public function GetHeader()
{
$sData = '';
$oSet = new DBObjectSet($this->oSearch);
$this->aStatusInfo['status'] = 'running';
$this->aStatusInfo['position'] = 0;
$this->aStatusInfo['total'] = $oSet->Count();
$aSelectedClasses = $this->oSearch->GetSelectedClasses();
foreach ($aSelectedClasses as $sAlias => $sClassName) {
if (UserRights::IsActionAllowed($sClassName, UR_ACTION_BULK_READ, $oSet) && (UR_ALLOWED_YES || UR_ALLOWED_DEPENDS)) {
$aAuthorizedClasses[$sAlias] = $sClassName;
}
}
$aAliases = array_keys($aAuthorizedClasses);
$aData = array();
foreach ($this->aStatusInfo['fields'] as $sExtendedAttCode) {
if (preg_match('/^([^\\.]+)\\.(.+)$/', $sExtendedAttCode, $aMatches)) {
$sAlias = $aMatches[1];
$sAttCode = $aMatches[2];
} else {
$sAlias = reset($aAliases);
$sAttCode = $sExtendedAttCode;
}
if (!in_array($sAlias, $aAliases)) {
throw new Exception("Invalid alias '{$sAlias}' for the column '{$sExtendedAttCode}'. Availables aliases: '" . implode("', '", $aAliases) . "'");
}
$sClass = $aSelectedClasses[$sAlias];
switch ($sAttCode) {
case 'id':
if (count($aSelectedClasses) > 1) {
$aData[] = $sAlias . '.id';
//@@@
} else {
$aData[] = 'id';
//@@@
}
break;
default:
$oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode);
if (count($aSelectedClasses) > 1) {
$aData[] = $sAlias . '.' . $oAttDef->GetLabel();
} else {
$aData[] = $oAttDef->GetLabel();
}
}
}
$sData .= "<table class=\"listResults\">\n";
$sData .= "<thead>\n";
$sData .= "<tr>\n";
foreach ($aData as $sLabel) {
$sData .= "<th>" . $sLabel . "</th>\n";
}
$sData .= "</tr>\n";
$sData .= "</thead>\n";
$sData .= "<tbody>\n";
return $sData;
}
/**
* Helper function to build a select from the list of valid classes for a given action
* @param string $sName The name of the select in the HTML form
* @param string $sDefaulfValue The defaut value (i.e the value selected by default)
* @param integer $iWidthPx The width (in pixels) of the drop-down list
* @param integer $iActionCode The ActionCode (from UserRights) to check for authorization for the classes
* @return string The HTML fragment corresponding to the select tag
*/
function GetClassesSelect($sName, $sDefaultValue, $iWidthPx, $iActionCode = null)
{
$sHtml = "<select id=\"select_{$sName}\" name=\"{$sName}\">";
$sHtml .= "<option tyle=\"width: " . $iWidthPx . "px;\" title=\"Select the class you want to load\" value=\"\">" . Dict::S('UI:CSVImport:ClassesSelectOne') . "</option>\n";
$aValidClasses = array();
$aClassCategories = array('bizmodel');
if (UserRights::IsAdministrator()) {
$aClassCategories = array('bizmodel', 'application', 'addon/authentication');
}
foreach ($aClassCategories as $sClassCategory) {
foreach (MetaModel::GetClasses($sClassCategory) as $sClassName) {
if ((is_null($iActionCode) || UserRights::IsActionAllowed($sClassName, $iActionCode)) && !MetaModel::IsAbstract($sClassName)) {
$sSelected = $sClassName == $sDefaultValue ? " selected" : "";
$sDescription = MetaModel::GetClassDescription($sClassName);
$sDisplayName = MetaModel::GetName($sClassName);
$aValidClasses[$sDisplayName] = "<option style=\"width: " . $iWidthPx . "px;\" title=\"{$sDescription}\" value=\"{$sClassName}\"{$sSelected}>{$sDisplayName}</option>";
}
}
}
ksort($aValidClasses);
$sHtml .= implode("\n", $aValidClasses);
$sHtml .= "</select>";
return $sHtml;
}
public function ReadParameters()
{
parent::ReadParameters();
$sQueryId = utils::ReadParam('query', null, true);
$sFields = utils::ReadParam('fields', null, true, 'raw_data');
if (($sFields === null || $sFields === '') && $sQueryId === null) {
throw new BulkExportMissingParameterException('fields');
} else {
if ($sQueryId !== null && $sQueryId !== null) {
$oSearch = DBObjectSearch::FromOQL('SELECT QueryOQL WHERE id = :query_id', array('query_id' => $sQueryId));
$oQueries = new DBObjectSet($oSearch);
if ($oQueries->Count() > 0) {
$oQuery = $oQueries->Fetch();
if ($sFields === null || $sFields === '') {
// No 'fields' parameter supplied, take the fields from the query phrasebook definition
$sFields = trim($oQuery->Get('fields'));
if ($sFields === '') {
throw new BulkExportMissingParameterException('fields');
}
}
} else {
throw BulkExportException('Invalid value for the parameter: query. There is no Query Phrasebook with id = ' . $sQueryId, Dict::Format('Core:BulkExport:InvalidParameter_Query', $sQueryId));
}
}
}
// Interpret (and check) the list of fields
//
$aSelectedClasses = $this->oSearch->GetSelectedClasses();
$aAliases = array_keys($aSelectedClasses);
$aAuthorizedClasses = array();
foreach ($aSelectedClasses as $sAlias => $sClassName) {
if (UserRights::IsActionAllowed($sClassName, UR_ACTION_BULK_READ) == UR_ALLOWED_YES) {
$aAuthorizedClasses[$sAlias] = $sClassName;
}
}
$aFields = explode(',', $sFields);
$this->aStatusInfo['fields'] = array();
foreach ($aFields as $sFieldSpec) {
// Trim the values since it's natural to write: fields=name, first_name, org_name instead of fields=name,first_name,org_name
$sExtendedAttCode = trim($sFieldSpec);
if (preg_match('/^([^\\.]+)\\.(.+)$/', $sExtendedAttCode, $aMatches)) {
$sAlias = $aMatches[1];
$sAttCode = $aMatches[2];
} else {
$sAlias = reset($aAliases);
$sAttCode = $sExtendedAttCode;
}
if (!array_key_exists($sAlias, $aSelectedClasses)) {
throw new Exception("Invalid alias '{$sAlias}' for the column '{$sExtendedAttCode}'. Availables aliases: '" . implode("', '", $aAliases) . "'");
}
$sClass = $aSelectedClasses[$sAlias];
if (!array_key_exists($sAlias, $aAuthorizedClasses)) {
throw new Exception("You do not have enough permissions to bulk read data of class '{$sClass}' (alias: {$sAlias})");
}
if ($this->bLocalizeOutput) {
try {
$sLabel = MetaModel::GetLabel($sClass, $sAttCode);
} catch (Exception $e) {
throw new Exception("Wrong field specification '{$sFieldSpec}': " . $e->getMessage());
}
} else {
$sLabel = $sAttCode;
}
if (count($aAuthorizedClasses) > 1) {
$sColLabel = $sAlias . '.' . $sLabel;
} else {
$sColLabel = $sLabel;
}
$this->aStatusInfo['fields'][] = array('sFieldSpec' => $sExtendedAttCode, 'sAlias' => $sAlias, 'sClass' => $sClass, 'sAttCode' => $sAttCode, 'sLabel' => $sLabel, 'sColLabel' => $sColLabel);
}
}
/**
* Displays the details of an object
* @param $oP WebPage Page for the output
* @param $sClass string The name of the class of the object
* @param $oObj DBObject The object to display
* @param $id mixed Identifier of the object (name or ID)
*/
function DisplayDetails($oP, $sClass, $oObj, $id)
{
$sClassLabel = MetaModel::GetName($sClass);
$oSearch = new DBObjectSearch($sClass);
$oBlock = new DisplayBlock($oSearch, 'search', false);
$oBlock->Display($oP, 0);
// The object could be listed, check if it is actually allowed to view it
$oSet = CMDBObjectSet::FromObject($oObj);
if (UserRights::IsActionAllowed($sClass, UR_ACTION_READ, $oSet) == UR_ALLOWED_NO) {
throw new SecurityException('User not allowed to view this object', array('class' => $sClass, 'id' => $id));
}
$oP->set_title(Dict::Format('UI:DetailsPageTitle', $oObj->GetRawName(), $sClassLabel));
// Set title will take care of the encoding
$oObj->DisplayDetails($oP);
}
public function GetNextChunk(&$aStatus)
{
$sRetCode = 'run';
$iPercentage = 0;
$iCount = 0;
$sData = '';
$oSet = new DBObjectSet($this->oSearch);
$oSet->SetLimit($this->iChunkSize, $this->aStatusInfo['position']);
$bLocalize = $this->aStatusInfo['localize'];
$aClasses = $this->oSearch->GetSelectedClasses();
$aAuthorizedClasses = array();
foreach ($aClasses as $sAlias => $sClassName) {
if (UserRights::IsActionAllowed($sClassName, UR_ACTION_BULK_READ, $oSet) && (UR_ALLOWED_YES || UR_ALLOWED_DEPENDS)) {
$aAuthorizedClasses[$sAlias] = $sClassName;
}
}
$aAttribs = array();
$aList = array();
$aList[$sAlias] = MetaModel::GetZListItems($sClassName, 'details');
$iPreviousTimeLimit = ini_get('max_execution_time');
$iLoopTimeLimit = MetaModel::GetConfig()->Get('max_execution_time_per_loop');
while ($aObjects = $oSet->FetchAssoc()) {
set_time_limit($iLoopTimeLimit);
if (count($aAuthorizedClasses) > 1) {
$sData .= "<Row>\n";
}
foreach ($aAuthorizedClasses as $sAlias => $sClassName) {
$oObj = $aObjects[$sAlias];
if (is_null($oObj)) {
$sData .= "<{$sClassName} alias=\"{$sAlias}\" id=\"null\">\n";
} else {
$sClassName = get_class($oObj);
$sData .= "<{$sClassName} alias=\"{$sAlias}\" id=\"" . $oObj->GetKey() . "\">\n";
}
foreach (MetaModel::ListAttributeDefs($sClassName) as $sAttCode => $oAttDef) {
if (is_null($oObj)) {
$sData .= "<{$sAttCode}>null</{$sAttCode}>\n";
} else {
if ($oAttDef->IsWritable()) {
$sValue = $oObj->GetAsXML($sAttCode, $bLocalize);
$sData .= "<{$sAttCode}>{$sValue}</{$sAttCode}>\n";
}
}
}
$sData .= "</{$sClassName}>\n";
}
if (count($aAuthorizedClasses) > 1) {
$sData .= "</Row>\n";
}
$iCount++;
}
set_time_limit($iPreviousTimeLimit);
$this->aStatusInfo['position'] += $this->iChunkSize;
if ($this->aStatusInfo['total'] == 0) {
$iPercentage = 100;
} else {
$iPercentage = floor(min(100.0, 100.0 * $this->aStatusInfo['position'] / $this->aStatusInfo['total']));
}
if ($iCount < $this->iChunkSize) {
$sRetCode = 'done';
}
$aStatus = array('code' => $sRetCode, 'message' => Dict::S('Core:BulkExport:RetrievingData'), 'percentage' => $iPercentage);
return $sData;
}
protected function DoCheckToDelete(&$oDeletionPlan)
{
parent::DoCheckToDelete($oDeletionPlan);
// Plugins
//
foreach (MetaModel::EnumPlugins('iApplicationObjectExtension') as $oExtensionInstance) {
$aNewIssues = $oExtensionInstance->OnCheckToDelete($this);
if (count($aNewIssues) > 0) {
$this->m_aDeleteIssues = array_merge($this->m_aDeleteIssues, $aNewIssues);
}
}
// User rights
//
$bDeleteAllowed = UserRights::IsActionAllowed(get_class($this), UR_ACTION_DELETE, DBObjectSet::FromObject($this));
if (!$bDeleteAllowed) {
// Security issue
$this->m_bSecurityIssue = true;
$this->m_aDeleteIssues[] = Dict::S('UI:Delete:NotAllowedToDelete');
}
}
/**
* Overload the check of the "enable" state of this menu to take into account
* derived classes of objects
*/
public function IsEnabled()
{
// Enable this menu, only if the current user has enough rights to create such an object, or an object of
// any child class
$aSubClasses = MetaModel::EnumChildClasses($this->sClass, ENUM_CHILD_CLASSES_ALL);
// Including the specified class itself
$bActionIsAllowed = false;
foreach ($aSubClasses as $sCandidateClass) {
if (!MetaModel::IsAbstract($sCandidateClass) && UserRights::IsActionAllowed($sCandidateClass, UR_ACTION_MODIFY) == UR_ALLOWED_YES) {
$bActionIsAllowed = true;
break;
// Enough for now
}
}
return $bActionIsAllowed;
}
/**
* Get the HTML fragment corresponding to the ext key editing widget
* @param WebPage $oP The web page used for all the output
* @param Hash $aArgs Extra context arguments
* @return string The HTML fragment to be inserted into the page
*/
public function Display(WebPage $oPage, $iMaxComboLength, $bAllowTargetCreation, $sTitle, $oAllowedValues, $value, $iInputId, $bMandatory, $sFieldName, $sFormPrefix = '', $aArgs = array(), $bSearchMode = null, $sDisplayStyle = 'select', $bSearchMultiple = true)
{
if (!is_null($bSearchMode)) {
$this->bSearchMode = $bSearchMode;
}
$sTitle = addslashes($sTitle);
$oPage->add_linked_script('../js/extkeywidget.js');
$oPage->add_linked_script('../js/forms-json-utils.js');
$bCreate = !$this->bSearchMode && !MetaModel::IsAbstract($this->sTargetClass) && (UserRights::IsActionAllowed($this->sTargetClass, UR_ACTION_BULK_MODIFY) && $bAllowTargetCreation);
$bExtensions = true;
$sMessage = Dict::S('UI:Message:EmptyList:UseSearchForm');
$sAttrFieldPrefix = $this->bSearchMode ? '' : 'attr_';
$sHTMLValue = "<span style=\"white-space:nowrap\">";
// no wrap
$sFilter = addslashes($oAllowedValues->GetFilter()->ToOQL());
if ($this->bSearchMode) {
$sWizHelper = 'null';
$sWizHelperJSON = "''";
$sJSSearchMode = 'true';
} else {
if (isset($aArgs['wizHelper'])) {
$sWizHelper = $aArgs['wizHelper'];
} else {
$sWizHelper = 'oWizardHelper' . $sFormPrefix;
}
$sWizHelperJSON = $sWizHelper . '.UpdateWizardToJSON()';
$sJSSearchMode = 'false';
}
if (is_null($oAllowedValues)) {
throw new Exception('Implementation: null value for allowed values definition');
} elseif ($oAllowedValues->Count() < $iMaxComboLength) {
// Discrete list of values, use a SELECT or RADIO buttons depending on the config
switch ($sDisplayStyle) {
case 'radio':
case 'radio_horizontal':
case 'radio_vertical':
$sValidationField = "<span id=\"v_{$this->iId}\"></span>";
$sHTMLValue = '';
$bVertical = $sDisplayStyle != 'radio_horizontal';
$bExtensions = false;
$oAllowedValues->Rewind();
$aAllowedValues = array();
while ($oObj = $oAllowedValues->Fetch()) {
$aAllowedValues[$oObj->GetKey()] = $oObj->GetName();
}
$sHTMLValue = $oPage->GetRadioButtons($aAllowedValues, $value, $this->iId, "{$sAttrFieldPrefix}{$sFieldName}", $bMandatory, $bVertical, $sValidationField);
$aEventsList[] = 'change';
break;
case 'select':
case 'list':
default:
$sSelectMode = 'true';
$sHelpText = '';
//$this->oAttDef->GetHelpOnEdition();
if ($this->bSearchMode) {
if ($bSearchMultiple) {
$sHTMLValue = "<select class=\"multiselect\" multiple title=\"{$sHelpText}\" name=\"{$sAttrFieldPrefix}{$sFieldName}[]\" id=\"{$this->iId}\">\n";
} else {
$sHTMLValue = "<select title=\"{$sHelpText}\" name=\"{$sAttrFieldPrefix}{$sFieldName}\" id=\"{$this->iId}\">\n";
$sDisplayValue = isset($aArgs['sDefaultValue']) ? $aArgs['sDefaultValue'] : Dict::S('UI:SearchValue:Any');
$sHTMLValue .= "<option value=\"\">{$sDisplayValue}</option>\n";
}
} else {
$sHTMLValue = "<select title=\"{$sHelpText}\" name=\"{$sAttrFieldPrefix}{$sFieldName}\" id=\"{$this->iId}\">\n";
$sHTMLValue .= "<option value=\"\">" . Dict::S('UI:SelectOne') . "</option>\n";
}
$oAllowedValues->Rewind();
while ($oObj = $oAllowedValues->Fetch()) {
$key = $oObj->GetKey();
$display_value = $oObj->GetName();
if ($oAllowedValues->Count() == 1 && $bMandatory == 'true') {
// When there is only once choice, select it by default
$sSelected = ' selected';
} else {
$sSelected = is_array($value) && in_array($key, $value) || $value == $key ? ' selected' : '';
}
$sHTMLValue .= "<option value=\"{$key}\"{$sSelected}>{$display_value}</option>\n";
}
$sHTMLValue .= "</select>\n";
if ($this->bSearchMode && $bSearchMultiple) {
$aOptions = array('header' => true, 'checkAllText' => Dict::S('UI:SearchValue:CheckAll'), 'uncheckAllText' => Dict::S('UI:SearchValue:UncheckAll'), 'noneSelectedText' => Dict::S('UI:SearchValue:Any'), 'selectedText' => Dict::S('UI:SearchValue:NbSelected'), 'selectedList' => 1);
$sJSOptions = json_encode($aOptions);
$oPage->add_ready_script("\$('.multiselect').multiselect({$sJSOptions});");
}
$oPage->add_ready_script(<<<EOF
\t\toACWidget_{$this->iId} = new ExtKeyWidget('{$this->iId}', '{$this->sTargetClass}', '{$sFilter}', '{$sTitle}', true, {$sWizHelper}, '{$this->sAttCode}', {$sJSSearchMode});
\t\toACWidget_{$this->iId}.emptyHtml = "<div style=\\"background: #fff; border:0; text-align:center; vertical-align:middle;\\"><p>{$sMessage}</p></div>";
\t\t\$('#{$this->iId}').bind('update', function() { oACWidget_{$this->iId}.Update(); } );
\t\t\$('#{$this->iId}').bind('change', function() { \$(this).trigger('extkeychange') } );
EOF
);
}
// Switch
} else {
// Too many choices, use an autocomplete
$sSelectMode = 'false';
// Check that the given value is allowed
$oSearch = $oAllowedValues->GetFilter();
$oSearch->AddCondition('id', $value);
$oSet = new DBObjectSet($oSearch);
if ($oSet->Count() == 0) {
$value = null;
}
if (is_null($value) || $value == 0) {
$sDisplayValue = isset($aArgs['sDefaultValue']) ? $aArgs['sDefaultValue'] : '';
} else {
$sDisplayValue = $this->GetObjectName($value);
}
$iMinChars = isset($aArgs['iMinChars']) ? $aArgs['iMinChars'] : 3;
//@@@ $this->oAttDef->GetMinAutoCompleteChars();
$iFieldSize = isset($aArgs['iFieldSize']) ? $aArgs['iFieldSize'] : 30;
//@@@ $this->oAttDef->GetMaxSize();
// the input for the auto-complete
$sHTMLValue = "<input count=\"" . $oAllowedValues->Count() . "\" type=\"text\" id=\"label_{$this->iId}\" size=\"{$iFieldSize}\" value=\"{$sDisplayValue}\"/> ";
$sHTMLValue .= "<img id=\"mini_search_{$this->iId}\" style=\"border:0;vertical-align:middle;cursor:pointer;\" src=\"../images/mini_search.gif\" onClick=\"oACWidget_{$this->iId}.Search();\"/> ";
// another hidden input to store & pass the object's Id
$sHTMLValue .= "<input type=\"hidden\" id=\"{$this->iId}\" name=\"{$sAttrFieldPrefix}{$sFieldName}\" value=\"" . htmlentities($value, ENT_QUOTES, 'UTF-8') . "\" />\n";
$JSSearchMode = $this->bSearchMode ? 'true' : 'false';
// Scripts to start the autocomplete and bind some events to it
$oPage->add_ready_script(<<<EOF
\t\toACWidget_{$this->iId} = new ExtKeyWidget('{$this->iId}', '{$this->sTargetClass}', '{$sFilter}', '{$sTitle}', false, {$sWizHelper}, '{$this->sAttCode}', {$sJSSearchMode});
\t\toACWidget_{$this->iId}.emptyHtml = "<div style=\\"background: #fff; border:0; text-align:center; vertical-align:middle;\\"><p>{$sMessage}</p></div>";
\t\t\$('#label_{$this->iId}').autocomplete(GetAbsoluteUrlAppRoot()+'pages/ajax.render.php', { scroll:true, minChars:{$iMinChars}, autoFill:false, matchContains:true, mustMatch: true, keyHolder:'#{$this->iId}', extraParams:{operation:'ac_extkey', sTargetClass:'{$this->sTargetClass}',sFilter:'{$sFilter}',bSearchMode:{$JSSearchMode}, json: function() { return {$sWizHelperJSON}; } }});
\t\t\$('#label_{$this->iId}').keyup(function() { if (\$(this).val() == '') { \$('#{$this->iId}').val(''); } } ); // Useful for search forms: empty value in the "label", means no value, immediatly !
\t\t\$('#label_{$this->iId}').result( function(event, data, formatted) { OnAutoComplete('{$this->iId}', event, data, formatted); } );
\t\t\$('#{$this->iId}').bind('update', function() { oACWidget_{$this->iId}.Update(); } );
\t\tif (\$('#ac_dlg_{$this->iId}').length == 0)
\t\t{
\t\t\t\$('body').append('<div id="ac_dlg_{$this->iId}"></div>');
\t\t}
EOF
);
}
if ($bExtensions && MetaModel::IsHierarchicalClass($this->sTargetClass) !== false) {
$sHTMLValue .= "<img id=\"mini_tree_{$this->iId}\" style=\"border:0;vertical-align:middle;cursor:pointer;\" src=\"../images/mini_tree.gif\" onClick=\"oACWidget_{$this->iId}.HKDisplay();\"/> ";
$oPage->add_ready_script(<<<EOF
\t\t\tif (\$('#ac_tree_{$this->iId}').length == 0)
\t\t\t{
\t\t\t\t\$('body').append('<div id="ac_tree_{$this->iId}"></div>');
\t\t\t}\t\t
EOF
);
}
if ($bCreate && $bExtensions) {
$sHTMLValue .= "<img id=\"mini_add_{$this->iId}\" style=\"border:0;vertical-align:middle;cursor:pointer;\" src=\"../images/mini_add.gif\" onClick=\"oACWidget_{$this->iId}.CreateObject();\"/> ";
$oPage->add_ready_script(<<<EOF
\t\tif (\$('#ajax_{$this->iId}').length == 0)
\t\t{
\t\t\t\$('body').append('<div id="ajax_{$this->iId}"></div>');
\t\t}
EOF
);
}
if ($sDisplayStyle == 'select' || $sDisplayStyle == 'list') {
$sHTMLValue .= "<span id=\"v_{$this->iId}\"></span>";
}
$sHTMLValue .= "</span>";
// end of no wrap
return $sHTMLValue;
}
/**
* Merge standard menu items with plugin provided menus items
*/
public static function GetPopupMenuItems($oPage, $iMenuId, $param, &$aActions, $sTableId = null, $sDataTableId = null)
{
// 1st - add standard built-in menu items
//
switch ($iMenuId) {
case iPopupMenuExtension::MENU_OBJLIST_TOOLKIT:
// $param is a DBObjectSet
$oAppContext = new ApplicationContext();
$sContext = $oAppContext->GetForLink();
$sDataTableId = is_null($sDataTableId) ? '' : $sDataTableId;
$sUIPage = cmdbAbstractObject::ComputeStandardUIPage($param->GetFilter()->GetClass());
$sOQL = addslashes($param->GetFilter()->ToOQL(true));
$sFilter = urlencode($param->GetFilter()->serialize());
$sUrl = utils::GetAbsoluteUrlAppRoot() . "pages/{$sUIPage}?operation=search&filter=" . $sFilter . "&{$sContext}";
$oPage->add_linked_script(utils::GetAbsoluteUrlAppRoot() . 'js/tabularfieldsselector.js');
$oPage->add_linked_script(utils::GetAbsoluteUrlAppRoot() . 'js/jquery.dragtable.js');
$oPage->add_linked_stylesheet(utils::GetAbsoluteUrlAppRoot() . 'css/dragtable.css');
$aResult = array(new SeparatorPopupMenuItem(), new URLPopupMenuItem('UI:Menu:EMail', Dict::S('UI:Menu:EMail'), "mailto:?body=" . urlencode($sUrl) . ' '));
if (UserRights::IsActionAllowed($param->GetFilter()->GetClass(), UR_ACTION_BULK_READ, $param) && (UR_ALLOWED_YES || UR_ALLOWED_DEPENDS)) {
// Bulk export actions
$aResult[] = new JSPopupMenuItem('UI:Menu:CSVExport', Dict::S('UI:Menu:CSVExport'), "ExportListDlg('{$sOQL}', '{$sDataTableId}', 'csv', " . json_encode(Dict::S('UI:Menu:CSVExport')) . ")");
$aResult[] = new JSPopupMenuItem('UI:Menu:ExportXLSX', Dict::S('ExcelExporter:ExportMenu'), "ExportListDlg('{$sOQL}', '{$sDataTableId}', 'xlsx', " . json_encode(Dict::S('ExcelExporter:ExportMenu')) . ")");
$aResult[] = new JSPopupMenuItem('UI:Menu:ExportPDF', Dict::S('UI:Menu:ExportPDF'), "ExportListDlg('{$sOQL}', '{$sDataTableId}', 'pdf', " . json_encode(Dict::S('UI:Menu:ExportPDF')) . ")");
}
$aResult[] = new JSPopupMenuItem('UI:Menu:AddToDashboard', Dict::S('UI:Menu:AddToDashboard'), "DashletCreationDlg('{$sOQL}')");
$aResult[] = new JSPopupMenuItem('UI:Menu:ShortcutList', Dict::S('UI:Menu:ShortcutList'), "ShortcutListDlg('{$sOQL}', '{$sDataTableId}', '{$sContext}')");
break;
case iPopupMenuExtension::MENU_OBJDETAILS_ACTIONS:
// $param is a DBObject
$oObj = $param;
$sOQL = "SELECT " . get_class($oObj) . " WHERE id=" . $oObj->GetKey();
$oFilter = DBObjectSearch::FromOQL($sOQL);
$sFilter = $oFilter->serialize();
$sUrl = ApplicationContext::MakeObjectUrl(get_class($oObj), $oObj->GetKey());
$sUIPage = cmdbAbstractObject::ComputeStandardUIPage(get_class($oObj));
$oAppContext = new ApplicationContext();
$sContext = $oAppContext->GetForLink();
$oPage->add_linked_script(utils::GetAbsoluteUrlAppRoot() . 'js/tabularfieldsselector.js');
$oPage->add_linked_script(utils::GetAbsoluteUrlAppRoot() . 'js/jquery.dragtable.js');
$oPage->add_linked_stylesheet(utils::GetAbsoluteUrlAppRoot() . 'css/dragtable.css');
$oPage->add_linked_script(utils::GetAbsoluteUrlAppRoot() . 'js/tabularfieldsselector.js');
$oPage->add_linked_script(utils::GetAbsoluteUrlAppRoot() . 'js/jquery.dragtable.js');
$oPage->add_linked_stylesheet(utils::GetAbsoluteUrlAppRoot() . 'css/dragtable.css');
$aResult = array(new SeparatorPopupMenuItem(), new URLPopupMenuItem('UI:Menu:EMail', Dict::S('UI:Menu:EMail'), "mailto:?subject=" . urlencode($oObj->GetRawName()) . "&body=" . urlencode($sUrl) . ' '), new JSPopupMenuItem('UI:Menu:CSVExport', Dict::S('UI:Menu:CSVExport'), "ExportListDlg('{$sOQL}', '', 'csv', " . json_encode(Dict::S('UI:Menu:CSVExport')) . ")"), new JSPopupMenuItem('UI:Menu:ExportXLSX', Dict::S('ExcelExporter:ExportMenu'), "ExportListDlg('{$sOQL}', '', 'xlsx', " . json_encode(Dict::S('ExcelExporter:ExportMenu')) . ")"));
break;
case iPopupMenuExtension::MENU_DASHBOARD_ACTIONS:
// $param is a Dashboard
$oAppContext = new ApplicationContext();
$aParams = $oAppContext->GetAsHash();
$sMenuId = ApplicationMenu::GetActiveNodeId();
$sDlgTitle = addslashes(Dict::S('UI:ImportDashboardTitle'));
$sDlgText = addslashes(Dict::S('UI:ImportDashboardText'));
$sCloseBtn = addslashes(Dict::S('UI:Button:Cancel'));
$aResult = array(new SeparatorPopupMenuItem(), new URLPopupMenuItem('UI:ExportDashboard', Dict::S('UI:ExportDashBoard'), utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.render.php?operation=export_dashboard&id=' . $sMenuId), new JSPopupMenuItem('UI:ImportDashboard', Dict::S('UI:ImportDashBoard'), "UploadDashboard({dashboard_id: '{$sMenuId}', title: '{$sDlgTitle}', text: '{$sDlgText}', close_btn: '{$sCloseBtn}' })"));
break;
default:
// Unknown type of menu, do nothing
$aResult = array();
}
foreach ($aResult as $oMenuItem) {
$aActions[$oMenuItem->GetUID()] = $oMenuItem->GetMenuItem();
}
// Invoke the plugins
//
foreach (MetaModel::EnumPlugins('iPopupMenuExtension') as $oExtensionInstance) {
if (is_object($param) && !$param instanceof DBObject) {
$tmpParam = clone $param;
// In case the parameter is an DBObjectSet, clone it to prevent alterations
} else {
$tmpParam = $param;
}
foreach ($oExtensionInstance->EnumItems($iMenuId, $tmpParam) as $oMenuItem) {
if (is_object($oMenuItem)) {
$aActions[$oMenuItem->GetUID()] = $oMenuItem->GetMenuItem();
foreach ($oMenuItem->GetLinkedScripts() as $sLinkedScript) {
$oPage->add_linked_script($sLinkedScript);
}
}
}
}
}
$oP->add_comment("Separator: " . $sSep);
$oP->add_comment("Qualifier: " . $sQualifier);
$oP->add_comment("Charset Encoding:" . $sCharSet);
if (strlen($sDateFormat) > 0) {
$oP->add_comment("Date format: '{$sDateFormat}'");
} else {
$oP->add_comment("Date format: <none>");
}
$oP->add_comment("Localize: " . ($bLocalize ? 'yes' : 'no'));
$oP->add_comment("Data Size: " . strlen($sCSVData));
}
//////////////////////////////////////////////////
//
// Security
//
if (!UserRights::IsActionAllowed($sClass, UR_ACTION_BULK_MODIFY)) {
throw new SecurityException(Dict::Format('UI:Error:BulkModifyNotAllowedOn_Class', $sClass));
}
//////////////////////////////////////////////////
//
// Create an index of the known column names (in lower case)
// If data is localized, an array of <TranslatedName> => array of <ExtendedAttCode> (several leads to ambiguity)
// Otherwise an array of <ExtendedAttCode> => array of <ExtendedAttCode> (1 element by construction)
//
// Examples (localized in french):
// 'lieu' => 'location_id'
// 'lieu->name' => 'location_id->name'
//
// Note: it may happen that an external field has the same label as the external key
// in that case, we consider that the external key has precedence
//
protected function DoExecute()
{
$sUser = '******';
echo "<p>Totor: " . (UserRights::CheckCredentials('Totor', 'toto') ? 'ok' : 'NO') . "</p>\n";
echo "<p>Romain: " . (UserRights::CheckCredentials('Romain', 'toto') ? 'ok' : 'NO') . "</p>\n";
echo "<p>User: "******"</p>\n";
echo "<p>On behalf of..." . UserRights::GetRealUser() . "</p>\n";
echo "<p>Denis (impersonate) : " . (UserRights::Impersonate('Denis', 'tutu') ? 'ok' : 'NO') . "</p>\n";
echo "<p>User: "******"</p>\n";
echo "<p>On behalf of..." . UserRights::GetRealUser() . "</p>\n";
$oSet = new DBObjectSet(DBObjectSearch::FromOQL("SELECT bizOrganization"));
echo "<p>IsActionAllowed..." . (UserRights::IsActionAllowed('bizOrganization', UR_ACTION_MODIFY, $oSet) == UR_ALLOWED_YES ? 'ok' : 'NO') . "</p>\n";
echo "<p>IsStimulusAllowed..." . (UserRights::IsStimulusAllowed('bizOrganization', 'myStimulus', $oSet) == UR_ALLOWED_YES ? 'ok' : 'NO') . "</p>\n";
echo "<p>IsActionAllowedOnAttribute..." . (UserRights::IsActionAllowedOnAttribute('bizOrganization', 'myattribute', UR_ACTION_MODIFY, $oSet) == UR_ALLOWED_YES ? 'ok' : 'NO') . "</p>\n";
return true;
}
public function GetHeader()
{
$oSet = new DBObjectSet($this->oSearch);
$this->aStatusInfo['status'] = 'retrieving';
$this->aStatusInfo['tmp_file'] = $this->MakeTmpFile('data');
$this->aStatusInfo['position'] = 0;
$this->aStatusInfo['total'] = $oSet->Count();
$aSelectedClasses = $this->oSearch->GetSelectedClasses();
foreach ($aSelectedClasses as $sAlias => $sClassName) {
if (UserRights::IsActionAllowed($sClassName, UR_ACTION_BULK_READ, $oSet) && (UR_ALLOWED_YES || UR_ALLOWED_DEPENDS)) {
$aAuthorizedClasses[$sAlias] = $sClassName;
}
}
$aAliases = array_keys($aAuthorizedClasses);
$aTableHeaders = array();
foreach ($this->aStatusInfo['fields'] as $sExtendedAttCode) {
if (preg_match('/^([^\\.]+)\\.(.+)$/', $sExtendedAttCode, $aMatches)) {
$sAlias = $aMatches[1];
$sAttCode = $aMatches[2];
} else {
$sAlias = reset($aAliases);
$sAttCode = $sExtendedAttCode;
}
if (!in_array($sAlias, $aAliases)) {
throw new Exception("Invalid alias '{$sAlias}' for the column '{$sExtendedAttCode}'. Availables aliases: '" . implode("', '", $aAliases) . "'");
}
$sClass = $aSelectedClasses[$sAlias];
$sFullAlias = '';
if (count($aSelectedClasses) > 1) {
$sFullAlias = $sAlias . '.';
}
switch ($sAttCode) {
case 'id':
$aTableHeaders[] = array('label' => $sFullAlias . 'id', 'type' => '0');
break;
default:
$oAttDef = MetaModel::GetAttributeDef($sClass, $sAttCode);
$sType = 'string';
if ($oAttDef instanceof AttributeDateTime) {
$sType = 'datetime';
}
$sLabel = $sAttCode;
if ($this->aStatusInfo['localize']) {
$sLabel = $oAttDef->GetLabel();
}
$aTableHeaders[] = array('label' => $sFullAlias . $sLabel, 'type' => $sType);
}
}
$sRow = json_encode($aTableHeaders);
$hFile = @fopen($this->aStatusInfo['tmp_file'], 'ab');
if ($hFile === false) {
throw new Exception('ExcelBulkExport: Failed to open temporary data file: "' . $this->aStatusInfo['tmp_file'] . '" for writing.');
}
fwrite($hFile, $sRow . "\n");
fclose($hFile);
return '';
}
protected function GetFieldsList($oSet, $bFieldsAdvanced = false, $bLocalize = true, $aFields = null)
{
$this->aFieldsList = array();
$oAppContext = new ApplicationContext();
$aClasses = $oSet->GetFilter()->GetSelectedClasses();
$this->aAuthorizedClasses = array();
foreach ($aClasses as $sAlias => $sClassName) {
if (UserRights::IsActionAllowed($sClassName, UR_ACTION_READ, $oSet) && (UR_ALLOWED_YES || UR_ALLOWED_DEPENDS)) {
$this->aAuthorizedClasses[$sAlias] = $sClassName;
}
}
$aAttribs = array();
$this->aTableHeaders = array();
foreach ($this->aAuthorizedClasses as $sAlias => $sClassName) {
$aList[$sAlias] = array();
foreach (MetaModel::ListAttributeDefs($sClassName) as $sAttCode => $oAttDef) {
if (is_null($aFields) || count($aFields) == 0) {
// Standard list of attributes (no link sets)
if ($oAttDef->IsScalar() && ($oAttDef->IsWritable() || $oAttDef->IsExternalField())) {
$sAttCodeEx = $oAttDef->IsExternalField() ? $oAttDef->GetKeyAttCode() . '->' . $oAttDef->GetExtAttCode() : $sAttCode;
if ($oAttDef->IsExternalKey(EXTKEY_ABSOLUTE)) {
if ($bFieldsAdvanced) {
$aList[$sAlias][$sAttCodeEx] = $oAttDef;
if ($oAttDef->IsExternalKey(EXTKEY_RELATIVE)) {
$sRemoteClass = $oAttDef->GetTargetClass();
foreach (MetaModel::GetReconcKeys($sRemoteClass) as $sRemoteAttCode) {
$this->aFieldsList[$sAlias][$sAttCode . '->' . $sRemoteAttCode] = MetaModel::GetAttributeDef($sRemoteClass, $sRemoteAttCode);
}
}
}
} else {
// Any other attribute
$this->aFieldsList[$sAlias][$sAttCodeEx] = $oAttDef;
}
}
} else {
// User defined list of attributes
if (in_array($sAttCode, $aFields) || in_array($sAlias . '.' . $sAttCode, $aFields)) {
$this->aFieldsList[$sAlias][$sAttCode] = $oAttDef;
}
}
}
if ($bFieldsAdvanced) {
$this->aTableHeaders['id'] = '0';
}
foreach ($this->aFieldsList[$sAlias] as $sAttCodeEx => $oAttDef) {
$sLabel = $bLocalize ? MetaModel::GetLabel($sClassName, $sAttCodeEx, isset($aParams['showMandatoryFields'])) : $sAttCodeEx;
if ($oAttDef instanceof AttributeDateTime) {
$this->aTableHeaders[$sLabel] = 'datetime';
} else {
$this->aTableHeaders[$sLabel] = 'string';
}
}
}
}
}
}
}
}
// Read query parameters
//
$aArgs = array();
foreach ($oFilter->GetQueryParams() as $sParam => $foo) {
$value = utils::ReadParam('arg_' . $sParam, null, true, 'raw_data');
if (!is_null($value)) {
$aArgs[$sParam] = $value;
}
}
$oFilter->SetInternalParams($aArgs);
foreach ($oFilter->GetSelectedClasses() as $sAlias => $sClass) {
if ((UserRights::IsActionAllowed($sClass, UR_ACTION_BULK_READ) && UR_ALLOWED_YES) == 0) {
throw new Exception("The current user does not have permission for exporting data of class {$sClass}");
}
}
if ($oFilter) {
$oSet = new CMDBObjectSet($oFilter, array(), $aArgs);
$oSet->OptimizeColumnLoad($aAliasToFields);
switch ($sFormat) {
case 'html':
$oP = new NiceWebPage("iTop - Export");
$oP->add_style('body { overflow: auto; }');
// Show scroll bars if needed
// Integration within MS-Excel web queries + HTTPS + IIS:
// MS-IIS set these header values with no-cache... while Excel fails to do the job if using HTTPS
// Then the fix is to force the reset of header values Pragma and Cache-control
header("Pragma:", true);
protected function GetInteractiveFieldsWidget(WebPage $oP, $sWidgetId)
{
$oSet = new DBObjectSet($this->oSearch);
$aSelectedClasses = $this->oSearch->GetSelectedClasses();
$aAuthorizedClasses = array();
foreach ($aSelectedClasses as $sAlias => $sClassName) {
if (UserRights::IsActionAllowed($sClassName, UR_ACTION_BULK_READ, $oSet) && (UR_ALLOWED_YES || UR_ALLOWED_DEPENDS)) {
$aAuthorizedClasses[$sAlias] = $sClassName;
}
}
$aAllFieldsByAlias = array();
foreach ($aAuthorizedClasses as $sAlias => $sClass) {
$aAllFields = array();
if (count($aAuthorizedClasses) > 1) {
$sShortAlias = $sAlias . '.';
} else {
$sShortAlias = '';
}
if ($this->IsValidField($sClass, 'id')) {
$aAllFields[] = array('code' => $sShortAlias . 'id', 'unique_label' => $sShortAlias . Dict::S('Core:BulkExport:Identifier'), 'label' => $sShortAlias . 'id', 'subattr' => array(array('code' => $sShortAlias . 'id', 'unique_label' => $sShortAlias . Dict::S('Core:BulkExport:Identifier'), 'label' => $sShortAlias . 'id'), array('code' => $sShortAlias . 'friendlyname', 'unique_label' => $sShortAlias . Dict::S('Core:BulkExport:Friendlyname'), 'label' => $sShortAlias . Dict::S('Core:BulkExport:Friendlyname'))));
}
foreach (MetaModel::ListAttributeDefs($sClass) as $sAttCode => $oAttDef) {
if ($this->IsSubAttribute($sClass, $sAttCode, $oAttDef)) {
continue;
}
if ($this->IsValidField($sClass, $sAttCode, $oAttDef)) {
$sShortLabel = $oAttDef->GetLabel();
$sLabel = $sShortAlias . $oAttDef->GetLabel();
$aSubAttr = $this->GetSubAttributes($sClass, $sAttCode, $oAttDef);
$aValidSubAttr = array();
foreach ($aSubAttr as $aSubAttDef) {
if ($this->IsValidField($sClass, $aSubAttDef['code'], $aSubAttDef['attdef'])) {
$aValidSubAttr[] = array('code' => $sShortAlias . $aSubAttDef['code'], 'label' => $aSubAttDef['label'], 'unique_label' => $aSubAttDef['unique_label']);
}
}
$aAllFields[] = array('code' => $sShortAlias . $sAttCode, 'label' => $sShortLabel, 'unique_label' => $sLabel, 'subattr' => $aValidSubAttr);
}
}
usort($aAllFields, array(get_class($this), 'SortOnLabel'));
if (count($aAuthorizedClasses) > 1) {
$sKey = MetaModel::GetName($sClass) . ' (' . $sAlias . ')';
} else {
$sKey = MetaModel::GetName($sClass);
}
$aAllFieldsByAlias[$sKey] = $aAllFields;
}
$oP->add('<div id="' . $sWidgetId . '"></div>');
$JSAllFields = json_encode($aAllFieldsByAlias);
$oSet = new DBObjectSet($this->oSearch);
$iCount = $oSet->Count();
$iPreviewLimit = 3;
$oSet->SetLimit($iPreviewLimit);
$aSampleData = array();
while ($aRow = $oSet->FetchAssoc()) {
$aSampleRow = array();
foreach ($aAuthorizedClasses as $sAlias => $sClass) {
if (count($aAuthorizedClasses) > 1) {
$sShortAlias = $sAlias . '.';
} else {
$sShortAlias = '';
}
if ($this->IsValidField($sClass, 'id')) {
$aSampleRow[$sShortAlias . 'id'] = $this->GetSampleKey($aRow[$sAlias]);
}
foreach (MetaModel::ListAttributeDefs($sClass) as $sAttCode => $oAttDef) {
if ($this->IsValidField($sClass, $sAttCode, $oAttDef)) {
$aSampleRow[$sShortAlias . $sAttCode] = $this->GetSampleData($aRow[$sAlias], $sAttCode);
}
}
}
$aSampleData[] = $aSampleRow;
}
$sJSSampleData = json_encode($aSampleData);
$aLabels = array('preview_header' => Dict::S('Core:BulkExport:DragAndDropHelp'), 'empty_preview' => Dict::S('Core:BulkExport:EmptyPreview'), 'columns_order' => Dict::S('Core:BulkExport:ColumnsOrder'), 'columns_selection' => Dict::S('Core:BulkExport:AvailableColumnsFrom_Class'), 'check_all' => Dict::S('Core:BulkExport:CheckAll'), 'uncheck_all' => Dict::S('Core:BulkExport:UncheckAll'), 'no_field_selected' => Dict::S('Core:BulkExport:NoFieldSelected'));
$sJSLabels = json_encode($aLabels);
$oP->add_ready_script(<<<EOF
\$('#{$sWidgetId}').tabularfieldsselector({fields: {$JSAllFields}, value_holder: '#tabular_fields', advanced_holder: '#tabular_advanced', sample_data: {$sJSSampleData}, total_count: {$iCount}, preview_limit: {$iPreviewLimit}, labels: {$sJSLabels} });
EOF
);
}
/**
* Enumerate services delivered by this class
* @param string $sVersion The version (e.g. 1.0) supported by the services
* @return RestResult The standardized result structure (at least a message)
* @throws Exception in case of internal failure.
*/
public function ExecOperation($sVersion, $sVerb, $aParams)
{
$oResult = new RestResultWithObjects();
switch ($sVerb) {
case 'core/create':
RestUtils::InitTrackingComment($aParams);
$sClass = RestUtils::GetClass($aParams, 'class');
$aFields = RestUtils::GetMandatoryParam($aParams, 'fields');
$aShowFields = RestUtils::GetFieldList($sClass, $aParams, 'output_fields');
$bExtendedOutput = RestUtils::GetOptionalParam($aParams, 'output_fields', '*') == '*+';
if (UserRights::IsActionAllowed($sClass, UR_ACTION_MODIFY) != UR_ALLOWED_YES) {
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for creating data of class {$sClass}";
} elseif (UserRights::IsActionAllowed($sClass, UR_ACTION_BULK_MODIFY) != UR_ALLOWED_YES) {
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for massively creating data of class {$sClass}";
} else {
$oObject = RestUtils::MakeObjectFromFields($sClass, $aFields);
$oObject->DBInsert();
$oResult->AddObject(0, 'created', $oObject, $aShowFields, $bExtendedOutput);
}
break;
case 'core/update':
RestUtils::InitTrackingComment($aParams);
$sClass = RestUtils::GetClass($aParams, 'class');
$key = RestUtils::GetMandatoryParam($aParams, 'key');
$aFields = RestUtils::GetMandatoryParam($aParams, 'fields');
$aShowFields = RestUtils::GetFieldList($sClass, $aParams, 'output_fields');
$bExtendedOutput = RestUtils::GetOptionalParam($aParams, 'output_fields', '*') == '*+';
// Note: the target class cannot be based on the result of FindObjectFromKey, because in case the user does not have read access, that function already fails with msg 'Nothing found'
$sTargetClass = RestUtils::GetObjectSetFromKey($sClass, $key)->GetFilter()->GetClass();
if (UserRights::IsActionAllowed($sTargetClass, UR_ACTION_MODIFY) != UR_ALLOWED_YES) {
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for modifying data of class {$sTargetClass}";
} elseif (UserRights::IsActionAllowed($sTargetClass, UR_ACTION_MODIFY) != UR_ALLOWED_YES) {
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for massively modifying data of class {$sTargetClass}";
} else {
$oObject = RestUtils::FindObjectFromKey($sClass, $key);
RestUtils::UpdateObjectFromFields($oObject, $aFields);
$oObject->DBUpdate();
$oResult->AddObject(0, 'updated', $oObject, $aShowFields, $bExtendedOutput);
}
break;
case 'core/apply_stimulus':
RestUtils::InitTrackingComment($aParams);
$sClass = RestUtils::GetClass($aParams, 'class');
$key = RestUtils::GetMandatoryParam($aParams, 'key');
$aFields = RestUtils::GetMandatoryParam($aParams, 'fields');
$aShowFields = RestUtils::GetFieldList($sClass, $aParams, 'output_fields');
$bExtendedOutput = RestUtils::GetOptionalParam($aParams, 'output_fields', '*') == '*+';
$sStimulus = RestUtils::GetMandatoryParam($aParams, 'stimulus');
// Note: the target class cannot be based on the result of FindObjectFromKey, because in case the user does not have read access, that function already fails with msg 'Nothing found'
$sTargetClass = RestUtils::GetObjectSetFromKey($sClass, $key)->GetFilter()->GetClass();
if (UserRights::IsActionAllowed($sTargetClass, UR_ACTION_MODIFY) != UR_ALLOWED_YES) {
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for modifying data of class {$sTargetClass}";
} elseif (UserRights::IsActionAllowed($sTargetClass, UR_ACTION_BULK_MODIFY) != UR_ALLOWED_YES) {
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for massively modifying data of class {$sTargetClass}";
} else {
$oObject = RestUtils::FindObjectFromKey($sClass, $key);
RestUtils::UpdateObjectFromFields($oObject, $aFields);
$aTransitions = $oObject->EnumTransitions();
$aStimuli = MetaModel::EnumStimuli(get_class($oObject));
if (!isset($aTransitions[$sStimulus])) {
// Invalid stimulus
$oResult->code = RestResult::INTERNAL_ERROR;
$oResult->message = "Invalid stimulus: '{$sStimulus}' on the object " . $oObject->GetName() . " in state '" . $oObject->GetState() . "'";
} else {
$aTransition = $aTransitions[$sStimulus];
$sTargetState = $aTransition['target_state'];
$aStates = MetaModel::EnumStates($sClass);
$aTargetStateDef = $aStates[$sTargetState];
$aExpectedAttributes = $aTargetStateDef['attribute_list'];
$aMissingMandatory = array();
foreach ($aExpectedAttributes as $sAttCode => $iExpectCode) {
if ($iExpectCode & OPT_ATT_MANDATORY && $oObject->Get($sAttCode) == '') {
$aMissingMandatory[] = $sAttCode;
}
}
if (count($aMissingMandatory) == 0) {
// If all the mandatory fields are already present, just apply the transition silently...
if ($oObject->ApplyStimulus($sStimulus)) {
$oObject->DBUpdate();
$oResult->AddObject(0, 'updated', $oObject, $aShowFields, $bExtendedOutput);
}
} else {
// Missing mandatory attributes for the transition
$oResult->code = RestResult::INTERNAL_ERROR;
$oResult->message = 'Missing mandatory attribute(s) for applying the stimulus: ' . implode(', ', $aMissingMandatory) . '.';
}
}
}
break;
case 'core/get':
$sClass = RestUtils::GetClass($aParams, 'class');
$key = RestUtils::GetMandatoryParam($aParams, 'key');
$aShowFields = RestUtils::GetFieldList($sClass, $aParams, 'output_fields');
$bExtendedOutput = RestUtils::GetOptionalParam($aParams, 'output_fields', '*') == '*+';
$oObjectSet = RestUtils::GetObjectSetFromKey($sClass, $key);
$sTargetClass = $oObjectSet->GetFilter()->GetClass();
if (UserRights::IsActionAllowed($sTargetClass, UR_ACTION_READ) != UR_ALLOWED_YES) {
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for reading data of class {$sTargetClass}";
} elseif (UserRights::IsActionAllowed($sTargetClass, UR_ACTION_BULK_READ) != UR_ALLOWED_YES) {
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for exporting data of class {$sTargetClass}";
} else {
while ($oObject = $oObjectSet->Fetch()) {
$oResult->AddObject(0, '', $oObject, $aShowFields, $bExtendedOutput);
}
$oResult->message = "Found: " . $oObjectSet->Count();
}
break;
case 'core/delete':
$sClass = RestUtils::GetClass($aParams, 'class');
$key = RestUtils::GetMandatoryParam($aParams, 'key');
$bSimulate = RestUtils::GetOptionalParam($aParams, 'simulate', false);
$oObjectSet = RestUtils::GetObjectSetFromKey($sClass, $key);
$sTargetClass = $oObjectSet->GetFilter()->GetClass();
if (UserRights::IsActionAllowed($sTargetClass, UR_ACTION_DELETE) != UR_ALLOWED_YES) {
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for deleting data of class {$sTargetClass}";
} elseif (UserRights::IsActionAllowed($sTargetClass, UR_ACTION_DELETE) != UR_ALLOWED_YES) {
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for massively deleting data of class {$sTargetClass}";
} else {
$aObjects = $oObjectSet->ToArray();
$this->DeleteObjects($oResult, $aObjects, $bSimulate);
}
break;
case 'core/get_related':
$oResult = new RestResultWithRelations();
$sClass = RestUtils::GetClass($aParams, 'class');
$key = RestUtils::GetMandatoryParam($aParams, 'key');
$sRelation = RestUtils::GetMandatoryParam($aParams, 'relation');
$iMaxRecursionDepth = RestUtils::GetOptionalParam($aParams, 'depth', 20);
$sDirection = RestUtils::GetOptionalParam($aParams, 'direction', null);
$bEnableRedundancy = RestUtils::GetOptionalParam($aParams, 'redundancy', false);
$bReverse = false;
if (is_null($sDirection) && $sRelation == 'depends on') {
// Legacy behavior, consider "depends on" as a forward relation
$sRelation = 'impacts';
$sDirection = 'up';
$bReverse = true;
// emulate the legacy behavior by returning the edges
} else {
if (is_null($sDirection)) {
$sDirection = 'down';
}
}
$oObjectSet = RestUtils::GetObjectSetFromKey($sClass, $key);
if ($sDirection == 'down') {
$oRelationGraph = $oObjectSet->GetRelatedObjectsDown($sRelation, $iMaxRecursionDepth, $bEnableRedundancy);
} else {
if ($sDirection == 'up') {
$oRelationGraph = $oObjectSet->GetRelatedObjectsUp($sRelation, $iMaxRecursionDepth, $bEnableRedundancy);
} else {
$oResult->code = RestResult::INTERNAL_ERROR;
$oResult->message = "Invalid value: '{$sDirection}' for the parameter 'direction'. Valid values are 'up' and 'down'";
return $oResult;
}
}
if ($bEnableRedundancy) {
// Remove the redundancy nodes from the output
$oIterator = new RelationTypeIterator($oRelationGraph, 'Node');
foreach ($oIterator as $oNode) {
if ($oNode instanceof RelationRedundancyNode) {
$oRelationGraph->FilterNode($oNode);
}
}
}
$aIndexByClass = array();
$oIterator = new RelationTypeIterator($oRelationGraph);
foreach ($oIterator as $oElement) {
if ($oElement instanceof RelationObjectNode) {
$oObject = $oElement->GetProperty('object');
if ($oObject) {
if ($bEnableRedundancy) {
// Add only the "reached" objects
if ($oElement->GetProperty('is_reached')) {
$aIndexByClass[get_class($oObject)][$oObject->GetKey()] = null;
$oResult->AddObject(0, '', $oObject);
}
} else {
$aIndexByClass[get_class($oObject)][$oObject->GetKey()] = null;
$oResult->AddObject(0, '', $oObject);
}
}
} else {
if ($oElement instanceof RelationEdge) {
$oSrcObj = $oElement->GetSourceNode()->GetProperty('object');
$oDestObj = $oElement->GetSinkNode()->GetProperty('object');
$sSrcKey = get_class($oSrcObj) . '::' . $oSrcObj->GetKey();
$sDestKey = get_class($oDestObj) . '::' . $oDestObj->GetKey();
if ($bEnableRedundancy) {
// Add only the edges where both source and destination are "reached"
if ($oElement->GetSourceNode()->GetProperty('is_reached') && $oElement->GetSinkNode()->GetProperty('is_reached')) {
if ($bReverse) {
$oResult->AddRelation($sDestKey, $sSrcKey);
} else {
$oResult->AddRelation($sSrcKey, $sDestKey);
}
}
} else {
if ($bReverse) {
$oResult->AddRelation($sDestKey, $sSrcKey);
} else {
$oResult->AddRelation($sSrcKey, $sDestKey);
}
}
}
}
}
if (count($aIndexByClass) > 0) {
$aStats = array();
$aUnauthorizedClasses = array();
foreach ($aIndexByClass as $sClass => $aIds) {
if (UserRights::IsActionAllowed($sClass, UR_ACTION_BULK_READ) != UR_ALLOWED_YES) {
$aUnauthorizedClasses[$sClass] = true;
}
$aStats[] = $sClass . '= ' . count($aIds);
}
if (count($aUnauthorizedClasses) > 0) {
$sClasses = implode(', ', array_keys($aUnauthorizedClasses));
$oResult = new RestResult();
$oResult->code = RestResult::UNAUTHORIZED;
$oResult->message = "The current user does not have enough permissions for exporting data of class(es): {$sClasses}";
} else {
$oResult->message = "Scope: " . $oObjectSet->Count() . "; Related objects: " . implode(', ', $aStats);
}
} else {
$oResult->message = "Nothing found";
}
break;
case 'core/check_credentials':
$oResult = new RestResult();
$sUser = RestUtils::GetMandatoryParam($aParams, 'user');
$sPassword = RestUtils::GetMandatoryParam($aParams, 'password');
if (UserRights::CheckCredentials($sUser, $sPassword) !== true) {
$oResult->authorized = false;
} else {
$oResult->authorized = true;
}
break;
default:
// unknown operation: handled at a higher level
}
return $oResult;
}
public function GetObjectCreationDlg(WebPage $oPage, $sProposedRealClass = '')
{
// For security reasons: check that the "proposed" class is actually a subclass of the linked class
// and that the current user is allowed to create objects of this class
$sRealClass = '';
$oPage->add('<div class="wizContainer" style="vertical-align:top;"><div>');
$aSubClasses = MetaModel::EnumChildClasses($this->sLinkedClass, ENUM_CHILD_CLASSES_ALL);
// Including the specified class itself
$aPossibleClasses = array();
foreach ($aSubClasses as $sCandidateClass) {
if (!MetaModel::IsAbstract($sCandidateClass) && UserRights::IsActionAllowed($sCandidateClass, UR_ACTION_MODIFY) == UR_ALLOWED_YES) {
if ($sCandidateClass == $sProposedRealClass) {
$sRealClass = $sProposedRealClass;
}
$aPossibleClasses[$sCandidateClass] = MetaModel::GetName($sCandidateClass);
}
}
// Only one of the subclasses can be instantiated...
if (count($aPossibleClasses) == 1) {
$aKeys = array_keys($aPossibleClasses);
$sRealClass = $aKeys[0];
}
if ($sRealClass != '') {
$oPage->add("<h1>" . MetaModel::GetClassIcon($sRealClass) . " " . Dict::Format('UI:CreationTitle_Class', MetaModel::GetName($sRealClass)) . "</h1>\n");
$oLinksetDef = MetaModel::GetAttributeDef($this->sClass, $this->sAttCode);
$sExtKeyToMe = $oLinksetDef->GetExtKeyToMe();
$aFieldFlags = array($sExtKeyToMe => OPT_ATT_HIDDEN);
cmdbAbstractObject::DisplayCreationForm($oPage, $sRealClass, null, array(), array('formPrefix' => $this->sInputid, 'noRelations' => true, 'fieldsFlags' => $aFieldFlags));
} else {
$sClassLabel = MetaModel::GetName($this->sLinkedClass);
$oPage->add('<p>' . Dict::Format('UI:SelectTheTypeOf_Class_ToCreate', $sClassLabel));
$oPage->add('<nobr><select name="class">');
asort($aPossibleClasses);
foreach ($aPossibleClasses as $sClassName => $sClassLabel) {
$oPage->add("<option value=\"{$sClassName}\">{$sClassLabel}</option>");
}
$oPage->add('</select>');
$oPage->add(' <button type="button" onclick="$(\'#' . $this->sInputid . '\').directlinks(\'subclassSelected\');">' . Dict::S('UI:Button:Apply') . '</button><span class="indicator" style="display:inline-block;width:16px"></span></nobr></p>');
}
$oPage->add('</div></div>');
}
/**
* Renders the "Actions" popup menu for the given set of objects
*
* Note that the menu links containing (or ending) with a hash (#) will have their fragment
* part (whatever is after the hash) dynamically replaced (by javascript) when the menu is
* displayed, to correspond to the current hash/fragment in the page. This allows modifying
* an object in with the same tab active by default as the tab that was active when selecting
* the "Modify..." action.
*/
public function GetRenderContent(WebPage $oPage, $aExtraParams = array(), $sId)
{
if ($this->m_sStyle == 'popup') {
$this->m_sStyle = 'list';
}
$sHtml = '';
$oAppContext = new ApplicationContext();
$sContext = $oAppContext->GetForLink();
if (!empty($sContext)) {
$sContext = '&' . $sContext;
}
$sClass = $this->m_oFilter->GetClass();
$oReflectionClass = new ReflectionClass($sClass);
$oSet = new CMDBObjectSet($this->m_oFilter);
$sFilter = $this->m_oFilter->serialize();
$sFilterDesc = $this->m_oFilter->ToOql(true);
$aActions = array();
$sUIPage = cmdbAbstractObject::ComputeStandardUIPage($sClass);
$sRootUrl = utils::GetAbsoluteUrlAppRoot();
// 1:n links, populate the target object as a default value when creating a new linked object
if (isset($aExtraParams['target_attr'])) {
$aExtraParams['default'][$aExtraParams['target_attr']] = $aExtraParams['object_id'];
}
$sDefault = '';
if (!empty($aExtraParams['default'])) {
foreach ($aExtraParams['default'] as $sKey => $sValue) {
$sDefault .= "&default[{$sKey}]={$sValue}";
}
}
$bIsCreationAllowed = UserRights::IsActionAllowed($sClass, UR_ACTION_CREATE) == UR_ALLOWED_YES && $oReflectionClass->IsSubclassOf('cmdbAbstractObject');
switch ($oSet->Count()) {
case 0:
// No object in the set, the only possible action is "new"
if ($bIsCreationAllowed) {
$aActions['UI:Menu:New'] = array('label' => Dict::S('UI:Menu:New'), 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=new&class={$sClass}{$sContext}{$sDefault}");
}
break;
case 1:
$oObj = $oSet->Fetch();
$id = $oObj->GetKey();
$bLocked = false;
if (MetaModel::GetConfig()->Get('concurrent_lock_enabled')) {
$aLockInfo = iTopOwnershipLock::IsLocked(get_class($oObj), $id);
if ($aLockInfo['locked']) {
$bLocked = true;
//$this->AddMenuSeparator($aActions);
//$aActions['concurrent_lock_unlock'] = array ('label' => Dict::S('UI:Menu:ReleaseConcurrentLock'), 'url' => "{$sRootUrl}pages/$sUIPage?operation=kill_lock&class=$sClass&id=$id{$sContext}");
}
}
$bRawModifiedAllowed = UserRights::IsActionAllowed($sClass, UR_ACTION_MODIFY, $oSet) == UR_ALLOWED_YES && $oReflectionClass->IsSubclassOf('cmdbAbstractObject');
$bIsModifyAllowed = !$bLocked && $bRawModifiedAllowed;
$bIsDeleteAllowed = !$bLocked && UserRights::IsActionAllowed($sClass, UR_ACTION_DELETE, $oSet);
// Just one object in the set, possible actions are "new / clone / modify and delete"
if (!isset($aExtraParams['link_attr'])) {
if ($bIsModifyAllowed) {
$aActions['UI:Menu:Modify'] = array('label' => Dict::S('UI:Menu:Modify'), 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=modify&class={$sClass}&id={$id}{$sContext}#");
}
if ($bIsCreationAllowed) {
$aActions['UI:Menu:New'] = array('label' => Dict::S('UI:Menu:New'), 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=new&class={$sClass}{$sContext}{$sDefault}");
}
if ($bIsDeleteAllowed) {
$aActions['UI:Menu:Delete'] = array('label' => Dict::S('UI:Menu:Delete'), 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=delete&class={$sClass}&id={$id}{$sContext}");
}
// Transitions / Stimuli
if (!$bLocked) {
$aTransitions = $oObj->EnumTransitions();
if (count($aTransitions)) {
$this->AddMenuSeparator($aActions);
$aStimuli = Metamodel::EnumStimuli(get_class($oObj));
foreach ($aTransitions as $sStimulusCode => $aTransitionDef) {
$iActionAllowed = get_class($aStimuli[$sStimulusCode]) == 'StimulusUserAction' ? UserRights::IsStimulusAllowed($sClass, $sStimulusCode, $oSet) : UR_ALLOWED_NO;
switch ($iActionAllowed) {
case UR_ALLOWED_YES:
$aActions[$sStimulusCode] = array('label' => $aStimuli[$sStimulusCode]->GetLabel(), 'url' => "{$sRootUrl}pages/UI.php?operation=stimulus&stimulus={$sStimulusCode}&class={$sClass}&id={$id}{$sContext}");
break;
default:
// Do nothing
}
}
}
}
// Relations...
$aRelations = MetaModel::EnumRelationsEx($sClass);
if (count($aRelations)) {
$this->AddMenuSeparator($aActions);
foreach ($aRelations as $sRelationCode => $aRelationInfo) {
if (array_key_exists('down', $aRelationInfo)) {
$aActions[$sRelationCode . '_down'] = array('label' => $aRelationInfo['down'], 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=swf_navigator&relation={$sRelationCode}&direction=down&class={$sClass}&id={$id}{$sContext}");
}
if (array_key_exists('up', $aRelationInfo)) {
$aActions[$sRelationCode . '_up'] = array('label' => $aRelationInfo['up'], 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=swf_navigator&relation={$sRelationCode}&direction=up&class={$sClass}&id={$id}{$sContext}");
}
}
}
if ($bLocked && $bRawModifiedAllowed) {
// Add a special menu to kill the lock, but only to allowed users who can also modify this object
$aAllowedProfiles = MetaModel::GetConfig()->Get('concurrent_lock_override_profiles');
$bCanKill = false;
$oUser = UserRights::GetUserObject();
$aUserProfiles = array();
if (!is_null($oUser)) {
$oProfileSet = $oUser->Get('profile_list');
while ($oProfile = $oProfileSet->Fetch()) {
$aUserProfiles[$oProfile->Get('profile')] = true;
}
}
foreach ($aAllowedProfiles as $sProfile) {
if (array_key_exists($sProfile, $aUserProfiles)) {
$bCanKill = true;
break;
}
}
if ($bCanKill) {
$this->AddMenuSeparator($aActions);
$aActions['concurrent_lock_unlock'] = array('label' => Dict::S('UI:Menu:KillConcurrentLock'), 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=kill_lock&class={$sClass}&id={$id}{$sContext}");
}
}
/*
$this->AddMenuSeparator($aActions);
// Static menus: Email this page & CSV Export
$sUrl = ApplicationContext::MakeObjectUrl($sClass, $id);
$aActions['UI:Menu:EMail'] = array ('label' => Dict::S('UI:Menu:EMail'), 'url' => "mailto:?subject=".urlencode($oObj->GetRawName())."&body=".urlencode($sUrl));
$aActions['UI:Menu:CSVExport'] = array ('label' => Dict::S('UI:Menu:CSVExport'), 'url' => "{$sRootUrl}pages/$sUIPage?operation=search&filter=".urlencode($sFilter)."&format=csv{$sContext}");
// The style tells us whether the menu is displayed on a list of one object, or on the details of the given object
if ($this->m_sStyle == 'list')
{
// Actions specific to the list
$sOQL = addslashes($sFilterDesc);
$aActions['UI:Menu:AddToDashboard'] = array ('label' => Dict::S('UI:Menu:AddToDashboard'), 'url' => "#", 'onclick' => "return DashletCreationDlg('$sOQL')");
}
*/
}
$this->AddMenuSeparator($aActions);
foreach (MetaModel::EnumPlugins('iApplicationUIExtension') as $oExtensionInstance) {
$oSet->Rewind();
foreach ($oExtensionInstance->EnumAllowedActions($oSet) as $sLabel => $sUrl) {
$aActions[$sLabel] = array('label' => $sLabel, 'url' => $sUrl);
}
}
break;
default:
// Check rights
// New / Modify
$bIsModifyAllowed = UserRights::IsActionAllowed($sClass, UR_ACTION_MODIFY, $oSet) && $oReflectionClass->IsSubclassOf('cmdbAbstractObject');
$bIsBulkModifyAllowed = !MetaModel::IsAbstract($sClass) && UserRights::IsActionAllowed($sClass, UR_ACTION_BULK_MODIFY, $oSet) && $oReflectionClass->IsSubclassOf('cmdbAbstractObject');
$bIsBulkDeleteAllowed = UserRights::IsActionAllowed($sClass, UR_ACTION_BULK_DELETE, $oSet);
if (isset($aExtraParams['link_attr'])) {
$id = $aExtraParams['object_id'];
$sTargetAttr = $aExtraParams['target_attr'];
$oAttDef = MetaModel::GetAttributeDef($sClass, $sTargetAttr);
$sTargetClass = $oAttDef->GetTargetClass();
$bIsDeleteAllowed = UserRights::IsActionAllowed($sClass, UR_ACTION_DELETE, $oSet);
if ($bIsModifyAllowed) {
$aActions['UI:Menu:Add'] = array('label' => Dict::S('UI:Menu:Add'), 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=modify_links&class={$sClass}&link_attr=" . $aExtraParams['link_attr'] . "&target_class={$sTargetClass}&id={$id}&addObjects=true{$sContext}");
}
if ($bIsBulkModifyAllowed) {
$aActions['UI:Menu:Manage'] = array('label' => Dict::S('UI:Menu:Manage'), 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=modify_links&class={$sClass}&link_attr=" . $aExtraParams['link_attr'] . "&target_class={$sTargetClass}&id={$id}{$sContext}");
}
//if ($bIsBulkDeleteAllowed) { $aActions[] = array ('label' => 'Remove All...', 'url' => "#"); }
} else {
// many objects in the set, possible actions are: new / modify all / delete all
if ($bIsCreationAllowed) {
$aActions['UI:Menu:New'] = array('label' => Dict::S('UI:Menu:New'), 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=new&class={$sClass}{$sContext}{$sDefault}");
}
if ($bIsBulkModifyAllowed) {
$aActions['UI:Menu:ModifyAll'] = array('label' => Dict::S('UI:Menu:ModifyAll'), 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=select_for_modify_all&class={$sClass}&filter=" . urlencode($sFilter) . "{$sContext}");
}
if ($bIsBulkDeleteAllowed) {
$aActions['UI:Menu:BulkDelete'] = array('label' => Dict::S('UI:Menu:BulkDelete'), 'url' => "{$sRootUrl}pages/{$sUIPage}?operation=select_for_deletion&filter=" . urlencode($sFilter) . "{$sContext}");
}
// Stimuli
$aStates = MetaModel::EnumStates($sClass);
// Do not perform time consuming computations if there are too may objects in the list
$iLimit = MetaModel::GetConfig()->Get('complex_actions_limit');
if (count($aStates) > 0 && ($iLimit == 0 || $oSet->Count() < $iLimit)) {
// Life cycle actions may be available... if all objects are in the same state
//
// Group by <state>
$oGroupByExp = new FieldExpression(MetaModel::GetStateAttributeCode($sClass), $this->m_oFilter->GetClassAlias());
$aGroupBy = array('__state__' => $oGroupByExp);
$aQueryParams = array();
if (isset($aExtraParams['query_params'])) {
$aQueryParams = $aExtraParams['query_params'];
}
$sSql = $this->m_oFilter->MakeGroupByQuery($aQueryParams, $aGroupBy);
$aRes = CMDBSource::QueryToArray($sSql);
if (count($aRes) == 1) {
// All objects are in the same state...
$sState = $aRes[0]['__state__'];
$aTransitions = Metamodel::EnumTransitions($sClass, $sState);
if (count($aTransitions)) {
$this->AddMenuSeparator($aActions);
$aStimuli = Metamodel::EnumStimuli($sClass);
foreach ($aTransitions as $sStimulusCode => $aTransitionDef) {
$oSet->Rewind();
// As soon as the user rights implementation will browse the object set,
// then we might consider using OptimizeColumnLoad() here
$iActionAllowed = UserRights::IsStimulusAllowed($sClass, $sStimulusCode, $oSet);
$iActionAllowed = get_class($aStimuli[$sStimulusCode]) == 'StimulusUserAction' ? $iActionAllowed : UR_ALLOWED_NO;
switch ($iActionAllowed) {
case UR_ALLOWED_YES:
case UR_ALLOWED_DEPENDS:
$aActions[$sStimulusCode] = array('label' => $aStimuli[$sStimulusCode]->GetLabel(), 'url' => "{$sRootUrl}pages/UI.php?operation=select_bulk_stimulus&stimulus={$sStimulusCode}&state={$sState}&class={$sClass}&filter=" . urlencode($sFilter) . "{$sContext}");
break;
default:
// Do nothing
}
}
}
}
}
/*
$this->AddMenuSeparator($aActions);
$sUrl = utils::GetAbsoluteUrlAppRoot();
$aActions['UI:Menu:EMail'] = array ('label' => Dict::S('UI:Menu:EMail'), 'url' => "mailto:?subject=$sFilterDesc&body=".urlencode("{$sUrl}pages/$sUIPage?operation=search&filter=".urlencode($sFilter)."{$sContext}"));
$aActions['UI:Menu:CSVExport'] = array ('label' => Dict::S('UI:Menu:CSVExport'), 'url' => "{$sRootUrl}pages/$sUIPage?operation=search&filter=".urlencode($sFilter)."&format=csv{$sContext}");
$sOQL = addslashes($sFilterDesc);
$aActions['UI:Menu:AddToDashboard'] = array ('label' => Dict::S('UI:Menu:AddToDashboard'), 'url' => "#", 'onclick' => "return DashletCreationDlg('$sOQL')");
*/
}
}
$this->AddMenuSeparator($aActions);
foreach (MetaModel::EnumPlugins('iApplicationUIExtension') as $oExtensionInstance) {
$oSet->Rewind();
foreach ($oExtensionInstance->EnumAllowedActions($oSet) as $sLabel => $data) {
if (is_array($data)) {
// New plugins can provide javascript handlers via the 'onclick' property
//TODO: enable extension of different menus by checking the 'target' property ??
$aActions[$sLabel] = array('label' => $sLabel, 'url' => isset($data['url']) ? $data['url'] : '#', 'onclick' => isset($data['onclick']) ? $data['onclick'] : '');
} else {
// Backward compatibility with old plugins
$aActions[$sLabel] = array('label' => $sLabel, 'url' => $data);
}
}
}
// New extensions based on iPopupMenuItem interface
switch ($this->m_sStyle) {
case 'list':
$oSet->Rewind();
$param = $oSet;
$iMenuId = iPopupMenuExtension::MENU_OBJLIST_ACTIONS;
break;
case 'details':
$oSet->Rewind();
$param = $oSet->Fetch();
$iMenuId = iPopupMenuExtension::MENU_OBJDETAILS_ACTIONS;
break;
}
utils::GetPopupMenuItems($oPage, $iMenuId, $param, $aActions);
$aFavoriteActions = array();
$aCallSpec = array($sClass, 'GetShortcutActions');
if (is_callable($aCallSpec)) {
$aShortcutActions = call_user_func($aCallSpec, $sClass);
foreach ($aActions as $key => $aAction) {
if (in_array($key, $aShortcutActions)) {
$aFavoriteActions[] = $aAction;
unset($aActions[$key]);
}
}
} else {
$aShortcutActions = array();
}
if (count($aFavoriteActions) > 0) {
$sHtml .= "<div class=\"itop_popup actions_menu\"><ul>\n<li>" . Dict::S('UI:Menu:OtherActions') . "\n<ul>\n";
} else {
$sHtml .= "<div class=\"itop_popup actions_menu\"><ul>\n<li>" . Dict::S('UI:Menu:Actions') . "\n<ul>\n";
}
$sHtml .= $oPage->RenderPopupMenuItems($aActions, $aFavoriteActions);
static $bPopupScript = false;
if (!$bPopupScript) {
// Output this once per page...
$oPage->add_ready_script("\$(\"div.itop_popup>ul\").popupmenu();\n");
$bPopupScript = true;
}
return $sHtml;
}
/**
* Check if the speficied stimulus is allowed for the set of objects
* @return UR_ALLOWED_YES, UR_ALLOWED_NO or UR_ALLOWED_DEPENDS
*/
public function IsAllowed()
{
$sClass = $this->oFilter->GetClass();
$oSet = new DBObjectSet($this->oFilter);
$iActionAllowed = UserRights::IsActionAllowed($sClass, $this->iActionCode, $oSet);
if ($iActionAllowed == UR_ALLOWED_DEPENDS) {
// Check for each object if the action is allowed or not
$this->aAllowedIDs = array();
$oSet->Rewind();
$this->iAllowedCount = 0;
while ($oObj = $oSet->Fetch()) {
$oObjSet = DBObjectSet::FromArray($sClass, array($oObj));
if (UserRights::IsActionAllowed($sClass, $this->iActionCode, $oObjSet) == UR_ALLOWED_NO) {
$this->aAllowedIDs[$oObj->GetKey()] = false;
} else {
// Assume UR_ALLOWED_YES, since there is just one object !
$this->aAllowedIDs[$oObj->GetKey()] = true;
$this->iAllowedCount++;
}
}
} else {
if ($iActionAllowed == UR_ALLOWED_YES) {
$this->iAllowedCount = $oSet->Count();
$this->aAllowedIDs = array();
// Optimization: not filled when Ok for all objects
} else {
$this->iAllowedCount = 0;
$this->aAllowedIDs = array();
}
}
return $iActionAllowed;
}
protected function RenderTag($oPage, $sTag, $aAttributes, $sContent)
{
static $iTabContainerCount = 0;
switch ($sTag) {
case 'itoptabs':
$oPage->AddTabContainer('Tabs_' . $iTabContainerCount);
$oPage->SetCurrentTabContainer('Tabs_' . $iTabContainerCount);
$iTabContainerCount++;
//$oPage->p('Content:<pre>'.htmlentities($sContent, ENT_QUOTES, 'UTF-8').'</pre>');
$oTemplate = new DisplayTemplate($sContent);
$oTemplate->Render($oPage, array());
// no params to apply, they have already been applied
$oPage->SetCurrentTabContainer('');
break;
case 'itopcheck':
$sClassName = $aAttributes['class'];
if (MetaModel::IsValidClass($sClassName) && UserRights::IsActionAllowed($sClassName, UR_ACTION_READ)) {
$oTemplate = new DisplayTemplate($sContent);
$oTemplate->Render($oPage, array());
// no params to apply, they have already been applied
} else {
// Leave a trace for those who'd like to understand why nothing is displayed
$oPage->add("<!-- class {$sClassName} does not exist, skipping some part of the template -->\n");
}
break;
case 'itoptab':
$oPage->SetCurrentTab(Dict::S(str_replace('_', ' ', $aAttributes['name'])));
$oTemplate = new DisplayTemplate($sContent);
$oTemplate->Render($oPage, array());
// no params to apply, they have already been applied
//$oPage->p('iTop Tab Content:<pre>'.htmlentities($sContent, ENT_QUOTES, 'UTF-8').'</pre>');
$oPage->SetCurrentTab('');
break;
case 'itoptoggle':
$sName = isset($aAttributes['name']) ? $aAttributes['name'] : 'Tagada';
$bOpen = isset($aAttributes['open']) ? $aAttributes['open'] : true;
$oPage->StartCollapsibleSection(Dict::S($sName), $bOpen);
$oTemplate = new DisplayTemplate($sContent);
$oTemplate->Render($oPage, array());
// no params to apply, they have already been applied
//$oPage->p('iTop Tab Content:<pre>'.htmlentities($sContent, ENT_QUOTES, 'UTF-8').'</pre>');
$oPage->EndCollapsibleSection();
break;
case 'itopstring':
$oPage->add(Dict::S($sContent));
break;
case 'sqlblock':
$oBlock = SqlBlock::FromTemplate($sContent);
$oBlock->RenderContent($oPage);
break;
case 'itopblock':
// No longer used, handled by DisplayBlock::FromTemplate see above
$oPage->add("<!-- Application Error: should be handled by DisplayBlock::FromTemplate -->");
break;
default:
// Unknown tag, just ignore it or now -- output an HTML comment
$oPage->add("<!-- unsupported tag: {$sTag} -->");
}
}
/**
* Helper to ultimately check user rights before writing (Insert, Update or Delete)
* The check should never fail, because the UI should prevent from such a usage
* Anyhow, if the user has found a workaround... the security gets enforced here
*/
protected function CheckUserRights($bSkipStrongSecurity, $iActionCode)
{
if (is_null($bSkipStrongSecurity)) {
// This is temporary
// We have implemented this safety net right before releasing iTop 1.0
// and we decided that it was too risky to activate it
// Anyhow, users willing to have a very strong security could set
// skip_strong_security = 0, in the config file
$bSkipStrongSecurity = MetaModel::GetConfig()->Get('skip_strong_security');
}
if (!$bSkipStrongSecurity) {
$sClass = get_class($this);
$oSet = DBObjectSet::FromObject($this);
if (!UserRights::IsActionAllowed($sClass, $iActionCode, $oSet)) {
// Intrusion detected
throw new SecurityException('You are not allowed to modify objects of class: ' . $sClass);
}
}
}
public function MakeClassesSelect($sName, $sDefaultValue, $iWidthPx, $iActionCode = null)
{
// $aTopLevelClasses = array('bizService', 'bizContact', 'logInfra', 'bizDocument');
// These are classes wich root class is cmdbAbstractObject !
$this->add("<select id=\"select_{$sName}\" name=\"{$sName}\">");
$aValidClasses = array();
foreach (MetaModel::GetClasses('bizmodel') as $sClassName) {
if (is_null($iActionCode) || UserRights::IsActionAllowed($sClassName, $iActionCode)) {
$sSelected = $sClassName == $sDefaultValue ? " SELECTED" : "";
$sDescription = MetaModel::GetClassDescription($sClassName);
$sDisplayName = MetaModel::GetName($sClassName);
$aValidClasses[$sDisplayName] = "<option style=\"width: " . $iWidthPx . " px;\" title=\"{$sDescription}\" value=\"{$sClassName}\"{$sSelected}>{$sDisplayName}</option>";
}
}
ksort($aValidClasses);
$this->add(implode("\n", $aValidClasses));
$this->add("</select>");
}
public function GetNextChunk(&$aStatus)
{
$sRetCode = 'run';
$iPercentage = 0;
$oSet = new DBObjectSet($this->oSearch);
$aSelectedClasses = $this->oSearch->GetSelectedClasses();
$aAuthorizedClasses = array();
foreach ($aSelectedClasses as $sAlias => $sClassName) {
if (UserRights::IsActionAllowed($sClassName, UR_ACTION_BULK_READ, $oSet) && (UR_ALLOWED_YES || UR_ALLOWED_DEPENDS)) {
$aAuthorizedClasses[$sAlias] = $sClassName;
}
}
$aAliases = array_keys($aAuthorizedClasses);
$oSet->SetLimit($this->iChunkSize, $this->aStatusInfo['position']);
$aAliasByField = array();
$aColumnsToLoad = array();
// Prepare the list of aliases / columns to load
foreach ($this->aStatusInfo['fields'] as $sExtendedAttCode) {
if (preg_match('/^([^\\.]+)\\.(.+)$/', $sExtendedAttCode, $aMatches)) {
$sAlias = $aMatches[1];
$sAttCode = $aMatches[2];
} else {
$sAlias = reset($aAliases);
$sAttCode = $sExtendedAttCode;
}
if (!in_array($sAlias, $aAliases)) {
throw new Exception("Invalid alias '{$sAlias}' for the column '{$sExtendedAttCode}'. Availables aliases: '" . implode("', '", $aAliases) . "'");
}
if (!array_key_exists($sAlias, $aColumnsToLoad)) {
$aColumnsToLoad[$sAlias] = array();
}
if ($sAttCode != 'id') {
// id is not a real attribute code and, moreover, is always loaded
$aColumnsToLoad[$sAlias][] = $sAttCode;
}
$aAliasByField[$sExtendedAttCode] = array('alias' => $sAlias, 'attcode' => $sAttCode);
}
$iCount = 0;
$sData = '';
$oSet->OptimizeColumnLoad($aColumnsToLoad);
$iPreviousTimeLimit = ini_get('max_execution_time');
$iLoopTimeLimit = MetaModel::GetConfig()->Get('max_execution_time_per_loop');
while ($aRow = $oSet->FetchAssoc()) {
set_time_limit($iLoopTimeLimit);
$aData = array();
foreach ($aAliasByField as $aAttCode) {
$sField = '';
$oObj = $aRow[$aAttCode['alias']];
if ($oObj != null) {
switch ($aAttCode['attcode']) {
case 'id':
$sField = $oObj->GetKey();
break;
default:
$sField = $oObj->GetAsCSV($aAttCode['attcode'], $this->aStatusInfo['separator'], $this->aStatusInfo['text_qualifier'], $this->aStatusInfo['localize']);
}
if ($this->aStatusInfo['charset'] != 'UTF-8') {
// Note: due to bugs in the glibc library it's safer to call iconv on the smallest possible string
// and thus to convert field by field and not the whole row or file at once (see ticket #991)
$aData[] = iconv('UTF-8', $this->aStatusInfo['charset'] . '//IGNORE//TRANSLIT', $sField);
} else {
$aData[] = $sField;
}
}
}
$sData .= implode($this->aStatusInfo['separator'], $aData) . "\n";
$iCount++;
}
set_time_limit($iPreviousTimeLimit);
$this->aStatusInfo['position'] += $this->iChunkSize;
if ($this->aStatusInfo['total'] == 0) {
$iPercentage = 100;
} else {
$iPercentage = floor(min(100.0, 100.0 * $this->aStatusInfo['position'] / $this->aStatusInfo['total']));
}
if ($iCount < $this->iChunkSize) {
$sRetCode = 'done';
}
$aStatus = array('code' => $sRetCode, 'message' => Dict::S('Core:BulkExport:RetrievingData'), 'percentage' => $iPercentage);
return $sData;
}
