/**
* Get descendants of an artefact.
* Result will include an item itself.
*
* @return array
*/
function get_item_descendants()
{
$path = get_field('artefact', 'path', 'id', $this->id);
if ($path) {
// The WHERE clause must be like this to avoid /1% matching /10.
$sql = "SELECT id, parent, path\n FROM {artefact}\n WHERE path = ? OR path LIKE ?\n ORDER BY path";
return get_records_sql_array($sql, array($path, db_like_escape("{$path}/") . '%'));
} else {
throw new NotFoundException(get_string('nopathfound', 'mahara'));
}
}
/**
* Return artefacts available for inclusion in a particular block
*
*/
public static function get_artefactchooser_artefacts($data, $owner = null, $group = null, $institution = null, $short = false)
{
if ($owner === null) {
global $USER;
$user = $USER;
} else {
if ($owner instanceof User) {
$user = $owner;
} else {
if (intval($owner) != 0 || $owner == "0") {
$user = new User();
$user->find_by_id(intval($owner));
} else {
throw new SystemException("Invalid argument type " . gettype($owner) . " passed to View::get_artefactchooser_artefacts");
}
}
}
$offset = !empty($data['offset']) ? $data['offset'] : null;
$limit = !empty($data['limit']) ? $data['limit'] : null;
$sortorder = '';
if (!empty($data['sortorder'])) {
foreach ($data['sortorder'] as $field) {
if (!preg_match('/^[a-zA-Z_0-9"]+$/', $field['fieldname'])) {
continue;
// skip this item (it fails validation)
}
$order = 'ASC';
if (!empty($field['order']) && 'DESC' == strtoupper($field['order'])) {
$order = 'DESC';
}
if (empty($sortorder)) {
$sortorder .= ' ORDER BY ';
} else {
$sortorder .= ', ';
}
$sortorder .= $field['fieldname'] . ' ' . $order;
}
}
$extraselect = '';
if (isset($data['extraselect'])) {
foreach ($data['extraselect'] as $field) {
if (!preg_match('/^[a-zA-Z_0-9"]+$/', $field['fieldname'])) {
continue;
// skip this item (it fails validation)
}
// Sanitise all values
$values = $field['values'];
foreach ($values as &$val) {
if ($field['type'] == 'int') {
$val = (int) $val;
} elseif ($field['type'] == 'string') {
$val = db_quote($val);
} else {
throw new SystemException("Unsupported field type '" . $field['type'] . "' passed to View::get_artefactchooser_artefacts");
}
}
$extraselect .= ' AND ';
if (count($values) > 1) {
$extraselect .= $field['fieldname'] . ' IN (' . implode(', ', $values) . ')';
} else {
$extraselect .= $field['fieldname'] . ' = ' . reset($values);
}
}
}
$from = ' FROM {artefact} a ';
if ($group) {
// Get group-owned artefacts that the user has view
// permission on, and site-owned artefacts
$from .= '
LEFT OUTER JOIN (
SELECT
r.artefact, r.can_view, r.can_edit, m.group
FROM
{group_member} m
JOIN {artefact} aa ON aa.group = m.group
JOIN {artefact_access_role} r ON aa.id = r.artefact AND r.role = m.role
WHERE
m.group = ?
AND m.member = ?
AND r.can_view = 1
) ga ON (ga.group = a.group AND a.id = ga.artefact)';
$select = "(a.institution = 'mahara' OR ga.can_view = 1";
$ph = array((int) $group, $user->get('id'));
if (!empty($data['userartefactsallowed'])) {
$select .= ' OR a.owner = ?';
$ph[] = $user->get('id');
}
$select .= ')';
} else {
if ($institution) {
// Site artefacts & artefacts owned by this institution
$select = "(a.institution = 'mahara' OR a.institution = ?)";
$ph = array($institution);
} else {
// The view is owned by a normal user
// Get artefacts owned by the user, group-owned artefacts
// the user has republish permission on, artefacts owned
// by the user's institutions.
safe_require('artefact', 'file');
$public = (int) ArtefactTypeFolder::admin_public_folder_id();
$select = '(
a.owner = ?
OR a.id IN (
SELECT id
FROM {artefact}
WHERE (path = ? OR path LIKE ?) AND institution = \'mahara\'
)
OR a.id IN (
SELECT aar.artefact
FROM {group_member} m
JOIN {artefact} aa ON m.group = aa.group
JOIN {artefact_access_role} aar ON aar.role = m.role AND aar.artefact = aa.id
WHERE m.member = ? AND aar.can_republish = 1
)
OR a.id IN (SELECT artefact FROM {artefact_access_usr} WHERE usr = ? AND can_republish = 1)';
$ph = array($user->get('id'), "/{$public}", db_like_escape("/{$public}/") . '%', $user->get('id'), $user->get('id'));
$institutions = array_keys($user->get('institutions'));
if ($user->get('admin')) {
$institutions[] = 'mahara';
}
if ($institutions) {
$select .= '
OR a.institution IN (' . join(',', array_fill(0, count($institutions), '?')) . ')';
$ph = array_merge($ph, $institutions);
}
$select .= "\n )";
}
}
if (!empty($data['artefacttypes']) && is_array($data['artefacttypes'])) {
$select .= ' AND artefacttype IN(' . join(',', array_fill(0, count($data['artefacttypes']), '?')) . ')';
$ph = array_merge($ph, $data['artefacttypes']);
}
if (!empty($data['search'])) {
$search = db_quote('%' . str_replace('%', '%%', $data['search']) . '%');
$select .= 'AND (title ' . db_ilike() . '(' . $search . ') OR description ' . db_ilike() . '(' . $search . ') )';
}
$select .= $extraselect;
$selectph = $countph = $ph;
if ($short) {
// We just want to know which artefact ids are allowed for inclusion in a view,
// but get_records_sql_assoc wants > 1 column
$cols = 'a.id, a.id AS b';
} else {
$cols = 'a.*';
// We also want to know which artefacts can be edited by the logged-in user within
// the context of the view. For an institution view, all artefacts from the same
// institution are editable. For an individual view, artefacts with the same 'owner'
// are editable. For group views, only those artefacts with the can_edit permission
// out of artefact_access_role are editable.
if ($group) {
$expr = 'ga.can_edit IS NOT NULL AND ga.can_edit = 1';
} else {
if ($institution) {
$expr = 'a.institution = ?';
array_unshift($selectph, $institution);
} else {
$expr = 'a.owner IS NOT NULL AND a.owner = ?';
array_unshift($selectph, $user->get('id'));
}
}
if (is_mysql()) {
$cols .= ", ({$expr}) AS editable";
} else {
$cols .= ", CAST({$expr} AS INTEGER) AS editable";
}
}
$artefacts = get_records_sql_assoc('SELECT ' . $cols . $from . ' WHERE ' . $select . $sortorder, $selectph, $offset, $limit);
$totalartefacts = count_records_sql('SELECT COUNT(*) ' . $from . ' WHERE ' . $select, $countph);
return array($artefacts, $totalartefacts);
}
global $USER;
$userid = $USER->get('id');
$select = '
SELECT a.id, a.artefacttype, a.title';
$from = '
FROM {artefact} a';
$in = "('" . join("','", PluginArtefactFile::get_artefact_types()) . "')";
$where = "\n WHERE artefacttype IN {$in}";
$phvals = array();
if ($institution) {
if ($institution == 'mahara' && !$USER->get('admin')) {
// If non-admins are browsing site files, only let them see the public folder & its contents
$publicfolder = ArtefactTypeFolder::admin_public_folder_id();
$where .= '
AND (a.path = ? OR a.path LIKE ?)';
$phvals = array("/{$publicfolder}", db_like_escape("/{$publicfolder}/") . '%');
}
$where .= '
AND a.institution = ? AND a.owner IS NULL';
$phvals[] = $institution;
} else {
if ($groupid) {
$select .= ',
r.can_edit, r.can_view, r.can_republish, a.author';
$from .= '
LEFT OUTER JOIN (
SELECT ar.artefact, ar.can_edit, ar.can_view, ar.can_republish
FROM {artefact_access_role} ar
INNER JOIN {group_member} gm ON ar.role = gm.role
WHERE gm.group = ? AND gm.member = ?
) r ON r.artefact = a.id';