private function checkNodeRights($strNodeId, $bitView = false, $bitEdit = false, $bitDelete = false, $bitRights = false, $bitRight1 = false, $bitRight2 = false, $bitRight3 = false, $bitRight4 = false, $bitRight5 = false) { $objTestObject = class_objectfactory::getInstance()->getObject($strNodeId); $this->assertEquals($bitView, $this->objRights->rightView($strNodeId, $this->strUserId), __FILE__ . " checkNodeRights View " . $strNodeId); $this->assertEquals($bitEdit, $this->objRights->rightEdit($strNodeId, $this->strUserId), __FILE__ . " checkNodeRights Edit " . $strNodeId); $this->assertEquals($bitDelete, $this->objRights->rightDelete($strNodeId, $this->strUserId), __FILE__ . " checkNodeRights Delete " . $strNodeId); $this->assertEquals($bitRights, $this->objRights->rightRight($strNodeId, $this->strUserId), __FILE__ . " checkNodeRights Rights" . $strNodeId); $this->assertEquals($bitRight1, $this->objRights->rightRight1($strNodeId, $this->strUserId), __FILE__ . " checkNodeRights Right1" . $strNodeId); $this->assertEquals($bitRight2, $this->objRights->rightRight2($strNodeId, $this->strUserId), __FILE__ . " checkNodeRights Right2" . $strNodeId); $this->assertEquals($bitRight3, $this->objRights->rightRight3($strNodeId, $this->strUserId), __FILE__ . " checkNodeRights Right3" . $strNodeId); $this->assertEquals($bitRight4, $this->objRights->rightRight4($strNodeId, $this->strUserId), __FILE__ . " checkNodeRights Right4" . $strNodeId); $this->assertEquals($bitRight5, $this->objRights->rightRight5($strNodeId, $this->strUserId), __FILE__ . " checkNodeRights Right5" . $strNodeId); }
private function printTree($strRootNode, $intLevel) { for ($i = 0; $i < $intLevel; $i++) { echo " "; } $objCommon = new class_module_system_aspect($strRootNode); //var_dump($objCommon->getSystemRecord()); echo $objCommon->getRecordComment() . " / (v: " . $this->objRights->rightView($strRootNode, $this->strUserId) . " e: " . $this->objRights->rightEdit($strRootNode, $this->strUserId) . ") / " . $objCommon->getSystemid() . "\n"; //var_dump($objCommon->getChildNodesAsIdArray()); foreach ($objCommon->getChildNodesAsIdArray() as $strOneId) { $this->printTree($strOneId, $intLevel + 1); } }
/** * Saves a post to the databases * * @permissions right1 * @return string */ protected function actionPostComment() { if (!$this->validateForm()) { return $this->actionList(); } $strSystemidfilter = ""; if ($this->getSystemid() != "") { $strSystemidfilter = $this->getSystemid(); } if (class_module_pages_page::getPageByName($this->getPagename()) !== null) { $strPagefilter = class_module_pages_page::getPageByName($this->getPagename())->getSystemid(); } else { $strPagefilter = ""; } $objPost = new class_module_postacomment_post(); $objPost->setStrUsername($this->getParam("comment_name")); $objPost->setStrTitle($this->getParam("comment_subject")); $objPost->setStrComment($this->getParam("comment_message")); $objPost->setStrAssignedPage($strPagefilter); $objPost->setStrAssignedSystemid($strSystemidfilter); $objPost->setStrAssignedLanguage($this->getStrPortalLanguage()); $objPost->updateObjectToDb(); $this->flushPageFromPagesCache($this->getPagename()); $strMailtext = $this->getLang("new_comment_mail") . "\r\n\r\n" . $objPost->getStrComment() . "\r\n"; $strMailtext .= class_link::getLinkAdminHref("postacomment", "edit", "&systemid=" . $objPost->getSystemid(), false); $objMessageHandler = new class_module_messaging_messagehandler(); $arrGroups = array(); $allGroups = class_module_user_group::getObjectList(); foreach ($allGroups as $objOneGroup) { if (class_rights::getInstance()->checkPermissionForGroup($objOneGroup->getSystemid(), class_rights::$STR_RIGHT_EDIT, $this->getObjModule()->getSystemid())) { $arrGroups[] = $objOneGroup; } } $objMessage = new class_module_messaging_message(); $objMessage->setStrBody($strMailtext); $objMessage->setObjMessageProvider(new class_messageprovider_postacomment()); $objMessageHandler->sendMessageObject($objMessage, $arrGroups); $this->portalReload(_indexpath_ . "?" . $this->getHistory(1)); return ""; }
/** * Filters the given array of objects by the given permissions. * * @param array $arrObjects * @param string $strPermissions * * @return array */ public function filterObjectsByRight(array $arrObjects, $strPermissions) { return array_filter($arrObjects, function ($objObject) use($strPermissions) { return class_rights::getInstance()->getInstance()->validatePermissionString($strPermissions, $objObject); }); }
/** * saves a post in the database and returns the post as html. * In case of missing fields, the form is returned again * * @return string * @permissons right1 */ protected function actionSavePost() { $strXMLContent = ""; //validate needed fields if (!$this->validateForm()) { //Create form to reenter values $strTemplateID = $this->objTemplate->readTemplate("/module_postacomment/" . $this->getParam("comment_template"), "postacomment_form"); $arrForm = array(); $arrForm["formaction"] = class_link::getLinkPortalHref($this->getPagename(), "", "postComment", "", $this->getSystemid()); $arrForm["comment_name"] = $this->getParam("comment_name"); $arrForm["comment_subject"] = $this->getParam("comment_subject"); $arrForm["comment_message"] = $this->getParam("comment_message"); $arrForm["comment_template"] = $this->getParam("comment_template"); $arrForm["comment_systemid"] = $this->getParam("comment_systemid"); $arrForm["comment_page"] = $this->getParam("comment_page"); $arrForm["validation_errors"] = $this->strErrors; foreach ($arrForm as $strKey => $strValue) { if (uniStrpos($strKey, "comment_") !== false) { $arrForm[$strKey] = htmlspecialchars($strValue, ENT_QUOTES, "UTF-8", false); } } //texts $arrForm["postacomment_write_new"] = $this->getLang("postacomment_write_new"); $arrForm["form_name_label"] = $this->getLang("form_name_label"); $arrForm["form_subject_label"] = $this->getLang("form_subject_label"); $arrForm["form_message_label"] = $this->getLang("form_message_label"); $arrForm["form_captcha_label"] = $this->getLang("commons_captcha"); $arrForm["form_captcha_reload_label"] = $this->getLang("commons_captcha_reload"); $arrForm["form_submit_label"] = $this->getLang("form_submit_label"); $strXMLContent .= $this->fillTemplate($arrForm, $strTemplateID); } else { //save the post to the db //pageid or systemid to filter? $strSystemidfilter = $this->getParam("comment_systemid"); if (class_module_pages_page::getPageByName($this->getParam("comment_page")) !== null) { $strPagefilter = class_module_pages_page::getPageByName($this->getParam("comment_page"))->getSystemid(); } else { $strPagefilter = ""; } $objPost = new class_module_postacomment_post(); $objPost->setStrUsername($this->getParam("comment_name")); $objPost->setStrTitle($this->getParam("comment_subject")); $objPost->setStrComment($this->getParam("comment_message")); $objPost->setStrAssignedPage($strPagefilter); $objPost->setStrAssignedSystemid($strSystemidfilter); $objPost->setStrAssignedLanguage($this->getStrPortalLanguage()); $objPost->updateObjectToDb(); $this->flushPageFromPagesCache($this->getPagename()); $strMailtext = $this->getLang("new_comment_mail") . "\r\n\r\n" . $objPost->getStrComment() . "\r\n"; $strMailtext .= class_link::getLinkAdminHref("postacomment", "edit", "&systemid=" . $objPost->getSystemid(), false); $objMessageHandler = new class_module_messaging_messagehandler(); $arrGroups = array(); $allGroups = class_module_user_group::getObjectList(); foreach ($allGroups as $objOneGroup) { if (class_rights::getInstance()->checkPermissionForGroup($objOneGroup->getSystemid(), class_rights::$STR_RIGHT_EDIT, $this->getObjModule()->getSystemid())) { $arrGroups[] = $objOneGroup; } } $objMessageHandler->sendMessage($strMailtext, $arrGroups, new class_messageprovider_postacomment()); //reinit post -> encoded entities $objPost->initObject(); //load the post as a new post to add it at top of the list $arrOnePost = array(); $arrOnePost["postacomment_post_name"] = $objPost->getStrUsername(); $arrOnePost["postacomment_post_subject"] = $objPost->getStrTitle(); $arrOnePost["postacomment_post_message"] = $objPost->getStrComment(); $arrOnePost["postacomment_post_systemid"] = $objPost->getSystemid(); $arrOnePost["postacomment_post_date"] = timeToString($objPost->getIntDate(), true); $strTemplateID = $this->objTemplate->readTemplate("/module_postacomment/" . $this->getParam("comment_template"), "postacomment_post"); $strXMLContent .= $this->objTemplate->fillTemplate($arrOnePost, $strTemplateID); } class_response_object::getInstance()->setStrResponseType(class_http_responsetypes::STR_TYPE_JSON); return $strXMLContent; }
/** * @return bool */ protected function onInsertToDb() { //send a message to all registered editors $objEvent = new class_module_eventmanager_event($this->getStrPrevId()); $strMailtext = $this->getLang("new_participant_mail") . "\n\n"; $strMailtext .= $this->getLang("new_participant_participant") . " " . $this->getStrDisplayName() . "\n"; $strMailtext .= $this->getLang("new_participant_event") . " " . $objEvent->getStrDisplayName() . "\n"; $strMailtext .= $this->getLang("new_participant_details") . " " . class_link::getLinkAdminHref("eventmanager", "listParticipant", "&systemid=" . $this->getStrPrevId(), false); $objMessageHandler = new class_module_messaging_messagehandler(); $arrGroups = array(); $allGroups = class_module_user_group::getObjectList(); foreach ($allGroups as $objOneGroup) { if (class_rights::getInstance()->checkPermissionForGroup($objOneGroup->getSystemid(), class_rights::$STR_RIGHT_EDIT, $this->getSystemid())) { $arrGroups[] = $objOneGroup; } } $objMessage = new class_module_messaging_message(); $objMessage->setStrBody(strip_tags($strMailtext)); $objMessage->setObjMessageProvider(new class_messageprovider_eventmanager()); $objMessageHandler->sendMessageObject($objMessage, $arrGroups); return true; }
/** * Saves the passed values to db * * @throws class_exception * @return string "" in case of success */ protected function actionSaveGuestbook() { $strReturn = ""; if (!$this->validateData()) { $this->setParam("eintragen_fehler", $this->getLang("eintragen_fehler")); return $this->actionInsertGuestbook($this->getAllParams()); } $objBook = new class_module_guestbook_guestbook($this->arrElementData["guestbook_id"]); //check rights if ($objBook->rightRight1()) { //create a post-object $objPost = new class_module_guestbook_post(); $objPost->setStrGuestbookPostName($this->getParam("gb_post_name")); $objPost->setStrGuestbookPostEmail($this->getParam("gb_post_email")); $objPost->setStrGuestbookPostPage($this->getParam("gb_post_page")); $objPost->setStrGuestbookPostText($this->getParam("gb_post_text")); $objPost->setIntGuestbookPostDate(time()); //save obj to db if (!$objPost->updateObjectToDb($objBook->getSystemid())) { throw new class_exception("Error saving entry", class_exception::$level_ERROR); } $strMailtext = $this->getLang("new_post_mail"); $strMailtext .= getLinkAdminHref("guestbook", "edit", "&systemid=" . $objPost->getSystemid(), false); $objMessageHandler = new class_module_messaging_messagehandler(); $arrGroups = array(); $allGroups = class_module_user_group::getObjectList(); foreach ($allGroups as $objOneGroup) { if (class_rights::getInstance()->checkPermissionForGroup($objOneGroup->getSystemid(), class_rights::$STR_RIGHT_EDIT, $this->getObjModule()->getSystemid())) { $arrGroups[] = $objOneGroup; } } $objMessageHandler->sendMessage($strMailtext, $arrGroups, new class_messageprovider_guestbook()); //Flush the page from cache $this->flushPageFromPagesCache($this->getPagename()); $this->portalReload(getLinkPortalHref($this->getPagename())); } else { $strReturn = $this->getLang("commons_error_permissions"); } return $strReturn; }
/** * Managing access to the rights object. Use ONLY this method to * get an instance! * * @return class_rights */ public function getObjRights() { //Do we have to generate the object? if ($this->objRights == null) { $this->objRights = class_rights::getInstance(); } return $this->objRights; }