/** * Users which have 'updateOwnProduct' permission can add video only from Product models that have been created by their. * Users which have 'updateProduct' permission can add video from all Product models. * * @param integer $id * @param integer $languageId * @return mixed * @throws ForbiddenHttpException */ public function actionAddVideo($id, $languageId) { if (\Yii::$app->user->can('updateProduct', ['productOwner' => Product::findOne($id)->owner])) { $product = Product::findOne($id); $video = new ProductVideo(); $videoForm = new ProductVideoForm(); if (Yii::$app->request->isPost) { $video->load(Yii::$app->request->post()); $videoForm->load(Yii::$app->request->post()); $videoForm->file_name = UploadedFile::getInstance($videoForm, 'file_name'); if ($fileName = $videoForm->upload()) { $video->file_name = $fileName; $video->resource = 'videofile'; $video->product_id = $id; $video->save(); } if ($video->resource == 'youtube') { if (preg_match('%(?:youtube(?:-nocookie)?\\.com/(?:[^/]+/.+/|(?:v|e(?:mbed)?)/|.*[?&]v=)|youtu\\.be/)([^"&?/ ]{11})%i', $video->file_name, $match)) { $id = $match[1]; $video->product_id = $product->id; $video->file_name = $id; if ($video->validate()) { $video->save(); } } else { \Yii::$app->session->setFlash('error', \Yii::t('shop', 'Sorry, this format is not supported')); } } elseif ($video->resource == 'vimeo') { $regexstr = '~ # Match Vimeo link and embed code (?:<iframe [^>]*src=")? # If iframe match up to first quote of src (?: # Group vimeo url https?:\\/\\/ # Either http or https (?:[\\w]+\\.)* # Optional subdomains vimeo\\.com # Match vimeo.com (?:[\\/\\w]*\\/videos?)? # Optional video sub directory this handles groups links also \\/ # Slash before Id ([0-9]+) # $1: VIDEO_ID is numeric [^\\s]* # Not a space ) # End group "? # Match end quote if part of src (?:[^>]*></iframe>)? # Match the end of the iframe (?:<p>.*</p>)? # Match any title information stuff ~ix'; if (preg_match($regexstr, $video->file_name, $match)) { $id = $match[1]; $video->product_id = $product->id; $video->file_name = $id; if ($video->validate()) { $video->save(); } } else { \Yii::$app->session->setFlash('error', \Yii::t('shop', 'Sorry, this format is not supported')); } } } if (Yii::$app->request->isPjax) { return $this->renderPartial('add-video', ['product' => $product, 'selectedLanguage' => Language::findOne($languageId), 'video_form' => new ProductVideo(), 'video_form_upload' => new ProductVideoForm(), 'videos' => ProductVideo::find()->where(['product_id' => $product->id])->all()]); } return $this->render('save', ['viewName' => 'add-video', 'selectedLanguage' => Language::findOne($languageId), 'product' => $product, 'languages' => Language::find()->all(), 'params' => ['product' => $product, 'selectedLanguage' => Language::findOne($languageId), 'video_form' => new ProductVideo(), 'video_form_upload' => new ProductVideoForm(), 'videos' => ProductVideo::find()->where(['product_id' => $product->id])->all()]]); } else { throw new ForbiddenHttpException(\Yii::t('shop', 'You have not permission to do this action.')); } }