function init()
{
$this->type_entity = new entity($this->admin_page->type_id);
if (!reason_site_can_edit_type($this->admin_page->site_id, $this->admin_page->type_id)) {
echo 'This site does not have permission to edit ' . $this->type_entity->get_value('plural_name') . '.';
die;
}
if (empty($this->admin_page->id)) {
if (reason_user_has_privs($this->admin_page->user_id, 'add')) {
$new_id = create_entity($this->admin_page->site_id, $this->admin_page->type_id, $this->admin_page->user_id, '', array('entity' => array('state' => 'Pending')));
header('Location: ' . unhtmlentities($this->admin_page->make_link(array('id' => $new_id), true)));
die;
} else {
echo 'You do not have the privileges needed to add a ' . $this->type_entity->get_value('name');
die;
}
}
$this->entity = new entity($this->admin_page->id);
if ($this->_cm_ok_to_run()) {
$this->_do_admin_page_prep();
$this->disco_item = $this->_build_content_manager();
}
$this->head_items->add_javascript(JQUERY_UI_URL, true);
$this->head_items->add_javascript(JQUERY_URL, true);
$this->head_items->add_stylesheet(JQUERY_UI_CSS_URL);
$this->head_items->add_javascript(WEB_JAVASCRIPT_PATH . 'change_detection.js');
}
function show_add()
{
// lets make sure permissions allow this
if (reason_site_can_edit_type($this->admin_page->site_id, $this->admin_page->type_id)) {
echo '<div class="addLink">' . "\n" . '<div class="roundedTop">' . "\n" . '<img src="' . REASON_ADMIN_IMAGES_DIRECTORY . 'trans.gif" alt="" class="roundedCorner" />' . "\n" . '</div>' . "\n" . '<div class="roundedContent">' . "\n";
$type = new entity($this->admin_page->type_id);
echo '<a href="' . $this->admin_page->make_link(array('cur_module' => 'Editor', 'id' => '', 'new_entity' => 1)) . '">Add ' . $type->get_value('name') . '</a>' . "\n";
if (array_key_exists($type->get_value('unique_name'), $this->import_modules)) {
$import_module = $this->import_modules[$type->get_value('unique_name')];
echo '<div class="smallText importBlock"><a href="' . $this->admin_page->make_link(array('cur_module' => $import_module, 'id' => '')) . '">Batch Import ' . ($type->get_value('plural_name') ? $type->get_value('plural_name') : $type->get_value('name')) . '</a></div>' . "\n";
}
echo '</div>' . "\n" . '<div class="roundedBottom">' . "\n" . '<img src="' . REASON_ADMIN_IMAGES_DIRECTORY . 'trans.gif" alt="" class="roundedCorner" />' . "\n" . '</div>' . "\n" . '</div>' . "\n";
} else {
echo '<div class="addLink">' . "\n" . '<div class="roundedTop">' . "\n" . '<img src="' . REASON_ADMIN_IMAGES_DIRECTORY . 'trans.gif" alt="" class="roundedCorner" />' . "\n" . '</div>' . "\n" . '<div class="roundedContent">' . "\n";
echo '<strong>Warning</strong><p>The site is not allowed to add or edit items of this type.</p><p>If this is unexpected, contact an administrator.</p>';
echo '</div>' . "\n" . '<div class="roundedBottom">' . "\n" . '<img src="' . REASON_ADMIN_IMAGES_DIRECTORY . 'trans.gif" alt="" class="roundedCorner" />' . "\n" . '</div>' . "\n" . '</div>' . "\n";
}
}
function show_admin_live($row, $options)
{
echo '<td>';
if (reason_user_has_privs($this->admin_page->user_id, 'edit')) {
echo '<strong>';
$edit_link = $this->admin_page->make_link(array('cur_module' => 'Editor', 'id' => $row->id()));
$preview_link = $this->admin_page->make_link(array('cur_module' => 'Preview', 'id' => $row->id()));
$duplicate_link = $this->admin_page->make_link(array('cur_module' => 'Duplicate', 'id' => $row->id()));
if (reason_site_can_edit_type($this->admin_page->site_id, $this->admin_page->type_id)) {
echo '<a href="' . $preview_link . '">' . 'Preview</a> | <a href="' . $duplicate_link . '">Duplicate</a> | <a href="' . $edit_link . '">Edit</a>';
} else {
echo '<a href="' . $preview_link . '">' . 'Preview</a>';
}
echo '</strong>';
} else {
echo ' ';
}
echo '</td>' . "\n";
}
function get_main_links($second = false)
{
$links = array();
$entity = new entity($this->id);
$user = new entity($this->user_id);
$links['Preview'] = array('title' => 'Preview', 'link' => $this->make_link(array('cur_module' => 'Preview')));
$can_edit = $entity->get_value('state') == 'Pending' ? reason_user_has_privs($this->user_id, 'edit_pending') : reason_user_has_privs($this->user_id, 'edit');
if ($can_edit && reason_site_can_edit_type($this->site_id, $this->type_id)) {
$links['Edit'] = array('title' => 'Edit', 'link' => $this->make_link(array('cur_module' => 'Editor')), 'locked' => !$entity->user_can_edit($user, 'fields'));
if ($second) {
$rels = $second;
} else {
$rels = $this->get_rels();
}
foreach ($rels as $rel) {
$ass_name = !empty($rel['display_name']) ? $rel['display_name'] : $rel['entity_name'];
$index = $rel['id'];
$links[$index] = array('title' => $ass_name, 'icon' => '<img src="' . reason_get_type_icon_url($rel['relationship_b']) . '" alt="" />', 'link' => $this->make_link(array('site_id' => $this->site_id, 'type_id' => $this->type_id, 'rel_id' => $rel['id'], 'id' => $this->id, 'user_id' => $this->user_id, 'cur_module' => 'Associator')), 'rel_info' => $rel, 'locked' => !$entity->user_can_edit_relationship($index, $user, 'right'));
}
if ($second) {
$rels = $this->get_backward_rels('I AM A GOLDEN GOD!!!');
} else {
$rels = $this->get_backward_rels();
}
foreach ($rels as $rel) {
$ass_name = !empty($rel['display_name_reverse_direction']) ? $rel['display_name_reverse_direction'] : $rel['entity_name'];
$index = $rel['id'];
$links[$index] = array('title' => $ass_name, 'icon' => '<img src="' . reason_get_type_icon_url($rel['relationship_a']) . '" alt="" />', 'link' => $this->make_link(array('site_id' => $this->site_id, 'type_id' => $this->type_id, 'rel_id' => $rel['id'], 'id' => $this->id, 'user_id' => $this->user_id, 'cur_module' => 'ReverseAssociator')), 'rel_info' => $rel, 'locked' => !$entity->user_can_edit_relationship($index, $user, 'left'));
}
}
$links['Finish'] = array('title' => '<strong>Finish</strong>', 'link' => $this->make_link(array('cur_module' => 'Finish')));
// if the entity is new, give the link to cancel its creation
$e = new entity($this->id);
if ($e->get_value('new') && $e->get_value('state') == 'Pending' && $can_edit && !$e->get_value('name') && $this->cur_module == 'Editor') {
$links['Cancel'] = array('title' => 'Cancel', 'link' => $this->make_link(array('cur_module' => 'Cancel')));
}
// This is a hack because the 'new_entity' variable is getting passed around a little too promiscuously. Really newness should be stored in the db with the entity and removed upon finish. MR 3/11/2004 */
/*$e = new entity( $this->id );
$created = prettify_mysql_timestamp( $e->get_value('creation_date'), 'Y-m-d' );
$today = date('Y-m-d');
if( !empty( $this->request[ 'new_entity' ] ) && $created == $today )
$links[ 'Cancel' ] = array( 'title' => 'Cancel' ,
'link' => $this->make_link( array( 'cur_module' => 'Cancel' ) ) ); */
return $links;
}
/**
* Could an unidentified user of the given role edit this entity?
*
* Note that without a given user, this function cannot check
* site membership or other important aspects of privilege-granting.
* Therefore, this method should only be used for informational
* purposes, not to grant privileges, unless other checks are done.
*
* @param string $role_name
* @param string $fields_or_rels 'fields','relationships', or 'all'
* @return boolean
*/
public function role_could_edit($role_name, $fields_or_rels = 'all')
{
static $cache = array('all' => array(), 'fields' => array(), 'relationships' => array());
if (!isset($cache[$fields_or_rels])) {
trigger_error('2nd parameter of role_could_edit must be one of: "' . implode('", "', array_keys($cache)) . '". Given "' . $fields_or_rels . '"; setting to "all".');
$fields_or_rels = 'all';
}
if (isset($cache[$fields_or_rels][$this->_entity->id()][$role_name])) {
return $cache[$fields_or_rels][$this->_entity->id()][$role_name];
}
if ($this->_entity->get_value('state') == 'Live' && reason_role_has_privs($role_name, 'edit') || $this->_entity->get_value('state') == 'Pending' && reason_role_has_privs($role_name, 'edit_pending') || $this->_entity->get_value('state') == 'Deleted' && (reason_role_has_privs($role_name, 'publish') || reason_role_has_privs($role_name, 'expunge'))) {
$owner = $this->_entity->get_owner();
if (!reason_site_can_edit_type($owner, $this->_entity->get_value('type'))) {
return $cache[$fields_or_rels][$this->_entity->id()][$role_name] = false;
}
if (reason_role_has_privs($role_name, 'bypass_locks')) {
return $cache[$fields_or_rels][$this->_entity->id()][$role_name] = true;
}
switch ($fields_or_rels) {
case 'all':
return $cache[$fields_or_rels][$this->_entity->id()][$role_name] = !($this->get_all_fields_lock() && $this->get_all_relationships_lock('left') && $this->get_all_relationships_lock('right'));
case 'fields':
return $cache[$fields_or_rels][$this->_entity->id()][$role_name] = !$this->get_all_fields_lock();
case 'relationships':
return $cache[$fields_or_rels][$this->_entity->id()][$role_name] = !($this->get_all_relationships_lock('left') && $this->get_all_relationships_lock('right'));
default:
trigger_error('Programming error: $fields_or_rels not an acceptable value');
return false;
}
} else {
return $cache[$fields_or_rels][$this->_entity->id()][$role_name] = false;
}
}
function show_admin_associate($row, $options)
{
if (!$this->_cur_user_has_edit_privs()) {
echo '<td class="viewerCol_admin"> </td>';
return;
}
$e_rel = $this->admin_page->rel_id;
$e_id = $this->admin_page->id;
$e = new entity($e_id);
$user = new entity($this->admin_page->user_id);
$e_type = $e->get_value('type');
static $one_to_many = false;
static $found_connections = false;
if (!$found_connections) {
$found_connections = true;
$q = 'SELECT * FROM allowable_relationship WHERE id = ' . $e_rel . ' AND required = "yes"';
$r = db_query($q, 'error selecting connections');
$ar = mysql_fetch_array($r, MYSQL_ASSOC);
if ($ar and $ar['connections'] == 'one_to_many') {
$one_to_many = true;
} else {
$one_to_many = false;
}
}
$entity_a_or_b = $this->rel_direction == 'b_to_a' ? 'entity_a' : 'entity_b';
$lock_check_dir = $this->rel_direction == 'b_to_a' ? 'right' : 'left';
$link = array('rel_id' => $e_rel, $entity_a_or_b => $row->id());
if ($this->get_relationship_lock_state() || !$row->user_can_edit_relationship($this->admin_page->rel_id, $user, $lock_check_dir)) {
$link = '';
$name = 'Locked';
} elseif (!$this->select) {
// B TO A BEHAVIOR
// if the associated item is borrowed, and that relationship is not in the scope of the current site,
// we do not provide the DoDisassociate link.
if ($this->rel_direction == 'b_to_a') {
if ($row->get_value('sharing') == 'owns' || $this->site_id == $row->get_value('rel_site_id')) {
$link = array_merge($link, array('cur_module' => 'DoDisassociate'));
} else {
$link = '';
}
$name = 'Deselect';
} else {
$link = array_merge($link, array('cur_module' => 'DoDisassociate'));
$name = 'Deselect';
}
} else {
$link = array_merge($link, array('cur_module' => 'DoAssociate'));
$name = 'Select';
}
//echo '<td class="'.$options[ 'class' ].'"><strong>';
echo '<td class="viewerCol_admin"><strong>';
if (!$this->select and $one_to_many) {
echo 'Selected';
} else {
if (!empty($link)) {
// lets add a CSRF token for the GET request - we should make all these requests go via POST but
// this is better than nothing to prevent CSRF attacks.
$link = array_merge($link, array('admin_token' => $this->admin_page->get_admin_token()));
echo '<a href="' . $this->admin_page->make_link($link) . '">' . $name . '</a>';
} else {
echo $name;
}
}
if (reason_user_has_privs($this->admin_page->user_id, 'manage_locks') && $row->relationship_has_lock($this->admin_page->rel_id, $lock_check_dir)) {
echo ' <img class="lockIndicator" src="' . REASON_HTTP_BASE_PATH . 'ui_images/lock_12px_grey_trans.png" alt="Locked for some users" title="Locked for some users" width="12" height="12" />';
}
if (empty($this->admin_page->request[CM_VAR_PREFIX . 'type_id'])) {
$this->rel_type =& $this->admin_page->module->rel_type;
// THIS IS HOW THE B TO A WAS CODED - REVIEW AND DELETE THIS CONDITION IF POSSIBLE
if ($this->rel_direction == 'b_to_a') {
$ass_mod = new AssociatorModule($this->admin_page);
$ass_mod->rel_type =& $this->admin_page->module->rel_type;
$edit_link = $ass_mod->get_second_level_vars();
$edit_link['new_entity'] = '';
} else {
$edit_link = $this->admin_page->module->get_second_level_vars();
$edit_link['new_entity'] = '';
}
$preview_link = $edit_link;
$preview_link['id'] = $row->id();
$preview_link['cur_module'] = 'Preview';
$edit_link['id'] = $row->id();
$edit_link['cur_module'] = 'Edit';
$sharing = $row->get_value('sharing');
$owned = is_array($sharing) ? in_array('owns', $sharing) : $row->get_value('sharing') == 'owns';
$borrowed = is_array($sharing) ? in_array('borrows', $sharing) : $row->get_value('sharing') == 'borrows';
echo ' | <a href="' . $this->admin_page->make_link($preview_link) . '">Preview</a>';
if ($owned && reason_site_can_edit_type($this->site_id, $this->rel_type)) {
echo ' | <a href="' . $this->admin_page->make_link($edit_link) . '">Edit</a>';
}
if ($borrowed) {
echo ' | Borrowed';
}
if ($owned && $borrowed) {
echo '<p><strong>Note: </strong><em>Item is owned AND borrowed by the site.</em></p>';
}
if (!$owned && !$borrowed) {
echo '<p><strong>Note: </strong><em>Item is not currently owned or borrowed by the site.</em></p>';
}
}
echo '</strong></td>';
}
