public function add()
{
$filesystem = new Filesystem();
if ($this->request->request->has('currentFolder')) {
$node = Node::getByID($this->request->request->get('currentFolder'));
if (is_object($node) && $node instanceof FileFolder) {
$folder = $node;
}
}
if (!isset($folder)) {
$folder = $filesystem->getRootFolder();
}
$permissions = new \Permissions($folder);
$error = $this->app->make('error');
$response = new EditResponse();
$response->setError($error);
if (!$permissions->canAddTreeSubNode()) {
$error->add(t('You do not have permission to add a folder here.'));
}
if (!$error->has()) {
$folder = $filesystem->addFolder($folder, $this->request->request->get('folderName'));
$response->setMessage(t('Folder added.'));
$response->setAdditionalDataAttribute('folder', $folder);
}
$response->outputJSON();
}
public function on_page_view()
{
$stack = Stack::getByID($this->stID);
if (!is_object($stack)) {
return false;
}
$p = new Permissions($stack);
if ($p->canViewPage()) {
$blocks = $stack->getBlocks();
foreach ($blocks as $b) {
$bp = new Permissions($b);
if ($bp->canViewBlock()) {
$btc = $b->getInstance();
if ('Controller' != get_class($btc)) {
$btc->outputAutoHeaderItems();
}
$csr = $b->getBlockCustomStyleRule();
if (is_object($csr)) {
$styleHeader = '#' . $csr->getCustomStyleRuleCSSID(1) . ' {' . $csr->getCustomStyleRuleText() . "} \r\n";
$btc->addHeaderItem("<style type=\"text/css\"> \r\n" . $styleHeader . '</style>', 'VIEW');
}
$btc->runTask('on_page_view', array($view));
}
}
}
}
public function delete($ptID = false)
{
$pagetype = PageType::getByID($ptID);
if (!is_object($pagetype)) {
$this->error->add(t('Invalid page type object.'));
}
$cmp = new \Permissions($pagetype);
if (!$cmp->canDeletePageType()) {
$this->error->add(t('You do not have access to delete this page type.'));
}
$count = $pagetype->getPageTypeUsageCount();
if ($count > 0) {
$this->error->add(t2(
'This page type is in use on %d page.',
'This page type is in use on %d pages.', $count));
}
if (!$this->token->validate('delete_page_type')) {
$this->error->add(t($this->token->getErrorMessage()));
}
if (!$this->error->has()) {
$pagetype->delete();
$this->redirect('/dashboard/pages/types', 'page_type_deleted');
}
$this->view();
}
public function delete($cID = false, $token = false) {
if (Loader::helper('validation/token')->validate('delete', $token)) {
$s = Stack::getByID($cID);
if (is_object($s)) {
$sps = new Permissions($s);
if ($sps->canDeletePage()) {
$u = new User();
$pkr = new DeletePagePageWorkflowRequest();
$pkr->setRequestedPage($s);
$pkr->setRequesterUserID($u->getUserID());
$response = $pkr->trigger();
if ($response instanceof WorkflowProgressResponse) {
// we only get this response if we have skipped workflows and jumped straight in to an approve() step.
$this->redirect('/dashboard/blocks/stacks', 'stack_deleted');
} else {
$this->redirect('/dashboard/blocks/stacks', 'view_details', $cID, 'delete_saved');
}
} else {
$this->error->add(t('You do not have access to delete this stack.'));
}
} else {
$this->error->add(t('Invalid stack'));
}
} else {
$this->error->add(Loader::helper('validation/token')->getErrorMessage());
}
}
public function getSearchResultFromQuery(Query $query)
{
$result = parent::getSearchResultFromQuery($query);
$u = new \User();
if (!$u->isSuperUser()) {
$gIDs = array(-1);
$gs = new GroupList();
$groups = $gs->getResults();
foreach ($groups as $g) {
$gp = new \Permissions($g);
if ($gp->canSearchUsersInGroup()) {
$gIDs[] = $g->getGroupID();
}
}
$result->getItemListObject()->getQueryObject()->leftJoin("u", "UserGroups", "ugRequired", "ugRequired.uID = u.uID");
$groups = 'ugRequired.gID in (' . implode(',', $gIDs) . ')';
$gg = \Group::getByID(REGISTERED_GROUP_ID);
$ggp = new \Permissions($gg);
if ($ggp->canSearchUsersInGroup()) {
$null = 'ugRequired.gID is null';
}
$result->getItemListObject()->getQueryObject()->select('distinct (u.uID)');
$expr = $result->getItemListObject()->getQueryObject()->expr()->orX($groups, $null);
$result->getItemListObject()->getQueryObject()->andwhere($expr);
}
return $result;
}
public function view()
{
session_write_close();
$keywords = $_REQUEST['q'];
$pl = new \PageList();
$pl->filterByName($keywords);
$pl->sortBy('cID', 'asc');
$pl->setItemsPerPage(5);
$pl->setPermissionsChecker(function ($page) {
$pp = new \Permissions($page);
return $pp->canViewPageInSitemap();
});
$pagination = $pl->getPagination();
$pages = $pagination->getCurrentPageResults();
$results = array();
$nh = \Core::make('helper/navigation');
foreach ($pages as $c) {
$obj = new \stdClass();
$obj->href = $nh->getLinkToCollection($c);
$obj->cID = $c->getCollectionID();
$obj->name = $c->getCollectionName();
$results[] = $obj;
}
echo json_encode($results);
\Core::shutdown(array('jobs' => true));
}
public function on_start()
{
$c = Page::getByPath('/dashboard/blocks/stacks');
$cp = new Permissions($c);
if ($cp->canViewPage()) {
$c = Page::getCurrentPage();
$pcp = new Permissions($c);
if (!$pcp->canViewPageVersions() || $_GET['vtask'] != 'view_versions' && $_GET['vtask'] != 'compare') {
$cID = $c->getCollectionID();
$this->redirect('/dashboard/blocks/stacks', 'view_details', $cID);
} else {
$this->theme = 'dashboard';
}
} else {
global $c;
// ugh
$v = View::getInstance();
$c = new Page();
$c->loadError(COLLECTION_NOT_FOUND);
$v->setCollectionObject($c);
$this->c = $c;
$cont = Loader::controller("/page_not_found");
$v->setController($cont);
$v->render('/page_not_found');
}
}
public function action_post() {
// happens through ajax
$pagetype = PageType::getByID($this->ptID);
if (is_object($pagetype) && $this->enableNewTopics) {
$ccp = new Permissions($pagetype);
if ($ccp->canAddPageType()) {
$pagetypes = $pagetype->getPageTypeComposerPageTypeObjects();
$ctTopic = $pagetypes[0];
$c = Page::getCurrentPage();
$e = $pagetype->validatePublishRequest($ctTopic, $c);
$r = new PageTypePublishResponse($e);
if (!$e->has()) {
$d = $pagetype->createDraft($ctTopic);
$d->setPageDraftTargetParentPageID($c->getCollectionID());
$d->saveForm();
$d->publish();
$nc = Page::getByID($d->getCollectionID(), 'RECENT');
$link = Loader::helper('navigation')->getLinkToCollection($nc, true);
$r->setRedirectURL($link);
}
$r->outputJSON();
}
}
exit;
}
public function indexAction()
{
$this->view->breadcrumb = Snep_Breadcrumb::renderPath(array($this->view->translate("Status"), $this->view->translate("System Logs")));
$config = Zend_Registry::get('config');
include $config->system->path->base . "/inspectors/Permissions.php";
$test = new Permissions();
$response = $test->getTests();
$form = new Snep_Form(new Zend_Config_Xml('./modules/default/forms/logs.xml', 'general', true));
$form->setAction($this->getFrontController()->getBaseUrl() . '/logs/view');
$locale = Snep_Locale::getInstance()->getLocale();
$now = Zend_Date::now();
if ($locale == 'en_US') {
$now = $now->toString('YYYY-MM-dd HH:mm');
} else {
$now = $now->toString('dd/MM/YYYY HH:mm');
}
$initDay = $form->getElement('init_day');
$initDay->setValue($now);
$endDay = $form->getElement('end_day');
$endDay->setValue($now);
$status = $form->getElement('status');
$status->setValue('ALL');
$realtime = $form->getElement('real_time');
$realtime->setValue('no');
$submit = $form->getElement("submit");
$submit->setLabel("Log Search");
$this->initLogFile();
$this->view->form = $form;
}
public static function from_idmobject()
{
$perm = new Permissions();
$grant = array();
if (\IDMObject::authZ('role', 'tcert')) {
$grant[] = 'tcert';
}
if (\IDMObject::authz('permission', 'tcert_admin')) {
$grant[] = 'admin';
}
if (\IDMObject::authz('permission', 'tcert_gatesystem_ug')) {
$grant[] = 'gatesystem_ug';
}
if (\IDMObject::authz('permission', 'tcert_gatesystem_gr')) {
$grant[] = 'gatesystem_gr';
}
if (\IDMObject::authz('permission', 'mis')) {
$grant[] = 'superadmin';
}
if (\IDMObject::authz('role', 'faculty')) {
$grant[] = 'faculty';
}
$perm->grant($grant);
$perm->pidm = $_SESSION['pidm'];
return $perm;
}
public function preview()
{
$request = \Request::getInstance();
$c = \Page::getByID($this->request->get('cID'));
$cp = new \Permissions($c);
if ($cp->canViewPageVersions()) {
$c->loadVersionObject(\Core::make('helper/security')->sanitizeInt($_REQUEST['cvID']));
$spoofed_request = \Request::createFromGlobals();
if ($device_handle = $request->headers->get('x-device-handle')) {
if ($device = \Core::make('device/manager')->get($device_handle)) {
if ($agent = $device->getUserAgent()) {
$spoofed_request->headers->set('User-Agent', $agent);
}
}
}
$spoofed_request->setCustomRequestUser(-1);
$spoofed_request->setCurrentPage($c);
\Request::setInstance($spoofed_request);
$controller = $c->getPageController();
$controller->runTask('view', array());
$view = $controller->getViewObject();
$response = new \Response();
$content = $view->render();
// Reset just in case.
\Request::setInstance($request);
$response->setContent($content);
$response->send();
exit;
}
}
function create($aData)
{
try {
$sCode = $aData['PER_CODE'];
$oCriteria = new Criteria('rbac');
$oCriteria->add(PermissionsPeer::PER_CODE, $sCode);
$oDataset = PermissionsPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
$aRow = $oDataset->getRow();
if (is_array($aRow)) {
return 1;
}
$aData['PER_UID'] = G::generateUniqueID();
$aData['PER_CODE'] = $aData['PER_CODE'];
$aData['PER_CREATE_DATE'] = date('Y-m-d H:i:s');
$aData['PER_UPDATE_DATE'] = $aData['PER_CREATE_DATE'];
$aData['PER_STATUS'] = 1;
$oPermission = new Permissions();
$oPermission->fromArray($aData, BasePeer::TYPE_FIELDNAME);
$iResult = $oPermission->save();
return $aData['PER_UID'];
} catch (Exception $oError) {
throw $oError;
}
}
public function create_entry($id = null, $owner_entry_id = null)
{
$r = $this->entityManager->getRepository('\\Concrete\\Core\\Entity\\Express\\Entity');
$entity = $r->findOneById($id);
if (!is_object($entity)) {
$this->redirect('/dashboard/express/entries');
}
if ($owner_entry_id) {
$r = $this->entityManager->getRepository('\\Concrete\\Core\\Entity\\Express\\Entry');
$entry = $r->findOneById($owner_entry_id);
}
$permissions = new \Permissions($entity);
if (!$permissions->canAddExpressEntries()) {
throw new \Exception(t('You do not have access to add entries of this entity type.'));
}
$this->set('entity', $entity);
$form = $entity->getDefaultEditForm();
if (is_object($entry) && $entry->getEntity() == $entity->getOwnedBy()) {
$form = new OwnedEntityForm($form, $entry);
$this->set('backURL', $this->getViewEntryURL($entry));
} else {
$this->set('backURL', $this->getBackURL($entity));
}
$renderer = \Core::make('Concrete\\Core\\Express\\Form\\StandardFormRenderer', ['form' => $form]);
$this->set('renderer', $renderer);
$this->render('/dashboard/express/entries/create', false);
}
protected function canAccess()
{
$tree = $this->getTree();
$node = $tree->getRootTreeNodeObject();
$np = new \Permissions($node);
return $np->canViewTreeNode();
}
protected function canAccess()
{
list($sourceNodes, $destNode) = $this->getNodes();
if (is_object($destNode)) {
$dp = new \Permissions($destNode);
return $dp->canAddTreeSubNode();
}
}
public function submit()
{
if ($this->validateAction()) {
$post = $this->request->request->all();
foreach ($post as $key => $value) {
if (preg_match('/fsID:/', $key)) {
$id = explode(':', $key);
$fsID = $id[1];
$fs = Set::getByID($fsID);
$fsp = new \Permissions($fs);
foreach ($this->files as $file) {
if ($fsp->canAddFile($file)) {
switch ($value) {
case '0':
if ($file->inFileSet($fs)) {
$fs->removeFileFromSet($file);
}
break;
case '1':
// do nothing
break;
case '2':
$fs->addFileToSet($file);
break;
}
}
}
}
}
$fsNew = $this->request->request->get('fsNew');
$fsNewShare = $this->request->request->get('fsNewShare');
if (is_array($fsNew)) {
foreach ($fsNew as $i => $name) {
if ($name) {
foreach ($this->files as $file) {
$type = $fsNewShare[$i] == 1 ? Set::TYPE_PUBLIC : Set::TYPE_PRIVATE;
$fs = Set::createAndGetSet($fsNew[$i], $type);
$fs->addFileToSet($file);
}
}
}
}
$sets = array();
foreach ($this->files as $file) {
foreach ($file->getFileSets() as $set) {
$o = $set->getJSONObject();
if (!in_array($o, $sets)) {
$sets[] = $o;
}
}
}
$response = new EditResponse();
$response->setFiles($this->files);
$response->setAdditionalDataAttribute('sets', $sets);
$response->setMessage(t('File sets updated successfully.'));
$response->outputJSON();
}
}
public function canAccess()
{
if (!Config::get('concrete.updates.enable_permissions_protection')) {
return true;
// we have turned this off temporarily which means anyone even non-logged-in users can run update.
}
$p = new \Permissions();
return $p->canUpgrade();
}
public function canAccess()
{
if (ENABLE_UPDATE_PERMISSIONS_PROTECTION === false) {
return true;
// we have turned this on temporarily which means anyone even non-logged-in users can run update.
}
$p = new \Permissions();
return $p->canUpgrade();
}
public function getTreeNodeJSON()
{
$obj = parent::getTreeNodeJSON();
if (is_object($obj)) {
$p = new \Permissions($this);
$obj->canAddTopicTreeNode = $p->canAddTopicTreeNode();
return $obj;
}
}
public function canDeletePage() {
if ($this->object->isExternalLink()) {
// then whether the person can delete/write to this page ACTUALLY dependent on whether the PARENT collection
// is writable
$cParentCollection = Page::getByID($this->object->getCollectionParentID(), "RECENT");
$cp2 = new Permissions($cParentCollection);
return $cp2->canAddExternalLink();
}
return $this->validate('delete_page');
}
public function __construct(Category $category)
{
parent::__construct($category);
$p = new \Permissions($category);
if ($p->canAddCategoryTreeNode()) {
$this->addItem(new AddCategoryItem($category));
}
if ($p->canAddTopicTreeNode()) {
$this->addItem(new AddTopicItem($category));
}
if ($p->canEditTreeNode()) {
$this->addItem(new EditCategoryItem($category));
}
if ($p->canDuplicateTreeNode()) {
$this->addItem(new CloneItem($category));
}
if ($p->canEditTreeNodePermissions() || $p->canDeleteTreeNode()) {
$this->addItem(new DividerItem());
}
if ($p->canEditTreeNodePermissions()) {
$this->addItem(new EditPermissionsItem($category));
}
if ($p->canDeleteTreeNode()) {
$this->addItem(new DeleteItem($category));
}
}
/**
* @todo Make this dependent on conversation-specific permissions.
*/
public function canViewConversation()
{
$conversation = $this->getPermissionObject();
if (is_object($conversation)) {
$c = $conversation->getConversationPageObject();
if (is_object($c) && !$c->isError()) {
$cp = new \Permissions($c);
return $cp->canViewPage();
}
}
}
/**
* Checks to see if the page in question is a valid composer draft for the logged in user
*/
protected static function isValidComposerPage($entry) {
$ct = CollectionType::getByID($entry->getCollectionTypeID());
if (!$ct->isCollectionTypeIncludedInComposer()) {
return false;
}
$cp = new Permissions($entry);
if (!$cp->canEditPageContents()) {
return false;
}
return true;
}
public function checkPermissions($mixed)
{
if (isset($this->permissionsChecker)) {
if ($this->permissionsChecker === -1) {
return true;
} else {
return call_user_func_array($this->permissionsChecker, array($mixed));
}
}
$fp = new \Permissions($mixed);
return $fp->canViewFile();
}
public function getJSON()
{
$c = \Page::getByPath('/dashboard/express/entities');
$cp = new \Permissions($c);
if (!$cp->canViewPage()) {
throw new \Exception(t('Access Denied.'));
}
$entries = $this->getRequestEntries();
$data = array();
$data['entries'] = $entries;
return new JsonResponse($data);
}
public function delete()
{
$db = Loader::db();
$blocks = $this->getAreaBlocksArray();
foreach ($blocks as $b) {
$bp = new \Permissions($b);
if ($bp->canDeleteBlock()) {
$b->deleteBlock();
}
}
$db->Execute('delete from Areas where arID = ?', array($this->arID));
}
public function view() {
$categories = array();
$c = Page::getCurrentPage();
$children = $c->getCollectionChildrenArray(true);
foreach($children as $cID) {
$nc = Page::getByID($cID, 'ACTIVE');
$ncp = new Permissions($nc);
if ($ncp->canRead() && (!$nc->getAttribute('exclude_nav'))) {
$categories[] = $nc;
}
}
$this->set('categories', $categories);
}
protected static function isValidStack($stack) {
$parent = Page::getByPath(STACKS_PAGE_PATH);
if ($stack->getCollectionParentID() != $parent->getCollectionID()) {
return false;
}
$as = Area::get($stack, STACKS_AREA_NAME);
$asp = new Permissions($as);
if (!$asp->canRead()) {
return false;
}
return true;
}
public function validatePublishLocationRequest(Page $target = null)
{
$e = Core::make('error');
if (!is_object($target) || $target->isError()) {
$e->add(t('You must choose a page to publish this page beneath.'));
} else {
$ppc = new \Permissions($target);
if (!$ppc->canAddSubCollection($this->getPageTypeObject())) {
$e->add(t('You do not have permission to publish a page in this location.'));
}
}
return $e;
}
public function view_inline($fID)
{
$file = File::getByID($fID);
$fp = new Permissions($file);
if (!$fp->canRead()) {
return false;
}
$mimeType = $file->getMimeType();
$fc = Loader::helper('file');
$contents = $fc->getContents($file->getPath());
header("Content-type: {$mimeType}");
print $contents;
exit;
}