function hookAdminItemsShow($args) { $item = $args['item']; if (!get_option('audio_recorder_item_show')) { return; } $user = current_user(); $role = is_object($user) ? $user->role : false; switch (get_option('audio_recorder_role')) { case 'admins': if ($role !== 'admin' && $role !== 'super') { return; } break; case 'guests': case 'public': return; break; case 'editors': if (!get_acl()->isAllowed($user, 'edit', $item)) { return; } break; } $this->showWidget($item); }
public function setUp() { parent::setUp(); $acl = get_acl(); $acl->addResource('TestResource'); $acl->allow(null, 'TestResource', 'allowedPrivilege'); $acl->deny(null, 'TestResource', 'deniedPrivilege'); }
/** * Create a navigation menu of links. * * @package Omeka\Function\View\Navigation * @param array $navLinks The array of links for the navigation. * @param string $name Optionally, the name of a filter to pass the links * through before using them. * @param array $args Optionally, arguments to pass to the filter * * @return Zend_View_Helper_Navigation_Menu The navigation menu object. Can * generally be treated simply as a string. */ function nav(array $navLinks, $name = null, array $args = array()) { if ($name !== null) { $navLinks = apply_filters($name, $navLinks, $args); } $menu = get_view()->navigation()->menu(new Omeka_Navigation($navLinks)); if ($acl = get_acl()) { $menu->setRole(current_user())->setAcl($acl); } return $menu; }
/** * Cache collection data. */ public function cacheCollections() { $db = $this->getDb(); $sql = "\n SELECT c.*, ct.parent_collection_id, ct.name\n FROM {$db->Collection} c\n LEFT JOIN {$db->CollectionTree} ct\n ON c.id = ct.collection_id"; // check whether the acl exists -- it doesn't within a background process $acl = get_acl(); // Cache only those collections to which the current user has access. if ($acl && !$acl->isAllowed(current_user(), 'Collections', 'showNotPublic')) { $sql .= ' WHERE c.public = 1'; } // Order alphabetically if configured to do so. if (get_option('collection_tree_alpha_order')) { $sql .= ' ORDER BY ct.name'; } $this->_collections = $db->fetchAll($sql); }
/** * Handle the POST for adding an item via the public form. * * Validate and save the contribution to the database. Save the ID of the * new item to the session. Redirect to the consent form. * * If validation fails, render the Contribution form again with errors. * * @param array $post POST array * @return bool */ protected function _processForm($post) { if (!empty($post)) { //for the "Simple" configuration, look for the user if exists by email. Log them in. //If not, create the user and log them in. $user = current_user(); $simple = get_option('contribution_simple'); if (!$user && $simple) { $user = $this->_helper->db->getTable('User')->findByEmail($post['contribution_simple_email']); } // if still not a user, need to create one based on the email address if (!$user) { $user = $this->_createNewGuestUser($post); if ($user->hasErrors()) { $errors = $user->getErrors()->get(); //since we're creating the user behind the scenes, skip username and name errors unset($errors['name']); unset($errors['username']); foreach ($errors as $error) { $this->_helper->flashMessenger($error, 'error'); } return false; } } // The final form submit was not pressed. if (!isset($post['form-submit'])) { return false; } if (!$this->_validateContribution($post)) { return false; } $contributionTypeId = trim($post['contribution_type']); if ($contributionTypeId !== "" && is_numeric($contributionTypeId)) { $contributionType = get_db()->getTable('ContributionType')->find($contributionTypeId); $itemTypeId = $contributionType->getItemType()->id; } else { $this->_helper->flashMessenger(__('You must select a type for your contribution.'), 'error'); return false; } $itemMetadata = array('public' => false, 'featured' => false, 'item_type_id' => $itemTypeId); $collectionId = get_option('contribution_collection_id'); if (!empty($collectionId) && is_numeric($collectionId)) { $itemMetadata['collection_id'] = (int) $collectionId; } $fileMetadata = $this->_processFileUpload($contributionType); // This is a hack to allow the file upload job to succeed // even with the synchronous job dispatcher. if ($acl = get_acl()) { $acl->allow(null, 'Items', 'showNotPublic'); $acl->allow(null, 'Collections', 'showNotPublic'); } try { //in case we're doing Simple, create and save the Item so the owner is set, then update with the data $item = new Item(); $item->setOwner($user); $item->save(); $item = update_item($item, $itemMetadata, array(), $fileMetadata); } catch (Omeka_Validator_Exception $e) { $this->flashValidatonErrors($e); return false; } catch (Omeka_File_Ingest_InvalidException $e) { // Copying this cruddy hack if (strstr($e->getMessage(), "'contributed_file'")) { $this->_helper->flashMessenger("You must upload a file when making a {$contributionType->display_name} contribution.", 'error'); } else { $this->_helper->flashMessenger($e->getMessage()); } return false; } catch (Exception $e) { $this->_helper->flashMessenger($e->getMessage()); return false; } $this->_addElementTextsToItem($item, $post['Elements']); // Allow plugins to deal with the inputs they may have added to the form. fire_plugin_hook('contribution_save_form', array('contributionType' => $contributionType, 'record' => $item, 'post' => $post)); $item->save(); //if not simple and the profile doesn't process, send back false for the error $this->_processUserProfile($post, $user); $this->_linkItemToContributedItem($item, $contributor, $post); $this->_sendEmailNotifications($user, $item); return true; } return false; }
/** * Handle the POST for adding an item via the public form. * * Validate and save the contribution to the database. Save the ID of the * new item to the session. Redirect to the consent form. * * If validation fails, render the Contribution form again with errors. * * @param array $post POST array * @return bool */ protected function _processForm($post) { if (!empty($post)) { //for the "Simple" configuration, look for the user if exists by email. Log them in. //If not, create the user and log them in. $user = current_user(); $simple = get_option('contribution_simple'); if (!$user && $simple) { $user = $this->_helper->db->getTable('User')->findByEmail($post['contribution_simple_email']); } // if still not a user, need to create one based on the email address if (!$user) { $user = $this->_createNewGuestUser($post); if ($user->hasErrors()) { $errors = $user->getErrors()->get(); //since we're creating the username with name, only show name errors //unset($errors['name']); unset($errors['username']); foreach ($errors as $error) { $this->_helper->flashMessenger($error, 'error'); } return false; } } // The final form submit was not pressed. if (!isset($post['form-submit'])) { return false; } if (!$this->_validateContribution($post)) { return false; } $contributionTypeId = trim($post['contribution_type']); if ($contributionTypeId !== "" && is_numeric($contributionTypeId)) { $contributionType = get_db()->getTable('ContributionType')->find($contributionTypeId); $itemTypeId = $contributionType->getItemType()->id; } else { $this->_helper->flashMessenger(__('You must select a type for your contribution.'), 'error'); return false; } /************************************************************ *REVISIONS * Ver Date Author Description * -------- ---------- -------------- ---------------------- * 1.0 09/02/2015 mrs175 1. added check for form public box, and added plugin option which is currently unused ************************************************************/ // the item is public if the contributedItemPublic plugin option (in hook beforeSaveItem in ContributionPlugin.php is set to true // and if the "Publish my contribution on the web" box is checked $itemMetadata = array('public' => get_option('contributedItemPublic') and $post['contribution-public'] === '1', 'featured' => false, 'item_type_id' => $itemTypeId, 'tags' => $post['contribution_form_tags']); $collectionId = get_option('contribution_collection_id'); if (!empty($collectionId) && is_numeric($collectionId)) { $itemMetadata['collection_id'] = (int) $collectionId; } $fileMetadata = $this->_processFileUpload($contributionType); // This is a hack to allow the file upload job to succeed // even with the synchronous job dispatcher. if ($acl = get_acl()) { $acl->allow(null, 'Items', 'showNotPublic'); $acl->allow(null, 'Collections', 'showNotPublic'); } try { //in case we're doing Simple, create and save the Item so the owner is set, then update with the data $item = new Item(); $item->setOwner($user); //$item->save(); $item = update_item($item, $itemMetadata, array(), $fileMetadata); } catch (Omeka_Validator_Exception $e) { $this->flashValidatonErrors($e); return false; } catch (Omeka_File_Ingest_InvalidException $e) { // Copying this cruddy hack if (strstr($e->getMessage(), "'contributed_file'")) { $this->_helper->flashMessenger("You must upload a file when making a {$contributionType->display_name} contribution.", 'error'); } else { $this->_helper->flashMessenger($e->getMessage()); } return false; } catch (Exception $e) { $this->_helper->flashMessenger($e->getMessage()); return false; } /************************************************************ *REVISIONS * Ver Date Author Description * -------- ---------- -------------- ---------------------- * 1.0 09/02/2015 mrs175 1. user cannot submit anonymously, and added conditionals for youtube video contributions ************************************************************/ $post['contribution-anonymous'] = '0'; if ($contributionType->item_type_id == 3) { $this->_addElementTextsToItem($item, $post['Elements']); get_specific_plugin_hook_output('YouTubeImport', 'process_contribution_form', array('item' => $item)); } else { $post['Elements'] = $_POST['Elements']; $this->_addElementTextsToItem($item, $post['Elements']); $item->save(); } if (!isset($_POST['youtubeURLValid']) || 1 == intval(trim($_POST['youtubeURLValid']))) { //if not simple and the profile doesn't process, send back false for the error $this->_processUserProfile($post, $user); $this->_linkItemToContributedItem($item, $contributor, $post); //$this->_sendEmailNotifications($user, $item); return true; } else { $item->delete(); $this->_helper->flashMessenger(__('Please check the youtube link you entered. If you have entered the correct link then this video is either not public or not viewable outside Youtube.com'), 'error'); return false; } } return false; }