private function getModelFromTypeAndId($modelName, $modelId) { $model = X2Model::getModelOfTypeWithId($modelName, $modelId); if (!$model) { throw new CHttpException(400, Yii::t('app', 'Invalid record type or record id')); } return $model; }
/** * Helper method for action<workflow action> actions to validate get parameters and to * retrieve the associated model. * @param int $workflowId the id of the workflow * @param int $stageNumber the number of the stage * @param int $modelId the id of the associated model * @param string $type the association type of the associated model * @return object model with specified id and associationType */ private function validateParams($workflowId, $stageNumber, $modelId, $type, $recordName = null) { if (!is_numeric($workflowId) || !is_numeric($stageNumber) || !is_numeric($modelId) && $recordName === null) { throw new CHttpException(400, 'Bad Request'); } if (!is_numeric($modelId)) { $model = X2Model::getModelOfTypeWithName($type, $recordName); } else { $model = X2Model::getModelOfTypeWithId($type, $modelId, true); } if ($model === null) { throw new CHttpException(400, 'Bad Request'); } return $model; }
/** * Called to retieve widget contents * Expected POST data: * widgetClass - the name of the widget class * Echoes: * 'failure' if the request action fails, an HTML string containing the widget contents * otherwise */ public function actionShowWidgetContents() { if (!isset($_POST['widgetClass']) || !isset($_POST['widgetType'])) { echo 'failure'; return; } if (isset($_POST['widgetType']) && SortableWidget::getParentType($_POST['widgetType']) === 'recordView' && (!isset($_POST['modelId']) || !isset($_POST['modelType']))) { echo 'failure'; return; } $profile = self::getModelFromPost(); $widgetKey = $_POST['widgetClass']; $widgetType = $_POST['widgetType']; list($widgetClass, $widgetUID) = SortableWidget::parseWidgetLayoutKey($widgetKey); if ($profile && class_exists($widgetClass)) { if ($widgetClass::setJSONProperty($profile, 'hidden', 0, $widgetType, $widgetUID)) { if (SortableWidget::getParentType($widgetType) === 'recordView') { $model = X2Model::getModelOfTypeWithId($_POST['modelType'], $_POST['modelId']); if ($model !== null && $model instanceof X2Model) { echo $widgetClass::getWidgetContents($this, $profile, $widgetType, $widgetUID, array('model' => $model)); } } else { echo $widgetClass::getWidgetContents($this, $profile, $widgetType, $widgetUID); } return; } } echo 'failure'; return; }
protected function getModelFromTypeAndId($modelName, $modelId, $x2ModelOnly = true) { $model = X2Model::getModelOfTypeWithId($modelName, $modelId); if (!$model || $x2ModelOnly && !$model instanceof X2Model) { throw new CHttpException(400, Yii::t('app', 'Invalid record type or record id')); } return $model; }
/** * Tests a method in WorkflowController which belongs in the Workflow model class */ public function testGetStageMemberDataProvider() { $workflow = $this->workflows('workflow2'); $workflowStatus = Workflow::getWorkflowStatus($workflow->id); $this->assertDataProviderCountMatchesStageCount($workflow, $workflowStatus, 1); $this->assertDataProviderCountMatchesStageCount($workflow, $workflowStatus, 4); // make record invisible $action = Actions::model()->findByAttributes(array('workflowId' => $workflow->id, 'complete' => 'No', 'stageNumber' => 8)); $record = X2Model::getModelOfTypeWithId($action->associationType, $action->associationId); $record->visibility = 0; $record->assignedTo = 'admin'; $this->assertSaves($record); $counts = $this->assertDataProviderCountMatchesStageCount($workflow, $workflowStatus, 4); $this->assertEquals(1, $counts[3]); TestingAuxLib::suLogin('testuser'); $counts = $this->assertDataProviderCountMatchesStageCount($workflow, $workflowStatus, 4); $this->assertEquals(0, $counts[3]); $record->assignedTo = 'testuser'; $this->assertSaves($record); $counts = $this->assertDataProviderCountMatchesStageCount($workflow, $workflowStatus, 4); $this->assertEquals(1, $counts[3]); }
/** * Upload a file. */ public function actionUpload() { if (!isset($_FILES['upload'])) { throw new CHttpException('400', 'Invalid request.'); } if (isset($_POST['drive']) && $_POST['drive']) { // google drive $auth = new GoogleAuthenticator(); if ($auth->getAccessToken()) { $service = $auth->getDriveService(); } $createdFile = null; if (isset($service, $_SESSION['access_token'], $_FILES['upload'])) { try { $file = new Google_DriveFile(); $file->setTitle($_FILES['upload']['name']); $file->setDescription('Uploaded by X2Engine'); $file->setMimeType($_FILES['upload']['type']); if (empty($_FILES['upload']['tmp_name'])) { $err = false; switch ($_FILES['newfile']['error']) { case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: $err .= 'File size exceeds limit of ' . get_max_upload() . ' bytes.'; break; case UPLOAD_ERR_PARTIAL: $err .= 'File upload was not completed.'; break; case UPLOAD_ERR_NO_FILE: $err .= 'Zero-length file uploaded.'; break; default: $err .= 'Internal error ' . $_FILES['newfile']['error']; break; } if ((bool) $message) { throw new CException($message); } } $data = file_get_contents($_FILES['upload']['tmp_name']); $createdFile = $service->files->insert($file, array('data' => $data, 'mimeType' => $_FILES['upload']['type'])); if (is_array($createdFile)) { $model = new Media(); $model->fileName = $createdFile['id']; $model->name = $createdFile['title']; if (isset($_POST['associationId'])) { $model->associationId = $_POST['associationId']; } if (isset($_POST['associationType'])) { $model->associationType = $_POST['associationType']; } if (isset($_POST['private'])) { $model->private = $_POST['private']; } $model->uploadedBy = Yii::app()->user->getName(); $model->mimetype = $createdFile['mimeType']; $model->filesize = $createdFile['fileSize']; $model->drive = 1; $model->save(); if ($model->associationType == 'feed') { $event = new Events(); $event->user = Yii::app()->user->getName(); if (isset($_POST['attachmentText']) && !empty($_POST['attachmentText'])) { $event->text = $_POST['attachmentText']; } else { $event->text = Yii::t('app', 'Attached file: '); } $event->type = 'media'; $event->timestamp = time(); $event->lastUpdated = time(); $event->associationId = $model->id; $event->associationType = 'Media'; $event->save(); if (Auxlib::isAjax()) { return print "success"; } $this->redirect(array('/profile/view', 'id' => Yii::app()->user->getId())); } elseif ($model->associationType == 'docs') { if (Auxlib::isAjax()) { return print "success"; } $this->redirect(array('/docs/docs/index')); } elseif (!empty($model->associationType) && !empty($model->associationId)) { $note = new Actions(); $note->createDate = time(); $note->dueDate = time(); $note->completeDate = time(); $note->complete = 'Yes'; $note->visibility = '1'; $note->completedBy = Yii::app()->user->getName(); if ($model->private) { $note->assignedTo = Yii::app()->user->getName(); $note->visibility = '0'; } else { $note->assignedTo = 'Anyone'; } $note->type = 'attachment'; $note->associationId = $_POST['associationId']; $note->associationType = $_POST['associationType']; $association = $this->getAssociation($note->associationType, $note->associationId); if ($association != null) { $note->associationName = $association->name; } $note->actionDescription = $model->fileName . ':' . $model->id; if ($note->save()) { if (Auxlib::isAjax()) { return print "success"; } $this->redirect(array($model->associationType . '/' . $model->associationId)); } } else { if (Auxlib::isAjax()) { return print "success"; } $this->redirect('/media/media/view', array('id' => $model->id)); } } else { throw new CHttpException('400', 'Invalid request.'); } } catch (Google_AuthException $e) { $auth->flushCredentials(); $auth->setErrors($e->getMessage()); $service = null; $createdFile = null; } } else { if (isset($_SERVER['HTTP_REFERER'])) { if (Auxlib::isAjax()) { return print "success"; } $this->redirect($_SERVER['HTTP_REFERER']); } else { throw new CHttpException('400', 'Invalid request'); } } } else { // non-google drive upload $model = new Media(); $temp = CUploadedFile::getInstanceByName('upload'); // file uploaded through form if ($temp && ($tempName = $temp->getTempName()) && !empty($tempName)) { $name = $temp->getName(); $name = str_replace(' ', '_', $name); $check = Media::model()->findAllByAttributes(array('fileName' => $name)); // rename file if there name conflicts by suffixing "(n)" if (count($check) != 0) { $count = 1; $newName = $name; $arr = explode('.', $name); $name = $arr[0]; while (count($check) != 0) { $newName = $name . '(' . $count . ').' . $temp->getExtensionName(); $check = Media::model()->findAllByAttributes(array('fileName' => $newName)); $count++; } $name = $newName; } $username = Yii::app()->user->name; // copy file to user's media uploads directory if (FileUtil::ccopy($tempName, "uploads/protected/media/{$username}/{$name}")) { if (isset($_POST['associationId'])) { $model->associationId = $_POST['associationId']; } if (isset($_POST['associationType'])) { $model->associationType = $_POST['associationType']; } if (isset($_POST['private'])) { $model->private = true; } $model->uploadedBy = Yii::app()->user->getName(); $model->createDate = time(); $model->lastUpdated = time(); $model->fileName = $name; $model->mimetype = $temp->type; if (!$model->save()) { $errors = $model->getErrors(); $error = ArrayUtil::pop(ArrayUtil::pop($errors)); Yii::app()->user->setFlash('top-error', Yii::t('app', 'Attachment failed. ' . $error)); if (Auxlib::isAjax()) { return print "success"; } $this->redirect(array($model->associationType . '/' . $model->associationType . '/view', 'id' => $model->associationId)); Yii::app()->end(); } else { $relatedModel = X2Model::getModelOfTypeWithId($model->associationType, $model->associationId); if ($relatedModel && $relatedModel->supportsRelationships) { $rel = new Relationships(); $rel->setFirstModel($model); $rel->setSecondModel($relatedModel); $rel->save(); } } // handle different upload types switch ($model->associationType) { case 'feed': $this->handleFeedTypeUpload($model, $name); break; case 'docs': if (Auxlib::isAjax()) { return print "success"; } $this->redirect(array('/docs/docs/index')); break; case 'loginSound': case 'notificationSound': if (Auxlib::isAjax()) { return print "success"; } $this->redirect(array('/profile/settings', 'id' => Yii::app()->user->getId())); break; case 'bg': case 'bg-private': $this->redirect(array('/profile/settings', 'bgId' => $model->id)); break; case 'none': if (Auxlib::isAjax()) { return print "success"; } break; case 'topicReply': $this->handleTopicReplyUpload($model, $name); break; default: $this->handleDefaultUpload($model, $name); break; } } } else { if (isset($_SERVER['HTTP_REFERER'])) { if (Auxlib::isAjax()) { return print "success"; } $this->redirect($_SERVER['HTTP_REFERER']); } else { throw new CHttpException('400', 'Invalid request'); } } if (isset($_GET['redirect'])) { $this->redirect($_SERVER['HTTP_REFERER']); } } }