/**
* display method of playjoom view
* @return void
*/
public function display($tpl = null)
{
$dispatcher = JDispatcher::getInstance();
//Get User Objects
$user = JFactory::getUser();
$canDo = PlayJoomHelper::getActions();
// get the Data
$this->form = $this->get('Form');
$this->item = $this->get('Item');
$this->script = $this->get('Script');
$this->OptionsNewCover = $this->get('OptionsNewCover');
// Check for errors.
if (count($errors = $this->get('Errors'))) {
JError::raiseError(500, implode('<br />', $errors));
$dispatcher->trigger('onEventLogging', array(array('method' => __METHOD__ . ":" . __LINE__, 'message' => 'Problem with database query. Error500: ' . implode('<br />', $errors), 'priority' => JLog::ERROR, 'section' => 'admin')));
return false;
}
if ($canDo->get('core.edit') || $canDo->get('core.create') && !JRequest::getVar('id') || JAccess::check($user->get('id'), 'core.admin') == 1) {
// Set the toolbar
$this->addToolBar();
// Display the template
$dispatcher->trigger('onEventLogging', array(array('method' => __METHOD__ . ":" . __LINE__, 'message' => 'Load template for cover viewer.', 'priority' => JLog::INFO, 'section' => 'admin')));
parent::display($tpl);
} else {
$dispatcher->trigger('onEventLogging', array(array('method' => __METHOD__ . ":" . __LINE__, 'message' => 'Can not displaying cover viewer. ' . JText::_('JERROR_ALERTNOAUTHOR'), 'priority' => JLog::WARNING, 'section' => 'admin')));
JError::raiseWarning(404, JText::_('JERROR_ALERTNOAUTHOR'));
}
// Set the document
$this->setDocument();
}
/**
* display method of playjoom view
* @return void
*/
public function display($tpl = null)
{
//Get User Objects
$user = JFactory::getUser();
$canDo = PlayJoomHelper::getActions();
// get the Data
$form = $this->get('Form');
$item = $this->get('Item');
$script = $this->get('Script');
// Check for errors.
if (count($errors = $this->get('Errors'))) {
JError::raiseError(500, implode('<br />', $errors));
return false;
}
// Assign the Data
$this->form = $form;
$this->item = $item;
$this->script = $script;
if ($canDo->get('core.edit') || $canDo->get('core.create') && !JRequest::getVar('id') || JAccess::check($user->get('id'), 'core.admin') == 1) {
// Set the toolbar
$this->addToolBar();
// Display the template
parent::display($tpl);
} else {
JError::raiseWarning(404, JText::_('JERROR_ALERTNOAUTHOR'));
}
// Set the document
$this->setDocument();
}
/**
* This method should handle any login logic and report back to the subject
*
* @access public
* @param array holds the user data
* @param array array holding options (remember, autoregister, group)
* @return boolean True on success
* @since 1.5
*/
function onLoginUser($user, $options = array())
{
jimport('joomla.user.helper');
$instance =& $this->_getUser($user, $options);
// if _getUser returned an error, then pass it back.
if (JError::isError($instance)) {
return $instance;
}
// If the user is blocked, redirect with an error
if ($instance->get('block') == 1) {
return JError::raiseWarning('SOME_ERROR_CODE', JText::_('E_NOLOGIN_BLOCKED'));
}
//Authorise the user based on the group information
if (!isset($options['group'])) {
$options['group'] = 'USERS';
}
jimport('joomla.access.access');
$result = JAccess::check($instance->id, $options['action']);
if (!$result) {
return JError::raiseWarning(401, JText::_('JError_Login_denied'));
}
//Mark the user as logged in
$instance->set('guest', 0);
// Register the needed session variables
$session =& JFactory::getSession();
$session->set('user', $instance);
// Update the user related fields for the Joomla sessions table.
$db = JFactory::getDBO();
$db->setQuery('UPDATE `#__session`' . ' SET `guest` = ' . $db->quote($instance->get('guest')) . ',' . ' `username` = ' . $db->quote($instance->get('username')) . ',' . ' `userid` = ' . (int) $instance->get('id') . ' WHERE `session_id` = ' . $db->quote($session->getId()));
$db->query();
// Hit the user last visit field
$instance->setLastVisit();
return true;
}
public static function getOptions($value, $artist)
{
//For getting the xml parameters
$app = JFactory::getApplication();
$params = $app->getParams();
//Get User objects
$user = JFactory::getUser();
$db = JFactory::getDbo();
$query = $db->getQuery(true);
switch ($value) {
case 'album':
$query->select('album As value, album As text');
$query->where('artist = "' . $artist . '"');
$query->order('a.album');
$query->group('a.album');
break;
case 'year':
$query->select('year As value, year As text');
$query->where('artist = "' . $artist . '"');
$query->order('a.year DESC');
$query->group('a.year DESC');
break;
default:
return JText::_('TCE_PLG_ERROR_NO_VALUE_FOR_getOptions_FUNCTION');
}
// Implement View Level Access
if (!$user->authorise('core.admin') && !$params->get('show_noauth', 1)) {
$groups = implode(',', $user->getAuthorisedViewLevels());
$groups = '0,' . $groups;
$query->where('a.access IN (' . $groups . ')');
}
//Filtering by user
if (JAccess::check($user->get('id'), 'core.admin') != 1) {
//Get user id
$users = $user->get('id');
$userCheck = $params->get('show_all_users', 1);
$userCheck = (int) $userCheck + $params->get('show_nobody', 1);
if ($userCheck == 1) {
if ($params->get('show_all_users', 1)) {
$query->where('a.add_by >= 1');
}
if ($params->get('show_nobody', 1)) {
$users = '0,' . $users;
$query->where('a.add_by IN (' . $users . ')');
}
} elseif ($userCheck == 0) {
$query->where('a.add_by = ' . $users . '');
}
}
$query->from('#__jpaudiotracks AS a');
// Get the options.
$db->setQuery($query);
$options = $db->loadObjectList();
// Check for a database error.
if ($db->getErrorNum()) {
JError::raiseWarning(500, $db->getErrorMsg());
}
return $options;
}
protected function allowEdit($data = array(), $key = 'id')
{
if (JAccess::check($data[$key], 'core.admin')) {
if (!JFactory::getUser()->authorise('core.admin')) {
return false;
}
}
return parent::allowEdit($data, $key);
}
/**
* Overrides JControllerForm::allowEdit
*
* Checks that non-Super Admins are not editing Super Admins.
*
* @param array $data An array of input data.
* @param string $key The name of the key for the primary key.
*
* @return boolean True if allowed, false otherwise.
*
* @since 1.6
*/
protected function allowEdit($data = array(), $key = 'id')
{
// Check if this person is a Super Admin
if (JAccess::check($data[$key], 'core.admin')) {
// If I'm not a Super Admin, then disallow the edit.
if (!JFactory::getUser()->authorise('core.admin')) {
return false;
}
}
return parent::allowEdit($data, $key);
}
function PIE_Access($user)
{
global $mainframe;
if ($mainframe) {
//In Joomla 1.5, change this code if you wan´t to adjust which users who can edit images.
return $user->usertype == 'Manager' || $user->usertype == 'Administrator' || $user->usertype == 'Super Administrator';
} else {
//In Joomla 1.6 and 1.7, change this code if you wan´t to adjust which users who can edit images.
//Group 8 = Super Users
return JAccess::check($user->id, 'core.edit') || in_array(8, $user->groups);
}
}
/**
* Get the rendering of this field type for a repeatable (grid) display,
* e.g. in a view listing many item (typically a "browse" task).
* We're going to check if the current user can edit an item or not, creating the correct link
*
* @since 2.0
*
* @return string The field HTML
*/
public function getRepeatable()
{
$userid = JFactory::getUser()->id;
$itemid = $this->item->todo_item_id;
$created_by = $this->item->created_by;
// If I can edit, or I am editing a record of mine (and I can do it) or I have
// special permissions on that record, display the edit link
if (JAccess::check($userid, 'core.edit', 'com_todo') || $created_by == $userid && JAccess::check($userid, 'core.edit.own', 'com_todo') || $created_by == $userid && JAccess::check($userid, 'core.edit.own', 'com_todo.item.' . $itemid) || JAccess::check($userid, 'core.edit', 'com_todo.item.' . $itemid)) {
$url = 'index.php?option=com_todo&view=item&task=edit&id=[ITEM:ID]';
} else {
$url = 'index.php?option=com_todo&view=item&id=[ITEM:ID]';
}
$this->element['url'] = $url;
return parent::getRepeatable();
}
function onBeforeRender()
{
if (!JFactory::getApplication()->isAdmin()) {
$app = JFactory::getApplication();
$params = $app->getParams('com_playjoom');
$pj_access_level = (int) $params->get('pj_accesslevel');
//Check for access
$user = JFactory::getUser();
if ($user->get('id') == 0 && $pj_access_level >= 2) {
$public = null;
} else {
$groups = implode('|', $user->getAuthorisedViewLevels($user->get('id')));
if (preg_match("(" . $groups . ")", $pj_access_level) || JAccess::check($user->get('id'), 'core.admin') == 1 || $pj_access_level < 2) {
$public = true;
} else {
$public = null;
}
}
$template = $app->getTemplate(true);
$file = JRequest::getCmd('tmpl', 'index');
if (!is_dir(JPATH_THEMES . '/' . $template->template)) {
$file = 'index';
}
if (!$public) {
$file = 'nopublic';
JResponse::setHeader('Status', '503 Service Temporarily Unavailable', 'true');
}
if (!is_dir(JPATH_THEMES . '/' . $template->template)) {
$file = 'component';
}
$params = array('file' => $file . '.php', 'template' => 'tmpl', 'directory' => JPATH_PLUGINS . '/system/pjauth/', 'params' => $template->params);
$document = JFactory::getDocument();
$document->parse($params);
$caching = false;
if ($app->getCfg('caching') && $app->getCfg('caching', 2) == 2 && !$user->get('id')) {
$caching = true;
}
// Render the document.
JResponse::setBody($document->render($caching, $params));
}
}
/**
* Override getItems method.
*
* @return array
* @since 1.6
*/
public function getItems()
{
$userId = $this->getState('filter.user_id');
if (($assets = parent::getItems()) && $userId) {
$actions = $this->getDebugActions();
foreach ($assets as &$asset) {
$asset->checks = array();
foreach ($actions as $action) {
$name = $action[0];
$level = $action[1];
// Check that we check this action for the level of the asset.
if ($action[1] === null || $action[1] >= $asset->level) {
// We need to test this action.
$asset->checks[$name] = JAccess::check($userId, $action[0], $asset->name);
} else {
// We ignore this action.
$asset->checks[$name] = 'skip';
}
}
}
}
return $assets;
}
?>
</th>
<th class="nowrap" width="3%"><?php
echo JHtml::_('grid.sort', 'COM_CJBLOG_AUTOAPPROVE', 'a.auto_approve', $listDirn, $listOrder);
?>
</th>
<th class="nowrap" width="3%"><?php
echo JHtml::_('grid.sort', 'JGRID_HEADING_ID', 'a.id', $listDirn, $listOrder);
?>
</th>
</tr>
</thead>
<tbody>
<?php
foreach ($this->items as $i => $item) {
if (!$user->authorise('core.manage') && JAccess::check($item->id, 'core.manage')) {
$canEdit = false;
$canChange = false;
} else {
$canEdit = true;
$canChange = true;
}
?>
<tr class="row<?php
echo $i % 2;
?>
">
<td class="center">
<?php
if ($canEdit) {
?>
/**
* Tests the JAccess::check method.
*
* @param integer $userId user id
* @param string $action action to test
* @param integer $assetId asset id
* @param mixed $result true if success, null if not
* @param string $message fail message
*
* @return void
*
* @since 11.1
* @dataProvider casesCheck()
*/
public function testCheck($userId, $action, $assetId, $result, $message)
{
$access = new JAccess();
$this->assertThat($access->check($userId, $action, $assetId), $this->equalTo($result), $message);
}
static function getUserPerms($user_id = null)
{
// handle jcomments integration
if (JPluginHelper::isEnabled('system', 'jcomments')) {
$JComments_Installed = 1;
$destpath = JPATH_SITE . DS . 'components' . DS . 'com_jcomments' . DS . 'plugins';
$dest = $destpath . DS . 'com_flexicontent.plugin.php';
$source = JPATH_SITE . DS . 'components' . DS . 'com_flexicontent' . DS . 'librairies' . DS . 'jcomments' . DS . 'com_flexicontent.plugin.php';
jimport('joomla.filesystem.file');
if (!JFile::exists($dest)) {
if (!JFolder::exists($destpath)) {
if (!JFolder::create($destpath)) {
JError::raiseWarning(100, JText::_('FLEXIcontent: Unable to create jComments plugin folder'));
}
}
if (!JFile::copy($source, $dest)) {
JError::raiseWarning(100, JText::_('FLEXIcontent: Unable to copy jComments plugin'));
} else {
$mainframe->enqueueMessage(JText::_('Copied FLEXIcontent jComments plugin'));
}
}
} else {
$JComments_Installed = 0;
}
// Find permissions for given user id
$user = $user_id ? JFactory::getUser($user_id) : JFactory::getUser();
// no user id given, use current user)
$permission = new stdClass();
// !!! This is the Super User Privelege of GLOBAL Configuration (==> (for J2.5) core.admin ACTION allowed on ROOT ASSET: 'root.1')
$permission->SuperAdmin = JAccess::check($user->id, 'core.admin', 'root.1');
//!!! ALLOWs USERS to change component's CONFIGURATION (==> (for J2.5) core.admin ACTION allowed on COMPONENT ASSET: e.g. 'com_flexicontent')
$permission->CanConfig = $user->authorise('core.admin', 'com_flexicontent');
//!!! ALLOWs USERS in JOOMLA BACKEND : (not used in J1.5)
// (a) to view the FLEXIcontent menu item in Components Menu and
// (b) to access the FLEXIcontent component screens (whatever they are allowed to see by individual FLEXIcontent area permissions)
// NOTE: the initially installed permissions allows all areas to be managed for J2.5 and none (except for items) for J1.5
$permission->CanManage = $user->authorise('core.manage', 'com_flexicontent');
// ITEMS/CATEGORIES: category-inherited permissions, (NOTE: these are the global settings, so:)
// *** 1. the action permissions of individual items are checked seperately per item
// *** 2. the view permission is checked via the access level of each item
// --- *. We will check for SOFT DENY, and then try to find the FIRST ALLOWED CATEGORY FOR EACH ACTION
$permission->CanAdd = $user->authorise('core.create', 'com_flexicontent');
if ($permission->CanAdd === NULL) {
$allowedcats = FlexicontentHelperPerm::getAllowedCats($user, $actions_allowed = array('core.create'), $require_all = true, $check_published = true, false, $find_first = true);
$permission->CanAdd = count($allowedcats) > 0;
}
$permission->CanEdit = $user->authorise('core.edit', 'com_flexicontent');
if ($permission->CanEdit === NULL) {
$allowedcats = FlexicontentHelperPerm::getAllowedCats($user, $actions_allowed = array('core.edit'), $require_all = true, $check_published = true, false, $find_first = true);
$permission->CanEdit = count($allowedcats) > 0;
}
$permission->CanEditOwn = $user->authorise('core.edit.own', 'com_flexicontent');
if ($permission->CanEditOwn === NULL) {
$allowedcats = FlexicontentHelperPerm::getAllowedCats($user, $actions_allowed = array('core.edit.own'), $require_all = true, $check_published = true, false, $find_first = true);
$permission->CanEditOwn = count($allowedcats) > 0;
}
$permission->CanPublish = $user->authorise('core.edit.state', 'com_flexicontent');
if ($permission->CanPublish === NULL) {
$allowedcats = FlexicontentHelperPerm::getAllowedCats($user, $actions_allowed = array('core.edit.state'), $require_all = true, $check_published = true, false, $find_first = true);
$permission->CanPublish = count($allowedcats) > 0;
}
$permission->CanPublishOwn = $user->authorise('core.edit.state.own', 'com_flexicontent');
if ($permission->CanPublishOwn === NULL) {
$allowedcats = FlexicontentHelperPerm::getAllowedCats($user, $actions_allowed = array('core.edit.state.own'), $require_all = true, $check_published = true, false, $find_first = true);
$permission->CanPublishOwn = count($allowedcats) > 0;
}
$permission->CanDelete = $user->authorise('core.delete', 'com_flexicontent');
if ($permission->CanDelete === NULL) {
$allowedcats = FlexicontentHelperPerm::getAllowedCats($user, $actions_allowed = array('core.delete'), $require_all = true, $check_published = true, false, $find_first = true);
$permission->CanDelete = count($allowedcats) > 0;
}
$permission->CanDeleteOwn = $user->authorise('core.delete.own', 'com_flexicontent');
if ($permission->CanDeleteOwn === NULL) {
$allowedcats = FlexicontentHelperPerm::getAllowedCats($user, $actions_allowed = array('core.delete.own'), $require_all = true, $check_published = true, false, $find_first = true);
$permission->CanDeleteOwn = count($allowedcats) > 0;
}
$permission->CanChangeCat = $user->authorise('flexicontent.change.cat', 'com_flexicontent');
$permission->CanChangeSecCat = $user->authorise('flexicontent.change.cat.sec', 'com_flexicontent');
$permission->CanChangeFeatCat = $user->authorise('flexicontent.change.cat.feat', 'com_flexicontent');
// Permission for changing the ACL rules of items and categories that user can edit
// Currently given to user that can edit component configuration
$permission->CanRights = $permission->CanConfig;
// Permission for changing the access level of items and categories that user can edit
// (a) In J1.5 with FLEXIaccess, this is given to those that can edit the FLEXIaccess configuration
// (b) In J1.5 without FLEXIaccess, this is given to users being at least an Editor
// (c) In J2.5, this is the FLEXIcontent component ACTION 'accesslevel'
$permission->CanAccLvl = $user->authorise('flexicontent.accesslevel', 'com_flexicontent');
// ITEMS: component controlled permissions
$permission->DisplayAllItems = $user->authorise('flexicontent.displayallitems', 'com_flexicontent');
// (backend) List all items (otherwise only items that can be edited)
$permission->CanCopy = $user->authorise('flexicontent.copyitems', 'com_flexicontent');
// (backend) Item Copy Task
$permission->CanOrder = $user->authorise('flexicontent.orderitems', 'com_flexicontent');
// (backend) Reorder items inside the category
$permission->CanParams = $user->authorise('flexicontent.paramsitem', 'com_flexicontent');
// (backend) Edit item parameters like meta data and template parameters
$permission->CanVersion = $user->authorise('flexicontent.versioning', 'com_flexicontent');
// (backend) Use item versioning
$permission->AssocAnyTrans = $user->authorise('flexicontent.assocanytrans', 'com_flexicontent');
// (item edit form) associate any translation
$permission->EditCreationDate = $user->authorise('flexicontent.editcreationdate', 'com_flexicontent');
// (item edit form) edit creation date (frontend)
$permission->IgnoreViewState = $user->authorise('flexicontent.ignoreviewstate', 'com_flexicontent');
// (Frontend Content Lists) ignore view state
$permission->RequestApproval = $user->authorise('flexicontent.requestapproval', 'com_flexicontent');
// (Workflow) Send Approval Requests (for ANY draft items)
$permission->AutoApproveChanges = $user->authorise('flexicontent.autoapprovechanges', 'com_flexicontent');
// (Workflow) Can publish document changes regardless of edit state
// CATEGORIES: management tab and usage
$permission->CanCats = $user->authorise('flexicontent.managecats', 'com_flexicontent');
// (item edit form) view the categories which user cannot assign to items
$permission->ViewAllCats = $user->authorise('flexicontent.usercats', 'com_flexicontent');
// (item edit form) view the categories which user cannot assign to items
$permission->ViewTree = $user->authorise('flexicontent.viewtree', 'com_flexicontent');
// (item edit form) view categories as tree instead of flat list
$permission->MultiCat = $user->authorise('flexicontent.multicat', 'com_flexicontent');
// (item edit form) allow user to assign items to multiple categories
$permission->CanAddCats = $permission->CanAdd && $permission->CanCats;
// TAGS: management tab and usage
$permission->CanTags = $user->authorise('flexicontent.managetags', 'com_flexicontent');
// (backend) Allow management of Item Types
$permission->CanUseTags = $user->authorise('flexicontent.usetags', 'com_flexicontent');
// edit already assigned Tags of items
$permission->CanNewTags = $user->authorise('flexicontent.newtags', 'com_flexicontent');
// add new Tags to items
// VARIOUS management TABS: types, archives, statistics, templates, tags
$permission->CanTypes = $user->authorise('flexicontent.managetypes', 'com_flexicontent');
// (backend) Allow management of Item Types
$permission->CanArchives = $user->authorise('flexicontent.managearchives', 'com_flexicontent');
// (backend) Allow management of Archives
$permission->CanTemplates = $user->authorise('flexicontent.managetemplates', 'com_flexicontent');
// (backend) Allow management of Templates
$permission->CanStats = $user->authorise('flexicontent.managestats', 'com_flexicontent');
// (backend) Allow management of Statistics
$permission->CanImport = $user->authorise('flexicontent.manageimport', 'com_flexicontent');
// (backend) Allow management of (Content) Import
// FIELDS: management tab
$permission->CanFields = $user->authorise('flexicontent.managefields', 'com_flexicontent');
// (backend) Allow management of Fields
$permission->CanCopyFields = $user->authorise('flexicontent.copyfields', 'com_flexicontent');
// (backend) Field Copy Task
$permission->CanOrderFields = $user->authorise('flexicontent.orderfields', 'com_flexicontent');
// (backend) Reorder fields inside each item type
$permission->CanAddField = $user->authorise('flexicontent.createfield', 'com_flexicontent');
// (backend) Create fields
$permission->CanEditField = $user->authorise('flexicontent.editfield', 'com_flexicontent');
// (backend) Edit fields
$permission->CanDeleteField = $user->authorise('flexicontent.deletefield', 'com_flexicontent');
// (backend) Delete fields
$permission->CanPublishField = $user->authorise('flexicontent.publishfield', 'com_flexicontent');
// (backend) Publish fields
// FILES: management tab
$permission->CanFiles = $user->authorise('flexicontent.managefiles', 'com_flexicontent');
// (backend) Allow management of Files
$permission->CanUpload = $user->authorise('flexicontent.uploadfiles', 'com_flexicontent');
// allow user to upload Files
$permission->CanViewAllFiles = $user->authorise('flexicontent.viewallfiles', 'com_flexicontent');
// allow user to view all Files
// AUTHORS: management tab
$permission->CanAuthors = $user->authorise('core.manage', 'com_users');
$permission->CanGroups = FLEXI_J16GE ? $permission->CanAuthors : 0;
// SEARCH INDEX: management tab
$permission->CanIndex = $permission->CanFields && ($permission->CanAddField || $permission->CanEditField);
// OTHER components permissions
$permission->CanPlugins = $user->authorise('core.manage', 'com_plugins');
$permission->CanComments = $user->authorise('core.manage', 'com_jcomments');
$permission->CanComments = $permission->CanComments && $JComments_Installed;
$permission->JComments_Installed = $JComments_Installed;
// Global parameter to force always displaying of categories as tree
if (JComponentHelper::getParams('com_flexicontent')->get('cats_always_astree', 1)) {
$permission->ViewTree = 1;
}
return $permission;
}
/**
* Get the message
* @return object The message to be displayed to the user
*/
protected function getListQuery()
{
//For getting the xml parameters
$app = JFactory::getApplication();
$params = $app->getParams();
// Create a new query object.
$db = $this->getDbo();
$query = $db->getQuery(true);
$user = JFactory::getUser();
// Select the required fields from the table.
$query->select($this->getState('list.select', 'a.id, a.title, a.artist, a.album, a.year, a.add_datetime, a.mod_datetime, a.length, a.catid' . ', a.alias, a.pathatlocal, a.file, a.tracknumber, a.mediatype, a.filesize, a.access, a.add_by, a.access_datetime'));
$query->from('#__jpaudiotracks AS a');
// Join over the asset groups.
$query->select('ag.title AS access_level');
$query->join('LEFT', '#__viewlevels AS ag ON ag.id = a.access');
// Join over the categories.
$query->select('c.title AS category_title');
$query->join('LEFT', '#__categories AS c ON c.id = a.catid');
// Join over the users.
$query->select('u.username AS user');
$query->join('LEFT', '#__users AS u ON u.id = a.add_by');
// Implement View Level Access
if (!$user->authorise('core.admin') && !$params->get('show_noauth', 1)) {
$groups = implode(',', $user->getAuthorisedViewLevels());
$groups = '0,' . $groups;
$query->where('a.access IN (' . $groups . ')');
}
// Filter by Artist / Band.
if ($artist = $this->getState('filter.artist')) {
$query->where('a.artist = "' . $artist . '"');
}
// Filter by Category.
if ($category_id = $this->getState('filter.category_id')) {
$query->where('a.catid = ' . $category_id);
}
//Filtering by user
if (JAccess::check($user->get('id'), 'core.admin') != 1) {
//Get user id
$users = $user->get('id');
$userCheck = $params->get('show_all_users', 1);
$userCheck = (int) $userCheck + $params->get('show_nobody', 1);
if ($userCheck == 1) {
if ($params->get('show_all_users', 1)) {
$query->where('add_by >= 1');
}
if ($params->get('show_nobody', 1)) {
$users = '0,' . $users;
$query->where('add_by IN (' . $users . ')');
}
} elseif ($userCheck == 0) {
$query->where('add_by = ' . $users . '');
}
}
// Filter by Album.
if ($album = $this->getState('filter.album')) {
$query->where('a.album = "' . $album . '"');
}
// Filter by Year.
if ($year = $this->getState('filter.year')) {
$query->where('a.year = ' . $year);
}
/*
* Group query configuration
*/
//$case = $params->get('show_section');
if ($params->get('show_section') != 'all' && $params->get('show_section') != '' && $app->scope != 'mod_pj_albumgallery' && $app->scope != 'mod_pj_lastplayed') {
$query->group($params->get('show_section'));
} else {
if ($app->scope == 'mod_pj_albumgallery') {
$query->group('a.album');
}
}
// Filter by search in title.
$search = $this->getState('filter.search');
if (!empty($search)) {
if (stripos($search, 'id:') === 0) {
$query->where('a.id = ' . (int) substr($search, 3));
} else {
if (stripos($search, 'author:') === 0) {
$search = $db->Quote('%' . $db->getEscaped(substr($search, 7), true) . '%');
$query->where('(ua.name LIKE ' . $search . ' OR ua.username LIKE ' . $search . ')');
} else {
$search = $db->Quote('%' . $db->getEscaped($search, true) . '%');
$query->where('(a.title LIKE ' . $search . ' OR a.album LIKE ' . $search . ' OR a.artist LIKE ' . $search . ')');
}
}
}
// Add the list ordering clause.
$orderCol = $this->state->get('list.ordering');
$orderDirn = $this->state->get('list.direction');
//Special ordering for the colum category
if ($orderCol == 'a.ordering' || $orderCol == 'category_title') {
$orderCol = 'category_title ' . $orderDirn . ', a.ordering';
}
// Add the list ordering clause.
//$query->order($db->getEscaped($orderCol.' '.$orderDirn));
//$query->order($db->getEscaped($this->getState('list.ordering', 'a.artist')).' '.$db->getEscaped($this->getState('list.direction', 'ASC')));
$query->order($this->getState('list.ordering', 'a.ordering') . ' ' . $this->getState('list.direction', 'ASC'));
return $query;
}
/**
* Method to save the JUser object to the database
*
* @param boolean $updateOnly Save the object only if not a new user
* Currently only used in the user reset password method.
*
* @return boolean True on success
*
* @since 11.1
* @throws exception
*/
public function save($updateOnly = false)
{
// Create the user table object
$table = $this->getTable();
$this->params = (string) $this->_params;
$table->bind($this->getProperties());
// Allow an exception to be thrown.
try {
// Check and store the object.
if (!$table->check()) {
$this->setError($table->getError());
return false;
}
// If user is made a Super Admin group and user is NOT a Super Admin
//
// @todo ACL - this needs to be acl checked
//
$my = JFactory::getUser();
//are we creating a new user
$isNew = empty($this->id);
// If we aren't allowed to create new users return
if ($isNew && $updateOnly) {
return true;
}
// Get the old user
$oldUser = new JUser($this->id);
//
// Access Checks
//
// The only mandatory check is that only Super Admins can operate on other Super Admin accounts.
// To add additional business rules, use a user plugin and throw an Exception with onUserBeforeSave.
// Check if I am a Super Admin
$iAmSuperAdmin = $my->authorise('core.admin');
$iAmRehashingSuperadmin = false;
if ($my->id == 0 && !$isNew && $this->id == $oldUser->id && $oldUser->authorise('core.admin') && $oldUser->password != $this->password) {
$iAmRehashingSuperadmin = true;
}
// We are only worried about edits to this account if I am not a Super Admin.
if ($iAmSuperAdmin != true && $iAmRehashingSuperadmin != true) {
if ($isNew) {
// Check if the new user is being put into a Super Admin group.
foreach ($this->groups as $groupId) {
if (JAccess::checkGroup($groupId, 'core.admin')) {
throw new Exception(JText::_('JLIB_USER_ERROR_NOT_SUPERADMIN'));
}
}
} else {
// I am not a Super Admin, and this one is, so fail.
if (JAccess::check($this->id, 'core.admin')) {
throw new Exception(JText::_('JLIB_USER_ERROR_NOT_SUPERADMIN'));
}
if ($this->groups != null) {
// I am not a Super Admin and I'm trying to make one.
foreach ($this->groups as $groupId) {
if (JAccess::checkGroup($groupId, 'core.admin')) {
throw new Exception(JText::_('JLIB_USER_ERROR_NOT_SUPERADMIN'));
}
}
}
}
}
// Fire the onUserBeforeSave event.
JPluginHelper::importPlugin('user');
$dispatcher = JDispatcher::getInstance();
$result = $dispatcher->trigger('onUserBeforeSave', array($oldUser->getProperties(), $isNew, $this->getProperties()));
if (in_array(false, $result, true)) {
// Plugin will have to raise its own error or throw an exception.
return false;
}
// Store the user data in the database
if (!($result = $table->store())) {
throw new Exception($table->getError());
}
// Set the id for the JUser object in case we created a new user.
if (empty($this->id)) {
$this->id = $table->get('id');
}
if ($my->id == $table->id) {
$registry = new JRegistry();
$registry->loadString($table->params);
$my->setParameters($registry);
}
// Fire the onUserAfterSave event
$dispatcher->trigger('onUserAfterSave', array($this->getProperties(), $isNew, $result, $this->getError()));
} catch (Exception $e) {
$this->setError($e->getMessage());
return false;
}
return $result;
}
public static function getGenreItems($catID, $Filter = array())
{
$app = JFactory::getApplication();
$params = $app->getParams();
$user = JFactory::getUser();
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('a.id, a.artist, a.album, a.year, a.catid, a.access, a.add_by');
$query->from('#__jpaudiotracks AS a');
$query->where('a.catid="' . $catID . '"');
$query->group('a.album');
$query->order('RAND()');
// Join over the covers.
$query->select('cb.id AS cover_id');
$query->join('LEFT', '#__jpcoverblobs AS cb ON cb.id = a.coverid');
// Implement View Level Access
if (!$user->authorise('core.admin') && !$params->get('show_noauth', 1)) {
$groups = implode(',', $user->getAuthorisedViewLevels());
$groups = '0,' . $groups;
$query->where('a.access IN (' . $groups . ')');
}
// Filter by Artist / Band.
if ($Filter['filter.artist'] != '') {
$query->where('a.artist = "' . $Filter['filter.artist'] . '"');
}
// Filter by User.
if ($Filter['filter.user_id'] != '') {
$query->where('a.add_by = ' . $Filter['filter.user_id']);
}
// Filter by Year.
if ($Filter['filter.year'] != '') {
$query->where('a.year = "' . $Filter['filter.year'] . '"');
}
//Filtering by user
if (JAccess::check($user->get('id'), 'core.admin') != 1) {
//Get user id
$users = $user->get('id');
$userCheck = $params->get('show_all_users', 1);
$userCheck = (int) $userCheck + $params->get('show_nobody', 1);
if ($userCheck == 1) {
if ($params->get('show_all_users', 1)) {
$query->where('add_by >= 1');
}
if ($params->get('show_nobody', 1)) {
$users = '0,' . $users;
$query->where('add_by IN (' . $users . ')');
}
} elseif ($userCheck == 0) {
$query->where('add_by = ' . $users . '');
}
}
// Get the genre items.
$db->setQuery($query);
$genre_items = $db->loadObjectList();
// Check for a database error.
if ($db->getErrorNum()) {
JError::raiseWarning(500, $db->getErrorMsg());
}
return $genre_items;
}
/**
* Method for to get a list of valid albums for the filter menu
*
* @return JTable A database object
* @since 0.9.460
*/
public function getFilterOptionsAlbums()
{
//Get User Objects
$user = JFactory::getUser();
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('album As value, album As text');
$query->order('a.album');
$query->group('a.album');
// Filter by Artist / Band.
if ($artist = $this->getState('filter.artist')) {
$query->where('a.artist = "' . $artist . '"');
}
// Filter by Category.
if ($category_id = $this->getState('filter.category_id')) {
$query->where('a.catid = ' . $category_id);
}
// Filter by Category.
if ($user_id = $this->getState('filter.user_id')) {
$query->where('a.add_by = ' . $user_id);
}
// Filter by Album.
if ($album = $this->getState('filter.album')) {
$query->where('a.album = "' . $album . '"');
}
// Filter by Year.
if ($year = $this->getState('filter.year')) {
$query->where('a.year = ' . $year);
}
// Filter by User.
if (JAccess::check($user->get('id'), 'core.admin') != 1) {
$query->where('a.add_by = ' . $user->get('id'));
}
$query->from('#__jpaudiotracks AS a');
// Get the options.
$db->setQuery($query);
$options = $db->loadObjectList();
// Check for a database error.
if ($db->getErrorNum()) {
JError::raiseWarning(500, $db->getErrorMsg());
}
return $options;
}
*
* @PlayJoom Component
* @copyright Copyright (C) 2010-2012 by www.teglo.info
* @license http://www.gnu.org/copyleft/gpl.html GNU/GPL
* @date $Date$
* @revision $Revision$
* @author $Author$
* @headurl $HeadURL$
*/
// No direct access to this file
defined('_JEXEC') or die('Restricted Access');
//Get User Objects
$user = JFactory::getUser();
$canDo = PlayJoomHelper::getActions();
foreach ($this->items as $i => $item) {
echo '<tr class="row' . $i % 2 . '">';
echo '<td>' . $item->id . '</td>';
echo '<td>' . JHtml::_('grid.id', $i, $item->id) . '</td>';
echo '<td>';
if ($canDo->get('core.edit') || JAccess::check($user->get('id'), 'core.admin') == 1) {
echo '<a href="' . JRoute::_('index.php?option=com_playjoom&task=album.edit&id=' . $item->id) . '">';
echo $item->title;
echo '</a>';
} else {
echo $item->title;
}
echo '</td>';
echo '<td>' . $item->artist . '</td>';
echo '<td>' . $item->category . '</td>';
echo '</tr>';
}
/**
* Batch to change the filter of a track.
*
* @param integer $value The new value matching a User ID.
* @param array $pks An array of row IDs.
* @param array $contexts An array of item contexts.
*
* @return boolean True if successful, false otherwise and internal error is set.
*
* @since 0.9.5xx
*/
protected function batchTrackfilter($value, $pks, $contexts)
{
// Set the variables
$user = JFactory::getUser();
$canDo = PlayJoomHelper::getActions();
$userId = $user->get('id');
$table = $this->getTable();
$datetime = JFactory::getDate('now', null);
foreach ($pks as $pk) {
if ($canDo->get('core.edit') || JAccess::check($user->get('id'), 'core.admin') == 1) {
$table->reset();
$table->load($pk);
$table->trackfilterid = (int) $value;
$table->mod_datetime = $datetime;
$table->mod_by = $userId;
if (!$table->store()) {
$this->setError($table->getError());
return false;
}
} else {
$this->setError(JText::_('JLIB_APPLICATION_ERROR_BATCH_CANNOT_EDIT'));
return false;
}
}
// Clean the cache
$this->cleanCache();
return true;
}
function delete()
{
$mainframe = JFactory::getApplication();
$user = JFactory::getUser();
$cid = JRequest::getVar('cid');
JArrayHelper::toInteger($cid);
$db = JFactory::getDBO();
if (in_array($user->id, $cid)) {
foreach ($cid as $key => $id) {
if ($id == $user->id) {
unset($cid[$key]);
}
}
$mainframe->enqueueMessage(JText::_('K2_YOU_CANNOT_DELETE_YOURSELF'), 'notice');
}
if (count($cid) < 1) {
$mainframe->enqueueMessage(JText::_('K2_DELETE_COMPLETED'));
$mainframe->redirect('index.php?option=com_k2&view=users');
}
if (K2_JVERSION != '15') {
JPluginHelper::importPlugin('user');
$dispatcher = JDispatcher::getInstance();
$iAmSuperAdmin = $user->authorise('core.admin');
foreach ($cid as $key => $id) {
$table = JTable::getInstance('user');
$table->load($id);
$allow = $user->authorise('core.delete', 'com_users');
// Don't allow non-super-admin to delete a super admin
$allow = !$iAmSuperAdmin && JAccess::check($id, 'core.admin') ? false : $allow;
if ($allow) {
// Get users data for the users to delete.
$user_to_delete = JFactory::getUser($id);
// Fire the onUserBeforeDelete event.
$dispatcher->trigger('onUserBeforeDelete', array($table->getProperties()));
if (!$table->delete($id)) {
$this->setError($table->getError());
return false;
} else {
// Trigger the onUserAfterDelete event.
$dispatcher->trigger('onUserAfterDelete', array($user_to_delete->getProperties(), true, $this->getError()));
}
} else {
// Prune items that you can't change.
unset($cid[$key]);
JError::raiseWarning(403, JText::_('JERROR_CORE_DELETE_NOT_PERMITTED'));
}
}
$IDsToDelete = $cid;
} else {
$query = "SELECT * FROM #__users WHERE id IN(" . implode(',', $cid) . ") AND gid<={$user->gid}";
$db->setQuery($query);
$IDsToDelete = K2_JVERSION == '30' ? $db->loadColumn() : $db->loadResultArray();
$query = "DELETE FROM #__users WHERE id IN(" . implode(',', $IDsToDelete) . ") AND id!={$user->id}";
$db->setQuery($query);
$db->query();
}
$query = "DELETE FROM #__k2_users WHERE userID IN(" . implode(',', $IDsToDelete) . ") AND userID!={$user->id}";
$db->setQuery($query);
$db->query();
$mainframe->enqueueMessage(JText::_('K2_DELETE_COMPLETED'));
$mainframe->redirect('index.php?option=com_k2&view=users');
}
/**
* Method to approve user records.
*
* @param array &$pks The ids of the items to approve.
*
* @return boolean True on success.
*/
function approve(&$pks)
{
// Check if I am a Super Admin
$iAmSuperAdmin = User::authorise('core.admin');
$table = $this->getTable();
$pks = (array) $pks;
// Access checks.
foreach ($pks as $i => $pk) {
if ($table->load($pk)) {
$old = $table->getProperties();
$allow = User::authorise('core.edit.state', 'com_users');
// Don't allow non-super-admin to delete a super admin
$allow = !$iAmSuperAdmin && JAccess::check($pk, 'core.admin') ? false : $allow;
if ($allow) {
$table->approved = 1;
// Allow an exception to be thrown.
try {
if (!$table->check()) {
$this->setError($table->getError());
return false;
}
// Trigger the onUserBeforeSave event.
$result = Event::trigger('user.onUserBeforeSave', array($old, false, $table->getProperties()));
if (in_array(false, $result, true)) {
// Plugin will have to raise it's own error or throw an exception.
return false;
}
// Store the table.
if (!$table->store()) {
$this->setError($table->getError());
return false;
}
// Fire the onAftereStoreUser event
Event::trigger('user.onUserAfterSave', array($table->getProperties(), false, true, null));
} catch (Exception $e) {
$this->setError($e->getMessage());
return false;
}
} else {
// Prune items that you can't change.
unset($pks[$i]);
Notify::warning(Lang::txt('JLIB_APPLICATION_ERROR_EDITSTATE_NOT_PERMITTED'));
}
}
}
return true;
}
public static function getFilteritems($trackfilterid)
{
//Get User objects
$user = JFactory::getUser();
//For getting the xml parameters
$app = JFactory::getApplication();
$params = $app->getParams();
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('a.album, a.year, a.artist, a.catid');
$query->where('a.artist = "' . base64_decode(JRequest::getVar('artist')) . '" AND a.trackfilterid =' . $trackfilterid);
$query->order('a.year');
$query->group('a.album');
// Join over the categories.
$query->select('c.title AS category_title');
$query->join('LEFT', '#__categories AS c ON c.id = a.catid');
// Implement View Level Access
if (!$user->authorise('core.admin') && !$params->get('show_noauth', 1)) {
$groups = implode(',', $user->getAuthorisedViewLevels());
$groups = '0,' . $groups;
$query->where('a.access IN (' . $groups . ')');
}
//Filtering by user
if (JAccess::check($user->get('id'), 'core.admin') != 1) {
//Get user id
$users = $user->get('id');
$userCheck = $params->get('show_all_users', 1);
$userCheck = (int) $userCheck + $params->get('show_nobody', 1);
if ($userCheck == 1) {
if ($params->get('show_all_users', 1)) {
$query->where('a.add_by >= 1');
}
if ($params->get('show_nobody', 1)) {
$users = '0,' . $users;
$query->where('a.add_by IN (' . $users . ')');
}
} elseif ($userCheck == 0) {
$query->where('a.add_by = ' . $users . '');
}
}
$query->from('#__jpaudiotracks AS a');
// Get the options.
$db->setQuery($query);
$album_list = $db->loadObjectList();
// Check for a database error.
if ($db->getErrorNum()) {
JError::raiseWarning(500, $db->getErrorMsg());
}
return $album_list;
}
/**
* Method to activate user records.
*
* @param array &$pks The ids of the items to activate.
*
* @return boolean True on success.
*
* @since 1.6
*/
public function activate(&$pks)
{
$dispatcher = JEventDispatcher::getInstance();
$user = JFactory::getUser();
// Check if I am a Super Admin
$iAmSuperAdmin = $user->authorise('core.admin');
$table = $this->getTable();
$pks = (array) $pks;
JPluginHelper::importPlugin($this->events_map['save']);
// Access checks.
foreach ($pks as $i => $pk) {
if ($table->load($pk)) {
$old = $table->getProperties();
$allow = $user->authorise('core.edit.state', 'com_users');
// Don't allow non-super-admin to delete a super admin
$allow = !$iAmSuperAdmin && JAccess::check($pk, 'core.admin') ? false : $allow;
if (empty($table->activation)) {
// Ignore activated accounts.
unset($pks[$i]);
} elseif ($allow) {
$table->block = 0;
$table->activation = '';
// Allow an exception to be thrown.
try {
if (!$table->check()) {
$this->setError($table->getError());
return false;
}
// Trigger the before save event.
$result = $dispatcher->trigger($this->event_before_save, array($old, false, $table->getProperties()));
if (in_array(false, $result, true)) {
// Plugin will have to raise it's own error or throw an exception.
return false;
}
// Store the table.
if (!$table->store()) {
$this->setError($table->getError());
return false;
}
// Fire the after save event
$dispatcher->trigger($this->event_after_save, array($table->getProperties(), false, true, null));
} catch (Exception $e) {
$this->setError($e->getMessage());
return false;
}
} else {
// Prune items that you can't change.
unset($pks[$i]);
JError::raiseWarning(403, JText::_('JLIB_APPLICATION_ERROR_EDITSTATE_NOT_PERMITTED'));
}
}
}
return true;
}
/**
* Method for to get a list of valid genres for the filter menu
*
* @return JTable A database object
* @since 0.9.460
*/
public function getFilterOptionsGenres()
{
$dispatcher = JDispatcher::getInstance();
//Get User Objects
$user = JFactory::getUser();
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('catid As value');
$query->group('a.catid');
// Join over the categories.
$query->select('c.title AS text');
$query->join('LEFT', '#__categories AS c ON c.id = a.catid');
// Filter by Artist / Band.
if ($artist = $this->getState('filter.artist')) {
$query->where('a.artist = "' . $artist . '"');
}
// Filter by Category.
if ($category_id = $this->getState('filter.category_id')) {
$query->where('a.catid = ' . $category_id);
}
// Filter by Category.
if ($user_id = $this->getState('filter.user_id')) {
$query->where('a.add_by = ' . $user_id);
}
// Filter by Album.
if ($album = $this->getState('filter.album')) {
$query->where('a.album = "' . $album . '"');
}
// Filter by Year.
if ($year = $this->getState('filter.year')) {
$query->where('a.year = ' . $year);
}
// Filter by User.
if (JAccess::check($user->get('id'), 'core.admin') != 1) {
$query->where('a.add_by = ' . $user->get('id'));
}
$query->from('#__jpaudiotracks AS a');
// Get the options.
$db->setQuery($query);
$options = $db->loadObjectList();
// Check for a database error.
if ($db->getErrorNum()) {
$dispatcher->trigger('onEventLogging', array(array('method' => __METHOD__ . ":" . __LINE__, 'message' => 'Problem with database query: ' . $db->getErrorMsg(), 'priority' => JLog::ERROR, 'section' => 'site')));
JError::raiseWarning(500, $db->getErrorMsg());
}
return $options;
}
public static function getAlbumItems($AlbumName)
{
//Get User objects
$user = JFactory::getUser();
//For getting the xml parameters
$app = JFactory::getApplication();
$params = $app->getParams();
$db = JFactory::getDbo();
$query = $db->getQuery(true);
//$query->setState('list.limit', 5);
$query->select('a.id, a.title, a.album, a.length, a.hits, a.pathatlocal, a.file');
//$query->order('a.create_date', 'DESC');
$query->from('#__jpaudiotracks AS a');
$query->where('a.album="' . $AlbumName . '"');
$query->order('RAND()');
// Implement View Level Access
if (!$user->authorise('core.admin') && !$params->get('show_noauth', 1)) {
$groups = implode(',', $user->getAuthorisedViewLevels());
$groups = '0,' . $groups;
$query->where('a.access IN (' . $groups . ')');
}
//Filtering by user
if (JAccess::check($user->get('id'), 'core.admin') != 1) {
//Get user id
$users = $user->get('id');
$userCheck = $params->get('show_all_users', 1);
$userCheck = (int) $userCheck + $params->get('show_nobody', 1);
if ($userCheck == 1) {
if ($params->get('show_all_users', 1)) {
$query->where('add_by >= 1');
}
if ($params->get('show_nobody', 1)) {
$users = '0,' . $users;
$query->where('add_by IN (' . $users . ')');
}
} elseif ($userCheck == 0) {
$query->where('add_by = ' . $users . '');
}
}
// Get the genre items.
$db->setQuery($query);
$genre_items = $db->loadObjectList();
// Check for a database error.
if ($db->getErrorNum()) {
JError::raiseWarning(500, $db->getErrorMsg());
}
return $genre_items;
}
public static function getArtistItems($CatID)
{
//Get PlayJoom maccess config
$app = JFactory::getApplication();
$params = $app->getParams();
//Get User Objects
$user = JFactory::getUser();
$db = JFactory::getDbo();
$query = $db->getQuery(true);
//$query->setState('list.limit', 5);
$query->select('a.artist, a.catid');
//$query->order('a.create_date', 'DESC');
$query->from('#__jpaudiotracks AS a');
$query->where('a.catid="' . $CatID . '"');
//Filtering by user
if (JAccess::check($user->get('id'), 'core.admin') != 1) {
//Get user id
$users = $user->get('id');
$userCheck = $params->get('show_all_users', 1);
$userCheck = (int) $userCheck + $params->get('show_nobody', 1);
if ($userCheck == 1) {
if ($params->get('show_all_users', 1)) {
$query->where('add_by >= 1');
}
if ($params->get('show_nobody', 1)) {
$users = '0,' . $users;
$query->where('add_by IN (' . $users . ')');
}
} elseif ($userCheck == 0) {
$query->where('add_by = ' . $users . '');
}
}
// Implement View Level Access
if (!$user->authorise('core.admin') && !$params->get('show_noauth', 1)) {
$groups = implode(',', $user->getAuthorisedViewLevels());
$groups = '0,' . $groups;
$query->where('a.access IN (' . $groups . ')');
}
$query->group('a.artist');
// Get the genre items.
$db->setQuery($query);
$genre_items = $db->loadObjectList();
// Check for a database error.
if ($db->getErrorNum()) {
JError::raiseWarning(500, $db->getErrorMsg());
}
return $genre_items;
}
* @headurl $HeadURL: http://dev.teglo.info/svn/playjoom/components/com_playjoom/views/genres/tmpl/default_filter.php $
*/
// No direct access to this file
defined('_JEXEC') or die('Restricted Access');
JLoader::import('helpers.genres', JPATH_SITE . DIRECTORY_SEPARATOR . 'components' . DIRECTORY_SEPARATOR . 'com_playjoom');
JHtml::_('formbehavior.chosen', 'select');
//Get User objects
$user = JFactory::getUser();
echo '<fieldset class="batch">';
echo '<legend>' . JText::_('JSEARCH_FILTER_LABEL') . '</legend>';
echo '<input type="text" name="filter_search" id="filter_search" value="' . $this->escape($this->state->get('filter.search')) . '" title="' . JText::_('COM_CONTENT_FILTER_SEARCH_DESC') . '" />';
echo '<button type="submit" class="small button">' . JText::_('JSEARCH_FILTER_SUBMIT') . '</button>';
echo '<button type="button" class="small button" onclick="document.id(\'filter_search\').value=\'\';this.form.submit();">' . JText::_('JSEARCH_FILTER_CLEAR') . '</button>';
echo '<p class="filter-selector">';
echo '<select name="filter_artist" class="PJ-filtermenu" onchange="this.form.submit()">';
echo '<option value="">' . JText::_('COM_PLAYJOOM_FILTER_ARTIST') . '</option>';
echo JHtml::_('select.options', PlayJoomGenresHelper::getOptions('artist'), 'value', 'text', $this->state->get('filter.artist'));
echo '</select>';
echo '<select name="filter_year" class="PJ-filtermenu" onchange="this.form.submit()">';
echo '<option value="">' . JText::_('COM_PLAYJOOM_FILTER_YEAR') . '</option>';
echo JHtml::_('select.options', PlayJoomGenresHelper::getOptions('year'), 'value', 'text', $this->state->get('filter.year'));
echo '</select>';
if ($this->params->get('show_all_users', 1) || JAccess::check($user->get('id'), 'core.admin') == 1) {
echo '<select name="filter_user_id" class="PJ-filtermenu" onchange="this.form.submit()">';
echo '<option value="">' . JText::_('COM_PLAYJOOM_FILTER_USER') . '</option>';
echo JHtml::_('select.options', $this->authors, 'value', 'text', $this->state->get('filter.user_id'));
echo '</select>';
}
echo '</p>';
echo '</fieldset>';
echo '<div class="divider-view"></div>';
/**
* Method to check User object authorisation against an access control
* object and optionally an access extension object
*
* @param string $action The name of the action to check for permission.
* @param string $assetname The name of the asset on which to perform the action.
* @return boolean True if authorised
* @since 2.1.0
*/
public function authorise($action, $assetname = null)
{
// Make sure we only check for core.admin once during the run.
if ($this->isRoot === null) {
$this->isRoot = false;
// Check for the configuration file failsafe.
$rootUser = \App::get('config')->get('root_user');
// The root_user variable can be a numeric user ID or a username.
if (is_numeric($rootUser) && $this->get('id') > 0 && $this->get('id') == $rootUser) {
$this->isRoot = true;
} elseif ($this->username && $this->username == $rootUser) {
$this->isRoot = true;
} else {
// Get all groups against which the user is mapped.
$identities = $this->getAuthorisedGroups();
array_unshift($identities, $this->get('id') * -1);
if (\JAccess::getAssetRules(1)->allow('core.admin', $identities)) {
$this->isRoot = true;
return true;
}
}
}
return $this->isRoot ? true : \JAccess::check($this->get('id'), $action, $assetname);
}
</th>
<th class="nowrap id-col">
<?php
echo JHtml::_('grid.sort', 'JGRID_HEADING_ID', 'a.id', $listDirn, $listOrder);
?>
</th>
</tr>
</thead>
<tbody>
<?php
foreach ($this->items as $i => $item) {
$canEdit = $this->canDo->get('core.edit');
$canChange = $loggeduser->authorise('core.edit.state', 'com_users');
// If this group is super admin and this user is not super admin, $canEdit is false
if (!$loggeduser->authorise('core.admin') && JAccess::check($item->id, 'core.admin')) {
$canEdit = false;
$canChange = false;
}
?>
<tr class="row<?php
echo $i % 2;
?>
">
<td>
<?php
if ($canEdit) {
?>
<?php
echo JHtml::_('grid.id', $i, $item->id);
?>
public static function activate($params)
{
$result = array();
$result['success'] = true;
if(empty($params['allow_work']))
{
$result['success'] = false;
$result['title'] = 'Error';
$result['content'] = JText::_("Error");
return $result;
}
unset($params['allow_work']);
//oseExit($params);
$db = oseDB::instance();
$post = JRequest::get('post');
$msc_id = $params['msc_id'];
$member_id = $params['member_id'];
if(empty($msc_id))
{
$result['success'] = false;
$result['title'] = 'Error';
$result['content'] = JText::_("Renew Msc: No Msc ID");
return $result;
}
// get the groupid of msc
$query = "SELECT * FROM `#__osemsc_ext` WHERE `id` = '{$msc_id}' AND `type` = 'jgroup'";
$db->setQuery($query);
$data = $db->loadObject();
if(empty($data) || JAccess::check($member_id, 'core.admin'))
{
$result['success'] = true;
$result['title'] = JText::_('Done');
$result['content'] = JText::_("Done");
return $result;
}
$data = oseJson::decode($data->params);
if(empty($data->jgroup_id))
{
$result['success'] = true;
$result['title'] = JText::_('Done');
$result['content'] = JText::_("Done");
return $result;
}
$user = JUser::getInstance($member_id);
$group['groups'] = array_merge($user->groups,(array)$data->jgroup_id);
$group['groups'] = array_unique( $group['groups']);
$user->bind($group);
if (!$user->save()) {
$result['success'] = false;
$result['title'] = 'Error';
$result['content'] = JText::_("Error");
return $result;
}
$result['success'] = true;
$result['title'] = JText::_('Done');
$result['content'] = JText::_("Done");
return $result;
}
