function template_preprocess_filedepot_moveincoming_form(&$variables) { $variables['movefolder_options'] = filedepot_recursiveAccessOptions('admin'); $variables['LANG_newfolder'] = t('New Folder'); $variables['LANG_submit'] = t('Submit'); $variables['LANG_cancel'] = t('Cancel'); $variables['token'] = drupal_get_token(FILEDEPOT_TOKEN_FOLDERMGMT); }
function filedepotAjaxServer_loadFileDetails() { global $user; $filedepot = filedepot_filedepot(); $nexcloud = filedepot_nexcloud(); $reportmode = check_plain($_POST['reportmode']); $retval = array(); $retval['editperm'] = FALSE; $retval['token'] = drupal_get_token(FILEDEPOT_TOKEN_FILEDETAILS); $retval['deleteperm'] = FALSE; $retval['addperm'] = FALSE; $retval['lockperm'] = FALSE; $retval['notifyperm'] = FALSE; $retval['broadcastperm'] = FALSE; $retval['tags'] = ''; $validfile = FALSE; if ($reportmode == 'approvals') { $id = intval($_POST['id']); if (db_query("SELECT count(*) FROM {filedepot_filesubmissions} WHERE id=:id", array(':id' => $id))->fetchField() == 1) { $validfile = TRUE; $sql = "SELECT file.id as fid,file.cid,file.title,file.fname,file.date,file.size,file.version,file.submitter,file.tags,u.name, "; $sql .= "file.status,file.description,category.pid,category.name as folder,category.nid,file.version_note,tags "; $sql .= "FROM {filedepot_filesubmissions} file "; $sql .= "LEFT JOIN {filedepot_categories} category ON file.cid=category.cid "; $sql .= "LEFT JOIN {users} u ON u.uid=file.submitter "; $sql .= "WHERE file.id=:id "; $rec = db_query($sql, array(':id' => $id))->fetchAssoc(); $retval = array_merge($retval, $rec); $retval['displayhtml'] = theme('filedepot_filedetail', array('fid' => $id, 'reportmode' => $reportmode)); $retval['locked'] = FALSE; $retval['subscribed'] = FALSE; } } elseif ($reportmode == 'incoming') { $id = intval($_POST['id']); if (db_result(db_query("SELECT count(*) FROM {filedepot_import_queue} WHERE id=:id", array(':id' => $id))) == 1) { $validfile = TRUE; $sql = "SELECT file.id as fid,file.orig_filename as title,file.description,file.version_note,u.name "; $sql .= "FROM {filedepot_import_queue} file "; $sql .= "LEFT JOIN {users} u ON u.uid=file.uid "; $sql .= "WHERE file.id=:id "; $rec = db_query($sql, array(':id' => $id))->fetchAssoc(); $retval = array_merge($retval, $rec); if (empty($retval['version_note'])) { $retval['version_note'] = ''; } $retval['displayhtml'] = theme('filedepot_filedetail', array('fid' => $id, 'reportmode' => $reportmode)); $retval['locked'] = FALSE; $retval['subscribed'] = FALSE; // Need to reference a valid filedepot_folder node for the filedepot_download callback to work - required for the File Details 'Download' menuitem $retval['nid'] = db_query_range("SELECT nid FROM {filedepot_categories} WHERE pid=0", 0, 1, array())->fetchField(); } } else { // Check that record exists $fid = intval($_POST['id']); $cid = db_query("SELECT cid FROM {filedepot_files} WHERE fid=:fid", array(':fid' => $fid))->fetchField(); if ($filedepot->checkPermission($cid, 'view') and db_query("SELECT count(*) FROM {filedepot_files} WHERE fid=:fid", array(':fid' => $fid))->fetchField() == 1) { $validfile = TRUE; $sql = "SELECT file.fid,file.cid,file.title,file.description,file.fname,file.date,file.size,file.version,file.submitter,u.name, "; $sql .= "file.status,category.pid,category.name as folder,category.nid,v.notes as version_note,file.status_changedby_uid "; $sql .= "FROM {filedepot_files} file "; $sql .= "LEFT JOIN {filedepot_categories} category ON file.cid=category.cid "; $sql .= "LEFT JOIN {filedepot_fileversions} v ON v.fid=file.fid "; $sql .= "LEFT JOIN {users} u ON u.uid=file.submitter "; $sql .= "WHERE file.fid=:fid ORDER BY v.version DESC"; $rec = db_query($sql, array(':fid' => $fid))->fetchAssoc(); $retval = array_merge($retval, $rec); $retval['tags'] = $nexcloud->get_itemtags($fid); $retval['displayhtml'] = theme('filedepot_filedetail', array('fid' => $fid, 'reportmode' => $reportmode)); // Check if file is locked if ($retval['status'] == FILEDEPOT_LOCKED_STATUS) { $retval['locked'] = TRUE; } else { $retval['locked'] = FALSE; } // Check and see if user has subscribed to this file $direct = FALSE; $ignorefilechanges = FALSE; // Check if user has an ignore file changes record or a subscribe to changes record for this file $query = db_query("SELECT fid,ignore_filechanges FROM {filedepot_notifications} WHERE fid=:fid and uid=:uid", array(':fid' => $fid, ':uid' => $user->uid)); $A = $query->fetchAssoc(); if ($A['ignore_filechanges'] == 1) { $ignorefilechanges = TRUE; } elseif ($A['fid'] == $fid) { $direct = TRUE; } // Check and see if user has indirectly subscribed to file by subscribing to folder $sql = "SELECT count(*) FROM {filedepot_notifications} WHERE cid_changes=1 AND cid=:cid AND uid=:uid"; $indirect = db_query($sql, array(':cid' => $rec['cid'], ':uid' => $user->uid))->fetchField(); if (($direct or $indirect) and !$ignorefilechanges) { $retval['subscribed'] = TRUE; } else { $retval['subscribed'] = FALSE; } } } if ($validfile) { $retval['error'] = ''; $retval['retcode'] = 200; if ($reportmode == 'incoming') { $retval['downloadperm'] = TRUE; $retval['editperm'] = TRUE; $retval['deleteperm'] = TRUE; $retval['addperm'] = FALSE; $retval['lockperm'] = FALSE; $retval['notifyperm'] = FALSE; $retval['broadcastperm'] = FALSE; $folderoptions = filedepot_recursiveAccessOptions('admin', 0); $retval['folderoptions'] = '<select name="folder" style="width:220px;">' . $folderoptions . '</select>'; } else { $retval['dispfolder'] = $retval['folder']; $retval['description'] = nl2br($retval['description']); $retval['version_note'] = nl2br($retval['version_note']); $retval['date'] = strftime('%b %d %Y %I:%M %p', $retval['date']); $retval['size'] = filedepot_formatFileSize($retval['size']); // Setup the folder option select HTML options $cid = intval($retval['cid']); $folderoptions = filedepot_recursiveAccessOptions('admin', $cid, 0, 1, FALSE); if (!empty($folderoptions) and $filedepot->checkPermission($retval['cid'], 'admin')) { $retval['folderoptions'] = '<select name="folder" style="width:220px;">' . $folderoptions . '</select>'; } else { $retval['folderoptions'] = '<input type="text" name="folder" value="' . $retval['folder'] . '" READONLY />'; } if ($filedepot->checkPermission($retval['cid'], 'admin')) { $retval['downloadperm'] = TRUE; $retval['editperm'] = TRUE; $retval['deleteperm'] = TRUE; $retval['addperm'] = TRUE; $retval['lockperm'] = TRUE; $retval['notifyperm'] = TRUE; $retval['broadcastperm'] = TRUE; } elseif ($retval['locked']) { if ($retval['status_changedby_uid'] == $user->uid) { $retval['lockperm'] = TRUE; if ($filedepot->checkPermission($retval['cid'], 'upload_ver')) { $retval['addperm'] = TRUE; } if ($retval['submitter'] == $user->uid) { $retval['deleteperm'] = TRUE; } } elseif ($retval['status_changedby_uid'] > 0) { if ($retval['submitter'] == $user->uid) { $retval['lockperm'] = TRUE; } else { $retval['downloadperm'] = FALSE; } } $retval['notifyperm'] = TRUE; } elseif ($user->uid > 0) { if ($retval['submitter'] == $user->uid) { $retval['deleteperm'] = TRUE; $retval['lockperm'] = TRUE; } if ($filedepot->checkPermission($retval['cid'], 'upload_ver')) { $retval['addperm'] = TRUE; } $retval['notifyperm'] = TRUE; } // Changed if ($filedepot->checkPermission($retval['cid'], 'view', 0, TRUE)) { $retval['tagperms'] = TRUE; // Able to set or change tags if ($retval['locked']) { if ($retval['submitter'] == $user->uid or $retval['status_changedby_uid'] == $user->uid) { $retval['downloadperm'] = TRUE; } elseif (variable_get('filedepot_locked_file_download_enabled', 0) == 1) { // Check admin config setting $retval['downloadperm'] = TRUE; } else { $retval['downloadperm'] = FALSE; } } else { $retval['downloadperm'] = TRUE; if ($retval['submitter'] == $user->uid) { $retval['editperm'] = TRUE; } } } else { $retval['tagperms'] = FALSE; $retval['downloadperm'] = FALSE; } } } else { $retval['retcode'] = 400; $retval['error'] = t('Invalid access'); } return $retval; }
/** * Returns a formatted listbox of categories user has access * First checks for View access so that delegated admin can be just for sub-categories * * @param string|array $perms Single perm 'admin' or array of permissions as required by $filedepot->checkPermission() * @param int $selected Will make this item the selected item in the listbox * @param string $id Parent category to start at and then recursively check * @param string $level Used by this function as it calls itself to control the indent formatting * @param boolean $addRootOpt Add the 'Top Level Folder' option, when appropriate. Defaults to @c TRUE. * @return string Return a formatted HTML Select listbox of categories */ function filedepot_recursiveAccessOptions($perms, $selected = '', $id = '0', $level = '1', $addRootOpt = TRUE) { $filedepot = filedepot_filedepot(); $selectlist = ''; if ($filedepot->ogmode_enabled and !empty($filedepot->allowableGroupViewFoldersSql)) { if ($id == 0) { $id = $filedepot->ogrootfolder; } if ($addRootOpt and $level == 1 and user_access('administer filedepot')) { $selectlist = '<option value="' . $filedepot->ogrootfolder . '">' . t('Top Level Folder') . '</option>' . LB; } } else { if ($addRootOpt and $level == 1 and user_access('administer filedepot')) { $selectlist = '<option value="0">' . t('Top Level Folder') . '</option>' . LB; } } $query = db_query("SELECT cid,pid,name FROM {filedepot_categories} WHERE pid=:cid ORDER BY cid", array(':cid' => $id)); while ($A = $query->fetchAssoc()) { list($cid, $pid, $name) = array_values($A); $name = filter_xss($name); $indent = ' '; // Check if user has access to this category if ($filedepot->checkPermission($cid, 'view')) { // Check and see if this category has any sub categories - where a category record has this cid as it's parent $tempcid = db_query("SELECT cid FROM {filedepot_categories} WHERE pid=:cid", array(':cid' => $cid))->fetchField(); if ($tempcid > 0) { if ($level > 1) { for ($i = 2; $i <= $level; $i++) { $indent .= "--"; } $indent .= ' '; } if ($filedepot->checkPermission($cid, $perms)) { if ($indent != '') { $name = " {$name}"; } $selectlist .= '<option value="' . $cid; if ($cid == $selected) { $selectlist .= '" selected="selected">' . $indent . $name . '</option>' . LB; } else { $selectlist .= '">' . $indent . $name . '</option>' . LB; } $selectlist .= filedepot_recursiveAccessOptions($perms, $selected, $cid, $level + 1, $addRootOpt); } else { // Need to check for any folders with admin even subfolders of parents that user does not have access $selectlist .= filedepot_recursiveAccessOptions($perms, $selected, $cid, $level + 1, $addRootOpt); } } else { if ($level > 1) { for ($i = 2; $i <= $level; $i++) { $indent .= "--"; } $indent .= ' '; } if ($filedepot->checkPermission($cid, $perms)) { if ($indent != '') { $name = " {$name}"; } $selectlist .= '<option value="' . $cid; if ($cid == $selected) { $selectlist .= '" selected="selected">' . $indent . $name . '</option>' . LB; } else { $selectlist .= '">' . $indent . $name . '</option>' . LB; } } } } } return $selectlist; }