コード例 #1
0
 /** 
  * We take any permissions function run on the permissions class and send it into the category
  * object
  */
 public function __call($f, $a)
 {
     if (!is_object($this->response)) {
         // handles task permissions
         $permission = Loader::helper('text')->uncamelcase($f);
     }
     if (count($a) > 0) {
         if (is_object($this->response)) {
             $r = call_user_func_array(array($this->response, $f), $a);
         } else {
             $pk = PermissionKey::getByHandle($permission);
             $r = call_user_func_array(array($pk, $f), $a);
         }
     } else {
         if (is_object($this->response)) {
             $r = $this->response->{$f}();
         } else {
             $pk = PermissionKey::getByHandle($permission);
             if (is_object($pk)) {
                 $r = $pk->validate();
             } else {
                 throw new Exception(t('Unable to get permission key for %s', $permission));
             }
         }
     }
     if (is_array($r) || is_object($r)) {
         return $r;
     } else {
         if ($r) {
             return 1;
         } else {
             return 0;
         }
     }
 }
コード例 #2
0
ファイル: area.php プロジェクト: Zyqsempai/amanet
 public function getPermissionAccessObject()
 {
     $db = Loader::db();
     if ($this->permissionObjectToCheck instanceof Area) {
         $r = $db->GetOne('select paID from AreaPermissionAssignments where cID = ? and arHandle = ? and pkID = ? ' . $filterString, array($this->permissionObjectToCheck->getCollectionID(), $this->permissionObjectToCheck->getAreaHandle(), $this->pk->getPermissionKeyID()));
         if ($r) {
             return PermissionAccess::getByID($r, $this->pk, false);
         }
     } else {
         if (isset($this->inheritedPermissions[$this->pk->getPermissionKeyHandle()])) {
             // this is a page
             $pk = PermissionKey::getByHandle($this->inheritedPermissions[$this->pk->getPermissionKeyHandle()]);
             $pk->setPermissionObject($this->permissionObjectToCheck);
             $pae = $pk->getPermissionAccessObject();
             return $pae;
         } else {
             if (isset($this->blockTypeInheritedPermissions[$this->pk->getPermissionKeyHandle()])) {
                 $pk = PermissionKey::getByHandle($this->blockTypeInheritedPermissions[$this->pk->getPermissionKeyHandle()]);
                 $pae = $pk->getPermissionAccessObject();
                 return $pae;
             }
         }
     }
     return false;
 }
コード例 #3
0
ファイル: generate_sitemap.php プロジェクト: nveid/concrete5
	/** Executes the job.
	* @return string Returns a string describing the job result in case of success.
	* @throws Exception Throws an exception in case of errors.
	*/
	public function run() {
		Cache::disableCache();
		Cache::disableLocalCache();
		
		try {
			$db = Loader::db();
			$instances = array(
				'navigation' => Loader::helper('navigation'),
				'dashboard' => Loader::helper('concrete/dashboard'),
				'view_page' => PermissionKey::getByHandle('view_page')
			);
			$rsPages = $db->query('SELECT cID FROM Pages WHERE (cID > 1) ORDER BY cID');
			$relName = ltrim(SITEMAPXML_FILE, '\\/');
			$osName = rtrim(DIR_BASE, '\\/') . '/' . $relName;
			$urlName = rtrim(BASE_URL . DIR_REL, '\\/') . '/' . $relName;
			if(!file_exists($osName)) {
				@touch($osName);
			}
			if(!is_writable($osName)) {
				throw new Exception(t('The file %s is not writable', $osName));
			}
			if(!$hFile = fopen($osName, 'w')) {
				throw new Exception(t('Cannot open file %s', $osName));
			}
			if(!@fprintf($hFile, '<?xml version="1.0" encoding="%s"?>' . self::EOL . '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">', APP_CHARSET)) {
				throw new Exception(t('Error writing header of %s', $osName));
			}
			$addedPages = 0;
			if(self::AddPage($hFile, 1, $instances)) {
				$addedPages++;
			}
			while($rowPage = $rsPages->FetchRow()) {
				if(self::AddPage($hFile, intval($rowPage['cID']), $instances)) {
					$addedPages++;
				}
			}
			$rsPages->Close();
			unset($rsPages);
			if(!@fwrite($hFile, self::EOL . '</urlset>')) {
				throw new Exception(t('Error writing footer of %s', $osName));
			}
			@fflush($hFile);
			@fclose($hFile);
			unset($hFile);
			return t('%1$s file saved (%2$d pages).', $urlName, $addedPages);
		}
		catch(Exception $x) {
			if(isset($rsPages) && $rsPages) {
				$rsPages->Close();
				$rsPages = null;
			}
			if(isset($hFile) && $hFile) {
				@fflush($hFile);
				@ftruncate($hFile, 0);
				@fclose($hFile);
				$hFile = null;
			}
			throw $x;
		}
	}
コード例 #4
0
ファイル: block.php プロジェクト: Mihail9575/concrete5
 public function getPermissionAccessObject()
 {
     $db = Loader::db();
     if ($this->permissionObjectToCheck instanceof Block) {
         $co = $this->permissionObjectToCheck->getBlockCollectionObject();
         $arHandle = $this->permissionObjectToCheck->getAreaHandle();
         $paID = $db->GetOne('select paID from BlockPermissionAssignments where cID = ? and cvID = ? and bID = ? and pkID = ? ' . $filterString, array($co->getCollectionID(), $co->getVersionID(), $this->permissionObject->getBlockID(), $this->pk->getPermissionKeyID()));
         if ($paID) {
             $pae = PermissionAccess::getByID($paID, $this->pk, false);
         }
     } else {
         if ($this->permissionObjectToCheck instanceof Area && isset($this->inheritedAreaPermissions[$this->pk->getPermissionKeyHandle()])) {
             $pk = PermissionKey::getByHandle($this->inheritedAreaPermissions[$this->pk->getPermissionKeyHandle()]);
             $pk->setPermissionObject($this->permissionObjectToCheck);
             $pae = $pk->getPermissionAccessObject();
         } else {
             if ($this->permissionObjectToCheck instanceof Page && isset($this->inheritedPagePermissions[$this->pk->getPermissionKeyHandle()])) {
                 $pk = PermissionKey::getByHandle($this->inheritedPagePermissions[$this->pk->getPermissionKeyHandle()]);
                 $pk->setPermissionObject($this->permissionObjectToCheck);
                 $pae = $pk->getPermissionAccessObject();
             }
         }
     }
     return $pae;
 }
コード例 #5
0
ファイル: topics.php プロジェクト: ppiedaderawnet/concrete5
 public function remove_tree()
 {
     if ($this->token->validate('remove_tree')) {
         $tree = Tree::getByID(Loader::helper('security')->sanitizeInt($_REQUEST['treeID']));
         $treeType = $tree->getTreeTypeObject();
         if (is_object($treeType)) {
             $treeTypeHandle = $treeType->getTreeTypeHandle();
         }
         if (is_object($tree) && $treeTypeHandle == 'topic') {
             if (\PermissionKey::getByHandle('remove_topic_tree')->validate()) {
                 $tree->delete();
                 $this->redirect('/dashboard/system/attributes/topics', 'tree_deleted');
             }
         }
     }
 }
コード例 #6
0
 /** Executes the job.
  * @return string Returns a string describing the job result in case of success.
  * @throws Exception Throws an exception in case of errors.
  */
 public function run()
 {
     Cache::disableCache();
     Cache::disableLocalCache();
     try {
         $db = Loader::db();
         $instances = array('navigation' => Loader::helper('navigation'), 'dashboard' => Loader::helper('concrete/dashboard'), 'view_page' => PermissionKey::getByHandle('view_page'), 'guestGroup' => Group::getByID(GUEST_GROUP_ID), 'now' => new DateTime('now'), 'ak_exclude_sitemapxml' => CollectionAttributeKey::getByHandle('exclude_sitemapxml'), 'ak_sitemap_changefreq' => CollectionAttributeKey::getByHandle('sitemap_changefreq'), 'ak_sitemap_priority' => CollectionAttributeKey::getByHandle('sitemap_priority'));
         $instances['guestGroupAE'] = array(GroupPermissionAccessEntity::getOrCreate($instances['guestGroup']));
         $xmlDoc = new SimpleXMLElement('<' . '?xml version="1.0" encoding="' . APP_CHARSET . '"?><urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" />');
         $rs = Loader::db()->Query('SELECT cID FROM Pages');
         while ($row = $rs->FetchRow()) {
             self::addPage($xmlDoc, intval($row['cID']), $instances);
         }
         $rs->Close();
         Events::fire('on_sitemap_xml_ready', $xmlDoc);
         $dom = dom_import_simplexml($xmlDoc)->ownerDocument;
         $dom->formatOutput = true;
         $addedPages = count($xmlDoc->url);
         $relName = ltrim(SITEMAPXML_FILE, '\\/');
         $osName = rtrim(DIR_BASE, '\\/') . '/' . $relName;
         $urlName = rtrim(BASE_URL . DIR_REL, '\\/') . '/' . $relName;
         if (!file_exists($osName)) {
             @touch($osName);
         }
         if (!is_writable($osName)) {
             throw new Exception(t('The file %s is not writable', $osName));
         }
         if (!($hFile = @fopen($osName, 'w'))) {
             throw new Exception(t('Cannot open file %s', $osName));
         }
         if (!@fwrite($hFile, $dom->saveXML())) {
             throw new Exception(t('Error writing to file %s', $osName));
         }
         @fflush($hFile);
         @fclose($hFile);
         unset($hFile);
         return t('%1$s file saved (%2$d pages).', sprintf('<a href="%s" target="_blank">%s</a>', $urlName, preg_replace('/^https?:\\/\\//i', '', $urlName)), $addedPages);
     } catch (Exception $x) {
         if (isset($hFile) && $hFile) {
             @fflush($hFile);
             @ftruncate($hFile, 0);
             @fclose($hFile);
             $hFile = null;
         }
         throw $x;
     }
 }
コード例 #7
0
ファイル: block.php プロジェクト: ojalehto/concrete5-legacy
 public function canGuestsViewThisBlock()
 {
     $pk = PermissionKey::getByHandle('view_block');
     $pk->setPermissionObject($this->getPermissionObject());
     $gg = GroupPermissionAccessEntity::getOrCreate(Group::getByID(GUEST_GROUP_ID));
     $accessEntities = array($gg);
     $valid = false;
     $list = $pk->getAccessListItems(PermissionKey::ACCESS_TYPE_ALL, $accessEntities);
     foreach ($list as $l) {
         if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_INCLUDE) {
             $valid = true;
         }
         if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_EXCLUDE) {
             $valid = false;
         }
     }
     return $valid;
 }
コード例 #8
0
ファイル: version_562.php プロジェクト: ronlobo/concrete5
	public function run() {
		$j = Job::getByHandle('index_search_all');
		if (!is_object($j)) {
			Job::installByHandle('index_search_all');
		}

		$js = JobSet::getByName('Default');
		if (!is_object($js)) {
			$js = JobSet::add('Default');
		}
		$js->clearJobs();
		$jobs = Job::getList();
		foreach($jobs as $j) {
			if (!$j->supportsQueue()) {
				$js->addJob($j);	
			}
		}

		// create the view page in sitemap permission
		$rpk = PermissionKey::getByHandle('view_page');
		$vpk = PermissionKey::getByHandle('view_page_in_sitemap');
		if (!is_object($vpk)) {
			$vpk = PermissionKey::add('page', 'view_page_in_sitemap', 'View Page in Sitemap', 'View Page in Sitemap and Intelligent Search.', false, false);
		}
		// now we have to get a list of all pages in the site that have their own permissions set.
		$db = Loader::db();
		$r = $db->Execute('select cID from Pages where cInheritPermissionsFrom = "OVERRIDE" order by cID asc');
		while ($row = $r->Fetchrow()) {
			$c = Page::getByID($row['cID']);
			if (is_object($c) && !$c->isError()) {
				$rpk->setPermissionObject($c);
				$vpk->setPermissionObject($c);
				$rpa = $rpk->getPermissionAccessObject();
				if (is_object($rpa)) {
					$pt = $vpk->getPermissionAssignmentObject();
					if (is_object($pt)) {
						$pt->clearPermissionAssignment();
						$pt->assignPermissionAccess($rpa);						
					}
				}
			}
		}
	}
コード例 #9
0
ファイル: version_563.php プロジェクト: Zyqsempai/amanet
 public function run()
 {
     $bt = BlockType::getByHandle('guestbook');
     if (is_object($bt)) {
         $bt->refresh();
     }
     // add user export users task permission
     $pk = PermissionKey::getByHandle('access_user_search_export');
     if (!$pk instanceof PermissionKey) {
         $pk = PermissionKey::add('user', 'access_user_search_export', 'Export Site Users', 'Controls whether a user can export site users or not', false, false);
         $pa = $pk->getPermissionAccessObject();
         if (!is_object($pa)) {
             $pa = PermissionAccess::create($pk);
         }
         $adminGroup = Group::getByID(ADMIN_GROUP_ID);
         //Make sure "Adminstrators" group still exists
         if ($adminGroup) {
             $adminGroupEntity = GroupPermissionAccessEntity::getOrCreate($adminGroup);
             $pa->addListItem($adminGroupEntity);
             $pt = $pk->getPermissionAssignmentObject();
             $pt->assignPermissionAccess($pa);
         }
     }
     if (!Config::get('SECURITY_TOKEN_JOBS')) {
         Config::save('SECURITY_TOKEN_JOBS', Loader::helper('validation/identifier')->getString(64));
     }
     if (!Config::get('SECURITY_TOKEN_ENCRYPTION')) {
         Config::save('SECURITY_TOKEN_ENCRYPTION', Loader::helper('validation/identifier')->getString(64));
     }
     if (!Config::get('SECURITY_TOKEN_VALIDATION')) {
         Config::save('SECURITY_TOKEN_VALIDATION', Loader::helper('validation/identifier')->getString(64));
     }
     $sp = Page::getByPath('/dashboard/system/mail/method/test_settings');
     if (!is_object($sp) || $sp->isError()) {
         $sp = SinglePage::add('/dashboard/system/mail/method/test_settings');
         $sp->update(array('cName' => t('Test Mail Settings')));
         $sp->setAttribute('meta_keywords', 'test smtp, test mail');
     }
 }
コード例 #10
0
ファイル: version_560.php プロジェクト: Zyqsempai/amanet
 protected function installPermissionsAndWorkflow()
 {
     $sx = simplexml_load_file(DIR_BASE_CORE . '/config/install/base/permissions.xml');
     foreach ($sx->permissioncategories->category as $pkc) {
         $handle = (string) $pkc['handle'];
         $pkca = PermissionKeyCategory::getByHandle($handle);
         if (!is_object($pkca)) {
             $pkx = PermissionKeyCategory::add((string) $pkc['handle']);
         }
     }
     foreach ($sx->workflowprogresscategories->category as $pkc) {
         $handle = (string) $pkc['handle'];
         $pkca = WorkflowProgressCategory::getByHandle($handle);
         if (!is_object($pkca)) {
             $pkx = WorkflowProgressCategory::add((string) $pkc['handle']);
         }
     }
     foreach ($sx->workflowtypes->workflowtype as $wt) {
         $handle = (string) $wt['handle'];
         $name = (string) $wt['name'];
         $wtt = WorkflowType::getByHandle($handle);
         if (!is_object($wtt)) {
             $pkx = WorkflowType::add($handle, $name);
         }
     }
     if (isset($sx->permissionaccessentitytypes)) {
         foreach ($sx->permissionaccessentitytypes->permissionaccessentitytype as $pt) {
             $name = $pt['name'];
             if (!$name) {
                 $name = Loader::helper('text')->unhandle($pt['handle']);
             }
             $handle = (string) $pt['handle'];
             $patt = PermissionAccessEntityType::getByHandle($handle);
             if (!is_object($patt)) {
                 $type = PermissionAccessEntityType::add((string) $pt['handle'], $name);
                 if (isset($pt->categories)) {
                     foreach ($pt->categories->children() as $cat) {
                         $catobj = PermissionKeyCategory::getByHandle((string) $cat['handle']);
                         $catobj->associateAccessEntityType($type);
                     }
                 }
             }
         }
     }
     $txt = Loader::helper('text');
     foreach ($sx->permissionkeys->permissionkey as $pk) {
         $pkc = PermissionKeyCategory::getByHandle((string) $pk['category']);
         $className = $txt->camelcase($pkc->getPermissionKeyCategoryHandle());
         $c1 = $className . 'PermissionKey';
         $handle = (string) $pk['handle'];
         $pka = PermissionKey::getByHandle($handle);
         if (!is_object($pka)) {
             $pkx = call_user_func(array($c1, 'import'), $pk);
         }
     }
 }
コード例 #11
0
 public function assignPermissions($userOrGroup, $permissions = array(), $accessType = FileSetPermissionKey::ACCESS_TYPE_INCLUDE)
 {
     $db = Loader::db();
     if ($this->fsID > 0) {
         $db->Execute("update FileSets set fsOverrideGlobalPermissions = 1 where fsID = ?", array($this->fsID));
         $this->fsOverrideGlobalPermissions = true;
     }
     if (is_array($userOrGroup)) {
         $pe = GroupCombinationPermissionAccessEntity::getOrCreate($userOrGroup);
         // group combination
     } else {
         if ($userOrGroup instanceof User || $userOrGroup instanceof UserInfo) {
             $pe = UserPermissionAccessEntity::getOrCreate($userOrGroup);
         } else {
             // group;
             $pe = GroupPermissionAccessEntity::getOrCreate($userOrGroup);
         }
     }
     foreach ($permissions as $pkHandle) {
         $pk = PermissionKey::getByHandle($pkHandle);
         $pk->setPermissionObject($this);
         $pa = $pk->getPermissionAccessObject();
         if (!is_object($pa)) {
             $pa = PermissionAccess::create($pk);
         } else {
             if ($pa->isPermissionAccessInUse()) {
                 $pa = $pa->duplicate();
             }
         }
         $pa->addListItem($pe, false, $accessType);
         $pt = $pk->getPermissionAssignmentObject();
         $pt->assignPermissionAccess($pa);
     }
 }
コード例 #12
0
<?php

defined('C5_EXECUTE') or die("Access Denied.");
$form = Loader::helper('form');
$tp = new TaskPermission();
Loader::model('attribute/categories/user');
$attribs = UserAttributeKey::getEditableList();
$sk = PermissionKey::getByHandle('access_user_search');
$ek = PermissionKey::getByHandle('edit_user_properties');
$tp = new TaskPermission();
if (!$tp->canEditUserProperties()) {
    die(t("Access Denied."));
}
$users = array();
if (is_array($_REQUEST['uID'])) {
    foreach ($_REQUEST['uID'] as $uID) {
        $ui = UserInfo::getByID($uID);
        $users[] = $ui;
    }
}
foreach ($users as $ui) {
    if (!$sk->validate($ui)) {
        die(t("Access Denied."));
    }
}
if ($_POST['task'] == 'update_extended_attribute') {
    $fakID = $_REQUEST['fakID'];
    $value = '';
    $ak = UserAttributeKey::get($fakID);
    foreach ($users as $ui) {
        if ($ek->validate($ak)) {
コード例 #13
0
<?php

defined('C5_EXECUTE') or die("Access Denied.");
$c = $b->getBlockCollectionObject();
$arHandle = $b->getAreaHandle();
use Concrete\Core\Permission\Duration as PermissionDuration;
$pk = PermissionKey::getByHandle('view_block');
$pk->setPermissionObject($b);
$list = $pk->getAccessListItems();
foreach ($list as $pa) {
    $pae = $pa->getAccessEntityObject();
    if ($pae->getAccessEntityTypeHandle() == 'group') {
        if ($pae->getGroupObject()->getGroupID() == GUEST_GROUP_ID) {
            $pd = $pa->getPermissionDurationObject();
            if (!is_object($pd)) {
                $pd = new PermissionDuration();
            }
        }
    }
}
?>
<div class="ccm-ui" id="ccm-permissions-access-entity-wrapper">
<form id="ccm-permissions-timed-guest-access-form" class="form-stacked" method="post" action="<?php 
echo REL_DIR_FILES_TOOLS_REQUIRED;
?>
/permissions/categories/block">
<input type="hidden" name="task" value="set_timed_guest_access" />
<?php 
echo Loader::helper('validation/token')->output('set_timed_guest_access');
?>
<input type="hidden" name="cID" value="<?php 
コード例 #14
0
ファイル: search.php プロジェクト: ppiedaderawnet/concrete5
<?php

defined('C5_EXECUTE') or die("Access Denied.");
$app = Concrete\Core\Support\Facade\Application::getFacadeApplication();
$form = $app->make('helper/form');
$ek = PermissionKey::getByHandle('edit_user_properties');
$ik = PermissionKey::getByHandle('activate_user');
$dk = PermissionKey::getByHandle('delete_user');
?>

<script type="text/template" data-template="search-results-table-body">
<% _.each(items, function (user) {%>
	<tr>
		<td><span class="ccm-search-results-checkbox"><input type="checkbox" class="ccm-flat-checkbox" data-user-id="<%-user.uID%>" data-user-name="<%-user.uName%>" data-user-email="<%-user.uEmail%>" data-search-checkbox="individual" value="<%-user.uID%>" /></span></td>
		<% for (i = 0; i < user.columns.length; i++) {
			var column = user.columns[i];
			%>
			<td><%= column.value %></td>
		<% } %>
	</tr>
<% }); %>
</script>

<div data-search-element="wrapper"></div>

<div data-search-element="results">

	<table border="0" cellspacing="0" cellpadding="0" class="ccm-search-results-table">
		<thead>
		</thead>
		<tbody>
コード例 #15
0
ファイル: check_in.php プロジェクト: digideskio/concrete5
">

<h5><?php 
echo t('Version Comments');
?>
</h5>

<div class="ccm-panel-check-in-comments"><textarea name="comments" id="ccm-check-in-comments" /></textarea></div>

<?php 
if ($cp->canApprovePageVersions()) {
    if ($c->isPageDraft()) {
        $publishTitle = t('Publish Page');
    } else {
        $publishTitle = t('Publish Changes');
        $pk = PermissionKey::getByHandle('approve_page_versions');
        $pk->setPermissionObject($c);
        $pa = $pk->getPermissionAccessObject();
        $workflows = array();
        $canApproveWorkflow = true;
        if (is_object($pa)) {
            $workflows = $pa->getWorkflows();
        }
        foreach ($workflows as $wf) {
            if (!$wf->canApproveWorkflow()) {
                $canApproveWorkflow = false;
            }
        }
        if (count($workflows) > 0 && !$canApproveWorkflow) {
            $publishTitle = t('Submit to Workflow');
        }
コード例 #16
0
<?php

defined('C5_EXECUTE') or die("Access Denied.");
$pk = PermissionKey::getByHandle('customize_themes');
?>


<section id="ccm-panel-page-design-customize">
    <form data-form="panel-page-design-customize" target="ccm-page-preview-frame" method="post" action="<?php 
echo $controller->action("preview", $theme->getThemeID());
?>
">
    <header><a href="" data-panel-navigation="back" class="ccm-panel-back"><span class="fa fa-chevron-left"></span></a> <a href="" data-panel-navigation="back"><?php 
echo t('Customize Theme');
?>
</a></header>

    <?php 
if (count($presets) > 1) {
    ?>

    <div class="ccm-panel-content-inner">

    <div class="list-group" data-panel-menu-id="page-design-presets"  data-panel-menu="collapsible-list-group">
        <div class="list-group-item list-group-item-header"><?php 
    echo t('Preset');
    ?>
</div>
        <?php 
    $i = 0;
    foreach ($presets as $preset) {
コード例 #17
0
ファイル: sitemap.php プロジェクト: Zyqsempai/amanet
 function getNode($cItem, $level = 0, $autoOpenNodes = true)
 {
     if (!is_object($cItem)) {
         $cID = $cItem;
         $c = Page::getByID($cID, 'RECENT');
     } else {
         $cID = $cItem->getCollectionID();
         $c = $cItem;
     }
     $cp = new Permissions($c);
     $canEditPageProperties = $cp->canEditPageProperties();
     $canEditPageSpeedSettings = $cp->canEditPageSpeedSettings();
     $canEditPagePermissions = $cp->canEditPagePermissions();
     $canEditPageDesign = $cp->canEditPageTheme() || $cp->canEditPageType();
     $canViewPageVersions = $cp->canViewPageVersions();
     $canDeletePage = $cp->canDeletePage();
     $canAddSubpages = $cp->canAddSubpage();
     $canAddExternalLinks = $cp->canAddExternalLink();
     $nodeOpen = false;
     if (is_array($_SESSION['dsbSitemapNodes'])) {
         if (in_array($cID, $_SESSION['dsbSitemapNodes'])) {
             $nodeOpen = true;
         }
     }
     $status = '';
     $cls = $c->getNumChildren() > 0 ? "folder" : "file";
     $leaf = $c->getNumChildren() > 0 ? false : true;
     $numSubpages = $c->getNumChildren() > 0 ? $c->getNumChildren() : '';
     $cvName = $c->getCollectionName() ? $c->getCollectionName() : '(No Title)';
     $cvName = $c->isSystemPage() ? t($cvName) : $cvName;
     $selected = ConcreteDashboardSitemapHelper::isOneTimeActiveNode($cID) ? true : false;
     $ct = CollectionType::getByID($c->getCollectionTypeID());
     $isInTrash = $c->isInTrash();
     $canCompose = false;
     if (is_object($ct)) {
         if ($ct->isCollectionTypeIncludedInComposer()) {
             $h = Loader::helper('concrete/dashboard');
             if ($cp->canEditPageProperties() && $h->canAccessComposer()) {
                 $canCompose = true;
             }
         }
     }
     $isTrash = $c->getCollectionPath() == TRASH_PAGE_PATH;
     if ($isTrash || $isInTrash) {
         $pk = PermissionKey::getByHandle('empty_trash');
         if (!$pk->validate()) {
             return false;
         }
     }
     $cIcon = $c->getCollectionIcon();
     $cAlias = $c->isAlias();
     $cPointerID = $c->getCollectionPointerID();
     if ($cAlias) {
         if ($cPointerID > 0) {
             $cIcon = ASSETS_URL_IMAGES . '/icons/alias.png';
             $cAlias = 'POINTER';
             $cID = $c->getCollectionPointerOriginalID();
         } else {
             $cIcon = ASSETS_URL_IMAGES . '/icons/alias_external.png';
             $cAlias = 'LINK';
         }
     }
     $node = array('cvName' => $cvName, 'cIcon' => $cIcon, 'cAlias' => $cAlias, 'isInTrash' => $isInTrash, 'isTrash' => $isTrash, 'numSubpages' => $numSubpages, 'status' => $status, 'canEditPageProperties' => $canEditPageProperties, 'canEditPageSpeedSettings' => $canEditPageSpeedSettings, 'canEditPagePermissions' => $canEditPagePermissions, 'canEditPageDesign' => $canEditPageDesign, 'canViewPageVersions' => $canViewPageVersions, 'canDeletePage' => $canDeletePage, 'canAddSubpages' => $canAddSubpages, 'canAddExternalLinks' => $canAddExternalLinks, 'canCompose' => $canCompose, 'id' => $cID, 'selected' => $selected);
     if ($cID == 1 || $nodeOpen && $autoOpenNodes) {
         // We open another level
         $node['subnodes'] = $this->getSubNodes($cID, $level, false, $autoOpenNodes);
     }
     return $node;
 }
コード例 #18
0
if ($cp->canEditPagePermissions()) {
    $editAccess = array();
    $viewAccess = array();
    $pk = PermissionKey::getByHandle('view_page');
    $pk->setPermissionObject($c);
    $assignments = $pk->getAccessListItems();
    foreach ($assignments as $asi) {
        $ae = $asi->getAccessEntityObject();
        if ($ae->getAccessEntityTypeHandle() == 'group') {
            $group = $ae->getGroupObject();
            if (is_object($group)) {
                $viewAccess[] = $group->getGroupID();
            }
        }
    }
    $pk = PermissionKey::getByHandle('edit_page_contents');
    $pk->setPermissionObject($c);
    $assignments = $pk->getAccessListItems();
    foreach ($assignments as $asi) {
        $ae = $asi->getAccessEntityObject();
        if ($ae->getAccessEntityTypeHandle() == 'group') {
            $group = $ae->getGroupObject();
            if (is_object($group)) {
                $editAccess[] = $group->getGroupID();
            }
        }
    }
    Loader::model('search/group');
    $gl = new GroupSearch();
    $gl->sortBy('gID', 'asc');
    $gIDs = $gl->get();
コード例 #19
0
ファイル: move_page.php プロジェクト: ronlobo/concrete5-de
 public function __construct()
 {
     $pk = PermissionKey::getByHandle('move_or_copy_page');
     parent::__construct($pk);
 }
コード例 #20
0
 public function view()
 {
     $assignment = PermissionKey::getByHandle('edit_user_properties')->getMyAssignment();
     $vals = Loader::helper('validation/strings');
     $valt = Loader::helper('validation/token');
     $valc = Loader::helper('concrete/validation');
     if ($_POST['create']) {
         $username = trim($_POST['uName']);
         $username = preg_replace("/\\s+/", " ", $username);
         $_POST['uName'] = $username;
         $password = $_POST['uPassword'];
         if (!$vals->email($_POST['uEmail'])) {
             $this->error->add(t('Invalid email address provided.'));
         } else {
             if (!$valc->isUniqueEmail($_POST['uEmail'])) {
                 $this->error->add(t("The email address '%s' is already in use. Please choose another.", $_POST['uEmail']));
             }
         }
         if (strlen($username) < USER_USERNAME_MINIMUM) {
             $this->error->add(t('A username must be between at least %s characters long.', USER_USERNAME_MINIMUM));
         }
         if (strlen($username) > USER_USERNAME_MAXIMUM) {
             $this->error->add(t('A username cannot be more than %s characters long.', USER_USERNAME_MAXIMUM));
         }
         if (strlen($username) >= USER_USERNAME_MINIMUM && !$valc->username($username)) {
             if (USER_USERNAME_ALLOW_SPACES) {
                 $this->error->add(t('A username may only contain letters, numbers and spaces.'));
             } else {
                 $this->error->add(t('A username may only contain letters or numbers.'));
             }
         }
         if (!$valc->isUniqueUsername($username)) {
             $this->error->add(t("The username '%s' already exists. Please choose another", $username));
         }
         if ($username == USER_SUPER) {
             $this->error->add(t('Invalid Username'));
         }
         if (strlen($password) < USER_PASSWORD_MINIMUM || strlen($password) > USER_PASSWORD_MAXIMUM) {
             $this->error->add(t('A password must be between %s and %s characters', USER_PASSWORD_MINIMUM, USER_PASSWORD_MAXIMUM));
         }
         if (strlen($password) >= USER_PASSWORD_MINIMUM && !$valc->password($password)) {
             $this->error->add(t('A password may not contain ", \', >, <, or any spaces.'));
         }
         if (!$valt->validate('create_account')) {
             $this->error->add($valt->getErrorMessage());
         }
         Loader::model("attribute/categories/user");
         $aks = UserAttributeKey::getRegistrationList();
         foreach ($aks as $uak) {
             if ($uak->isAttributeKeyRequiredOnRegister()) {
                 $e1 = $uak->validateAttributeForm();
                 if ($e1 == false) {
                     $this->error->add(t('The field "%s" is required', $uak->getAttributeKeyName()));
                 } else {
                     if ($e1 instanceof ValidationErrorHelper) {
                         $this->error->add($e1->getList());
                     }
                 }
             }
         }
         if (!$this->error->has()) {
             // do the registration
             $data = array('uName' => $username, 'uPassword' => $password, 'uEmail' => $_POST['uEmail'], 'uDefaultLanguage' => $_POST['uDefaultLanguage']);
             $uo = UserInfo::add($data);
             if (is_object($uo)) {
                 $av = Loader::helper('concrete/avatar');
                 if ($assignment->allowEditAvatar()) {
                     if (is_uploaded_file($_FILES['uAvatar']['tmp_name'])) {
                         $uHasAvatar = $av->updateUserAvatar($_FILES['uAvatar']['tmp_name'], $uo->getUserID());
                     }
                 }
                 foreach ($aks as $uak) {
                     if (in_array($uak->getAttributeKeyID(), $assignment->getAttributesAllowedArray())) {
                         $uak->saveAttributeForm($uo);
                     }
                 }
                 $gak = PermissionKey::getByHandle('assign_user_groups');
                 $gIDs = array();
                 if (is_array($_POST['gID'])) {
                     foreach ($_POST['gID'] as $gID) {
                         if ($gak->validate($gID)) {
                             $gIDs[] = $gID;
                         }
                     }
                 }
                 $uo->updateGroups($gIDs);
                 $uID = $uo->getUserID();
                 $this->redirect('/dashboard/users/search?uID=' . $uID . '&user_created=1');
             } else {
                 $this->error->add(t('An error occurred while trying to create the account.'));
                 $this->set('error', $this->error);
             }
         } else {
             $this->set('error', $this->error);
         }
     }
 }
コード例 #21
0
 public function __construct()
 {
     $pk = PermissionKey::getByHandle('edit_page_permissions');
     parent::__construct($pk);
 }
コード例 #22
0
ファイル: delete_page.php プロジェクト: nveid/concrete5
	public function __construct() {
		$pk = PermissionKey::getByHandle('delete_page');
		parent::__construct($pk);
	}
コード例 #23
0
ファイル: approve_page.php プロジェクト: ronlobo/concrete5-de
 public function __construct()
 {
     $pk = PermissionKey::getByHandle('approve_page_versions');
     parent::__construct($pk);
 }
コード例 #24
0
if (is_array($_REQUEST['uID'])) {
    foreach ($_REQUEST['uID'] as $uID) {
        $ui = UserInfo::getByID($uID);
        $users[] = $ui;
    }
}
foreach ($users as $ui) {
    $up = new Permissions($ui);
    if (!$up->canViewUser()) {
        die(t("Access Denied."));
    }
}
if ($_POST['task'] == 'activate') {
    $workflowAttached = false;
    // check if workflow is attached to this request
    $pk = PermissionKey::getByHandle('activate_user');
    $pa = $pk->getPermissionAccessObject();
    $workflows = $pa->getWorkflows();
    $workflowAttached = count($workflows);
    if ($workflowAttached) {
        // workflow is attached
        $hudMessage = t('User Settings saved. You must complete the workflow before this change is active.');
    } else {
        // workflow is not attached
        $hudMessage = t('User Settings saved.');
    }
    foreach ($users as $ui) {
        $workflowRequestActions = array();
        // Fetch triggered workflow request actions of current user when workflow is attached to this request
        // so that same request action won't trigger twice.
        if ($workflowAttached) {
コード例 #25
0
" href="<?php 
    echo REL_DIR_FILES_TOOLS_REQUIRED;
    ?>
/edit_area_popup?cID=<?php 
    echo $c->getCollectionID();
    ?>
&arHandle=<?php 
    echo urlencode($a->getAreaHandle());
    ?>
&atask=groups"><?php 
    echo t("Permissions");
    ?>
</a></li><?php 
}
if ($a instanceof SubArea) {
    $pk = PermissionKey::getByHandle('manage_layout_presets');
    $ax = $a->getSubAreaParentPermissionsObject();
    $axp = new Permissions($ax);
    if ($axp->canAddLayout()) {
        $bx = $a->getSubAreaBlockObject();
        if (is_object($bx) && !$bx->isError()) {
            ?>
                                <li class="divider"></li>
                                <li><a href="javascript:void(0)" data-container-layout-block-id="<?php 
            echo $bx->getBlockID();
            ?>
" data-menu-action="edit-container-layout" data-area-grid-maximum-columns="<?php 
            echo $a->getAreaGridMaximumColumns();
            ?>
"><?php 
            echo t("Edit Container Layout");
コード例 #26
0
ファイル: view.php プロジェクト: ceko/concrete5-1
            </li>
        </ul>
        <ul class="nav navbar-nav navbar-right">
            <li class="navbar-form">
            <?php 
if (PermissionKey::getByHandle('remove_topic_tree')->validate() && is_object($tree)) {
    ?>
                <button type="button" data-dialog="delete-topic-tree" class="btn btn-danger btn-sm"><?php 
    echo t('Delete Topic Tree');
    ?>
</button>
            <?php 
}
?>
            <?php 
if (PermissionKey::getByHandle('add_topic_tree')->validate()) {
    ?>
                <button onclick="window.location.href='<?php 
    echo $view->url('/dashboard/system/attributes/topics/add');
    ?>
'" class="btn btn-default btn-sm"><?php 
    echo t('Add Topic Tree');
    ?>
</button>
            <?php 
}
?>
            </li>
        </ul>
    </div>
</nav>
コード例 #27
0
<?php

defined('C5_EXECUTE') or die("Access Denied.");
$searchInstance = Loader::helper('text')->entities($_REQUEST['searchInstance']);
if (!strlen($searchInstance)) {
    $searchInstance = 'user';
}
$form = Loader::helper('form');
$ih = Loader::helper('concrete/interface');
$tp = new TaskPermission();
$token = Loader::helper('validation/token');
$sk = PermissionKey::getByHandle('access_user_search');
$gk = PermissionKey::getByHandle('assign_user_groups');
if (!$gk->validate()) {
    die(t("Access Denied."));
}
$users = array();
if (is_array($_REQUEST['uID'])) {
    foreach ($_REQUEST['uID'] as $uID) {
        $ui = UserInfo::getByID($uID);
        $users[] = $ui;
    }
}
foreach ($users as $ui) {
    if (!$sk->validate($ui)) {
        die(t("Access Denied."));
    }
}
Loader::model('search/group');
$gl = new GroupSearch();
$gl->setItemsPerPage(-1);
コード例 #28
0
	<? } ?>
	
	</ul>
	</div>
	</div>

	<div class="clearfix">
	<label><?php 
echo t('Additional Attributes');
?>
</label>
	<div class="input">
	<ul class="inputs-list">
	
	<?
	$pk = PermissionKey::getByHandle('view_user_attributes');
	foreach($list as $ak) { 
		if ($pk->validate($ak)) { ?>

		<li><label><?php 
echo $form->checkbox('ak_' . $ak->getAttributeKeyHandle(), 1, $fldc->contains($ak));
?>
 <span><?php 
echo tc('AttributeKeyName', $ak->getAttributeKeyName());
?>
</span></label></li>
	
	<? } 
	
	}?>
	
コード例 #29
0
<?php

defined('C5_EXECUTE') or die("Access Denied.");
$pk = PermissionKey::getByHandle('empty_trash');
if (!$pk->validate()) {
    die(t("Access Denied."));
}
$trash = Page::getByPath(Config::get('concrete.paths.trash'));
$i = 0;
if (is_object($trash) && !$trash->isError()) {
    $pl = new PageList();
    $pl->filterByParentID($trash->getCollectionID());
    $pl->includeInactivePages();
    $pl->setPageVersionToRetrieve(\Concrete\Core\Page\PageList::PAGE_VERSION_RECENT);
    $pages = $pl->getResults();
    foreach ($pages as $pc) {
        $cp = new Permissions($pc);
        if ($cp->canDeletePage()) {
            ++$i;
            $pc->delete();
        }
    }
}
$message = t2('%d page deleted.', '%d pages deleted.', $i, $i);
$obj = new stdClass();
$obj->message = $message;
echo Loader::helper('json')->encode($obj);
コード例 #30
0
ファイル: search.php プロジェクト: ronlobo/concrete5
	public function delete($delUserId, $token = null){
		$u=new User();
		try {

			$delUI=UserInfo::getByID($delUserId); 
			
			if(!($delUI instanceof UserInfo)) {
				throw new Exception(t('Invalid user ID.'));
			}

			if (!PermissionKey::getByHandle('access_user_search')->validate($delUI)) { 
				throw new Exception(t('Access Denied.'));
			}
		
			$tp = new TaskPermission();
			if (!$tp->canDeleteUser()) { 
				throw new Exception(t('You do not have permission to perform this action.'));
			}

			if ($delUserId == USER_SUPER_ID) {
				throw new Exception(t('You may not remove the super user account.'));
			}			

			if($delUserId==$u->getUserID()) {
				throw new Exception(t('You cannot delete your own user account.'));
			}


			$valt = Loader::helper('validation/token');
			if (!$valt->validate('delete_account', $token)) {
				throw new Exception($valt->getErrorMessage());
			}
			
			$delUI->delete(); 
			$resultMsg=t('User deleted successfully.');
			
			$_REQUEST=array();
			$_GET=array();
			$_POST=array();		
			$this->set('message', $resultMsg);
		} catch (Exception $e) {
			$this->set('error', $e);
		}
		$this->view();

	}