コード例 #1
0
ファイル: campaign.class.php プロジェクト: fignew/xibo-cms
 public function Permissions()
 {
     // Check the token
     if (!Kit::CheckToken()) {
         trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
     }
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     $campaignId = Kit::GetParam('campaignId', _POST, _INT);
     $groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
     $ownerId = Kit::GetParam('ownerId', _POST, _INT);
     $auth = $this->user->CampaignAuth($campaignId, true);
     if (!$auth->modifyPermissions) {
         trigger_error(__('You do not have permissions to edit this campaign'), E_USER_ERROR);
     }
     // Change the owner?
     if ($ownerId > 0) {
         // Update this Campaign with a new owner
         Campaign::setOwner($campaignId, $ownerId);
     }
     // Unlink all
     Kit::ClassLoader('campaignsecurity');
     $security = new CampaignSecurity($db);
     if (!$security->UnlinkAll($campaignId)) {
         trigger_error(__('Unable to set permissions'));
     }
     // Some assignments for the loop
     $lastGroupId = 0;
     $first = true;
     $view = 0;
     $edit = 0;
     $del = 0;
     $permissions = array();
     // List of groupIds with view, edit and del assignments
     foreach ($groupIds as $groupPermission) {
         $groupPermission = explode('_', $groupPermission);
         $groupId = $groupPermission[0];
         if ($first) {
             // First time through
             $first = false;
             $lastGroupId = $groupId;
         }
         if ($groupId != $lastGroupId) {
             // The groupId has changed, so we need to write the current settings to the db.
             // Link new permissions
             if (!$security->Link($campaignId, $lastGroupId, $view, $edit, $del)) {
                 trigger_error(__('Unable to set permissions'));
             }
             // Store
             $permissions[] = array('groupId' => $lastGroupId, 'view' => $view, 'edit' => $edit, 'del' => $del);
             // Reset
             $lastGroupId = $groupId;
             $view = 0;
             $edit = 0;
             $del = 0;
         }
         switch ($groupPermission[1]) {
             case 'view':
                 $view = 1;
                 break;
             case 'edit':
                 $edit = 1;
                 break;
             case 'del':
                 $del = 1;
                 break;
         }
     }
     // Need to do the last one
     if (!$first) {
         if (!$security->Link($campaignId, $lastGroupId, $view, $edit, $del)) {
             trigger_error(__('Unable to set permissions'));
         }
         $permissions[] = array('groupId' => $lastGroupId, 'view' => $view, 'edit' => $edit, 'del' => $del);
     }
     $replaceInLayouts = Kit::GetParam('replaceInLayouts', _POST, _CHECKBOX);
     if ($replaceInLayouts) {
         Debug::LogEntry('audit', 'Permissions to push down: ' . json_encode($permissions), get_class(), __FUNCTION__);
         // Layout object to deal with layout information
         Kit::ClassLoader('layout');
         $layoutObject = new Layout($db);
         // Get all layouts for this Campaign
         foreach ($this->user->LayoutList(NULL, array('campaignId' => $campaignId)) as $layout) {
             // Set for ease of use
             $layoutId = $layout['layoutid'];
             Debug::LogEntry('audit', 'Processing permissions for layout id' . $layoutId, get_class(), __FUNCTION__);
             // Set the permissions on this layout (if its not the same one!)
             if ($layout['campaignid'] != $campaignId) {
                 // Set permissions on this Layout
                 $auth = $this->user->CampaignAuth($layout['campaignid'], true);
                 if ($auth->modifyPermissions) {
                     if (!$security->UnlinkAll($layout['campaignid'])) {
                         continue;
                     }
                     foreach ($permissions as $permission) {
                         $security->Link($layout['campaignid'], $permission['groupId'], $permission['view'], $permission['edit'], $permission['del']);
                     }
                 }
             }
             // Get all regions and media and set permissions on those too
             $layoutInformation = $layoutObject->LayoutInformation($layoutId);
             // Region and Media Security Class
             Kit::ClassLoader('layoutregiongroupsecurity');
             Kit::ClassLoader('layoutmediagroupsecurity');
             $layoutSecurity = new LayoutRegionGroupSecurity($this->db);
             $layoutMediaSecurity = new LayoutMediaGroupSecurity($this->db);
             foreach ($layoutInformation['regions'] as $region) {
                 // Make sure we have permission
                 $regionAuth = $this->user->RegionAssignmentAuth($region['ownerid'], $layoutId, $region['regionid'], true);
                 if (!$regionAuth->modifyPermissions) {
                     continue;
                 }
                 // Set the permissions on the region
                 // Unlink all
                 if (!$layoutSecurity->UnlinkAll($layoutId, $region['regionid'])) {
                     continue;
                 }
                 foreach ($permissions as $permission) {
                     if (!$layoutSecurity->Link($layoutId, $region['regionid'], $permission['groupId'], $permission['view'], $permission['edit'], $permission['del'])) {
                         trigger_error($layoutSecurity->GetErrorMessage(), E_USER_ERROR);
                     }
                 }
                 // Find all media nodes
                 foreach ($region['media'] as $media) {
                     $originalUserId = $media['userid'] == '' ? $layout['ownerid'] : $media['userid'];
                     // Make sure we have permission
                     $mediaAuth = $this->user->MediaAssignmentAuth($originalUserId, $layoutId, $region['regionid'], $media['mediaid'], true);
                     if (!$mediaAuth->modifyPermissions) {
                         continue;
                     }
                     // Set the permissions on the media node
                     if (!$layoutMediaSecurity->UnlinkAll($layoutId, $region['regionid'], $media['mediaid'])) {
                         continue;
                     }
                     foreach ($permissions as $permission) {
                         if (!$layoutMediaSecurity->Link($layoutId, $region['regionid'], $media['mediaid'], $permission['groupId'], $permission['view'], $permission['edit'], $permission['del'])) {
                             trigger_error($layoutMediaSecurity->GetErrorMessage(), E_USER_ERROR);
                         }
                     }
                 }
             }
         }
     }
     $response->SetFormSubmitResponse(__('Permissions Changed'));
     $response->Respond();
 }
コード例 #2
0
 /**
  * Copys a Layout
  * @param <int> $oldLayoutId
  * @param <string> $newLayoutName
  * @param <int> $userId
  * @param <bool> $copyMedia Make copies of this layouts media
  * @return <int> 
  */
 public function Copy($oldLayoutId, $newLayoutName, $newDescription, $userId, $copyMedia = false)
 {
     try {
         $dbh = PDOConnect::init();
         $currentdate = date("Y-m-d H:i:s");
         $campaign = new Campaign($this->db);
         // Include to media data class?
         if ($copyMedia) {
             $mediaObject = new Media($this->db);
             $mediaSecurity = new MediaGroupSecurity($this->db);
         }
         // We need the old campaignid
         $oldCampaignId = $campaign->GetCampaignId($oldLayoutId);
         // The Layout ID is the old layout
         $SQL = "";
         $SQL .= " INSERT INTO layout (layout, xml, userID, description, retired, duration, backgroundImageId, createdDT, modifiedDT, status) ";
         $SQL .= " SELECT :layout, xml, :userid, :description, retired, duration, backgroundImageId, :createddt, :modifieddt, status ";
         $SQL .= "  FROM layout ";
         $SQL .= " WHERE layoutid = :layoutid";
         $sth = $dbh->prepare($SQL);
         $sth->execute(array('layout' => $newLayoutName, 'description' => $newDescription, 'userid' => $userId, 'createddt' => $currentdate, 'modifieddt' => $currentdate, 'layoutid' => $oldLayoutId));
         $newLayoutId = $dbh->lastInsertId();
         // Create a campaign
         $newCampaignId = $campaign->Add($newLayoutName, 1, $userId);
         // Link them
         $campaign->Link($newCampaignId, $newLayoutId, 0);
         // Open the layout XML and parse for media nodes
         if (!$this->SetDomXml($newLayoutId)) {
             $this->ThrowError(25000, __('Unable to copy layout'));
         }
         // Handle the Background
         $sth = $dbh->prepare('SELECT mediaId FROM lklayoutmedia WHERE layoutId = :layoutId AND regionId = :regionId');
         $sth->execute(array('layoutId' => $oldLayoutId, 'regionId' => 'background'));
         if ($row = $sth->fetch()) {
             // This layout does have a background image
             // Link it to the new one
             if (!($newLkId = $this->AddLk($newLayoutId, 'background', $row['mediaId']))) {
                 throw new Exception(__('Unable to link background'));
             }
         }
         // Get all media nodes
         $xpath = new DOMXpath($this->DomXml);
         // Create an XPath to get all media nodes
         $mediaNodes = $xpath->query("//media");
         Debug::LogEntry('audit', 'About to loop through media nodes', 'layout', 'Copy');
         $copiesMade = array();
         // On each media node, take the existing LKID and MediaID and create a new LK record in the database
         $sth = $dbh->prepare('SELECT StoredAs FROM media WHERE MediaID = :mediaid');
         foreach ($mediaNodes as $mediaNode) {
             $mediaId = $mediaNode->getAttribute('id');
             $type = $mediaNode->getAttribute('type');
             // Store the old media id
             $oldMediaId = $mediaId;
             Debug::LogEntry('audit', sprintf('Media %s node found with id %d', $type, $mediaId), 'layout', 'Copy');
             // If this is a non region specific type, then move on
             if ($this->IsRegionSpecific($type)) {
                 // Generate a new media id
                 $newMediaId = md5(Kit::uniqueId());
                 $mediaNode->setAttribute('id', $newMediaId);
                 // Copy media security
                 $security = new LayoutMediaGroupSecurity($this->db);
                 $security->CopyAllForMedia($oldLayoutId, $newLayoutId, $mediaId, $newMediaId);
                 continue;
             }
             // Library media assigned to the layout, it will have a lkid
             $lkId = $mediaNode->getAttribute('lkid');
             // Get the regionId
             $regionNode = $mediaNode->parentNode;
             $regionId = $regionNode->getAttribute('id');
             // Do we need to copy this media record?
             if ($copyMedia) {
                 // Take this media item and make a hard copy of it.
                 if (!($mediaId = $mediaObject->Copy($mediaId, $newLayoutName))) {
                     throw new Exception("Error Processing Request", 1);
                 }
                 // Update the permissions for the new media record
                 $mediaSecurity->Copy($oldMediaId, $mediaId);
                 // Copied the media node, so set the ID
                 $mediaNode->setAttribute('id', $mediaId);
                 // Also need to set the options node
                 // Get the stored as value of the new node
                 $sth->execute(array('mediaid' => $mediaId));
                 if (!($row = $sth->fetch())) {
                     $this->ThrowError(25000, __('Unable to find stored value of newly copied media'));
                 }
                 $fileName = Kit::ValidateParam($row['StoredAs'], _STRING);
                 $newNode = $this->DomXml->createElement('uri', $fileName);
                 // Find the old node
                 $uriNodes = $mediaNode->getElementsByTagName('uri');
                 $uriNode = $uriNodes->item(0);
                 // Replace it
                 $uriNode->parentNode->replaceChild($newNode, $uriNode);
                 // Update the permissions for this media on this layout
                 $security = new LayoutMediaGroupSecurity($this->db);
                 $security->CopyAllForMedia($oldLayoutId, $newLayoutId, $oldMediaId, $mediaId);
             } else {
                 // We haven't copied the media file, therefore we only want to copy permissions once per region
                 // this is due to https://github.com/xibosignage/xibo/issues/487
                 if (!isset($copiesMade[$regionId]) || !in_array($mediaId, $copiesMade[$regionId])) {
                     // Update the permissions for this media on this layout
                     $security = new LayoutMediaGroupSecurity($this->db);
                     $security->CopyAllForMedia($oldLayoutId, $newLayoutId, $oldMediaId, $mediaId);
                     $copiesMade[$regionId][] = $mediaId;
                 }
             }
             // Add the database link for this media record
             if (!($newLkId = $this->AddLk($newLayoutId, $regionId, $mediaId))) {
                 throw new Exception("Error Processing Request", 1);
             }
             // Set this LKID on the media node
             $mediaNode->setAttribute('lkid', $newLkId);
         }
         Debug::LogEntry('audit', 'Finished looping through media nodes', 'layout', 'Copy');
         // Set the XML
         $this->SetLayoutXml($newLayoutId, $this->DomXml->saveXML());
         // Layout permissions
         $security = new CampaignSecurity($this->db);
         $security->CopyAll($oldCampaignId, $newCampaignId);
         $security = new LayoutRegionGroupSecurity($this->db);
         $security->CopyAll($oldLayoutId, $newLayoutId);
         // Return the new layout id
         return $newLayoutId;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         if (!$this->IsError()) {
             $this->SetError(25000, __('Unable to Copy this Layout'));
         }
         return false;
     }
 }
コード例 #3
0
ファイル: module.class.php プロジェクト: rovak73/xibo-cms
 /**
  * Permissions Edit
  */
 public function Permissions()
 {
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     Kit::ClassLoader('mediagroupsecurity');
     Kit::ClassLoader('layoutmediagroupsecurity');
     $layoutId = Kit::GetParam('layoutid', _POST, _INT);
     $regionId = Kit::GetParam('regionid', _POST, _STRING);
     $mediaId = Kit::GetParam('mediaid', _POST, _STRING);
     $groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
     if (!$this->auth->modifyPermissions) {
         trigger_error(__('You do not have permissions to edit this layout'), E_USER_ERROR);
     }
     // Unlink all
     if ($this->assignedMedia) {
         $layoutMediaSecurity = new LayoutMediaGroupSecurity($db);
         if (!$layoutMediaSecurity->UnlinkAll($layoutId, $regionId, $mediaId)) {
             trigger_error(__('Unable to set permissions'));
         }
     } else {
         $mediaSecurity = new MediaGroupSecurity($db);
         if (!$mediaSecurity->UnlinkAll($mediaId)) {
             trigger_error(__('Unable to set permissions'));
         }
     }
     // Some assignments for the loop
     $lastGroupId = 0;
     $first = true;
     $view = 0;
     $edit = 0;
     $del = 0;
     // List of groupIds with view, edit and del assignments
     foreach ($groupIds as $groupPermission) {
         $groupPermission = explode('_', $groupPermission);
         $groupId = $groupPermission[0];
         if ($first) {
             // First time through
             $first = false;
             $lastGroupId = $groupId;
         }
         if ($groupId != $lastGroupId) {
             // The groupId has changed, so we need to write the current settings to the db.
             // Link new permissions
             if ($this->assignedMedia) {
                 if (!$layoutMediaSecurity->Link($layoutId, $regionId, $mediaId, $lastGroupId, $view, $edit, $del)) {
                     trigger_error(__('Unable to set permissions'));
                 }
             } else {
                 if (!$mediaSecurity->Link($mediaId, $lastGroupId, $view, $edit, $del)) {
                     trigger_error(__('Unable to set permissions'));
                 }
             }
             // Reset
             $lastGroupId = $groupId;
             $view = 0;
             $edit = 0;
             $del = 0;
         }
         switch ($groupPermission[1]) {
             case 'view':
                 $view = 1;
                 break;
             case 'edit':
                 $edit = 1;
                 break;
             case 'del':
                 $del = 1;
                 break;
         }
     }
     // Need to do the last one
     if (!$first) {
         if ($this->assignedMedia) {
             if (!$layoutMediaSecurity->Link($layoutId, $regionId, $mediaId, $lastGroupId, $view, $edit, $del)) {
                 trigger_error(__('Unable to set permissions'));
             }
         } else {
             if (!$mediaSecurity->Link($mediaId, $lastGroupId, $view, $edit, $del)) {
                 trigger_error(__('Unable to set permissions'));
             }
         }
     }
     $response->SetFormSubmitResponse(__('Permissions Changed'));
     return $response;
 }
コード例 #4
0
ファイル: region.data.class.php プロジェクト: fignew/xibo-cms
 /**
  * Add Existing Media from the Library
  * @param [int] $user [A user object for the currently logged in user]
  * @param [int] $layoutId  [The LayoutID to Add on]
  * @param [int] $regionId  [The RegionID to Add on]
  * @param [array] $mediaList [A list of media ids from the library that should be added to to supplied layout/region]
  */
 public function AddFromLibrary($user, $layoutId, $regionId, $mediaList)
 {
     Debug::LogEntry('audit', 'IN', 'Region', 'AddFromLibrary');
     try {
         $dbh = PDOConnect::init();
         // Check that some media assignments have been made
         if (count($mediaList) == 0) {
             return $this->SetError(25006, __('No media to assign'));
         }
         // Loop through all the media
         foreach ($mediaList as $mediaId) {
             Debug::LogEntry('audit', 'Assigning MediaID: ' . $mediaId);
             $mediaId = Kit::ValidateParam($mediaId, _INT);
             // Get the type from this media
             $sth = $dbh->prepare('SELECT type FROM media WHERE mediaID = :mediaid');
             $sth->execute(array('mediaid' => $mediaId));
             if (!($row = $sth->fetch())) {
                 $this->ThrowError(__('Error getting type from a media item.'));
             }
             $mod = Kit::ValidateParam($row['type'], _WORD);
             try {
                 // Create the media object without any region and layout information
                 $module = ModuleFactory::createForMedia($mod, $mediaId, null, $user);
             } catch (Exception $e) {
                 return $this->SetError($e->getMessage());
             }
             // Check we have permissions to use this media (we will use this to copy the media later)
             if (!$module->auth->view) {
                 return $this->SetError(__('You have selected media that you no longer have permission to use. Please reload Library form.'));
             }
             if (!$module->SetRegionInformation($layoutId, $regionId)) {
                 return $this->SetError($module->GetErrorMessage());
             }
             if (!$module->UpdateRegion()) {
                 return $this->SetError($module->GetErrorMessage());
             }
             // Need to copy over the permissions from this media item & also the delete permission
             $security = new LayoutMediaGroupSecurity($this->db);
             $security->Link($layoutId, $regionId, $mediaId, $user->getGroupFromID($user->userid, true), $module->auth->view, $module->auth->edit, 1);
         }
         // Update layout status
         $layout = new Layout($this->db);
         $layout->SetValid($layoutId, true);
         return true;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
 }