/** * Set the internal working context for grabbing context-specific options. * * @param $key * @return bool|\modContext */ public function setWorkingContext($key) { if ($key instanceof \modResource) { $key = $key->get('context_key'); } if (empty($key)) { return false; } $this->wctx = $this->modx->getContext($key); if (!$this->wctx) { $this->modx->log(\modX::LOG_LEVEL_ERROR, 'Error loading working context ' . $key, '', __METHOD__, __FILE__, __LINE__); return false; } return $this->wctx; }
/** * Loads the access control policies applicable to this template variable. * * {@inheritdoc} */ public function findPolicy($context = '') { $policy = array(); $context = !empty($context) ? $context : $this->xpdo->context->get('key'); if ($context === $this->xpdo->context->get('key')) { $catEnabled = (bool) $this->xpdo->getOption('access_category_enabled', null, true); $rgEnabled = (bool) $this->xpdo->getOption('access_resource_group_enabled', null, true); } elseif ($this->xpdo->getContext($context)) { $catEnabled = (bool) $this->xpdo->contexts[$context]->getOption('access_category_enabled', true); $rgEnabled = (bool) $this->xpdo->contexts[$context]->getOption('access_resource_group_enabled', true); } $enabled = $catEnabled || $rgEnabled; if ($enabled) { if (empty($this->_policies) || !isset($this->_policies[$context])) { if ($rgEnabled) { $accessTable = $this->xpdo->getTableName('modAccessResourceGroup'); $policyTable = $this->xpdo->getTableName('modAccessPolicy'); $resourceGroupTable = $this->xpdo->getTableName('modTemplateVarResourceGroup'); $sql = "SELECT Acl.target, Acl.principal, Acl.authority, Acl.policy, Policy.data FROM {$accessTable} Acl " . "LEFT JOIN {$policyTable} Policy ON Policy.id = Acl.policy " . "JOIN {$resourceGroupTable} ResourceGroup ON Acl.principal_class = 'modUserGroup' " . "AND (Acl.context_key = :context OR Acl.context_key IS NULL OR Acl.context_key = '') " . "AND ResourceGroup.tmplvarid = :element " . "AND ResourceGroup.documentgroup = Acl.target " . "ORDER BY Acl.target, Acl.principal, Acl.authority"; $bindings = array(':element' => $this->get('id'), ':context' => $context); $query = new xPDOCriteria($this->xpdo, $sql, $bindings); if ($query->stmt && $query->stmt->execute()) { while ($row = $query->stmt->fetch(PDO::FETCH_ASSOC)) { $policy['modAccessResourceGroup'][$row['target']][] = array('principal' => $row['principal'], 'authority' => $row['authority'], 'policy' => $row['data'] ? $this->xpdo->fromJSON($row['data'], true) : array()); } } } if ($catEnabled) { $accessTable = $this->xpdo->getTableName('modAccessCategory'); $categoryClosureTable = $this->xpdo->getTableName('modCategoryClosure'); $sql = "SELECT Acl.target, Acl.principal, Acl.authority, Acl.policy, Policy.data FROM {$accessTable} Acl " . "LEFT JOIN {$policyTable} Policy ON Policy.id = Acl.policy " . "JOIN {$categoryClosureTable} CategoryClosure ON CategoryClosure.descendant = :category " . "AND Acl.principal_class = 'modUserGroup' " . "AND CategoryClosure.ancestor = Acl.target " . "AND (Acl.context_key = :context OR Acl.context_key IS NULL OR Acl.context_key = '') " . "ORDER BY CategoryClosure.depth DESC, target, principal, authority ASC"; $bindings = array(':category' => $this->get('category'), ':context' => $context); $query = new xPDOCriteria($this->xpdo, $sql, $bindings); if ($query->stmt && $query->stmt->execute()) { while ($row = $query->stmt->fetch(PDO::FETCH_ASSOC)) { $policy['modAccessCategory'][$row['target']][] = array('principal' => $row['principal'], 'authority' => $row['authority'], 'policy' => $row['data'] ? $this->xpdo->fromJSON($row['data'], true) : array()); } } } $this->_policies[$context] = $policy; } else { $policy = $this->_policies[$context]; } } return $policy; }
/** * Load the attributes for the ACLs for the Resource Group * * @static * @param modX $modx A reference to the modX instance * @param string $context The context to load from. If empty, will use the current context. * @param int $userId The ID of the user to grab ACL records for. * @return array An array of loaded attributes */ public static function loadAttributes(&$modx, $context = '', $userId = 0) { $attributes = array(); if (empty($context)) { $context = $modx->context->get('key'); } $enabled = (bool) $modx->getOption('access_resource_group_enabled', null, true); if ($context !== $modx->context->get('key') && $modx->getContext($context)) { $enabled = (bool) $modx->contexts[$context]->getOption('access_resource_group_enabled', $enabled); } if ($enabled) { $accessTable = $modx->getTableName('modAccessResourceGroup'); $policyTable = $modx->getTableName('modAccessPolicy'); $memberTable = $modx->getTableName('modUserGroupMember'); $memberRoleTable = $modx->getTableName('modUserGroupRole'); $legacyDocGroups = array(); if ($userId > 0) { $sql = "SELECT acl.target, acl.principal, mr.authority, acl.policy, p.data FROM {$accessTable} acl " . "LEFT JOIN {$policyTable} p ON p.id = acl.policy " . "JOIN {$memberTable} mug ON acl.principal_class = 'modUserGroup' " . "AND (acl.context_key = :context OR acl.context_key IS NULL OR acl.context_key = '') " . "AND mug.member = :principal " . "AND mug.user_group = acl.principal " . "JOIN {$memberRoleTable} mr ON mr.id = mug.role " . "AND mr.authority <= acl.authority " . "ORDER BY acl.target, acl.principal, mr.authority, acl.policy"; $bindings = array(':principal' => $userId, ':context' => $context); $query = new xPDOCriteria($modx, $sql, $bindings); if ($query->stmt && $query->stmt->execute()) { while ($row = $query->stmt->fetch(PDO::FETCH_ASSOC)) { $attributes[$row['target']][] = array('principal' => $row['principal'], 'authority' => $row['authority'], 'policy' => $row['data'] ? $modx->fromJSON($row['data'], true) : array()); $legacyDocGroups[$row['target']] = $row['target']; } } } else { $sql = "SELECT acl.target, acl.principal, 0 AS authority, acl.policy, p.data FROM {$accessTable} acl " . "LEFT JOIN {$policyTable} p ON p.id = acl.policy " . "WHERE acl.principal_class = 'modUserGroup' " . "AND acl.principal = 0 " . "AND (acl.context_key = :context OR acl.context_key IS NULL OR acl.context_key = '') " . "ORDER BY acl.target, acl.principal, acl.authority, acl.policy"; $bindings = array(':context' => $context); $query = new xPDOCriteria($modx, $sql, $bindings); if ($query->stmt && $query->stmt->execute()) { while ($row = $query->stmt->fetch(PDO::FETCH_ASSOC)) { $attributes[$row['target']][] = array('principal' => 0, 'authority' => $row['authority'], 'policy' => $row['data'] ? $modx->fromJSON($row['data'], true) : array()); $legacyDocGroups[$row['target']] = $row['target']; } } } $_SESSION['modx.user.' . ($userId > 0 ? (string) $userId : '0') . '.resourceGroups'] = array($context => array_values($legacyDocGroups)); } return $attributes; }
/** * Find all policies for this object * * @param string $context * @return array */ public function findPolicy($context = '') { $policy = array(); $enabled = true; $context = 'mgr'; if ($context === $this->xpdo->context->get('key')) { $enabled = (bool) $this->xpdo->getOption('access_media_source_enabled', null, true); } elseif ($this->xpdo->getContext($context)) { $enabled = (bool) $this->xpdo->contexts[$context]->getOption('access_media_source_enabled', true); } if ($enabled) { if (empty($this->_policies) || !isset($this->_policies[$context])) { $accessTable = $this->xpdo->getTableName('sources.modAccessMediaSource'); $sourceTable = $this->xpdo->getTableName('sources.modMediaSource'); $policyTable = $this->xpdo->getTableName('modAccessPolicy'); $sql = "SELECT Acl.target, Acl.principal, Acl.authority, Acl.policy, Policy.data FROM {$accessTable} Acl " . "LEFT JOIN {$policyTable} Policy ON Policy.id = Acl.policy " . "JOIN {$sourceTable} Source ON Acl.principal_class = 'modUserGroup' " . "AND (Acl.context_key = :context OR Acl.context_key IS NULL OR Acl.context_key = '') " . "AND Source.id = Acl.target " . "WHERE Acl.target = :source " . "GROUP BY Acl.target, Acl.principal, Acl.authority, Acl.policy"; $bindings = array(':source' => $this->get('id'), ':context' => $context); $query = new xPDOCriteria($this->xpdo, $sql, $bindings); if ($query->stmt && $query->stmt->execute()) { while ($row = $query->stmt->fetch(PDO::FETCH_ASSOC)) { $policy['sources.modAccessMediaSource'][$row['target']][] = array('principal' => $row['principal'], 'authority' => $row['authority'], 'policy' => $row['data'] ? $this->xpdo->fromJSON($row['data'], true) : array()); } } $this->_policies[$context] = $policy; } else { $policy = $this->_policies[$context]; } } return $policy; }
/** * Get the Resource's full alias path. * * @param string $alias Optional. The alias to check. If not set, will * then build it from the pagetitle if automatic_alias is set to true. * @param array $fields Optional. An array of field values to use instead of * using the current modResource fields. * @return string */ public function getAliasPath($alias = '', array $fields = array()) { if (empty($fields)) { $fields = $this->toArray(); } $workingContext = $this->xpdo->getContext($fields['context_key']); if (empty($fields['uri_override']) || empty($fields['uri'])) { /* auto assign alias if using automatic_alias */ if (empty($alias) && $workingContext->getOption('automatic_alias', false)) { $alias = $this->cleanAlias($fields['pagetitle']); } elseif (empty($alias) && isset($fields['id']) && !empty($fields['id'])) { $alias = $this->cleanAlias($fields['id']); } else { $alias = $this->cleanAlias($alias); } $fullAlias = $alias; $isHtml = true; $extension = ''; $containerSuffix = $workingContext->getOption('container_suffix', ''); /* @var modContentType $contentType process content type */ if (!empty($fields['content_type']) && ($contentType = $this->xpdo->getObject('modContentType', $fields['content_type']))) { $extension = $contentType->getExtension(); $isHtml = strpos($contentType->get('mime_type'), 'html') !== false; } /* set extension to container suffix if Resource is a folder, HTML content type, and the container suffix is set */ if (!empty($fields['isfolder']) && $isHtml && !empty($containerSuffix)) { $extension = $containerSuffix; } $aliasPath = ''; /* if using full alias paths, calculate here */ if ($workingContext->getOption('use_alias_path', false)) { $pathParentId = $fields['parent']; $parentResources = array(); $query = $this->xpdo->newQuery('modResource'); $query->select($this->xpdo->getSelectColumns('modResource', '', '', array('parent', 'alias'))); $query->where("{$this->xpdo->escape('id')} = ?"); $query->prepare(); $query->stmt->execute(array($pathParentId)); $currResource = $query->stmt->fetch(PDO::FETCH_ASSOC); while ($currResource) { $parentAlias = $currResource['alias']; if (empty($parentAlias)) { $parentAlias = "{$pathParentId}"; } $parentResources[] = "{$parentAlias}"; $pathParentId = $currResource['parent']; $query->stmt->execute(array($pathParentId)); $currResource = $query->stmt->fetch(PDO::FETCH_ASSOC); } $aliasPath = !empty($parentResources) ? implode('/', array_reverse($parentResources)) : ''; if (strlen($aliasPath) > 0 && $aliasPath[strlen($aliasPath) - 1] !== '/') { $aliasPath .= '/'; } } $fullAlias = $aliasPath . $fullAlias . $extension; } else { $fullAlias = $fields['uri']; } return $fullAlias; }