function smarty_block_canEdit($params, $content, &$smarty, &$repeat) { $group = $params['target']->group(); if (S::user()->hasRights($group, Rights::admin()) || S::user()->isWeb()) { return $content; } }
function handler_ajax_modify($page) { S::assert_xsrf_token(); if (!S::user()->hasRights(Group::from('qdj'), Rights::admin())) { return PL_FORBIDDEN; } $qdj = new QDJ(Json::i('id')); $page->jsonAssign('success', false); if (Json::has('date')) { $date = Json::t('date'); if (!$date) { $qdj->date(false); $page->jsonAssign('success', true); } else { try { $qdj->date(new FrankizDateTime($date)); $page->jsonAssign('success', true); } catch (Exception $e) { } } } else { if (Json::has('delete')) { if (Json::b('delete')) { $qdj->delete(); $page->jsonAssign('success', true); } } } return PL_JSON; }
function smarty_function_origin_picker($params, &$smarty) { $gf = new GroupFilter(new PFC_And(new PFC_Not(new GFC_Namespace(Group::NS_USER)), new GFC_User(S::user(), Rights::admin())), new GFO_Score()); $gs = $gf->get(); if ($params['not_only_admin']) { $gfo = new GroupFilter(new PFC_And(new GFC_Namespace(array(Group::NS_BINET, Group::NS_FREE)), new GFC_User(S::user(), Rights::restricted())), new GFO_Score()); $gso = $gfo->get()->diff($gs); $temp = new Collection(); $temp->merge($gs)->merge($gso); $temp->select(GroupSelect::base()); $smarty->assign('not_admin', $gso); } else { $gs = $gf->get()->select(GroupSelect::base()); } $smarty->assign($params['out'], $gs); }
function smarty_function_target_picker($params, &$smarty) { // Get user groups $everybody_groups = S::user()->castes(Rights::everybody())->groups(); // Get Frankiz special groups $fkz = new Collection('Group'); $fkz->add(array('everybody', 'public')); $fkz->select(new GroupSelect(array('description'))); // BDE, study and promo groups $study_groups = $everybody_groups->filter('ns', Group::NS_BDE); $study_groups->merge($everybody_groups->filter('ns', Group::NS_PROMO)); $study_groups->merge($everybody_groups->filter('ns', Group::NS_STUDY)); // Get all groups user is admin, without the user one $gs = S::user()->castes(Rights::admin())->groups(); $gs->diff($fkz); $gs->filter(function ($g) { return $g->ns() != Group::NS_USER; }); if ($params['even_only_friend']) { $gfo = new GroupFilter(new PFC_And(new GFC_Namespace(array(Group::NS_BINET, Group::NS_FREE)), new GFC_User(S::user(), Rights::everybody())), new GFO_Score()); $gso = $gfo->get()->diff($gs)->diff($fkz); $temp = new Collection(); $temp->merge($gs)->merge($gso); $temp->select(GroupSelect::base()); $smarty->assign('only_friend', $gso); $temp = new Collection(); $temp->merge($gs)->merge($fkz)->merge($gso); $temp->select(GroupSelect::base()); } else { $temp = new Collection(); $temp->merge($gs)->merge($fkz); $temp->select(GroupSelect::base()); } $smarty->assign($params['user_groups'], $gs); $smarty->assign($params['fkz_groups'], $fkz); $smarty->assign($params['study_groups'], $study_groups); $smarty->assign($params['own_group'], S::user()->group()); }
function handler_remote($page) { global $globals, $platal; if (!(Env::has('timestamp') && Env::has('site') && Env::has('hash') && Env::has('request'))) { $page->trigError("Requête non valide"); return; } // Read request $timestamp = Env::s('timestamp'); if (abs($timestamp - time()) > $globals->remote->lag) { $page->trigError("Delai d'attente dépassé"); return; } $site = Env::s('site'); $request = Env::s('request'); // Load remote information try { $remote = Remote::from(Env::s('site')); $remote->select(RemoteSelect::groups()); } catch (ItemNotFoundException $e) { $page->trigError("Ton site n'est pas renseigné dans la base de données"); return; } // Check request if (md5($timestamp . $site . $remote->privkey() . $request) != Env::s('hash')) { $page->trigError("Erreur de validation de la requête d'authentification"); return; } $request = json_decode($request, true); // Force login $user = Platal::session()->doAuthWithoutStart(AUTH_COOKIE); if (empty($user)) { $page->assign('remote_site', $remote->label()); $platal->force_login($page); return PL_FORBIDDEN; } // Build response $response = array('uid' => $user->id()); if ($remote->hasRight('names') && in_array('names', $request)) { $response['hruid'] = $user->login(); $response['firstname'] = $user->firstname(); $response['lastname'] = $user->lastname(); $response['nickname'] = $user->nickname(); } if ($remote->hasRight('email') && in_array('email', $request)) { $response['email'] = $user->email(); } if ($remote->hasRight('rights') && in_array('rights', $request)) { $r = array(); foreach ($remote->groups() as $g) { $r[$g->name()] = array_map(function ($r) { return (string) $r; }, $user->rights($g)); } if (!empty($r)) { $response['rights'] = $r; } } if ($remote->hasRight('sport') && in_array('sport', $request)) { $groups = $user->castes()->groups(); $group = $groups->filter('ns', Group::NS_SPORT)->first(); if ($group) { $response['sport'] = $group->label(); } } if ($remote->hasRight('promo') && in_array('promo', $request)) { $groups = $user->castes()->groups()->filter('ns', Group::NS_PROMO); $groups = $groups->remove(Group::from('on_platal')); // Extract promos from group labels // For backward compatibility, compute the minimal promo year $promo = 0; $promos = array(); foreach ($groups as $g) { $matches = array(); if (preg_match('/^promo_([a-z_]+)([1-9][0-9]{3})$/', $g->name(), $matches)) { $promos[] = $matches[1] . $matches[2]; $year = (int) $matches[2]; if (!$promo || $year < $promo) { $promo = $year; } } } if ($promo) { $response['promo'] = $promo; $response['promos'] = $promos; } } if ($remote->hasRight('photo') && in_array('photo', $request)) { $img = $user->photo(); if ($img === false) { $img = $user->original(); } if ($img !== false) { $response['photo'] = $globals->baseurl . '/' . $img->src('full'); } } if ($remote->hasRight('binets_admin') && in_array('binets_admin', $request)) { $gf = new GroupFilter(new PFC_And(new GFC_User($user, Rights::admin()), new GFC_Namespace('binet'))); $gs = $gf->get(); if ($gs->count() > 0) { $gs->select(GroupSelect::base()); $r = array(); foreach ($gs as $g) { $r[$g->name()] = $g->label(); } if (!empty($r)) { $response['binets_admin'] = $r; } } } // Send response $response = json_encode($response); $location = Env::s('location'); header('Location: ' . $site . '?location=' . $location . '×tamp=' . $timestamp . '&response=' . $response . '&hash=' . md5($timestamp . $remote->privkey() . $response)); }
function handler_ajax_modify($page, $type) { $json = json_decode(Env::v('json')); if ($type == 'instance') { $id = $json->admin_id; $ai = new ActivityInstance($id); $ai->select(ActivityInstanceSelect::base()); if (!S::user()->hasRights($ai->target()->group(), Rights::admin())) { throw new Exception("Invalid credentials"); } S::assert_xsrf_token(); try { $begin = new FrankizDateTime($json->begin); $end = new FrankizDateTime($json->end); if ($ai->regular()) { $ai->comment($json->activity_comment); $ai->begin($begin); $ai->end($end); } else { $ai->begin($begin); $ai->end($end); $a = $ai->activity(); $a->title($json->title); $a->description($json->activity_description); } $page->jsonAssign('success', true); } catch (Exception $e) { $page->jsonAssign('success', false); } } else { if ($type == 'regular') { $id = $json->aid; $a = new Activity($id); $a->select(ActivitySelect::base()); if (!S::user()->hasRights($a->target()->group(), Rights::admin())) { throw new Exception("Invalid credentials"); } S::assert_xsrf_token(); if (preg_match('`^\\d{2}:\\d{2}:\\d{2}$`', $json->begin) && strtotime($json->begin) !== false && preg_match('`^\\d{2}:\\d{2}:\\d{2}$`', $json->end) && strtotime($json->end) !== false) { $a->title($json->title); $a->description($json->activity_description); $key = 'days[]'; $days = unflatten($json->{$key}); $a->days(implode(',', $days)); $a->default_begin($json->begin); $a->default_end($json->end); $page->jsonAssign('success', true); } else { $page->jsonAssign('success', false); } } } return PL_JSON; }
* $c = new Caste(12142); $c->userfilter('{"type":"user","condition":{"type":"caste","children":[12001,12002]}}'); * Use $c->userfilter(false) to remove a Userfilter */ require_once dirname(__FILE__) . '/../connect.db.inc.php'; //$available_rights = Rights::rights(); $available_rights = array('admin', 'logic', 'member', 'friend', 'restricted', 'everybody'); // Get webmaster caste $ufc_web = new UFC_Group(Group::from('webmasters'), Rights::member()); // Get kes admins $ufc_kes = new UFC_Group(Group::from('kes'), Rights::admin()); // Shalom-CCX-AMEP $shccxamep_groups = new Collection(); $shccxamep_groups->add(Group::from('shalom')); $shccxamep_groups->add(Group::from('ccx')); $shccxamep_groups->add(Group::from('amep')); $ufc_shalom_ccx_amep = new UFC_Group($shccxamep_groups, Rights::admin()); unset($shccxamep_groups); // licenses members = on_platal and X $ufc_licenses = new PFC_And(array(new UFC_Group(Group::from('formation_x'), Rights::restricted()), new UFC_Group(Group::from('on_platal'), Rights::restricted()))); // Get formations $formations = array(); foreach (Formation::selectAll(FormationSelect::base()) as $form) { $formations[$form->abbrev()] = intval($form->id()); } // Test wether the userfilter which is in the database is the expected one function test_userfilters($grouptext, $rights, $db_caste, $expected_condition = null) { $castetext = $rights . " userfilter (caste " . $db_caste->id() . ")"; $db_userfilter = $db_caste->userfilter(); if (is_null($expected_condition)) { if ($db_userfilter) {
public function insert($id = null) { if ($id == null) { XDB::execute('INSERT INTO account SET perms = "user"'); $this->id = XDB::insertId(); } else { XDB::execute('INSERT INTO account SET uid = {?}, perms= "user"', $id); $this->id = $id; } $group = new Group(); $group->insert(null, 'user'); $group->ns(Group::NS_USER); $group->name('user_' . $this->id()); $group->leavable(false); $group->visible(false); $group->label('Groupe personnel de ' . $this->fullName()); XDB::execute('UPDATE account SET `group` = {?} WHERE uid = {?}', $group->id(), $this->id()); $group->caste(Rights::admin())->addUser($this); $group->caste(Rights::restricted())->addUser($this); $this->group = $group; }
function handler_mail($page) { $subject = Env::t('subject', ''); $body = Env::t('mail_body', ''); $no_wiki = Env::has('no_wiki'); // Retrieve the years on_platal of each formation $formations = Formation::selectAll(FormationSelect::on_platal()); if (Env::has('send')) { try { $required_fields = array('subject' => 'Il faut donner un sujet à ton mail', 'mail_body' => 'Tu ne veux pas envoyer de mail vide à tous. Si ?'); foreach ($required_fields as $field => $msg) { if (Env::v($field, '') == '') { throw new Exception($msg); } } if (Env::t('origin_mail_proposal') == 'false') { $origin = false; } else { $origin = new Group(Env::i('origin_mail_proposal')); } if ($origin !== false && !S::user()->hasRights($origin, Rights::admin())) { throw new Exception("Invalid credentials for origin Group"); } if (Env::t('type_mail_proposal') == 'group') { // Mail to a group list($temp, $target_group) = self::target_picker_to_caste_group('mail'); $target = new Collection('Caste'); $target->add($temp); $target_group->select(GroupSelect::validate()); $nv = new MailValidate(array('writer' => S::user(), 'type_mail' => Env::t('type_mail_proposal'), 'origin' => $origin, 'targets' => $target, 'subject' => $subject, 'body' => $body, 'nowiki' => $no_wiki, 'formation' => $target_group)); $el = new Validate(array('item' => $nv, 'group' => $target_group, 'writer' => S::user(), 'type' => 'mail')); $el->insert(); } elseif (Env::t('type_mail_proposal') == 'promo') { // Target group is a Collection of formation groups, which validate requests $target_group = new Collection('Group'); // Group promos by formation $promos = unflatten(Env::v('promos')); $promosByFormation = array(); foreach ($promos as $formation_promo) { $formation_promo = trim($formation_promo); if (!$formation_promo) { continue; } if (!preg_match('/^([0-9]+)_([0-9]+)$/', $formation_promo, $matches)) { throw new Exception("Oops, mauvais format de destinataire."); } $formid = (int) $matches[1]; $promo = (int) $matches[2]; if (isset($promosByFormation[$formid])) { $promosByFormation[$formid][] = $promo; } else { $promosByFormation[$formid] = array($promo); } } if (empty($promosByFormation)) { throw new Exception("Il faut indiquer au moins un destinataire."); } foreach ($promosByFormation as $formid => $promos) { // Now, $promos are the list of promos of formation $formid $form = $formations->get($formid); // Study group are the people the mail is sent to, array of CasteFilterCondition $cfc_study_groups = array(); foreach ($promos as $promo) { if (!$form->hasPlatalYear($promo)) { throw new Exception("Mauvaise promo " . $promo . " pour " . $form->label() . "."); } $cfc_study_groups[] = new CFC_Group($form->getGroupForPromo($promo), Rights::restricted()); } $target = new CasteFilter(new PFC_Or($cfc_study_groups)); $target = $target->get(); $target->select(CasteSelect::validate()); // $target_group is the group which validates this email $target_group = $form->getGroup(); $target_group->select(GroupSelect::validate()); $nv = new MailValidate(array('writer' => S::user(), 'type_mail' => Env::t('type_mail_proposal'), 'origin' => $origin, 'targets' => $target, 'subject' => $subject, 'body' => $body, 'nowiki' => $no_wiki, 'formation' => $target_group)); $el = new Validate(array('item' => $nv, 'group' => $target_group, 'writer' => S::user(), 'type' => 'mail')); $el->insert(); } } $page->assign('envoye', true); } catch (Exception $e) { $page->trigError($e->getMessage()); } } $page->assign('subject', $subject); $page->assign('body', $body); $page->assign('nowiki', $no_wiki); $page->assign('formations', $formations); $page->assign('title', 'Envoi des mails'); $page->addCssLink('validate.css'); $page->changeTpl('validate/prop.mail.tpl'); }
public function insert($id = null, $type = 'all') { if ($id == null) { $this->name = uniqid(); XDB::execute('INSERT INTO groups SET name = {?}', $this->name); $this->id = XDB::insertId(); } else { $this->name = 'g_' . $id; XDB::execute('INSERT INTO groups SET gid = {?}, name= {?}', $id, $this->name); $this->id = $id; } /* * Create the castes */ if ($type == 'user') { // A user group only needs an admin caste & a restricted caste. $this->addCaste(Rights::admin()); $this->addCaste(Rights::restricted()); } else { $admins = $this->addCaste(Rights::admin()); $members = $this->addCaste(Rights::member()); $logics = $this->addCaste(Rights::logic()); $friends = $this->addCaste(Rights::friend()); /* * Create the 'restricted' caste */ $restricted = new UserFilter(new UFC_Caste(array($admins, $members, $logics))); $this->addCaste(Rights::restricted())->userfilter($restricted); /* * Create the 'everybody' caste * It's better not to refer to the restricted caste, as we don't know in what * order the bubbling is going to happen */ $everybody = new UserFilter(new UFC_Caste(array($admins, $members, $logics, $friends))); $this->addCaste(Rights::everybody())->userfilter($everybody); } }
public function run() { $skin = $this->load_skin(); $this->assign('skin', S::v('skin')); $user = S::user(); $this->assign('user', $user); $this->assign('logged', !is_null($user) && S::logged()); // Remote IP $this->assign('remip', IPAddress::getInstance()); $this->assign('MiniModules_COL_FLOAT', FrankizMiniModule::get(S::user()->minimodules(FrankizMiniModule::COL_FLOAT))); $this->addCssLink(FrankizMiniModule::batchCss()); // Enable JSON loading of the module only if (Env::has('solo')) { $this->jsonAssign('content', $this->raw()); $this->jsonAssign('title', $this->get_template_vars('title')); $this->jsonAssign('pl_css', $this->get_template_vars('pl_css')); $this->jsonAssign('pl_js', $this->get_template_vars('pl_js')); $this->runJSon(); } else { $this->assign('quick_validate', array()); if (S::user()->castes(Rights::admin())->count() > 0) { $validate_filter = new ValidateFilter(new VFC_User(S::user())); $validates = $validate_filter->get()->select(ValidateSelect::quick()); $quick_validate = $validates->split('group'); $this->assign('quick_validate', $quick_validate); } $request_filter = new ValidateFilter(new VFC_Writer(S::user())); $requests = $request_filter->get()->select(ValidateSelect::quick()); $this->assign('self_url', pl_self()); $this->assign('quick_requests', $requests); $this->_run(self::getTplPath('frankiz.tpl')); } }
$temp->name('temp'); $temp->label('Temporary'); $temp->external(0); $temp->leavable(0); $temp->visible(0); // Admins(temp) = Members(webmasters) $temp->caste(Rights::admin())->userfilter(new UserFilter(new UFC_Group($webmasters, Rights::member()))); $g = new Group(); $g->insert(); $g->name('qdj'); $g->ns(Group::NS_FREE); $g->label('Question Du Jour'); $g->external(0); $g->leavable(0); $g->visible(1); // Admins(qdj) = Members(webmasters) the time of the conversion $g->caste(Rights::admin())->userfilter(new UserFilter(new UFC_Group($webmasters, Rights::member()))); $g = new Group(); $g->insert(); $g->name('postit'); $g->label('Post-It'); // Admins(postit) = Members(webmasters) the time of the conversion $g->caste(Rights::admin())->userfilter(new UserFilter(new UFC_Group($webmasters, Rights::member()))); $g = new Group(); $g->insert(); $g->name('licenses'); $g->label('Licenses'); // Admins(postit) = Members(webmasters) the time of the conversion $g->caste(Rights::admin())->userfilter(new UserFilter(new UFC_Group($webmasters, Rights::member()))); echo "Added Fkz Microcosmos \n"; // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
public function buildCondition(PlFilter $f) { $c = $f->addCasteFilter(); $cu = $f->addUserFilter(); return XDB::format("{$c}.rights = {?} AND {$cu}.uid IN {?}", (string) Rights::admin(), $this->uids); }
function handler_group_insert($page) { $group = new Group(); $group->insert(); $group->caste(Rights::admin())->addUser(S::user()); S::logger()->log("groups/insert", array('gid' => $group->id())); pl_redirect('groups/admin/' . $group->id()); }
function handler_validate($page, $gid = null, $vid = null) { $page->assign('msg', ''); $gf = new GroupFilter(new PFC_Or(new GFC_Id($gid), new GFC_Name($gid))); $group = $gf->get(true); if (!$group) { throw new Exception("This Group (' . {$gid} . ') doesn't exist"); } $group->select(GroupSelect::base()); if (!S::user()->hasRights($group, Rights::admin())) { throw new Exception("You don't have the credential to validate request in this group"); } $filter = new ValidateFilter(new VFC_Group($group)); $collec = $filter->get()->select(ValidateSelect::validate()); if (Env::has('val_id')) { $el = $collec->get(Env::v('val_id')); if (!$el) { $page->assign('msg', 'La validation a déjà été effectuée.'); } else { if (Env::has('accept') || Env::has('delete')) { S::logger()->log('admin/validate', array('type' => $el->type(), 'writer' => $el->writer()->id(), 'group' => $el->group()->id(), 'created' => $el->created()->toDb(), 'valid' => Env::has('accept'), 'item' => $el->itemToDb())); } if ($el->handle_form() && (Env::has('accept') || Env::has('delete'))) { $collec->remove(Env::v('val_id')); } } } $page->assign('validation', is_null($vid) ? 0 : $vid); $page->assign('isEdition', false); $page->assign('gid', $gid); $page->assign('group', $group); $page->assign('val', $collec); $page->addCssLink('validate.css'); $page->addCssLink('surveys.css'); $page->assign('title', "Validations des requêtes"); $page->changeTpl('validate/validate.tpl'); }
function handler_admin($page, $nid = false) { $news = News::fromId($nid); if ($news !== false) { $news->select(NewsSelect::news()); if (S::user()->hasRights($news->target()->group(), Rights::admin()) || S::user()->isWeb()) { if (Env::has('modify') || Env::has('delete')) { S::assert_xsrf_token(); } if (Env::has('modify')) { $news->title(Env::t('title')); $news->content(Env::t('news_content')); $news->begin(new FrankizDateTime(Env::t('begin'))); $news->end(new FrankizDateTime(Env::t('end'))); if (Env::has('reappear')) { $news->removeReadFlags(); } if (Env::has('image')) { $image = new ImageFilter(new PFC_And(new IFC_Id(Env::i('image')), new IFC_Temp())); $image = $image->get(true); if (!$image) { throw new Exception("This image doesn't exist anymore"); } $image->select(FrankizImageSelect::caste()); $image->label($news->title()); $image->caste($news->target()); $news->image($image); } $page->assign('msg', "L'annonce a été modifiée."); } if (Env::has('delete')) { $news->delete(); $page->assign('delete', true); } } } $page->assign('news', $news); $page->assign('isEdition', true); $page->assign('title', "Modifier l'annonce"); $page->addCssLink('validate.css'); $page->changeTpl('news/admin.tpl'); }
$i->image($upload, false); $g->image($i); } // Update formations $formations = Formation::selectAll(FormationSelect::base()); foreach ($formations as $form) { // Update group $f = new UserFilter(new UFC_Study(new Formation($form->id()))); $g = update_group('formation_' . $form->abbrev(), $form->label(), Group::NS_STUDY, $f); $g->description($form->description()); // Admin caste if ($form->abbrev() == 'x') { $c = $g->caste(Rights::admin()); $c->select(CasteSelect::base()); if (!$c->userfilter()) { $uf_kes = new UserFilter(new UFC_Group(Group::from('kes'), Rights::admin())); $c->userfilter($uf_kes); } } } // Update promotions $iter = XDB::iterRow('SELECT promo FROM studies GROUP BY promo ORDER BY promo'); while (list($promo) = $iter->next()) { $f = new UserFilter(new UFC_Promo($promo, '=')); $g = update_group('promo_' . $promo, $promo, Group::NS_PROMO, $f); create_promo_image($g, $promo); } // Update promotions by formation $iter = XDB::iterRow('SELECT s.promo, s.formation_id, f.abbrev, f.label FROM studies AS s LEFT JOIN formations AS f ON (f.formation_id = s.formation_id)
public function export($bits = null) { $a = parent::export($bits); $a['aid'] = $this->activity->id(); $a['writer'] = array('displayName' => $this->writer->displayName(), 'id' => $this->writer->id(), 'login' => $this->writer->login(), 'photo' => $this->writer->image()->src('micro')); $a['target'] = array('name' => $this->activity->target_group()->name(), 'label' => $this->activity->target_group()->label()); if ($this->activity->origin() != false) { $a['origin'] = array('name' => $this->activity->origin()->name(), 'label' => $this->activity->origin()->label()); if ($this->activity->origin()->image() != false) { $a['origin']['image'] = $this->activity->origin()->image()->src('micro'); } } $a['title'] = $this->activity->title(); $a['description'] = MiniWiki::wikiToHTML($this->activity->description(), false); $a['comment'] = MiniWiki::wikiToHTML($this->comment, false); $a['begin'] = $this->begin->format("m/d/Y H:i"); $a['end'] = $this->end->format("m/d/Y H:i"); $a['participants'] = array(); foreach ($this->participants as $user) { $a['participants'][$user->id()] = array('displayName' => $user->displayName(), 'id' => $user->id()); if ($user->id() == s::user()->id()) { $a['participate'] = true; } } if (!isset($a['participate'])) { $a['participate'] = false; } $a['regular'] = $this->regular(); $a['canEdit'] = S::user()->hasRights($this->activity->target()->group(), Rights::admin()); $a['isWriter'] = S::user()->id() == $this->writer->id(); return $a; }