예제 #1
0
 function getDefaultView()
 {
     $context = $this->getContext();
     $controller = $context->getController();
     $request = $context->getRequest();
     $user = $context->getUser();
     $acs_user_info_row = $user->getAttribute('acs_user_info_row');
     $community_id = $request->getParameter('community_id');
     $bbs_id = $request->getParameter('bbs_id');
     // コミュニティ情報
     $community_row = ACSCommunity::get_community_row($community_id);
     // BBS記事一覧
     $bbs_row = ACSBBS::get_bbs_row($bbs_id);
     // 信頼済みコミュニティ一覧
     $bbs_row['trusted_community_row_array'] = ACSBBS::get_bbs_trusted_community_row_array($bbs_row['bbs_id']);
     // set
     $request->setAttribute('community_row', $community_row);
     $request->setAttribute('bbs_row', $bbs_row);
     // (投稿者本人 or コミュニティ管理者)のみがアクセスできる
     if ($acs_user_info_row['user_community_id'] != $bbs_row['user_community_id'] && !ACSCommunity::is_community_admin($acs_user_info_row['user_community_id'], $community_row['community_id'])) {
         $controller->forward(SECURE_MODULE, SECURE_ACTION);
         return;
     }
     return View::INPUT;
 }
예제 #2
0
 function get_execute_privilege()
 {
     $context = $this->getContext();
     $controller = $context->getController();
     $request = $context->getRequest();
     $user = $context->getUser();
     // 公開範囲情報取得
     $acs_user_info_row = $user->getAttribute('acs_user_info_row');
     $bbs_row = ACSBBS::get_bbs_row($request->ACSGetParameter('id'));
     if (!$bbs_row) {
         return false;
     }
     // パブリックリリース
     if ($bbs_row['open_level_code'] == '06') {
         return true;
     }
     $bbs_row['trusted_community_row_array'] = ACSBBS::get_bbs_trusted_community_row_array($bbs_row['bbs_id']);
     $target_community_row = ACSCommunity::get_community_profile_row($bbs_row['bbs_community_id']);
     // スレッドごとのアクセス制御判定
     $role_array = ACSAccessControl::get_community_role_array($acs_user_info_row, $target_community_row);
     $ret = ACSAccessControl::is_valid_user_for_community($acs_user_info_row, $role_array, $bbs_row);
     return $ret;
 }
예제 #3
0
 function execute()
 {
     $context = $this->getContext();
     $controller = $context->getController();
     $request = $context->getRequest();
     $user = $context->getUser();
     if (!$this->get_execute_privilege()) {
         $controller->forward(SECURE_MODULE, SECURE_ACTION);
         return;
     }
     //mode 画面の遷移を取得する
     $move_id = $request->getParameter('move_id');
     // 公開範囲
     $open_level_master_row_array = ACSAccessControl::get_open_level_master_row_array(ACSMsg::get_mst('community_type_master', 'D40'), ACSMsg::get_mst('contents_type_master', 'D42'));
     // ユーザー情報
     $acs_user_info_row = $user->getAttribute('acs_user_info_row');
     // 対象となるコミュニティIDを取得
     $community_id = $request->getParameter('community_id');
     $bbs_id = $request->getParameter('bbs_id');
     /* 入力画面より */
     if ($move_id == 1) {
         // 画面上のフォーム情報を取得する
         $form['subject'] = $request->getParameter('subject');
         //件名:subject
         // 本文
         $form['body'] = $request->getParameter('body');
         //内容:body
         $form['community_id'] = $community_id;
         //当コミュニティのID
         $form['user_community_id'] = $acs_user_info_row['user_community_id'];
         // 投稿者print "form_row:";
         $form['bbs_id'] = $bbs_id;
         // 投稿者print "form_row:";
         $user->setAttribute('new_form_obj', $form);
         return View::SUCCESS;
         /* 登録確定ボタン「はい」より */
     } else {
         if ($move_id == 2) {
             // 画面上のフォーム情報を取得する
             $form = $user->getAttribute('new_form_obj');
             // DBへの書き込み等
             $ret = ACSBBS::set_bbs_res($form);
             if ($ret) {
                 // 掲示板アクセス履歴へ記録
                 ACSBBS::set_bbs_access_history($acs_user_info_row['user_community_id'], $form['bbs_id']);
                 // bbs情報取得
                 $bbs_row = ACSBBS::get_bbs_row($request->getParameter('bbs_id'));
                 // MLオプションありの場合
                 if ($bbs_row['ml_send_flag'] == 't') {
                     // MLステータスの取得
                     $ml_status_row = ACSCommunity::get_contents_row($community_id, ACSMsg::get_mst('contents_type_master', 'D62'));
                     $ml_status = $ml_status_row['contents_value'];
                     // ML有りの場合メールを送信
                     if ($ml_status == 'ACTIVE') {
                         // "Re:"の削除
                         $subject_msg = mb_ereg_replace(ACS_COMMUNITY_ML_SUBJECT_PREFIX_CLEAR_REGEX, '', $form['subject']);
                         // 件名編集
                         $subject = "Re: " . str_replace('{BBSID}', $bbs_id, ACS_COMMUNITY_ML_SUBJECT_FORMAT) . $subject_msg;
                         // ML送信
                         ACSCommunityMail::send_community_mailing_list($community_id, $acs_user_info_row['mail_addr'], $subject, $form['body']);
                     }
                 }
             } else {
                 echo ACSMsg::get_msg('Community', 'BBSResPreAction.class.php', 'M001');
             }
             // 書き込み後、BBS Top 表示の処理へ
             $action_url = $this->getControllerPath('Community', 'BBS') . '&community_id=' . $community_id . '&move_id=4';
             header("Location: {$action_url}");
         }
     }
 }
예제 #4
0
 function get_execute_privilege(&$controller, &$request, &$user)
 {
     // 公開範囲情報取得
     $acs_user_info_row = $user->getAttribute('acs_user_info_row');
     $target_community_row = ACSCommunity::get_community_profile_row($request->getParameter('community_id'));
     $bbs_row = ACSBBS::get_bbs_row($request->getParameter('bbs_id'));
     if (!$bbs_row) {
         return false;
     }
     $bbs_row['trusted_community_row_array'] = ACSBBS::get_bbs_trusted_community_row_array($bbs_row['bbs_id']);
     // アクセス制御判定
     $role_array = ACSAccessControl::get_community_role_array($acs_user_info_row, $target_community_row);
     $ret = ACSAccessControl::is_valid_user_for_community($acs_user_info_row, $role_array, $bbs_row);
     return $ret;
 }
예제 #5
0
 function get_execute_privilege()
 {
     $context = $this->getContext();
     $controller = $context->getController();
     $request = $context->getRequest();
     $user = $context->getUser();
     $acs_user_info_row = $user->getAttribute('acs_user_info_row');
     // 管理人はOK
     if ($user->hasCredential('COMMUNITY_ADMIN')) {
         return true;
     }
     // 書き込んだメンバ本人はOK
     if ($user->hasCredential('COMMUNITY_MEMBER')) {
         $bbs_row = ACSBBS::get_bbs_row($request->getParameter('bbs_id'));
         if ($acs_user_info_row['user_community_id'] == $bbs_row['user_community_id']) {
             return true;
         }
     }
     return false;
 }