/**
* Approve a group
*
* @return void
*/
public function approveTask()
{
// Incoming
$ids = Request::getVar('id', array());
// Get the single ID we're working with
if (!is_array($ids)) {
$ids = array($ids);
}
// Do we have any IDs?
if (!empty($ids)) {
// foreach group id passed in
foreach ($ids as $id) {
// Load the group page
$group = new Group();
$group->read($id);
// Ensure we found the group info
if (!$group) {
continue;
}
//set the group to be published and update
$group->set('approved', 1);
$group->update();
// log publishing
Log::log(array('gidNumber' => $group->get('gidNumber'), 'action' => 'group_approved', 'comments' => 'approved by administrator'));
}
// Output messsage and redirect
App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_GROUPS_APPROVED'));
}
}
/**
* Remove member(s) from a group
* Disallows removal of last manager (group must have at least one)
*
* @return void
*/
public function removeTask()
{
// Check for request forgeries
Request::checkToken(['get', 'post']);
$gid = Request::getVar('gid', '');
// Load the group page
$group = new Group();
$group->read($gid);
// Get all the group's managers
$managers = $group->get('managers');
// Get all the group's members
$members = $group->get('members');
$users_mem = array();
$users_man = array();
// Incoming array of users to remove
$id = Request::getInt('id', 0);
// Ensure we found an account
if (!$id) {
\App::abort(404, Lang::txt('COM_MEMBERS_NOT_FOUND'));
}
if (in_array($id, $members)) {
$users_mem[] = $id;
}
if (in_array($id, $managers)) {
$users_man[] = $id;
}
// Remove users from members list
$group->remove('members', $users_mem);
// Remove users from managers list
$group->remove('managers', $users_man);
// Save changes
$group->update();
// Push through to the groups view
$this->displayTask($id);
}
/**
* Save group settings
*
* @return void
*/
public function saveTask()
{
// Check if they're logged in
if (User::isGuest()) {
$this->loginTask(Lang::txt('COM_GROUPS_CREATE_MUST_BE_LOGGED_IN'));
return;
}
Request::checkToken();
// Incoming
$g_gidNumber = Request::getInt('gidNumber', 0, 'post');
$c_gidNumber = Request::getVar('gidNumber', 0, 'post');
if ((string) $g_gidNumber !== (string) $c_gidNumber) {
App::abort(404, Lang::txt('COM_GROUPS_ERROR_NO_ID'));
}
if (!$g_gidNumber && !User::authorise('core.create', $this->_option) || $g_gidNumber && !User::authorise('core.edit', $this->_option)) {
return App::redirect(Route::url('index.php?option=' . $this->_option), Lang::txt('COM_GROUPS_ERROR_NOT_AUTH'), 'warning');
}
$g_cn = trim(Request::getVar('cn', '', 'post'));
$g_description = preg_replace('/\\s+/', ' ', trim(Request::getVar('description', Lang::txt('NONE'), 'post')));
$g_discoverability = Request::getInt('discoverability', 0, 'post');
$g_public_desc = Sanitize::stripScripts(trim(Request::getVar('public_desc', '', 'post', 'none', 2)));
$g_private_desc = Sanitize::stripScripts(trim(Request::getVar('private_desc', '', 'post', 'none', 2)));
$g_restrict_msg = Sanitize::stripScripts(trim(Request::getVar('restrict_msg', '', 'post', 'none', 2)));
$g_join_policy = Request::getInt('join_policy', 0, 'post');
$tags = trim(Request::getVar('tags', ''));
$lid = Request::getInt('lid', 0, 'post');
$customization = Request::getVar('group', '', 'POST', 'none', 2);
$plugins = Request::getVar('group_plugin', '', 'POST');
$params = Request::getVar('params', array(), 'POST');
$g_discussion_email_autosubscribe = Request::getInt('discussion_email_autosubscribe', 0, 'post');
//Check authorization
if ($this->_authorize() != 'manager' && $g_gidNumber != 0 && !$this->_authorizedForTask('group.edit')) {
$this->_errorHandler(403, Lang::txt('COM_GROUPS_ERROR_NOT_AUTH'));
}
//are we editing or creating
if ($g_gidNumber) {
$group = Group::getInstance($g_gidNumber);
$this->_task = 'edit';
$before = Group::getInstance($g_gidNumber);
} else {
$this->_task = 'new';
$group = new Group();
$before = new Group();
}
// Check for any missing info
if (!$g_cn) {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_MISSING_INFORMATION') . ': ' . Lang::txt('COM_GROUPS_DETAILS_FIELD_CN'), 'error');
}
if (!$g_description) {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_MISSING_INFORMATION') . ': ' . Lang::txt('COM_GROUPS_DETAILS_FIELD_DESCRIPTION'), 'error');
}
// Ensure the data passed is valid
if ($g_cn == 'new' || $g_cn == 'browse') {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_INVALID_ID'), 'error');
}
if (!$this->_validCn($g_cn)) {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_INVALID_ID'), 'error');
}
if ($this->_task == 'new' && Group::exists($g_cn, true)) {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_ID_TAKEN'), 'error');
}
// Get the logo
$logo = '';
if (isset($customization['logo'])) {
$logo_parts = explode("/", $customization['logo']);
$logo = array_pop($logo_parts);
}
// Plugin settings
$plugin_access = '';
foreach ($plugins as $plugin) {
$plugin_access .= $plugin['name'] . '=' . $plugin['access'] . ',' . "\n";
}
// Run content through validation and spam filters
if (trim($g_public_desc)) {
$results = Event::trigger('content.onContentBeforeSave', array('com_groups.group.public_desc', &$g_public_desc, $this->_task == 'new'));
foreach ($results as $result) {
if ($result === false) {
$this->setNotification(Lang::txt('COM_GROUPS_SAVE_ERROR_FAILED_VALIDATION'), 'error');
break;
}
}
}
// Push back into edit mode if any errors
if ($this->getNotifications()) {
$group->set('cn', $g_cn);
$group->set('description', $g_description);
$group->set('public_desc', $g_public_desc);
$group->set('private_desc', $g_private_desc);
$group->set('join_policy', $g_join_policy);
$group->set('restrict_msg', $g_restrict_msg);
$group->set('discoverability', $g_discoverability);
$group->set('discussion_email_autosubscribe', $g_discussion_email_autosubscribe);
$group->set('logo', $logo);
$group->set('plugins', $plugin_access);
$this->lid = $lid;
$this->group = $group;
$this->tags = $tags;
$this->editTask();
return;
}
// Build the e-mail message
if ($this->_task == 'new') {
$subject = Lang::txt('COM_GROUPS_SAVE_EMAIL_REQUESTED_SUBJECT', $g_cn);
$type = 'groups_created';
} else {
$subject = Lang::txt('COM_GROUPS_SAVE_EMAIL_UPDATED_SUBJECT', $g_cn);
$type = 'groups_changed';
}
if ($this->_task == 'new') {
$group->set('cn', $g_cn);
$group->set('type', 1);
$group->set('published', 1);
$group->set('approved', $this->config->get('auto_approve', 1));
$group->set('created', Date::toSql());
$group->set('created_by', User::get('id'));
$group->add('managers', array(User::get('id')));
$group->add('members', array(User::get('id')));
$group->create();
}
// merge incoming settings with existing params
$params = new Registry($params);
$gParams = new Registry($group->get('params'));
$gParams->merge($params);
//set group vars & Save group
$group->set('description', $g_description);
$group->set('public_desc', $g_public_desc);
$group->set('private_desc', $g_private_desc);
$group->set('join_policy', $g_join_policy);
$group->set('restrict_msg', $g_restrict_msg);
$group->set('discoverability', $g_discoverability);
$group->set('logo', $logo);
$group->set('plugins', $plugin_access);
$group->set('discussion_email_autosubscribe', $g_discussion_email_autosubscribe);
$group->set('params', $gParams->toString());
$group->update();
// Process tags
$gt = new Tags($group->get('gidNumber'));
$gt->setTags($tags, User::get('id'));
// Rename the temporary upload directory if it exist
$log_comments = '';
Event::trigger('groups.onGroupAfterSave', array($before, $group));
if ($this->_task == 'new') {
if ($lid != $group->get('gidNumber')) {
$config = $this->config;
$bp = PATH_APP . DS . trim($this->config->get('uploadpath', '/site/groups'), DS);
if (is_dir($bp . DS . $lid)) {
rename($bp . DS . $lid, $bp . DS . $group->get('gidNumber'));
}
}
$log_action = 'group_created';
// Trigger the functions that delete associated content
// Should return logs of what was deleted
$logs = Event::trigger('groups.onGroupNew', array($group));
if (count($logs) > 0) {
$log_comments .= implode('', $logs);
}
} else {
$log_action = 'group_edited';
}
// log invites
Log::log(array('gidNumber' => $group->get('gidNumber'), 'action' => $log_action, 'comments' => $log_comments));
// Build the e-mail message
// Note: this is done *before* pushing the changes to the group so we can show, in the message, what was changed
$eview = new \Hubzero\Component\View(array('name' => 'emails', 'layout' => 'saved'));
$eview->option = $this->_option;
$eview->user = User::getRoot();
$eview->group = $group;
$message['plaintext'] = $eview->loadTemplate();
$message['plaintext'] = str_replace("\n", "\r\n", $message['plaintext']);
$eview->setLayout('saved');
$message['multipart'] = $eview->loadTemplate();
$message['multipart'] = str_replace("\n", "\r\n", $message['multipart']);
// Get the administrator e-mail
$emailadmin = Config::get('mailfrom');
// Get the "from" info
$from = array('name' => Config::get('sitename') . ' ' . Lang::txt(strtoupper($this->_name)), 'email' => Config::get('mailfrom'));
//only email managers if updating group
if ($type == 'groups_changed') {
// build array of managers
$managers = $group->get('managers');
// create new message
Plugin::import('xmessage');
if (!Event::trigger('onSendMessage', array($type, $subject, $message, $from, $managers, $this->_option))) {
$this->setNotification(Lang::txt('GROUPS_ERROR_EMAIL_MANAGERS_FAILED'), 'error');
}
}
//only inform site admin if the group wasn't auto-approved
if (!$this->config->get('auto_approve', 1) && $group->get('approved') == 0) {
// create approval subject
$subject = Lang::txt('COM_GROUPS_SAVE_WAITING_APPROVAL', Config::get('sitename'));
// build approval message
$link = 'https://' . trim($_SERVER['HTTP_HOST'], DS) . DS . 'groups' . DS . $group->get('cn');
$link2 = 'https://' . trim($_SERVER['HTTP_HOST'], DS) . DS . 'administrator';
$html = Lang::txt('COM_GROUPS_SAVE_WAITING_APPROVAL_DESC', $group->get('description'), $link, $link2);
$plain = Lang::txt('COM_GROUPS_SAVE_WAITING_APPROVAL_DESC', $group->get('description'), $link, $link2);
// create new message
$message = new \Hubzero\Mail\Message();
// build message object and send
$message->setSubject($subject)->addFrom($from['email'], $from['name'])->setTo($emailadmin)->addHeader('X-Mailer', 'PHP/' . phpversion())->addHeader('X-Component', 'com_groups')->addHeader('X-Component-Object', 'group_pending_approval')->addHeader('X-Component-ObjectId', $group->get('gidNumber'))->addPart($plain, 'text/plain')->addPart($html, 'text/html')->send();
}
// create home page
if ($this->_task == 'new') {
// create page
$page = new Page(array('gidNumber' => $group->get('gidNumber'), 'parent' => 0, 'lft' => 1, 'rgt' => 2, 'depth' => 0, 'alias' => 'overview', 'title' => 'Overview', 'state' => 1, 'privacy' => 'default', 'home' => 1));
$page->store(false);
// create page version
$version = new Page\Version(array('pageid' => $page->get('id'), 'version' => 1, 'content' => "<!-- {FORMAT:HTML} -->\n<p>[[Group.DefaultHomePage()]]</p>", 'created' => Date::toSql(), 'created_by' => User::get('id'), 'approved' => 1));
$version->store(false);
}
// Show success message to user
if ($this->_task == 'new') {
$this->setNotification(Lang::txt('COM_GROUPS_CREATED_SUCCESS', $group->get('description')), 'passed');
} else {
$this->setNotification(Lang::txt('COM_GROUPS_UPDATED_SUCCESS', $group->get('description')), 'passed');
}
// Redirect back to the group page
App::redirect(Route::url('index.php?option=' . $this->_option . '&cn=' . $group->get('cn')));
return;
}
/**
* Unapprove a group
*
* @return void
*/
public function unapproveTask()
{
// Check for request forgeries
//Request::checkToken();
if (!User::authorise('core.manage', $this->_option) && !User::authorise('core.admin', $this->_option) && !User::authorise('core.edit', $this->_option) && !User::authorise('core.edit.state', $this->_option)) {
App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR'));
}
// Incoming
$ids = Request::getVar('id', array());
// Get the single ID we're working with
if (!is_array($ids)) {
$ids = array($ids);
}
$i = 0;
// foreach group id passed in
foreach ($ids as $id) {
// Load the group page
$group = new Group();
$group->read($id);
// Ensure we found the group info
if (!$group) {
continue;
}
// Set the group to be published and update
$group->set('approved', 0);
$group->update();
$i++;
// log publishing
Log::log(array('gidNumber' => $group->get('gidNumber'), 'action' => 'group_unapproved', 'comments' => 'unapproved by administrator'));
}
if ($i) {
Notify::success(Lang::txt('COM_GROUPS_UNAPPROVED'));
}
// Output messsage and redirect
$this->cancelTask();
}