_id, $story_id);
     } catch (Exception $e) {
         $notification->push(_("No valid story requested for deletion."), 'horde.message');
         Horde::url('channels/index.php', true)->redirect();
         exit;
     }
     /* If not yet submitted set up the form vars from the fetched story. */
     if (empty($form_submit)) {
         $vars = new Horde_Variables($story);
     }
     $title = sprintf(_("Delete News Story \"%s\"?"), $vars->get('title'));
     $form = new Horde_Form($vars, $title);
     $form->setButtons(array(_("Delete"), _("Do not delete")));
     $form->addHidden('', 'channel_id', 'int', true, true);
     $form->addHidden('', 'id', 'int', true, true);
     $form->addVariable(_("Really delete this News Story?"), 'confirm', 'description', false);
     if ($form_submit == _("Delete")) {
         if ($form->validate($vars)) {
             $form->getInfo($vars, $info);
             try {
                 $delete = $driver->deleteStory($info['channel_id'], $info['id']);
                 $notification->push(_("The story has been deleted."), 'horde.success');
                 Horde::url('stories/index.php', true)->add('channel_id', $channel_id)->setRaw(true)->redirect();
                 exit;
             } catch (Exception $e) {
                 $notification->push(sprintf(_("There was an error deleting the story: %s"), $e->getMessage()), 'horde.error');
             }
         }
     } elseif (!empty($form_submit)) {
         $notification->push(_("Story has not been deleted."), 'horde.message');
         $url = Horde::url('stories/index.php', true)->add('channel_id', $channel_id)->setRaw(true);
         Horde::url('stories/index.php', true)->add('channel_id', $channel_id)->setRaw(true)->redirect();
         exit;
     }
     $GLOBALS['page_output']->header(array('title' => $title));
     $notification->notify(array('listeners' => 'status'));
     $form->renderActive(null, $vars, Horde::url('stories/delete.php'), 'post');
     $GLOBALS['page_output']->footer();
 }
Esempio n. 9
0
 /**
  * expects
  *   $registry
  *   $notification
  *   $prefs
  *   $conf
  *   $channel_id
  */
 public function run()
 {
     extract($this->_params, EXTR_REFS);
     $channel = $GLOBALS['injector']->getInstance('Jonah_Driver')->getChannel($channel_id);
     if (!Jonah::checkPermissions('channels', Horde_Perms::EDIT, array($channel_id))) {
         $notification->push(_("You are not authorised for this action."), 'horde.warning');
         throw new Horde_Exception_AuthenticationFailure();
     }
     /* Check if a URL has been passed. */
     $url = Horde_Util::getFormData('url');
     if ($url) {
         $url = new Horde_Url($url);
     }
     try {
         $stories = $GLOBALS['injector']->getInstance('Jonah_Driver')->getStories(array('channel_id' => $channel_id));
     } catch (Exception $e) {
         $notification->push(sprintf(_("Invalid channel requested. %s"), $e->getMessage()), 'horde.error');
         Horde::url('channels/index.php', true)->redirect();
         exit;
     }
     /* Do some state tests. */
     if (empty($stories)) {
         $notification->push(_("No available stories."), 'horde.warning');
     }
     if (!empty($refresh)) {
         $notification->push(_("Channel refreshed."), 'horde.success');
     }
     if (!empty($url)) {
         $url->redirect();
         exit;
     }
     /* Build story specific fields. */
     foreach ($stories as $key => $story) {
         /* published is the publication/release date, updated is the last change date. */
         if (!empty($stories[$key]['published'])) {
             $stories[$key]['published_date'] = strftime($prefs->getValue('date_format') . ', ' . ($prefs->getValue('twentyFour') ? '%H:%M' : '%I:%M%p'), $stories[$key]['published']);
         } else {
             $stories[$key]['published_date'] = '';
         }
         /* Default to no links. */
         $stories[$key]['pdf_link'] = '';
         $stories[$key]['edit_link'] = '';
         $stories[$key]['delete_link'] = '';
         $stories[$key]['view_link'] = Horde::link($GLOBALS['injector']->getInstance('Jonah_Driver')->getStoryLink($channel, $story), $story['description']) . htmlspecialchars($story['title']) . '</a>';
         /* PDF link. */
         $url = Horde::url('stories/pdf.php')->add(array('id' => $story['id'], 'channel_id' => $channel_id));
         $stories[$key]['pdf_link'] = $url->link(array('title' => _("PDF version"))) . Horde::img('mime/pdf.png') . '</a>';
         /* Edit story link. */
         $url = Horde::url('stories/edit.php')->add(array('id' => $story['id'], 'channel_id' => $channel_id));
         $stories[$key]['edit_link'] = $url->link(array('title' => _("Edit story"))) . Horde::img('edit.png') . '</a>';
         /* Delete story link. */
         if (Jonah::checkPermissions('channels', Horde_Perms::DELETE, array($channel_id))) {
             $url = Horde::url('stories/delete.php')->add(array('id' => $story['id'], 'channel_id' => $channel_id));
             $stories[$key]['delete_link'] = $url->link(array('title' => _("Delete story"))) . Horde::img('delete.png') . '</a>';
         }
         /* Comment counter. */
         if ($conf['comments']['allow'] && $registry->hasMethod('forums/numMessages')) {
             $comments = $registry->call('forums/numMessages', array($stories[$key]['id'], 'jonah'));
             if (!is_a($comments, 'PEAR_Error')) {
                 $stories[$key]['comments'] = $comments;
             }
         }
     }
     /* Render page */
     $title = $channel['channel_name'];
     $view = new Horde_View(array('templatePath' => JONAH_TEMPLATES . '/stories'));
     $view->stories = $stories;
     $view->read = true;
     $view->comments = $conf['comments']['allow'] && $registry->hasMethod('forums/numMessages');
     $GLOBALS['page_output']->header(array('title' => $title));
     $notification->notify(array('listeners' => 'status'));
     echo $view->render('index');
     $GLOBALS['page_output']->footer();
 }