/**
* Create a blog channel.
*
* @param array $input
* @param int $channelid
* @param int $channelConvTemplateid
* @param int $channelPgTemplateId
* @param int $ownerSystemGroupId
*
* @return int The nodeid of the new blog channel
*/
public function createChannel($input, $channelid, $channelConvTemplateid, $channelPgTemplateId, $ownerSystemGroupId)
{
$input['parentid'] = $channelid;
$input['inlist'] = 1;
// we don't want it to be shown in channel list, but we want to move them
$input['protected'] = 0;
if (empty($input['userid'])) {
$input['userid'] = vB::getCurrentSession()->get('userid');
}
if (!isset($input['publishdate'])) {
$input['publishdate'] = vB::getRequest()->getTimeNow();
}
$input['templates']['vB5_Route_Channel'] = $channelPgTemplateId;
$input['templates']['vB5_Route_Conversation'] = $channelConvTemplateid;
// add channel node
$channelLib = vB_Library::instance('content_channel');
$input['page_parentid'] = 0;
$result = $channelLib->add($input, array('skipFloodCheck' => true, 'skipDupCheck' => true));
//Make the current user the channel owner.
$userApi = vB_Api::instanceInternal('user');
$usergroup = vB::getDbAssertor()->getRow('usergroup', array('systemgroupid' => $ownerSystemGroupId));
if (empty($usergroup) or !empty($usergroup['errors'])) {
//This should never happen. It would mean an invalid parameter was passed
throw new vB_Exception_Api('invalid_request');
}
vB_User::setGroupInTopic($input['userid'], $result['nodeid'], $usergroup['usergroupid']);
vB_Cache::allCacheEvent(array('nodeChg_' . $this->blogChannel, "nodeChg_{$channelid}"));
vB::getUserContext()->rebuildGroupAccess();
vB_Channel::rebuildChannelTypes();
// clear follow cache
vB_Api::instanceInternal('follow')->clearFollowCache(array($input['userid']));
return $result['nodeid'];
}
/** This grants a user additional permissions in a specific channel, by adding to the groupintopic table
*
* @param int
* @param mixed integer or array of integers
* @param int
*
* @return bool
***/
public function setGroupInTopic($userid, $nodeids, $usergroupid)
{
//check the data.
if (!is_numeric($userid) or !is_numeric($usergroupid)) {
throw new vB_Exception_Api('invalid_data');
}
if (!is_array($nodeids)) {
$nodeids = array($nodeids);
} else {
$nodeids = array_unique($nodeids);
}
$usercontext = vB::getUserContext();
//check permissions
foreach ($nodeids as $nodeid) {
if (!$usercontext->getChannelPermission('moderatorpermissions', 'canaddowners', $nodeid)) {
throw new vB_Exception_Api('no_permission');
}
}
//class vB_User does the actual work. Here we just want to clean the data.
return vB_User::setGroupInTopic($userid, $nodeids, $usergroupid);
}
/**
* This creates a request for access to a channel
*
* @param int $channelid the nodeid of the channel to which access is requested.
* @param string $requestType the type of request. See vB_Api_Node::REQUEST_<> constants
* @param int $recipient the userid of the member who will get the request
* @param string $recipientname (Optional) the username of the member who will get the request
* @param boolean $skipFloodCheck (Optional) whether request private message should skip flood check or not
*
* @return mixed If it is 1 or true, then it means that the follow request was successful.
* If it is integer and greater than 1, then the request is pending.
*/
public function requestChannel($channelid, $requestType, $recipient = 0, $recipientname = null, $skipFloodCheck = false)
{
$userInfo = vB::getCurrentSession()->fetch_userinfo();
$userid = $userInfo['userid'];
if (!($userid > 0)) {
throw new vB_Exception_API('not_logged_no_permission');
}
//make sure the parameters are valid
if (!intval($channelid) or !intval($channelid) or !in_array($requestType, array(vB_Api_Node::REQUEST_TAKE_OWNER, vB_Api_Node::REQUEST_TAKE_MODERATOR, vB_Api_Node::REQUEST_TAKE_MEMBER, vB_Api_Node::REQUEST_GRANT_OWNER, vB_Api_Node::REQUEST_GRANT_MODERATOR, vB_Api_Node::REQUEST_GRANT_MEMBER, vB_Api_Node::REQUEST_SG_TAKE_OWNER, vB_Api_Node::REQUEST_SG_TAKE_MODERATOR, vB_Api_Node::REQUEST_SG_TAKE_MEMBER, vB_Api_Node::REQUEST_SG_GRANT_OWNER, vB_Api_Node::REQUEST_SG_GRANT_MODERATOR, vB_Api_Node::REQUEST_SG_GRANT_MEMBER, vB_Api_Node::REQUEST_TAKE_SUBSCRIBER, vB_Api_Node::REQUEST_GRANT_SUBSCRIBER, vB_Api_Node::REQUEST_SG_TAKE_SUBSCRIBER, vB_Api_Node::REQUEST_SG_GRANT_SUBSCRIBER))) {
throw new vB_Exception_API('invalid_data');
}
if ($recipient <= 0) {
if (!empty($recipientname)) {
// fetch by username
$recipient = vB::getDbAssertor()->getField('user', array('username' => $recipientname));
if (!$recipient) {
throw new vB_Exception_API('invalid_data');
}
} else {
throw new vB_Exception_API('invalid_data');
}
}
$node = $this->getNode($channelid);
if ($node['contenttypeid'] != vB_Types::instance()->getContentTypeId('vBForum_Channel')) {
throw new vB_Exception_API('invalid_request');
}
//Let's make sure the user can grant this request.
if (in_array($requestType, array(vB_Api_Node::REQUEST_TAKE_OWNER, vB_Api_Node::REQUEST_TAKE_MODERATOR, vB_Api_Node::REQUEST_TAKE_MEMBER, vB_Api_Node::REQUEST_SG_TAKE_OWNER, vB_Api_Node::REQUEST_SG_TAKE_MODERATOR, vB_Api_Node::REQUEST_SG_TAKE_MEMBER))) {
//Can we grant the transfer?
$userContext = vB::getUserContext();
if (!$userContext->getChannelPermission('moderatorpermissions', 'canaddowners', $channelid)) {
throw new vB_Exception_API('no_permission');
}
} else {
// join is not valid when invite only...
if (in_array($requestType, array(vB_Api_Node::REQUEST_GRANT_MEMBER, vB_Api_Node::REQUEST_SG_GRANT_MEMBER)) and ($node['nodeoptions'] & vB_Api_Node::OPTION_NODE_INVITEONLY) > 0) {
throw new vB_Exception_Api('invalid_invite_only_request');
}
//if this is set to auto-approve we don't need to send a request.
if (in_array($requestType, array(vB_Api_Node::REQUEST_GRANT_MEMBER, vB_Api_Node::REQUEST_SG_GRANT_MEMBER)) and ($node['nodeoptions'] & vB_Api_Node::OPTION_AUTOAPPROVE_MEMBERSHIP) > 0) {
$isBlog = vB_Api::instanceInternal('blog')->isBlogNode($channelid);
$group = vB::getDbAssertor()->getRow('usergroup', array('systemgroupid' => vB_Api_UserGroup::CHANNEL_MEMBER_SYSGROUPID));
if ($isBlog) {
// clear follow cache
vB_Api::instanceInternal('follow')->clearFollowCache(array($userid));
}
// return boolean true if successful
$result = vB_User::setGroupInTopic($userid, $channelid, $group['usergroupid']);
// for join requests, check for auto-subscribe & add subscription for user
if ($result === true and $node['nodeoptions'] & vB_Api_Node::OPTION_AUTOSUBSCRIBE_ON_JOIN) {
vB_Api::instanceInternal('follow')->add($channelid, vB_Api_Follow::FOLLOWTYPE_CHANNELS, $userid, true);
}
return $result;
}
if (in_array($requestType, array(vB_Api_Node::REQUEST_GRANT_SUBSCRIBER, vB_Api_Node::REQUEST_SG_GRANT_SUBSCRIBER))) {
// subscribe means join in blog's context
try {
// @TODO check if using only the canview perms is fair enough... there might be cases where sg owner set canview perms for everyone that includes no joined members, even not logged users...
if (!vB::getUserContext()->getChannelPermission('forumpermissions', 'canview', $channelid)) {
throw new vB_Exception_Api('invalid_special_channel_subscribe_request');
}
// check the auto accept first
if (($node['nodeoptions'] & vB_Api_Node::OPTION_AUTOAPPROVE_SUBSCRIPTION) > 0) {
// return int 1 - Following for auto-approved subscriptions
return $response = vB_Api::instanceInternal('follow')->add($channelid, vB_Api_Follow::FOLLOWTYPE_CONTENT);
}
//see if this is set to invite only
if (($node['nodeoptions'] & vB_Api_Node::OPTION_NODE_INVITEONLY) > 0) {
throw new vB_Exception_Api('invalid_special_channel_subscribe_request');
}
$owner = vB_Api::instanceInternal('blog')->fetchOwner($channelid);
if (!$owner) {
$recipient = $node['userid'];
} else {
$recipient = $owner;
}
} catch (vB_Exception_Api $ex) {
throw $ex;
}
}
//Can the recipient grant the transfer?
$userContext = vB::getUserContext($recipient);
if (!$userContext->getChannelPermission('moderatorpermissions', 'canaddowners', $channelid)) {
throw new vB_Exception_API('no_permission');
}
}
$messageLib = vB_Library::instance('content_privatemessage');
$userInfo = vB::getCurrentSession()->fetch_userinfo();
$data = array('msgtype' => 'request', 'about' => $requestType, 'sentto' => $recipient, 'aboutid' => $channelid, 'sender' => $userInfo['userid']);
// return int nodeid of created pending request
if ($skipFloodCheck) {
$result = $messageLib->addMessageNoFlood($data);
return $result;
} else {
$result = $messageLib->add($data);
return $result['nodeid'];
}
}
/**
* Handles removing a channel moderator
*
* @param int $channelid The channel id of that $userId is leaving
* @param int $userId Userid of the user leaving the channel.
*
* @param bool Flag indicating the moderator was removed successfully
*/
public function removeChannelModerator($channelId, $userId)
{
if (!intval($channelId)) {
throw new vB_Exception_Api('invalid_node_id');
}
if (!(intval($userId) > 0)) {
throw new vB_Exception_Api('invalid_user_specified');
}
// only the channel owner can add or remove moderators
$currentUser = vB::getUserContext()->fetchUserId();
if ($currentUser != $this->fetchOwner($channelId)) {
throw new vB_Exception_Api('invalid_permissions');
}
// check for member/moderator records.
$memberGroupId = vB_Api::instanceInternal('usergroup')->getMemberGroupId();
$moderatorGroupId = vB_Api::instanceInternal('usergroup')->getModeratorGroupId();
$gitQry = vB::getDbAssertor()->assertQuery('vBForum:groupintopic', array('userid' => $userId, 'nodeid' => $channelId, 'groupid' => array($memberGroupId, $moderatorGroupId)));
// If the soon to be ex-moderator does not have a membership, we add one, but only
// if they were actually a moderator (as opposed to pending)
$needsMembership = false;
if ($gitQry->valid()) {
foreach ($gitQry as $gitRow) {
if ($gitRow['groupid'] == $moderatorGroupId) {
$needsMembership = true;
} else {
if ($gitRow['groupid'] == $memberGroupId) {
$needsMembership = false;
break;
}
}
}
}
// unset group in topic, which also removes pending requests to that user
$result = vB_Api::instanceInternal('user')->unsetGroupInTopic($userId, $channelId, $moderatorGroupId);
// add membership & subscription as needed
if ($needsMembership) {
$isMember = vB_User::setGroupInTopic($userId, $channelId, $memberGroupId);
// if autosubscribe, add subscription
$node = vB_Api::instanceInternal('node')->getNode($channelId);
if (($node['nodeoptions'] & vB_Api_Node::OPTION_AUTOSUBSCRIBE_ON_JOIN) > 0 and $isMember) {
vB_Api::instanceInternal('follow')->add($channelId, vB_Api_Follow::FOLLOWTYPE_CHANNELS, $userId, true);
}
}
return $result;
}
/** Approves a channel request.
*
* @param int id of a request private message.
*
**/
public function approveChannelRequest($messageId)
{
$userInfo = vB::getCurrentSession()->fetch_userinfo();
$userid = $userInfo['userid'];
$assertor = vB::getDbAssertor();
if (!intval($userid)) {
throw new vB_Exception_Api('not_logged_no_permission');
}
$sentto = $assertor->getRow('vBForum:sentto', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_SELECT, 'nodeid' => $messageId, 'userid' => $userid));
if (!$sentto or !empty($sentto['errors'])) {
throw new vB_Exception_Api('invalid_data');
}
$messageApi = vB_Api::instanceInternal('content_privatemessage');
$message = $messageApi->getContent($messageId);
$message = $message[$messageId];
if ($message['msgtype'] != 'request' or empty($message['aboutid'])) {
throw new vB_Exception_Api('invalid_data');
}
// if a user joins a channel as owner/moderator/member, check if they should automatically be subscribed
$autoSubscribeMember = false;
$node = $this->getNode($message['aboutid']);
if (($node['nodeoptions'] & vB_Api_Node::OPTION_AUTOSUBSCRIBE_ON_JOIN) > 0) {
$autoSubscribeMember = true;
}
switch ($message['about']) {
case self::REQUEST_TAKE_MODERATOR:
case self::REQUEST_SG_TAKE_MODERATOR:
//Can we grant the transfer?
$userContext = vB::getUserContext($message['userid']);
if (!$userContext->getChannelPermission('moderatorpermissions', 'canaddowners', $message['aboutid'])) {
throw new vB_Exception_API('no_permission');
}
$usergroupInfo = vB_Api::instanceInternal('usergroup')->fetchUsergroupBySystemID(vB_Api_UserGroup::CHANNEL_MODERATOR_SYSGROUPID);
$usergroupid = $usergroupInfo['usergroupid'];
$permUserid = $userid;
break;
case self::REQUEST_TAKE_MEMBER:
case self::REQUEST_SG_TAKE_MEMBER:
$userContext = vB::getUserContext($message['userid']);
if (!$userContext->getChannelPermission('moderatorpermissions', 'canaddowners', $message['aboutid'])) {
throw new vB_Exception_API('no_permission');
}
$usergroupInfo = vB_Api::instanceInternal('usergroup')->fetchUsergroupBySystemID(vB_Api_UserGroup::CHANNEL_MEMBER_SYSGROUPID);
$usergroupid = $usergroupInfo['usergroupid'];
$permUserid = $userid;
break;
case self::REQUEST_TAKE_OWNER:
case self::REQUEST_SG_TAKE_OWNER:
//Can we grant the transfer?
$userContext = vB::getUserContext($message['userid']);
if (!$userContext->getChannelPermission('moderatorpermissions', 'canaddowners', $message['aboutid'])) {
throw new vB_Exception_API('no_permission');
}
//We can't use the user api, because that checks the permissions.
//let's get the current channels in which the user already is set for that group.
//Then remove any for which they already are set.
$usergroupInfo = vB_Api::instanceInternal('usergroup')->fetchUsergroupBySystemID(vB_Api_UserGroup::CHANNEL_OWNER_SYSGROUPID);
$groupInTopic = vB_Api::instanceInternal('user')->getGroupInTopic($userid, $message['aboutid']);
if ($groupInTopic and in_array($usergroupInfo, $groupInTopic)) {
//This user already has this right
$result = true;
break;
}
//There is only one owner at a time, so we delete the current user;
$result = $assertor->assertQuery('vBForum:groupintopic', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_DELETE, 'nodeid' => $message['aboutid'], 'groupid' => $usergroupInfo['usergroupid']));
//and do the inserts
$result = $assertor->assertQuery('vBForum:groupintopic', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_INSERT, 'userid' => $userid, 'nodeid' => $message['aboutid'], 'groupid' => $usergroupInfo['usergroupid']));
// add subscription for new owner if autosubcribe is enabled
if ($autoSubscribeMember) {
vB_Api::instanceInternal('follow')->add($message['aboutid'], vB_Api_Follow::FOLLOWTYPE_CHANNELS, $userid, true);
}
// Add membership for the old owner. Note the lack of auto-subscription check because an old owner
// should already have a subscription if channel is auto-subscribe.
$oldOwner = $node['userid'];
$usergroupInfo = vB_Api::instanceInternal('usergroup')->fetchUsergroupBySystemID(vB_Api_UserGroup::CHANNEL_MEMBER_SYSGROUPID);
vB_User::setGroupInTopic($oldOwner, $message['aboutid'], $usergroupInfo['usergroupid']);
//replace the old owner in the node table as well
$assertor->update('vBForum:node', array('userid' => $userid), array('nodeid' => $message['aboutid']));
$myUserContext = vB::getUserContext();
vB_Cache::instance()->allCacheEvent("userPerms_{$userid}");
// TODO: add node change event & check cache for blogs tab. Currently blogs tab doesn't update w/ the new owner.
$myUserContext->clearChannelPermissions();
$myUserContext->reloadGroupInTopic();
$senderUserContext = vB::getUserContext($message['userid']);
$senderUserContext->clearChannelPermissions();
$senderUserContext->reloadGroupInTopic();
return true;
break;
case self::REQUEST_GRANT_OWNER:
case self::REQUEST_SG_GRANT_OWNER:
// these requests don't exist yet.
throw new vB_Exception_API('invalid_action');
// when these requests are implemented, be careful about what $permUserid below should be.
// I think this request goes to the owner, so $permUserid has to be the sender of the message,
// meaning we have to grab the node where nodeid = $message['nodeid'], & grab its author
$usergroupInfo = vB_Api::instanceInternal('usergroup')->fetchUsergroupBySystemID(vB_Api_UserGroup::CHANNEL_OWNER_SYSGROUPID);
$usergroupid = $usergroupInfo['usergroupid'];
$permUserid = $message['userid'];
break;
case self::REQUEST_GRANT_MODERATOR:
case self::REQUEST_SG_GRANT_MODERATOR:
// these requests don't exist yet.
throw new vB_Exception_API('invalid_action');
// when these requests are implemented, be careful about what $permUserid below should be.
// I think this request goes to the owner, so $permUserid has to be the author of the message,
// meaning we have to grab the node where nodeid = $message['nodeid'], & grab its author
$usergroupInfo = vB_Api::instanceInternal('usergroup')->fetchUsergroupBySystemID(vB_Api_UserGroup::CHANNEL_MODERATOR_SYSGROUPID);
$usergroupid = $usergroupInfo['usergroupid'];
$permUserid = $message['userid'];
break;
case self::REQUEST_GRANT_MEMBER:
case self::REQUEST_SG_GRANT_MEMBER:
$usergroupInfo = vB_Api::instanceInternal('usergroup')->fetchUsergroupBySystemID(vB_Api_UserGroup::CHANNEL_MEMBER_SYSGROUPID);
$usergroupid = $usergroupInfo['usergroupid'];
$permUserid = $message['userid'];
break;
default:
throw new vB_Exception_API('invalid_data');
}
// switch
$result = vB_User::setGroupInTopic($permUserid, $message['aboutid'], $usergroupid);
// If automatic subscription is enabled for the channel (e.g. blogs by default) and if groupintopic is set
// make the user follow the channel.
if ($result === true and $autoSubscribeMember) {
// The 4th param, $auto_subscribe = true, is required since an auto-subscribe probably doesn't come
// with an existing subscriber request, only a join request.
vB_Api::instanceInternal('follow')->add($message['aboutid'], vB_Api_Follow::FOLLOWTYPE_CHANNELS, $permUserid, true);
}
// I'm fairly certain that the below is incorrect. The (old) OWNER would receive the request, so $userid = $message['userid']..
// It should probably compaer $userid with $permUserid, given that $permUserid is corrected (see above case statement)
//last item- if we just granted owner to a new member we should remove anyone else & add the old owner as a regular member
if ($message['userid'] != $userid and in_array($message['about'], array(self::REQUEST_GRANT_OWNER, self::REQUEST_SG_GRANT_OWNER))) {
$result = $assertor->assertQuery('vBForum:groupintopic', array(vB_dB_Query::TYPE_KEY => vB_dB_Query::QUERY_DELETE, vB_dB_Query::CONDITIONS_KEY => array(array('field' => 'nodeid', 'value' => $message['aboutid'], 'operator' => vB_dB_Query::OPERATOR_EQ), array('field' => 'groupid', 'value' => $usergroupid, 'operator' => vB_dB_Query::OPERATOR_EQ), array('field' => 'userid', 'value' => $message['userid'], 'operator' => vB_dB_Query::OPERATOR_NE))));
// TODO: if this is ever corrected/implemented, be sure to add the old owner as a member of the channel
//reset the recipient's permissions.
$myUserContext = vB::getUserContext();
vB_Cache::instance()->allCacheEvent("userPerms_{$userid}");
$myUserContext->clearChannelPermissions();
$myUserContext->reloadGroupInTopic();
}
vB_Api::instanceInternal('user')->clearChannelPerms($userid);
return true;
}
