/**
* generates proper text for confirmation question and removes range_id from news
*
*
* @param $remove_array array with $news_id as key and array of range_ids as value
* @param string $range_id
* @return string text for confirmation question or empty string after removal
*/
function remove_news($remove_array)
{
$confirmed = false;
$question_text = array();
if (!is_array($remove_array)) {
return false;
}
if (Request::submitted('yes') and Request::isPost()) {
CSRFProtection::verifySecurityToken();
$confirmed = true;
}
foreach ($remove_array as $news_id => $ranges) {
$remove_news = new StudipNews($news_id);
$remove_news_title = $remove_news->getValue('topic');
if (!is_array($ranges)) {
$ranges = array($ranges);
}
// should we delete news completely
if (count($ranges) == count($remove_news->getRanges())) {
$text = delete_news($news_id);
if ($text) {
$question_text[] = $text;
}
// or just remove range_id(s)?
} else {
$text = '';
if ($confirmed and !$remove_news->isNew() and count($ranges)) {
foreach ($ranges as $key => $range_id) {
if ($remove_news->havePermission('unassign', $range_id)) {
$remove_news->deleteRange($range_id);
} else {
unset($ranges[$key]);
PageLayout::postMessage(MessageBox::error(sprintf(_('Keine Berechtigung zum Entfernen der Ankündigung "%s" aus diesem Bereich.'), htmlReady($remove_news->getValue('topic')))));
}
if (count($ranges)) {
if (count($ranges) == 1) {
PageLayout::postMessage(MessageBox::success(sprintf(_('Ankündigung "%s" wurde aus dem Bereich entfernt.'), htmlReady($remove_news->getValue('topic')))));
} else {
PageLayout::postMessage(MessageBox::success(sprintf(_('Ankündigung "%s" wurde aus %s Bereichen entfernt.'), htmlReady($remove_news->getValue('topic')), count($ranges))));
}
$remove_news->store();
}
}
} elseif (!$confirmed) {
if (count($ranges) == 1) {
$text = sprintf(_('- Die Ankündigung "%s" wird aus dem aktiven Bereich entfernt. ' . 'Sie wird dadurch nicht endgültig gelöscht. Es wird nur die Zuordnung entfernt.'), $remove_news_title) . "\n";
} elseif (count($ranges) > 1) {
$text = sprintf(_('- Die Ankündigung "%s" wird aus den %s gewählten Bereichen entfernt. ' . 'Sie wird dadurch nicht endgültig gelöscht. Es werden nur die Zuordnungen entfernt.'), $remove_news_title, count($ranges)) . "\n";
}
}
if ($text) {
$question_text[] = $text;
}
}
}
if (count($question_text) > 1) {
return _('Wollen Sie die folgenden Aktionen jetzt ausführen?') . "\n" . implode($question_text);
} elseif (count($question_text) == 1) {
return _('Wollen Sie diese Aktion jetzt ausführen?') . "\n" . implode($question_text);
}
}
/**
* DEPRECATED
*/
public static function TouchNews($news_id, $touch_stamp = null)
{
$ret = false;
if (!$touch_stamp) {
$touch_stamp = time();
}
$news = new StudipNews($news_id);
if (!$news->isNew()) {
$news->setValue('date', mktime(0, 0, 0, strftime("%m", $touch_stamp), strftime("%d", $touch_stamp), strftime("%y", $touch_stamp)));
if (!$news->store()) {
$news->triggerChdate();
}
}
return $ret;
}
/**
*
**/
public function routes(&$router)
{
// Get news of a range id
$router->get('/news(/range/:range_id)', function ($range_id = false) use($router) {
$range_id = $range_id ?: $GLOBALS['user']->id;
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
$news = array_values(News::loadRange($range_id));
if ($router->compact()) {
$router->render(compact('news'));
return;
}
foreach ($news as $index => $n) {
if ($n['allow_comments']) {
$comments = $router->dispatch('get', '/news/:news_id/comments', $n['news_id']);
$news[$index]['comments'] = $comments['comments'];
}
}
$users = array_values(NewsRoute::extractUsers($news, $router));
$router->render(compact('news', 'users'));
})->conditions(array('range_id' => '(studip|[a-f0-9]{32})'));
// Create news for a specific range
$router->post('/news(/range/:range_id)', function () use($router) {
$range_id = $range_id ?: $GLOBALS['user']->id;
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
$title = trim(Request::get('title'));
if (empty($title)) {
$router->halt(406, 'No news title provided');
}
$body = trim(Request::get('body'));
if (empty($body)) {
$router->halt(406, 'No news body provided');
}
$news = new \StudipNews();
$news->user_id = $GLOBALS['user']->id;
$news->author = $GLOBALS['user']->getFullName();
$news->topic = $title;
$news->body = $body;
$news->date = time();
$news->expire = Request::int('expire', 2 * 7 * 24 * 60 * 60);
$news->allow_comments = Request::int('allow_comments', 0);
if (!$news->store()) {
$router->halt(501, 'Could not create news');
}
$news->addRange($range_id);
$news->storeRanges();
$router->render($router->dispatch('get', '/news/:news_id', $news->news_id), 201);
})->conditions(array('range_id' => '(studip|[a-f0-9]{32})'));
// Get news data
$router->get('/news/:news_id', function ($news_id) use($router) {
$news = News::load($news_id);
if (!$news) {
$router->halt(404, sprintf('News %s not found', $news_id));
}
if ($router->compact()) {
$router->render(compact('news'));
return;
}
$users = NewsRoute::extractUsers(array($news), $router);
if ($news['allow_comments']) {
$news['comments'] = reset($router->dispatch('get', '/news/:news_id/comments', $news_id));
}
$router->render(compact('news', 'users'));
});
// Update news
$router->put('/news/:news_id', function ($news_id) use($router) {
global $_PUT;
$news = new \StudipNews($news_id);
if (!$news) {
$router->halt(404, sprintf('News %s not found', $news_id));
}
/*
// TODO Check access
if (!Helper::UserHasAccessToRange($range_id)) {
$router->halt(403, sprintf('User may not access range %s', $range_id));
}
*/
if (isset($_PUT['title'])) {
$title = trim($_PUT['title']);
if (empty($title)) {
$router->halt(406, 'No news title provided');
}
$news->topic = $title;
}
if (isset($_PUT['body'])) {
$body = trim($_PUT['body']);
if (empty($body)) {
$router->halt(406, 'No news body provided');
}
$news->body = $body;
}
// date?
if (isset($_PUT['expire'])) {
$news->expire = $_PUT['expire'] ?: $news->expire;
}
if (isset($_PUT['allow_comments'])) {
$news->allow_comments = (int) $_PUT['allow_comments'];
}
if (!$news->store()) {
$router->halt(501, 'Could not update news');
}
$router->render($router->dispatch('get', '/news/:news_id', $news->news_id), 201);
});
// Delete news
$router->delete('/news/:news_id', function ($news_id) use($router) {
$news = \StudipNews::find($news_id);
if (!$news) {
$router->halt(404, sprintf('News %s not found', $news_id));
}
$news->delete();
$router->halt(200, sprintf('Deleted news %s.', $news_id));
});
}
/**
* Builds news dialog for editing / adding news
*
* @param string $id news id (in case news already exists; otherwise set to "new")
* @param string $context_range range id (only for new news; set to 'template' for copied news)
* @param string $template_id template id (source of news template)
*
*/
function edit_news_action($id = '', $context_range = '', $template_id = '')
{
// initialize
$this->news_isvisible = array('news_basic' => true, 'news_comments' => false, 'news_areas' => false);
$ranges = array();
$this->ranges = array();
$this->area_options_selectable = array();
$this->area_options_selected = array();
$this->may_delete = false;
$this->route = "news/edit_news/{$id}";
if ($context_range) {
$this->route .= "/{$context_range}";
if ($template_id) {
$this->route .= "/{$template_id}";
}
}
$msg_object = new messaging();
if ($id == "new") {
unset($id);
$this->title = _("Ankündigung erstellen");
} else {
$this->title = _("Ankündigung bearbeiten");
}
// user has to have autor permission at least
if (!$GLOBALS['perm']->have_perm(autor)) {
$this->set_status(401);
return $this->render_nothing();
}
// Output as dialog (Ajax-Request) or as Stud.IP page?
if (Request::isXhr()) {
$this->set_layout(null);
header('X-Title: ' . $this->title);
} else {
$this->set_layout($GLOBALS['template_factory']->open('layouts/base'));
}
// load news and comment data and check if user has permission to edit
$news = new StudipNews($id);
if (!$news->isNew()) {
$this->comments = StudipComment::GetCommentsForObject($id);
}
if (!$news->havePermission('edit') and !$news->isNew()) {
$this->set_status(401);
PageLayout::postMessage(MessageBox::error(_('Keine Berechtigung!')));
return $this->render_nothing();
}
// if form sent, get news data by post vars
if (Request::get('news_isvisible')) {
// visible categories, selected areas, topic, and body are utf8 encoded when sent via ajax
$this->news_isvisible = unserialize(Request::get('news_isvisible'));
if (Request::isXhr()) {
$this->area_options_selected = unserialize(studip_utf8decode(Request::get('news_selected_areas')));
$this->area_options_selectable = unserialize(studip_utf8decode(Request::get('news_selectable_areas')));
$topic = studip_utf8decode(Request::get('news_topic'));
$body = transformBeforeSave(Studip\Markup::purifyHtml(studip_utf8decode(Request::get('news_body'))));
} else {
$this->area_options_selected = unserialize(Request::get('news_selected_areas'));
$this->area_options_selectable = unserialize(Request::get('news_selectable_areas'));
$topic = Request::get('news_topic');
$body = transformBeforeSave(Studip\Markup::purifyHtml(Request::get('news_body')));
}
$date = $this->getTimeStamp(Request::get('news_startdate'), 'start');
$expire = $this->getTimeStamp(Request::get('news_enddate'), 'end') ? $this->getTimeStamp(Request::get('news_enddate'), 'end') - $this->getTimeStamp(Request::get('news_startdate'), 'start') : '';
$allow_comments = Request::get('news_allow_comments') ? 1 : 0;
if (Request::submitted('comments_status_deny')) {
$this->anker = 'news_comments';
$allow_comments = 0;
} elseif (Request::submitted('comments_status_allow')) {
$this->anker = 'news_comments';
$allow_comments = 1;
}
if ($news->getValue('topic') != $topic or $news->getValue('body') != $body or $news->getValue('date') != $date or $news->getValue('allow_comments') != $allow_comments or $news->getValue('expire') != $expire) {
$changed = true;
}
$news->setValue('topic', $topic);
$news->setValue('body', $body);
$news->setValue('date', $date);
$news->setValue('expire', $expire);
$news->setValue('allow_comments', $allow_comments);
} elseif ($id) {
// if news id given check for valid id and load ranges
if ($news->isNew()) {
PageLayout::postMessage(MessageBox::error(_('Die Ankündigung existiert nicht!')));
return $this->render_nothing();
}
$ranges = $news->news_ranges->toArray();
} elseif ($template_id) {
// otherwise, load data from template
$news_template = new StudipNews($template_id);
if ($news_template->isNew()) {
PageLayout::postMessage(MessageBox::error(_('Die Ankündigung existiert nicht!')));
return $this->render_nothing();
}
// check for permission
if (!$news_template->havePermission('edit')) {
$this->set_status(401);
return $this->render_nothing();
}
$ranges = $news_template->news_ranges->toArray();
// remove those ranges for which user doesn't have permission
foreach ($ranges as $key => $news_range) {
if (!$news->haveRangePermission('edit', $news_range['range_id'])) {
$changed_areas++;
$this->news_isvisible['news_areas'] = true;
unset($ranges[$key]);
}
}
if ($changed_areas == 1) {
PageLayout::postMessage(MessageBox::info(_('1 zugeordneter Bereich wurde nicht übernommen, weil Sie dort keine Ankündigungen erstellen dürfen.')));
} elseif ($changed_areas) {
PageLayout::postMessage(MessageBox::info(sprintf(_('%s zugeordnete Bereiche wurden nicht übernommen, weil Sie dort keine Ankündigungen erstellen dürfen.'), $changed_areas)));
}
$news->setValue('topic', $news_template->getValue('topic'));
$news->setValue('body', $news_template->getValue('body'));
$news->setValue('date', $news_template->getValue('date'));
$news->setValue('expire', $news_template->getValue('expire'));
$news->setValue('allow_comments', $news_template->getValue('allow_comments'));
} else {
// for new news, set startdate to today and range to dialog context
$news->setValue('date', strtotime(date('Y-m-d')));
// + 12*60*60;
$news->setValue('expire', 604800);
if ($context_range != '' and $context_range != 'template') {
$add_range = new NewsRange(array('', $context_range));
$ranges[] = $add_range->toArray();
}
}
// build news var for template
$this->news = $news->toArray();
// treat faculties and institutes as one area group (inst)
foreach ($ranges as $range) {
switch ($range['type']) {
case 'fak':
$this->area_options_selected['inst'][$range['range_id']] = $range['name'];
break;
default:
$this->area_options_selected[$range['type']][$range['range_id']] = $range['name'];
}
}
// define search presets
$this->search_presets['user'] = _('Meine Profilseite');
if ($GLOBALS['perm']->have_perm('autor') and !$GLOBALS['perm']->have_perm('admin')) {
$my_sem = $this->search_area('__THIS_SEMESTER__');
if (count($my_sem['sem'])) {
$this->search_presets['sem'] = _('Meine Veranstaltungen im aktuellen Semester') . ' (' . count($my_sem['sem']) . ')';
}
}
if ($GLOBALS['perm']->have_perm('dozent') and !$GLOBALS['perm']->have_perm('root')) {
$my_inst = $this->search_area('__MY_INSTITUTES__');
if (count($my_inst)) {
$this->search_presets['inst'] = _('Meine Einrichtungen') . ' (' . count($my_inst['inst']) . ')';
}
}
if ($GLOBALS['perm']->have_perm('root')) {
$this->search_presets['global'] = $this->area_structure['global']['title'];
}
// perform search
if (Request::submitted('area_search') or Request::submitted('area_search_preset')) {
$this->anker = 'news_areas';
$this->search_term = studip_utf8decode(Request::get('area_search_term'));
if (Request::submitted('area_search')) {
$this->area_options_selectable = $this->search_area($this->search_term);
} else {
$this->current_search_preset = Request::option('search_preset');
if ($this->current_search_preset == 'inst') {
$this->area_options_selectable = $my_inst;
} elseif ($this->current_search_preset == 'sem') {
$this->area_options_selectable = $my_sem;
} elseif ($this->current_search_preset == 'user') {
$this->area_options_selectable = array('user' => array($GLOBALS['auth']->auth['uid'] => get_fullname()));
} elseif ($this->current_search_preset == 'global') {
$this->area_options_selectable = array('global' => array('studip' => _('Stud.IP')));
}
}
if (!count($this->area_options_selectable)) {
unset($this->search_term);
} else {
// already assigned areas won't be selectable
foreach ($this->area_options_selected as $type => $data) {
foreach ($data as $id => $title) {
unset($this->area_options_selectable[$type][$id]);
}
}
}
}
// delete comment(s)
if (Request::submitted('delete_marked_comments')) {
$this->anker = 'news_comments';
$this->flash['question_text'] = delete_comments(Request::optionArray('mark_comments'));
$this->flash['question_param'] = array('mark_comments' => Request::optionArray('mark_comments'), 'delete_marked_comments' => 1);
// reload comments
if (!$this->flash['question_text']) {
$this->comments = StudipComment::GetCommentsForObject($id);
$changed = true;
}
}
if ($news->havePermission('delete')) {
$this->comments_admin = true;
}
if (is_array($this->comments)) {
foreach ($this->comments as $key => $comment) {
if (Request::submitted('news_delete_comment_' . $comment['comment_id'])) {
$this->anker = 'news_comments';
$this->flash['question_text'] = delete_comments($comment['comment_id']);
$this->flash['question_param'] = array('mark_comments' => array($comment['comment_id']), 'delete_marked_comments' => 1);
}
}
}
// open / close category
foreach ($this->news_isvisible as $category => $value) {
if (Request::submitted('toggle_' . $category) or Request::get($category . '_js')) {
$this->news_isvisible[$category] = $this->news_isvisible[$category] ? false : true;
$this->anker = $category;
}
}
// add / remove areas
if (Request::submitted('news_add_areas') and is_array($this->area_options_selectable)) {
$this->anker = 'news_areas';
foreach (Request::optionArray('area_options_selectable') as $range_id) {
foreach ($this->area_options_selectable as $type => $data) {
if (isset($data[$range_id])) {
$this->area_options_selected[$type][$range_id] = $data[$range_id];
unset($this->area_options_selectable[$type][$range_id]);
}
}
}
}
if (Request::submitted('news_remove_areas') and is_array($this->area_options_selected)) {
$this->anker = 'news_areas';
foreach (Request::optionArray('area_options_selected') as $range_id) {
foreach ($this->area_options_selected as $type => $data) {
if (isset($data[$range_id])) {
$this->area_options_selectable[$type][$range_id] = $data[$range_id];
unset($this->area_options_selected[$type][$range_id]);
}
}
}
}
// prepare to save news
if (Request::submitted('save_news') and Request::isPost()) {
CSRFProtection::verifySecurityToken();
//prepare ranges array for already assigned news_ranges
foreach ($news->getRanges() as $range_id) {
$this->ranges[$range_id] = get_object_type($range_id, array('global', 'fak', 'inst', 'sem', 'user'));
}
// check if new ranges must be added
foreach ($this->area_options_selected as $type => $area_group) {
foreach ($area_group as $range_id => $area_title) {
if (!isset($this->ranges[$range_id])) {
if ($news->haveRangePermission('edit', $range_id)) {
$news->addRange($range_id);
$changed = true;
} else {
PageLayout::postMessage(MessageBox::error(sprintf(_('Sie haben keine Berechtigung zum Ändern der Bereichsverknüpfung für "%s".'), htmlReady($area_title))));
$error++;
}
}
}
}
// check if assigned ranges must be removed
foreach ($this->ranges as $range_id => $range_type) {
if ($range_type === 'fak' && !isset($this->area_options_selected['inst'][$range_id]) || $range_type !== 'fak' && !isset($this->area_options_selected[$range_type][$range_id])) {
if ($news->havePermission('unassign', $range_id)) {
$news->deleteRange($range_id);
$changed = true;
} else {
PageLayout::postMessage(MessageBox::error(_('Sie haben keine Berechtigung zum Ändern der Bereichsverknüpfung.')));
$error++;
}
}
}
// save news
if ($news->validate() and !$error) {
if ($news->getValue('user_id') != $GLOBALS['auth']->auth['uid']) {
$news->setValue('chdate_uid', $GLOBALS['auth']->auth['uid']);
setTempLanguage($news->getValue('user_id'));
$msg = sprintf(_('Ihre Ankündigung "%s" wurde von %s verändert.'), $news->getValue('topic'), get_fullname() . ' (' . get_username() . ')') . "\n";
$msg_object->insert_message($msg, get_username($news->getValue('user_id')), "____%system%____", FALSE, FALSE, "1", FALSE, _("Systemnachricht:") . " " . _("Ankündigung geändert"));
restoreLanguage();
} else {
$news->setValue('chdate_uid', '');
}
$news->store();
PageLayout::postMessage(MessageBox::success(_('Die Ankündigung wurde gespeichert.')));
// in fallback mode redirect to edit page with proper news id
if (!Request::isXhr() and !$id) {
$this->redirect('news/edit_news/' . $news->getValue('news_id'));
} elseif (Request::isXhr()) {
$this->render_nothing();
}
}
}
// check if user has full permission on news object
if ($news->havePermission('delete')) {
$this->may_delete = true;
}
}
