/** * tx_dam::access_checkFile() */ public function test_access_checkFile() { $GLOBALS['T3_VAR']['ext']['dam']['pathInfoCache'] = array(); $filepath = $this->getFixtureFilename(); $this->addFixturePathToFilemount(); $access = tx_dam::access_checkFile($filepath); self::assertTrue($access, 'File not accessable: ' . $filepath); $access = tx_dam::access_checkFile($filepath . 'xyz'); self::assertFalse($access, 'File accessable: ' . $filepath . 'xyz'); $this->removeFixturePathFromFilemount(); }
function main(&$backRef, $menuItems, $file, $uid) { // Returns directly, because the clicked item was not a file if ($backRef->cmLevel == 0 && $uid != '') { return $menuItems; } // Returns directly, because the clicked item was not the second level menu from DAM records if ($backRef->cmLevel == 1 && t3lib_div::_GP('subname') != 'tx_dam_cm_file') { return $menuItems; } $this->backRef =& $backRef; // this is second level menu from DAM records $fileDAM = t3lib_div::_GP('txdamFile'); $file = $fileDAM ? $fileDAM : $file; if (@is_file($file)) { $item = tx_dam::file_compileInfo($file); $permsEdit = tx_dam::access_checkFile($item) && tx_dam::access_checkFileOperation('editFile'); $permsDelete = tx_dam::access_checkFile($item) && tx_dam::access_checkFileOperation('deleteFile'); } elseif (@is_dir($file)) { $item = tx_dam::path_compileInfo($file); $permsEdit = tx_dam::access_checkPath($item) && tx_dam::access_checkFileOperation('renameFolder'); $permsDelete = tx_dam::access_checkPath($item) && tx_dam::access_checkFileOperation('deleteFolder'); } else { return $menuItems; } // clear the existing menu now and fill it with DAM specific things $damMenuItems = array(); // see typo3/alt_clickmenu.php:clickmenu::enableDisableItems() for iParts[3] // which is called after this function $backRef->iParts[3] = ''; $actionCall = t3lib_div::makeInstance('tx_dam_actionCall'); if (is_array($backRef->disabledItems)) { foreach ($backRef->disabledItems as $idName) { $actionCall->removeAction($idName); } } $actionCall->setRequest('context', $item); $actionCall->setEnv('returnUrl', t3lib_div::_GP('returnUrl')); $actionCall->setEnv('backPath', $backRef->PH_backPath); $actionCall->setEnv('defaultCmdScript', PATH_txdam_rel . 'mod_cmd/index.php'); $actionCall->setEnv('defaultEditScript', PATH_txdam_rel . 'mod_edit/index.php'); $actionCall->setEnv('actionPerms', tx_dam::access_checkFileOperation()); $actionCall->setEnv('permsEdit', $permsEdit); $actionCall->setEnv('permsDelete', $permsDelete); $actionCall->setEnv('cmLevel', $backRef->cmLevel); $actionCall->setEnv('cmParent', t3lib_div::_GP('parentname')); $actionCall->initActions(true); $actions = $actionCall->renderActionsContextMenu(true); foreach ($actions as $id => $action) { if ($action['isDivider']) { $damMenuItems[$id] = 'spacer'; } else { $onclick = $action['onclick'] ? $action['onclick'] : $this->createOnClick($action['url'], $action['dontHide']); $damMenuItems[$id] = $backRef->linkItem($GLOBALS['LANG']->makeEntities($action['label']), $backRef->excludeIcon($action['icon']), $onclick, $action['onlyCM'], $action['dontHide']); } } // clear the file context menu, allow additional items from extensions, // like TemplaVoila, and the display constraints // once a DAM file is found foreach ($menuItems as $key => $var) { if (!t3lib_div::inList('edit,rename,info,copy,cut,delete', $key) && !array_key_exists($key, $damMenuItems)) { $damMenuItems[$key] = $var; } } return $damMenuItems; }
/** * Main function of the module. Write the content to $this->content * * @return void */ function main() { global $BE_USER, $LANG, $BACK_PATH, $TYPO3_CONF_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS; $this->extObjCmdInit(); // // Initialize the template object // if (!is_object($this->doc)) { $this->doc = t3lib_div::makeInstance('template'); $this->doc->backPath = $BACK_PATH; $this->doc->setModuleTemplate(t3lib_extMgm::extRelPath('dam') . 'res/templates/mod_cmd.html'); $this->doc->styleSheetFile2 = t3lib_extMgm::extRelPath('dam') . 'res/css/stylesheet.css'; $this->doc->docType = 'xhtml_trans'; } // // check access // $access = false; $this->actionAccess = $this->extObjAccess(); if ($this->actionAccess) { $this->accessDenied = array(); if ($this->file) { foreach ($this->file as $key => $filename) { if (!tx_dam::access_checkFile($filename, $this->extObj->passthroughMissingFiles)) { $this->accessDenied['file'][] = tx_dam::file_normalizePath($filename); unset($this->file[$key]); } } if ($this->file) { $access = true; } } elseif ($this->folder) { foreach ($this->folder as $key => $path) { if (!tx_dam::access_checkPath($path)) { $this->accessDenied['folder'][] = tx_dam::path_makeRelative($path); unset($this->folder[$key]); } } if ($this->folder) { $access = true; } } elseif ($this->record and $this->defaultPid) { foreach ($this->record as $table => $uidList) { $where = array(); $where['enableFields'] = tx_dam_db::deleteClause($table); $where['pidList'] = $table . '.pid IN (' . $this->defaultPid . ')'; $where['uid'] = $table . '.uid IN (' . implode(',', $uidList) . ')'; $rows = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows('uid', $table, implode(' AND ', $where), '', '', '', 'uid'); if ($rows) { $this->record[$table] = array_keys($rows); } else { $this->accessDenied['record'][$table] = $uidList; unset($this->record[$table]); } } if ($this->record) { $access = true; } } } // // Main // if ($access) { // // Output page header // $this->actionTarget = $this->actionTarget ? $this->actionTarget : t3lib_div::linkThisScript(array('returnUrl' => $this->returnUrl, 'redirect' => $this->redirect)); if ($this->CMD == 'tx_dam_cmd_foldernew') { $this->actionTarget = $BACK_PATH . 'tce_file.php'; } $this->doc->form = '<form action="' . htmlspecialchars($this->actionTarget) . '" method="post" name="editform" enctype="' . $TYPO3_CONF_VARS['SYS']['form_enctype'] . '">'; // JavaScript $this->doc->JScodeArray['jumpToUrl'] = ' var script_ended = 0; var changed = 0; function jumpToUrl(URL) { document.location.href = URL; } function jumpBack() { document.location.href = "' . htmlspecialchars($this->redirect) . '"; } function navFrameReload() { if (top.content && top.content.nav_frame && top.content.nav_frame.refresh_nav) { // top.content.nav_frame.refresh_nav(); } } '; $this->doc->postCode .= $this->doc->wrapScriptTags(' script_ended = 1;'); $this->makePageHeader(); // // Call submodule function // $this->extObjContent(); $this->markers['CONTENT'] = $this->content; } else { // If no access $this->makePageHeader(); $accessDeniedInfo = array(); if ($this->actionAccess) { foreach ($this->accessDenied as $type => $items) { if ($items) { $accessDeniedInfo[] = '<h4>' . $LANG->getLL($type, 1) . '</h4>'; foreach ($items as $item) { $accessDeniedInfo[] = '<p>' . htmlspecialchars($item) . '</p>'; } } } } else { $accessDeniedInfo[] = '<p>' . sprintf($LANG->getLL('messageCmdDenied', 1), $this->pageTitle) . '</p>'; } // file do not exist ... $this->content .= $this->accessDeniedMessageBox(implode('', $accessDeniedInfo)); } }
/** * Main function of the module. Write the content to $this->content * * @return void */ function main() { global $BE_USER, $LANG, $BACK_PATH, $TYPO3_CONF_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS; $access = false; $this->errorMessages = array(); $this->media = NULL; $editorList = array(); $this->actionTarget = $this->actionTarget ? $this->actionTarget : t3lib_div::linkThisScript(array('returnUrl' => $this->returnUrl, 'redirect' => $this->redirect)); // // get media that should be edited // if ($this->file) { foreach ($this->file as $key => $filename) { if (!tx_dam::access_checkFile($filename)) { $this->errorMessages['file'][] = tx_dam::file_normalizePath($filename); unset($this->file[$key]); } } if ($this->file) { $this->media = tx_dam::media_getForFile($this->file[0]); if (!$this->media->isAvailable) { $this->errorMessages['file'][] = $this->media->filename; unset($this->media); } } } elseif ($this->record and $this->defaultPid) { foreach ($this->record as $table => $uidList) { $where = array(); $where['enableFields'] = tx_dam_db::deleteClause($table); $where['pidList'] = $table . '.pid IN (' . $this->defaultPid . ')'; $where['uid'] = $table . '.uid IN (' . implode(',', $uidList) . ')'; $rows = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows('uid', $table, implode(' AND ', $where), '', '', '', 'uid'); if ($rows) { $this->record[$table] = array_keys($rows); } else { $this->errorMessages['record'][$table] = $uidList; unset($this->record[$table]); } } if ($this->record['tx_dam']) { // reduce passed files/records to just one item // it will be done here because later editors might want to get multiple resources (eg. blending images) so we keep the infrastructure reset($this->record['tx_dam']); // just one uid $uid = current($this->record['tx_dam']); $this->media = tx_dam::media_getByUid($uid); if (!$this->media->isAvailable) { $this->errorMessages['file'][] = $this->media->filename; unset($this->media); } } } $access = ($this->hasExtObjDefined() or is_object($this->media)); // // Main // // a valid file is selected if ($access) { $success = false; // an editor is not already defined by CMD if (!$this->hasExtObjDefined() and is_object($this->media)) { if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['dam']['editorClasses'])) { foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['dam']['editorClasses'] as $idName => $classRessource) { if (is_object($editorList[$idName] = t3lib_div::getUserObj($classRessource))) { if (!$editorList[$idName]->isValid($this->media)) { unset($editorList[$idName]); } } } } if (!count($editorList)) { // error message no valid editor found for file $this->errorMessages['error'][] = sprintf($LANG->getLL('messageNoEditorFound', 1), $this->media->filename); } elseif (count($editorList) == 1) { // activate extObj $this->errorMessages['error'][] = 'TODO: activate extObj'; if (!$this->CMD) { $this->CMD = key($editorList); } $this->handleExternalFunctionValue('function', $this->CMD); } // selection of multiple editors is below } // an editor is selected if ($this->hasExtObjDefined()) { $this->checkExtObj(); // Checking for first level external objects $this->checkSubExtObj(); // Checking second level external objects } if (is_object($this->extObj)) { $this->extObjCmdInit(); // // Initialize the template object // if (!is_object($this->doc)) { $this->doc = t3lib_div::makeInstance('template'); $this->doc->backPath = $BACK_PATH; $this->doc->setModuleTemplate(t3lib_extMgm::extRelPath('dam') . 'res/templates/mod_edit.html'); $this->doc->styleSheetFile2 = t3lib_extMgm::extRelPath('dam') . 'res/css/stylesheet.css'; $this->doc->docType = 'xhtml_trans'; } // // check access // $this->actionAccess = $this->extObjAccess(); if ($access and $this->actionAccess) { $success = true; // // Output page header // $this->doc->form = '<form action="' . htmlspecialchars($this->actionTarget) . '" method="post" name="editform" enctype="' . $TYPO3_CONF_VARS['SYS']['form_enctype'] . '">'; $this->doc->form .= '<input type="hidden" name="CMD" value="' . $this->CMD . '" />'; // JavaScript $this->doc->JScodeArray['jumpToUrl'] = ' var script_ended = 0; var changed = 0; function jumpToUrl(URL) { document.location.href = URL; } function jumpBack() { document.location.href = "' . htmlspecialchars($this->redirect) . '"; } function navFrameReload() { if (top.content && top.content.nav_frame && top.content.nav_frame.refresh_nav) { // top.content.nav_frame.refresh_nav(); } } '; $this->doc->postCode .= $this->doc->wrapScriptTags(' script_ended = 1;'); $this->makePageHeader(); // // Call submodule function // $this->extObjContent(); $this->markers['CONTENT'] = $this->content; } else { $access = false; $this->errorMessages['error'][] = sprintf($LANG->getLL('messageCmdDenied', true), $this->pageTitle); } } } if (!is_object($this->doc)) { $this->doc = t3lib_div::makeInstance('template'); $this->doc->backPath = $BACK_PATH; $this->doc->setModuleTemplate(t3lib_extMgm::extRelPath('dam') . 'res/templates/mod_edit.html'); $this->doc->styleSheetFile2 = t3lib_extMgm::extRelPath('dam') . 'res/css/stylesheet.css'; $this->doc->docType = 'xhtml_trans'; } // provide a selector when multiple editors are available if ($access and count($editorList) > 1) { $this->makePageHeader(); $messages = array(); $messages[] = '<div style="margin: 1em 3em 2em 3em;">' . sprintf($LANG->getLL('messageAvailableEditors', true), $this->media->filename) . '</div>'; $messages[] = '<div style="padding-left:3em; display:table-cell">'; foreach ($editorList as $idName => $editorObj) { $button = $this->button($editorObj->getIcon(), $editorObj->getLabel(), $editorObj->getDescription(), $this->actionTarget . '&CMD=' . $idName, '', ' style="display:block;"'); $messages[] = '<div style="margin-bottom:0.8em">' . $button . '</div>'; } $messages[] = '</div>'; $this->content .= $GLOBALS['SOBE']->getMessageBox($this->pageTitle, $messages, $this->buttonBack(0), 2); $success = true; } if (!$access or !$success) { // If no access $this->makePageHeader(); $messages = array(); foreach ($this->errorMessages as $type => $items) { if ($items) { if ($type !== 'error' and $headerText = $LANG->getLL($type, 1)) { $messages[] = '<h4>' . $LANG->getLL($type, true) . '</h4>'; } foreach ($items as $item) { $messages[] = '<p>' . htmlspecialchars($item) . '</p>'; } } } // file do not exist ... if (!$access) { $this->content .= $this->accessDeniedMessageBox(implode('', $messages)); } else { $this->content .= $this->errorMessageBox(implode('', $messages)); } } }