/**
* remove security rules from child items
*
* @param array json request
* @return array json response
*/
public function removeChildPermissions($p)
{
if (!Security::isAdmin()) {
throw new \Exception(L\get('Access_denied'));
}
$pids = Objects::getPids($p['id'], false);
$pids = implode(',', $pids);
$child_ids = array();
// selecting childs with accesses
$res = DB\dbQuery('SELECT id
FROM tree_info
WHERE pids like $1 and acl_count > 0', $pids . ',%');
while ($r = $res->fetch_assoc()) {
$child_ids[] = $r['id'];
}
$res->close();
//remove security rules for childs
if (!empty($child_ids)) {
DB\dbQuery('DELETE FROM tree_acl WHERE node_id in (' . implode(',', $child_ids) . ')');
// update inherit flag
DB\dbQuery('UPDATE tree SET inherit_acl = 1 WHERE id in (' . implode(',', $child_ids) . ')');
}
Solr\Client::runBackgroundCron();
return array('success' => true);
}
/**
* save or create an object
* @param array $p object properties
* @return json responce
*/
public function save($p)
{
$d = Util\toJSONArray($p['data']);
// check if need to create object instead of update
if (empty($d['id']) || !is_numeric($d['id'])) {
return $this->create($d);
}
// SECURITY: check if current user has write access to this action
if (!Security::canWrite($d['id'])) {
throw new \Exception(L\get('Access_denied'));
}
/* prepare params */
if (empty($d['date']) && !empty($d['date_start'])) {
$d['date'] = $d['date_start'];
}
/* end of prepare params */
// update object
$object = $this->getCachedObject($d['id']);
//set sys_data from object, it can contain custom data
//that shouldn't be overwritten
$d['sys_data'] = $object->getSysData();
$object->update($d);
Objects::updateCaseUpdateInfo($d['id']);
/* updating saved document into solr directly (before runing background cron)
so that it'll be displayed with new name without delay */
if (!\CB\Config::getFlag('disableSolrIndexing')) {
$solrClient = new Solr\Client();
$solrClient->updateTree(array('id' => $d['id']));
//running background cron to index other nodes
$solrClient->runBackgroundCron();
}
return $this->load($d);
}
public function rename($p)
{
$id = explode('/', $p['path']);
$id = array_pop($id);
$p['name'] = trim($p['name']);
if (!is_numeric($id) || empty($p['name'])) {
return array('success' => false);
}
/* check security access */
if (!Security::canWrite($id)) {
throw new \Exception(L\get('Access_denied'));
}
DB\dbQuery('UPDATE tree
SET name = $1
WHERE id = $2', array($p['name'], $id)) or die(DB\dbQueryError());
switch (Objects::getType($id)) {
case 'file':
$p['name'] = Purify::filename($p['name']);
DB\dbQuery('UPDATE files
SET name = $1
WHERE id = $2', array($p['name'], $id)) or die(DB\dbQueryError());
break;
}
/*updating renamed document into solr directly (before runing background cron)
so that it'll be displayed with new name without delay*/
$solrClient = new Solr\Client();
$solrClient->updateTree(array('id' => $id));
//running background cron to index other nodes
$solrClient->runBackgroundCron();
$p['name'] = htmlspecialchars($p['name'], ENT_COMPAT);
//get pid
$pid = null;
$res = DB\dbQuery('SELECT pid FROM tree WHERE id = $1', $id) or die(DB\dbQueryError());
if ($r = $res->fetch_assoc()) {
$pid = $r['pid'];
}
$res->close();
return array('success' => true, 'data' => array('id' => $id, 'pid' => $pid, 'newName' => $p['name']));
}
/**
* Save access data specified for a user in UserManagement form (groups association)
*
*
*/
public function saveAccessData($p)
{
if (!User::isVerified()) {
return array('success' => false, 'verify' => true);
}
if (!Security::canManage()) {
throw new \Exception(L\get('Access_denied'));
}
$p = (array) $p;
@($user_id = $this->extractId($p['id']));
/* analize groups:
- for newly associated groups the access should be updated
- for deassociated groups the access also should be reviewed/**/
/* get current user groups */
$current_groups = UsersGroups::getGroupIdsForUser($user_id);
$updating_groups = Util\toNumericArray(@$p['groups']);
$new_groups = array_diff($updating_groups, $current_groups);
$deleting_groups = array_diff($current_groups, $updating_groups);
foreach ($new_groups as $group_id) {
DB\dbQuery('INSERT INTO users_groups_association (user_id, group_id, cid)
VALUES($1, $2, $3)
ON DUPLICATE KEY
UPDATE uid = $3', array($user_id, $group_id, $_SESSION['user']['id'])) or die(DB\dbQueryError());
}
if (!empty($deleting_groups)) {
DB\dbQuery('DELETE
FROM users_groups_association
WHERE user_id = $1
AND group_id IN (' . implode(', ', $deleting_groups) . ')', $user_id) or die(DB\dbQueryError());
}
Security::calculateUpdatedSecuritySets($user_id);
Solr\Client::runBackgroundCron();
return array('success' => true);
}
public function rename($p)
{
$id = explode('/', $p['path']);
$id = array_pop($id);
$p['name'] = trim($p['name']);
if (!is_numeric($id) || empty($p['name'])) {
return array('success' => false);
}
/* check security access */
if (!Security::canWrite($id)) {
throw new \Exception(L\get('Access_denied'));
}
$p['name'] = Purify::filename($p['name']);
$rez = array('success' => true, 'data' => array('id' => $id, 'pid' => null, 'newName' => $p['name']));
$objectType = Objects::getType($id);
if ($objectType == 'shortcut') {
$r = DM\Tree::read($id);
if (!empty($r['target_id'])) {
$id = $r['target_id'];
$objectType = Objects::getType($id);
}
}
DM\Tree::update(array('id' => $id, 'name' => $p['name']));
if ($objectType == 'file') {
DM\Files::update(array('id' => $id, 'name' => $p['name']));
}
/*updating renamed document into solr directly (before runing background cron)
so that it'll be displayed with new name without delay*/
$solrClient = new Solr\Client();
$solrClient->updateTree(array('id' => $id));
//running background cron to index other nodes
$solrClient->runBackgroundCron();
$p['name'] = htmlspecialchars($p['name'], ENT_COMPAT);
//get pid
$r = DM\Tree::read($rez['data']['id']);
if (!empty($r['pid'])) {
$rez['data']['pid'] = $r['pid'];
}
return $rez;
}
