/** * This method provides a generic item detail view. * * @param string $ot Treated object type. * @param string $tpl Name of alternative template (for alternative display options, feeds and xml output) * @param boolean $raw Optional way to display a template instead of fetching it (needed for standalone output) * * @return mixed Output. */ public function display() { $controllerHelper = new Reviews_Util_Controller($this->serviceManager); // parameter specifying which type of objects we are treating $objectType = $this->request->query->filter('ot', 'review', FILTER_SANITIZE_STRING); $utilArgs = array('controller' => 'user', 'action' => 'display'); if (!in_array($objectType, $controllerHelper->getObjectTypes('controllerAction', $utilArgs))) { $objectType = $controllerHelper->getDefaultObjectType('controllerAction', $utilArgs); } $this->throwForbiddenUnless(SecurityUtil::checkPermission($this->name . ':' . ucwords($objectType) . ':', '::', ACCESS_READ), LogUtil::getErrorMsgPermission()); $entityClass = $this->name . '_Entity_' . ucwords($objectType); $repository = $this->entityManager->getRepository($entityClass); $repository->setControllerArguments(array()); $idFields = ModUtil::apiFunc($this->name, 'selection', 'getIdFields', array('ot' => $objectType)); // retrieve identifier of the object we wish to view $idValues = $controllerHelper->retrieveIdentifier($this->request, array(), $objectType, $idFields); $hasIdentifier = $controllerHelper->isValidIdentifier($idValues); // check for unique permalinks (without id) $hasSlug = false; $slug = ''; if ($hasIdentifier === false) { $entityClass = $this->name . '_Entity_' . ucwords($objectType); $meta = $this->entityManager->getClassMetadata($entityClass); $hasSlug = $meta->hasField('slug') && $meta->isUniqueField('slug'); if ($hasSlug) { $slug = $this->request->query->filter('slug', '', FILTER_SANITIZE_STRING); $hasSlug = !empty($slug); } } $hasIdentifier |= $hasSlug; $this->throwNotFoundUnless($hasIdentifier, $this->__('Error! Invalid identifier received.')); $entity = ModUtil::apiFunc($this->name, 'selection', 'getEntity', array('ot' => $objectType, 'id' => $idValues, 'slug' => $slug)); $this->throwNotFoundUnless($entity != null, $this->__('No such item.')); unset($idValues); $entity->initWorkflow(); // build ModUrl instance for display hooks; also create identifier for permission check $currentUrlArgs = array('ot' => $objectType); $instanceId = ''; foreach ($idFields as $idField) { $currentUrlArgs[$idField] = $entity[$idField]; if (!empty($instanceId)) { $instanceId .= '_'; } $instanceId .= $entity[$idField]; } $currentUrlArgs['id'] = $instanceId; if (isset($entity['slug'])) { $currentUrlArgs['slug'] = $entity['slug']; } $currentUrlObject = new Zikula_ModUrl($this->name, 'user', 'display', ZLanguage::getLanguageCode(), $currentUrlArgs); $this->throwForbiddenUnless(SecurityUtil::checkPermission($this->name . ':' . ucwords($objectType) . ':', $instanceId . '::', ACCESS_READ), LogUtil::getErrorMsgPermission()); $viewHelper = new Reviews_Util_View($this->serviceManager); $templateFile = $viewHelper->getViewTemplate($this->view, 'user', $objectType, 'display', array()); // set cache id $component = $this->name . ':' . ucwords($objectType) . ':'; $instance = $instanceId . '::'; $accessLevel = ACCESS_READ; if (SecurityUtil::checkPermission($component, $instance, ACCESS_COMMENT)) { $accessLevel = ACCESS_COMMENT; } if (SecurityUtil::checkPermission($component, $instance, ACCESS_EDIT)) { $accessLevel = ACCESS_EDIT; } $this->view->setCacheId($objectType . '|' . $instanceId . '|a' . $accessLevel); // assign output data to view object. $this->view->assign($objectType, $entity)->assign('currentUrlObject', $currentUrlObject)->assign($repository->getAdditionalTemplateParameters('controllerAction', $utilArgs)); //$controllerHelper = new Reviews_Util_Controller($this->serviceManager); $controllerHelper->addView($entity['id']); // fetch and return the appropriate template return $viewHelper->processTemplate($this->view, 'user', $objectType, 'display', array(), $templateFile); }
/** * Initialize form handler. * * This method takes care of all necessary initialisation of our data and form states. * * @param Zikula_Form_View $view The form view instance. * * @return boolean False in case of initialization errors, otherwise true. */ public function initialize(Zikula_Form_View $view) { $this->inlineUsage = UserUtil::getTheme() == 'Printer' ? true : false; $this->idPrefix = $this->request->query->filter('idp', '', FILTER_SANITIZE_STRING); // initialise redirect goal $this->returnTo = $this->request->query->filter('returnTo', null, FILTER_SANITIZE_STRING); // store current uri for repeated creations $this->repeatReturnUrl = System::getCurrentURI(); $this->permissionComponent = $this->name . ':' . $this->objectTypeCapital . ':'; $entityClass = $this->name . '_Entity_' . ucfirst($this->objectType); $this->idFields = ModUtil::apiFunc($this->name, 'selection', 'getIdFields', array('ot' => $this->objectType)); // retrieve identifier of the object we wish to view $controllerHelper = new Reviews_Util_Controller($this->view->getServiceManager()); $this->idValues = $controllerHelper->retrieveIdentifier($this->request, array(), $this->objectType, $this->idFields); $hasIdentifier = $controllerHelper->isValidIdentifier($this->idValues); $entity = null; $this->mode = $hasIdentifier ? 'edit' : 'create'; if ($this->mode == 'edit') { if (!SecurityUtil::checkPermission($this->permissionComponent, $this->createCompositeIdentifier() . '::', ACCESS_EDIT)) { return LogUtil::registerPermissionError(); } $entity = $this->initEntityForEdit(); if (!is_object($entity)) { return LogUtil::registerError($this->__('No such item.')); } if ($this->hasPageLockSupport === true && ModUtil::available('PageLock')) { // try to guarantee that only one person at a time can be editing this entity ModUtil::apiFunc('PageLock', 'user', 'pageLock', array('lockName' => $this->name . $this->objectTypeCapital . $this->createCompositeIdentifier(), 'returnUrl' => $this->getRedirectUrl(null))); } } else { if (!SecurityUtil::checkPermission($this->permissionComponent, '::', ACCESS_EDIT)) { return LogUtil::registerPermissionError(); } $entity = $this->initEntityForCreation(); } $this->view->assign('mode', $this->mode)->assign('inlineUsage', $this->inlineUsage); // save entity reference for later reuse $this->entityRef = $entity; if ($this->hasCategories === true) { $this->initCategoriesForEdit(); } $workflowHelper = new Reviews_Util_Workflow($this->view->getServiceManager()); $actions = $workflowHelper->getActionsForObject($entity); if ($actions === false || !is_array($actions)) { return LogUtil::registerError($this->__('Error! Could not determine workflow actions.')); } // assign list of allowed actions to the view for further processing $this->view->assign('actions', $actions); // everything okay, no initialization errors occured return true; }
/** * Displays one item of a certain object type using a separate template for external usages. * * @param string $ot The object type. * @param int $id Identifier of the item to be shown. * @param string $source Source of this call (contentType or scribite). * @param string $displayMode Display mode (link or embed). * * @return string Desired data output. */ public function display(array $args = array()) { $getData = $this->request->query; $controllerHelper = new Reviews_Util_Controller($this->serviceManager); $objectType = isset($args['objectType']) ? $args['objectType'] : $getData->filter('ot', '', FILTER_SANITIZE_STRING); $utilArgs = array('controller' => 'external', 'action' => 'display'); if (!in_array($objectType, $controllerHelper->getObjectTypes('controller', $utilArgs))) { $objectType = $controllerHelper->getDefaultObjectType('controllerType', $utilArgs); } $id = isset($args['id']) ? $args['id'] : $getData->filter('id', null, FILTER_SANITIZE_STRING); $component = $this->name . ':' . ucwords($objectType) . ':'; if (!SecurityUtil::checkPermission($component, $id . '::', ACCESS_READ)) { return ''; } $source = isset($args['source']) ? $args['source'] : $getData->filter('source', '', FILTER_SANITIZE_STRING); if (!in_array($source, array('contentType', 'scribite'))) { $source = 'contentType'; } $displayMode = isset($args['displayMode']) ? $args['displayMode'] : $getData->filter('displayMode', 'embed', FILTER_SANITIZE_STRING); if (!in_array($displayMode, array('link', 'embed'))) { $displayMode = 'embed'; } $entityClass = 'Reviews_Entity_' . ucwords($objectType); $repository = $this->entityManager->getRepository($entityClass); $repository->setControllerArguments(array()); $idFields = ModUtil::apiFunc('Reviews', 'selection', 'getIdFields', array('ot' => $objectType)); $idValues = array('id' => $id); $hasIdentifier = $controllerHelper->isValidIdentifier($idValues); if (!$hasIdentifier) { return $this->__('Error! Invalid identifier received.'); } // assign object data fetched from the database $entity = $repository->selectById($idValues); if (!is_array($entity) && !is_object($entity) || !isset($entity[$idFields[0]])) { return $this->__('No such item.'); } $entity->initWorkflow(); /*if ($controllerHelper->hasCompositeKeys($objectType)) { $instanceId = ''; foreach ($idFields as $idField) { if (!empty($instanceId)) { $instanceId .= '_'; } $instanceId .= $idValues[$idField]; } $instance = $instanceId . '::'; } else {*/ $instance = $id . '::'; /*}*/ $this->view->setCaching(Zikula_View::CACHE_ENABLED); // set cache id $accessLevel = ACCESS_READ; if (SecurityUtil::checkPermission($component, $instance, ACCESS_COMMENT)) { $accessLevel = ACCESS_COMMENT; } if (SecurityUtil::checkPermission($component, $instance, ACCESS_EDIT)) { $accessLevel = ACCESS_EDIT; } $this->view->setCacheId($objectType . '|' . $id . '|a' . $accessLevel); $this->view->assign('objectType', $objectType)->assign('source', $source)->assign($objectType, $entity)->assign('displayMode', $displayMode); return $this->view->fetch('external/' . $objectType . '/display.tpl'); }
/** * This method provides a generic handling of simple delete requests. * * @param string $ot Treated object type. * @param int $id Identifier of entity to be deleted. * @param boolean $confirmation Confirm the deletion, else a confirmation page is displayed. * @param string $tpl Name of alternative template (for alternative display options, feeds and xml output) * @param boolean $raw Optional way to display a template instead of fetching it (needed for standalone output) * * @return mixed Output. */ public function delete() { $controllerHelper = new Reviews_Util_Controller($this->serviceManager); // parameter specifying which type of objects we are treating $objectType = $this->request->query->filter('ot', 'review', FILTER_SANITIZE_STRING); $utilArgs = array('controller' => 'admin', 'action' => 'delete'); if (!in_array($objectType, $controllerHelper->getObjectTypes('controllerAction', $utilArgs))) { $objectType = $controllerHelper->getDefaultObjectType('controllerAction', $utilArgs); } $this->throwForbiddenUnless(SecurityUtil::checkPermission($this->name . ':' . ucwords($objectType) . ':', '::', ACCESS_ADMIN), LogUtil::getErrorMsgPermission()); $idFields = ModUtil::apiFunc($this->name, 'selection', 'getIdFields', array('ot' => $objectType)); // retrieve identifier of the object we wish to delete $idValues = $controllerHelper->retrieveIdentifier($this->request, array(), $objectType, $idFields); $hasIdentifier = $controllerHelper->isValidIdentifier($idValues); $this->throwNotFoundUnless($hasIdentifier, $this->__('Error! Invalid identifier received.')); $entity = ModUtil::apiFunc($this->name, 'selection', 'getEntity', array('ot' => $objectType, 'id' => $idValues)); $this->throwNotFoundUnless($entity != null, $this->__('No such item.')); $entity->initWorkflow(); $workflowHelper = new Reviews_Util_Workflow($this->serviceManager); $deleteActionId = 'delete'; $deleteAllowed = false; $actions = $workflowHelper->getActionsForObject($entity); if ($actions === false || !is_array($actions)) { return LogUtil::registerError($this->__('Error! Could not determine workflow actions.')); } foreach ($actions as $actionId => $action) { if ($actionId != $deleteActionId) { continue; } $deleteAllowed = true; break; } if (!$deleteAllowed) { return LogUtil::registerError($this->__('Error! It is not allowed to delete this entity.')); } $confirmation = (bool) $this->request->request->filter('confirmation', false, FILTER_VALIDATE_BOOLEAN); if ($confirmation) { $this->checkCsrfToken(); $hookAreaPrefix = $entity->getHookAreaPrefix(); $hookType = 'validate_delete'; // Let any hooks perform additional validation actions $hook = new Zikula_ValidationHook($hookAreaPrefix . '.' . $hookType, new Zikula_Hook_ValidationProviders()); $validators = $this->notifyHooks($hook)->getValidators(); if (!$validators->hasErrors()) { // execute the workflow action $success = $workflowHelper->executeAction($entity, $deleteActionId); if ($success) { $this->registerStatus($this->__('Done! Item deleted.')); } // Let any hooks know that we have created, updated or deleted an item $hookType = 'process_delete'; $hook = new Zikula_ProcessHook($hookAreaPrefix . '.' . $hookType, $entity->createCompositeIdentifier()); $this->notifyHooks($hook); // An item was deleted, so we clear all cached pages this item. $cacheArgs = array('ot' => $objectType, 'item' => $entity); ModUtil::apiFunc($this->name, 'cache', 'clearItemCache', $cacheArgs); // redirect to the list of the current object type return $this->redirect(ModUtil::url($this->name, 'admin', 'view', array('ot' => $objectType))); } } $entityClass = $this->name . '_Entity_' . ucwords($objectType); $repository = $this->entityManager->getRepository($entityClass); // set caching id $this->view->setCaching(Zikula_View::CACHE_DISABLED); // assign the object we loaded above $this->view->assign($objectType, $entity)->assign($repository->getAdditionalTemplateParameters('controllerAction', $utilArgs)); // fetch and return the appropriate template $viewHelper = new Reviews_Util_View($this->serviceManager); return $viewHelper->processTemplate($this->view, 'admin', $objectType, 'delete', array()); }