/** * The client CAN use the information contained in * $response['manage_permission'] to make decisions such as whether or not to * allow the current user to edit the set of groups in the store. * @param Array $params Client input parameters * @return $response for the client. */ protected function actionSelectedStore($params) { $currentPermissionLevel = \GO\Base\Model\Acl::getUserPermissionLevel($params['model_id'], \GO::user()->id); $response['manage_permission'] = $params['currentUserHasManagePermission'] = \GO\Base\Model\Acl::hasPermission($currentPermissionLevel, \GO\Base\Model\Acl::MANAGE_PERMISSION); $response = array_merge($response, parent::actionSelectedStore($params)); return $response; }
public function checkWritePermission($delete = false) { $fsFile = new \GO\Base\Fs\File($this->path); $this->folder = \GO\Files\Model\Folder::model()->findByPath($fsFile->parent()->stripFileStoragePath()); if (!\GO\Base\Model\Acl::hasPermission($this->folder->getPermissionLevel(), \GO\Base\Model\Acl::WRITE_PERMISSION)) { throw new Sabre\DAV\Exception\Forbidden("DAV: User " . \GO::user()->username . " doesn't have write permission for file '" . $this->relpath . '"'); } }
/** * Can be used in actionDisplay like actions * @param \GO\Base\Db\ActiveRecord $data['model'] the model to render display data for * @param array $extraFields the extra fields that should be attached to the data array as key => value * @return \GO\Base\Data\JsonResponse Response object */ public function renderDisplay($data) { $response = array('data' => array(), 'success' => true); $response['data'] = $data['model']->getAttributes('html'); if (!empty($data['model']->user)) { $response['data']['username'] = $data['model']->user->name; } if (!empty($data['model']->mUser)) { $response['data']['musername'] = $data['model']->mUser->name; } //$response['data'] = $model->getAttributes('html'); //$response['data']['model'] = $model->className(); $response['data']['permission_level'] = $data['model']->getPermissionLevel(); $response['data']['write_permission'] = \GO\Base\Model\Acl::hasPermission($response['data']['permission_level'], \GO\Base\Model\Acl::WRITE_PERMISSION); $response['data']['customfields'] = array(); if (!isset($response['data']['workflow']) && \GO::modules()->workflow) { $response = $this->_processWorkflowDisplay($data['model'], $response); } if ($data['model']->customfieldsRecord) { $response = $this->_processCustomFieldsDisplay($data['model'], $response); } if ($data['model']->hasLinks()) { $response = $this->_processLinksDisplay($data['model'], $response); if (!isset($response['data']['events']) && \GO::modules()->calendar) { $response = $this->_processEventsDisplay($data['model'], $response); } if (!isset($response['data']['tasks']) && \GO::modules()->tasks) { $response = $this->_processTasksDisplay($data['model'], $response); } } if (\GO::modules()->files && !isset($response['data']['files'])) { $response = $this->_processFilesDisplay($data['model'], $response); } if (\GO::modules()->comments) { $response = $this->_processCommentsDisplay($data['model'], $response); } if (\GO::modules()->lists) { $response = \GO\Lists\ListsModule::displayResponse($data['model'], $response); } // // $this->fireEvent('display', array( // &$this, // &$response, // &$model // )); return new \GO\Base\Data\JsonResponse($response); }
/** * Return information for add and delete buttons in the view. It tells wether add or delete is allowed. * * @param array $response */ public function setButtonParams(&$response) { $models = $this->_getSelectedModels(); foreach ($models as $model) { if (!isset($response['buttonParams']) && \GO\Base\Model\Acl::hasPermission($model->getPermissionLevel(), \GO\Base\Model\Acl::CREATE_PERMISSION)) { //instruct the view for the add action. $response['buttonParams'] = array('id' => $model->id, 'name' => $model->name, 'permissionLevel' => $model->getPermissionLevel()); } } }
public function actionPermissionsStore($params) { //check access to users or groups module. Because we allow this action without //access to the modules module if ($params['paramIdType'] == 'groupId') { if (!GO::modules()->groups) { throw new \GO\Base\Exception\AccessDenied(); } } else { if (!GO::modules()->users) { throw new \GO\Base\Exception\AccessDenied(); } } $response = new JsonResponse(array('success' => true, 'results' => array(), 'total' => 0)); $modules = array(); $mods = GO::modules()->getAllModules(); while ($module = array_shift($mods)) { $permissionLevel = 0; $usersGroupPermissionLevel = false; if (empty($params['id'])) { $aclUsersGroup = $module->acl->hasGroup(GO::config()->group_everyone); // everybody group $permissionLevel = $usersGroupPermissionLevel = $aclUsersGroup ? $aclUsersGroup->level : 0; } else { if ($params['paramIdType'] == 'groupId') { //when looking at permissions from the groups module. $aclUsersGroup = $module->acl->hasGroup($params['id']); $permissionLevel = $aclUsersGroup ? $aclUsersGroup->level : 0; } else { //when looking from the users module $permissionLevel = Acl::getUserPermissionLevel($module->acl_id, $params['id']); $usersGroupPermissionLevel = Acl::getUserPermissionLevel($module->acl_id, $params['id'], true); } } $translated = $module->moduleManager ? $module->moduleManager->name() : $module->id; // Module permissions only support read permission and manage permission: if (Acl::hasPermission($permissionLevel, Acl::CREATE_PERMISSION)) { $permissionLevel = Acl::MANAGE_PERMISSION; } $modules[$translated] = array('id' => $module->id, 'name' => $translated, 'permissionLevel' => $permissionLevel, 'disable_none' => $usersGroupPermissionLevel !== false && Acl::hasPermission($usersGroupPermissionLevel, Acl::READ_PERMISSION), 'disable_use' => $usersGroupPermissionLevel !== false && Acl::hasPermission($usersGroupPermissionLevel, Acl::CREATE_PERMISSION)); $response['total'] += 1; } ksort($modules); $response['results'] = array_values($modules); echo $response; }
protected function actionList($params) { if (!empty($params['query'])) { return $this->_searchFiles($params); } if ($params['folder_id'] == 'shared') { return $this->_listShares($params); } //get the folder that contains the files and folders to list. //This will check permissions too. $folder = \GO\Files\Model\Folder::model()->findByPk($params['folder_id']); if (!$folder) { $folder = \GO\Files\Model\Folder::model()->findHomeFolder(GO::user()); } if (!$folder) { throw new Exception('No Folder found with id ' . $params['folder_id']); } $user = $folder->quotaUser; $this->_listFolderPermissionLevel = $folder->permissionLevel; $response['permission_level'] = $folder->permissionLevel; //$folder->readonly ? \GO\Base\Model\Acl::READ_PERMISSION : $folder->permissionLevel; if (empty($params['skip_fs_sync']) && empty(GO::config()->files_disable_filesystem_sync)) { $folder->checkFsSync(); } //useful information for the view. $response['path'] = $folder->path; //Show this page in thumbnails or list $folderPreference = \GO\Files\Model\FolderPreference::model()->findByPk(array('user_id' => \GO::user()->id, 'folder_id' => $folder->id)); if ($folderPreference) { $response['thumbs'] = $folderPreference->thumbs; } else { $response['thumbs'] = 0; } $response['parent_id'] = $folder->parent_id; //locked state $response['lock_state'] = !empty($folder->apply_state); $response['cm_state'] = isset($folder->cm_state) && !empty($folder->apply_state) ? $folder->cm_state : ""; $response['may_apply_state'] = \GO\Base\Model\Acl::hasPermission($folder->getPermissionLevel(), \GO\Base\Model\Acl::MANAGE_PERMISSION); // if($response["lock_state"]){ // $state = json_decode($response["cm_state"]); // // if(isset($state->sort)){ // $params['sort']=$state->sort->field; // $params['dir']=$state->sort->direction; // } // } $store = \GO\Base\Data\Store::newInstance(\GO\Files\Model\Folder::model()); //set sort aliases $store->getColumnModel()->formatColumn('type', '', array(), 'name'); $store->getColumnModel()->formatColumn('size', '"-"', array(), 'name'); $store->getColumnModel()->formatColumn('locked_user_id', '"0"'); //handle delete request for both files and folder if (isset($params['delete_keys'])) { $ids = $this->_splitFolderAndFileIds(json_decode($params['delete_keys'], true)); $params['delete_keys'] = json_encode($ids['folders']); $store->processDeleteActions($params, "GO\\Files\\Model\\Folder"); $params['delete_keys'] = json_encode($ids['files']); $store->processDeleteActions($params, "GO\\Files\\Model\\File"); } $store->getColumnModel()->setFormatRecordFunction(array($this, 'formatListRecord')); $findParams = $store->getDefaultParams($params); //sorting on custom fields doesn't work for folders if (isset($params['sort']) && substr($params['sort'], 0, 4) == 'col_') { $findParams->order("name", $params['dir']); } $findParamsArray = $findParams->getParams(); if (!isset($findParamsArray['start'])) { $findParamsArray['start'] = 0; } if (!isset($findParamsArray['limit'])) { $findParamsArray['limit'] = 0; } //$stmt = $folder->folders($findParams); $stmt = $folder->getSubFolders($findParams); $store->setStatement($stmt); $response = array_merge($response, $store->getData()); //add files to the listing if it fits $folderPages = floor($stmt->foundRows / $findParamsArray['limit']); $foldersOnLastPage = $stmt->foundRows - $folderPages * $findParamsArray['limit']; //$isOnLastPageofFolders = $stmt->foundRows < ($findParams['limit'] + $findParams['start']); if (count($response['results'])) { $fileStart = $findParamsArray['start'] - $folderPages * $findParamsArray['limit']; $fileLimit = $findParamsArray['limit'] - $foldersOnLastPage; } else { $fileStart = $findParamsArray['start'] - $stmt->foundRows; $fileLimit = $findParamsArray['limit']; } if ($fileStart >= 0) { $store->resetResults(); $store->getColumnModel()->formatColumn('size', '"-"', array(), 'size'); $store->getColumnModel()->formatColumn('type', '', array(), 'extension'); $store->getColumnModel()->formatColumn('locked', '$model->isLocked()'); $store->getColumnModel()->formatColumn('locked_user_id', '$model->locked_user_id'); $store->getColumnModel()->formatColumn('folder_id', '$model->folder_id'); $findParams = $store->getDefaultParams($params)->limit($fileLimit)->start($fileStart); // Handle the files filter if (!empty($params['files_filter'])) { $extensions = explode(',', $params['files_filter']); $findParams->getCriteria()->addInCondition('extension', $extensions); } $stmt = $folder->files($findParams); $store->setStatement($stmt); $filesResponse = $store->getData(); $response['total'] += $filesResponse['total']; $response['results'] = array_merge($response['results'], $filesResponse['results']); } else { $record = $folder->files(\GO\Base\Db\FindParams::newInstance()->single()->select('count(*) as total')); $response['total'] += $record->total; } if (empty($user)) { $user = \GO::user(); } $response['owner_id'] = $user->id; $response['disk_usage'] = round($user->disk_usage / 1024 / 1024, 2); $response['disk_quota'] = $user->disk_quota; return $response; }
/** * The default action for displaying a model in a DisplayPanel. */ protected function actionDisplay($params) { $response = array('data' => array(), 'success' => true); $modelName = $this->model; $model = \GO::getModel($modelName)->findByPk($this->getPrimaryKeyFromParams($params)); if (!$model) { throw new \GO\Base\Exception\NotFound(); } $response = $this->beforeDisplay($response, $model, $params); //todo build in new style. Now it's necessary for old library functions //require_once(\GO::config()->root_path.'Group-Office.php'); $response['data'] = array_merge($response['data'], $model->getAttributes('html')); $response['data']['model'] = $model->className(); $response['data']['permission_level'] = $model->getPermissionLevel(); $response['data']['write_permission'] = \GO\Base\Model\Acl::hasPermission($response['data']['permission_level'], \GO\Base\Model\Acl::WRITE_PERMISSION); if (!empty($model->ctime)) { $response['data']['ctime'] = \GO\Base\Util\Date::get_timestamp($model->ctime); } if (!empty($model->mtime)) { $response['data']['mtime'] = \GO\Base\Util\Date::get_timestamp($model->mtime); } if (!empty($model->user)) { $response['data']['username'] = $model->user->name; } if (!empty($model->mUser)) { $response['data']['musername'] = $model->mUser->name; } $response['data']['customfields'] = array(); if (!isset($response['data']['workflow']) && \GO::modules()->workflow) { $response = $this->_processWorkflowDisplay($model, $response); } if ($model->customfieldsRecord) { $response = $this->_processCustomFieldsDisplay($model, $response); } if ($model->hasLinks()) { $response = $this->_processLinksDisplay($model, $response, isset($params['links_limit']) ? $params['links_limit'] : 15); if (!isset($response['data']['events']) && \GO::modules()->calendar) { $response = $this->_processEventsDisplay($model, $response); } if (!isset($response['data']['tasks']) && \GO::modules()->tasks) { $response = $this->_processTasksDisplay($model, $response); } } if (!isset($response['data']['files'])) { $response = $this->_processFilesDisplay($model, $response); } if (\GO::modules()->comments) { $response = $this->_processCommentsDisplay($model, $response); } if (\GO::modules()->lists) { $response = \GO\Lists\ListsModule::displayResponse($model, $response); } $response = $this->afterDisplay($response, $model, $params); $this->fireEvent('display', array(&$this, &$response, &$model)); return $response; }