/**
* Apply database structure updates
*/
public function structure()
{
$PM = new PermissionModel();
$PM->define(array('Plugins.PostUrl.Allow' => 'Plugins.PostUrl.Allow'));
$Structure = Gdn::structure();
$Structure->table('PostUrl')->column('DiscussionID', 'int(11)', false, 'unique')->column('PostUrlValue', 'int(11)')->column('DateInserted', 'datetime')->set(false, false);
}
/**
* Delete a model
* @param PermissionModel $model The model we want to delete
* @param Player $me The user who wants to delete the model
* @param Closure|null $onSuccess Something to do when the model is deleted
* @throws ForbiddenException
* @return mixed The response to show to the user
*/
protected function delete(PermissionModel $model, Player $me, $onSuccess = null)
{
if ($model->isDeleted()) {
// We will have to hard delete the model
$hard = true;
$message = 'hardDelete';
$action = 'Erase forever';
} else {
$hard = false;
$message = 'softDelete';
$action = 'Delete';
}
if (!$this->canDelete($me, $model, $hard)) {
throw new ForbiddenException($this->getMessage($model, $message, 'forbidden'));
}
$successMessage = $this->getMessage($model, $message, 'success');
$redirection = $this->redirectToList($model);
return $this->showConfirmationForm(function () use($model, $hard, $redirection, $onSuccess) {
if ($hard) {
$model->wipe();
} else {
$model->delete();
}
if ($onSuccess) {
$response = $onSuccess();
if ($response instanceof Response) {
return $response;
}
}
return $redirection;
}, $this->getMessage($model, $message, 'confirm'), $successMessage, $action);
}
public function toString()
{
$Form = $this->_Sender->Form;
$this->_Sender->addJsFile('condition.js');
if ($Form->authenticatedPostBack()) {
// Grab the conditions from the form and convert them to the conditions array.
$this->Conditions($this->_FromForm());
} else {
}
$this->Types = array_merge(array('' => '(' . sprintf(t('Select a %s'), t('Condition Type', 'Type')) . ')'), Gdn_Condition::AllTypes());
//die(print_r($this->Types));
// Get all of the permissions that are valid for the permissions dropdown.
$PermissionModel = new PermissionModel();
$Permissions = $PermissionModel->GetGlobalPermissions(0);
$Permissions = array_keys($Permissions);
sort($Permissions);
$Permissions = array_combine($Permissions, $Permissions);
$Permissions = array_merge(array('' => '(' . sprintf(t('Select a %s'), t('Permission')) . ')'), $Permissions);
$this->Permissions = $Permissions;
// Get all of the roles.
$RoleModel = new RoleModel();
$Roles = $RoleModel->getArray();
$Roles = array_merge(array('-' => '(' . sprintf(t('Select a %s'), t('Role')) . ')'), $Roles);
$this->Roles = $Roles;
$this->Form = $Form;
return parent::ToString();
}
/**
* Edit an existing action or add a new one
*
* @param int $ActionID
*/
public function Edit($ActionID = NULL)
{
$this->Permission('Yaga.Reactions.Manage');
$this->AddSideMenu('action/settings');
$this->Form->SetModel($this->ActionModel);
$Edit = FALSE;
$this->Title(T('Yaga.Action.Add'));
if ($ActionID) {
$this->Action = $this->ActionModel->GetByID($ActionID);
$this->Form->AddHidden('ActionID', $ActionID);
$Edit = TRUE;
$this->Title(T('Yaga.Action.Edit'));
}
// This is just a list of all the images in the action icons folder
$this->SetData('Icons', array('Happy', 'Happy2', 'Smiley', 'Smiley2', 'Tongue', 'Tongue2', 'Sad', 'Sad2', 'Wink', 'Wink2', 'Grin', 'Shocked', 'Confused', 'Confused2', 'Neutral', 'Neutral2', 'Wondering', 'Wondering2', 'PointUp', 'PointRight', 'PointDown', 'PointLeft', 'ThumbsUp', 'ThumbsUp2', 'Shocked2', 'Evil', 'Evil2', 'Angry', 'Angry2', 'Heart', 'Heart2', 'HeartBroken', 'Star', 'Star2', 'Grin2', 'Cool', 'Cool2', 'Question', 'Notification', 'Warning', 'Spam', 'Blocked', 'Eye', 'Eye2', 'EyeBlocked', 'Flag', 'BrightnessMedium', 'QuotesLeft', 'Music', 'Pacman', 'Bullhorn', 'Rocket', 'Fire', 'Hammer', 'Target', 'Lightning', 'Shield', 'CheckmarkCircle', 'Lab', 'Leaf', 'Dashboard', 'Droplet', 'Feed', 'Support', 'Hammer2', 'Wand', 'Cog', 'Gift', 'Trophy', 'Magnet', 'Switch', 'Globe', 'Bookmark', 'Bookmarks', 'Star3', 'Info', 'Info2', 'CancelCircle', 'Checkmark', 'Close'));
// Load up all permissions
$PermissionModel = new PermissionModel();
$Permissions = $PermissionModel->PermissionColumns();
unset($Permissions['PermissionID']);
$PermissionKeys = array_keys($Permissions);
$PermissionList = array_combine($PermissionKeys, $PermissionKeys);
$this->SetData('Permissions', $PermissionList);
if ($this->Form->IsPostBack() == FALSE) {
if (property_exists($this, 'Action')) {
$this->Form->SetData($this->Action);
} else {
$this->Form->SetData(array('Permission' => 'Yaga.Reactions.Add'));
}
} else {
if ($this->Form->Save()) {
if ($Edit) {
$Action = $this->ActionModel->GetByID($this->Form->GetFormValue('ActionID'));
} else {
$Action = $this->ActionModel->GetNewestAction();
}
$NewActionRow = ActionRow($Action);
if ($Edit) {
$this->JsonTarget('#ActionID_' . $this->Action->ActionID, $NewActionRow, 'ReplaceWith');
$this->InformMessage(T('Yaga.ActionUpdated'));
} else {
$this->JsonTarget('#Actions', $NewActionRow, 'Append');
$this->InformMessage(T('Yaga.Action.Added'));
}
}
}
$this->Render('edit');
}
/**
* Determine if the user may perform the given permission.
*
* @param Permission $permission
*
* @return bool
*/
public function hasPermission($permission)
{
// if passed a permission name, find it
if (is_string($permission)) {
$permission = PermissionModel::whereName($permission)->first();
if (!$permission) {
return false;
}
}
// does user have roles with this permission
return $this->hasRole($permission->roles);
}
/**
* The summary of all settings available.
*
* The menu items displayed here are collected from each application's
* application controller and all plugin's definitions.
*
* @since 2.0.0
* @access public
*/
public function index()
{
$this->ApplicationFolder = 'dashboard';
$this->MasterView = 'setup';
// Fatal error if Garden has already been installed.
$Installed = c('Garden.Installed');
if ($Installed) {
$this->View = "AlreadyInstalled";
$this->render();
return;
}
if (!$this->_CheckPrerequisites()) {
$this->View = 'prerequisites';
} else {
$this->View = 'configure';
// Make sure the user has copied the htaccess file over.
if (!file_exists(PATH_ROOT . '/.htaccess') && !$this->Form->getFormValue('SkipHtaccess')) {
$this->setData('NoHtaccess', true);
$this->Form->addError(t('You are missing Vanilla\'s .htaccess file.', 'You are missing Vanilla\'s <b>.htaccess</b> file. Sometimes this file isn\'t copied if you are using ftp to upload your files because this file is hidden. Make sure you\'ve copied the <b>.htaccess</b> file before continuing.'));
}
$ApplicationManager = new Gdn_ApplicationManager();
// Need to go through all of the setups for each application. Garden,
if ($this->configure() && $this->Form->isPostBack()) {
// Get list of applications to enable during install
// Override by creating the config and adding this setting before install begins
$AppNames = c('Garden.Install.Applications', array('Conversations', 'Vanilla'));
try {
// Step through the available applications, enabling each of them.
foreach ($AppNames as $AppName) {
$Validation = new Gdn_Validation();
$ApplicationManager->RegisterPermissions($AppName, $Validation);
$ApplicationManager->EnableApplication($AppName, $Validation);
}
Gdn::pluginManager()->start(true);
} catch (Exception $ex) {
$this->Form->addError($ex);
}
if ($this->Form->errorCount() == 0) {
// Save a variable so that the application knows it has been installed.
// Now that the application is installed, select a more user friendly error page.
$Config = array('Garden.Installed' => true);
saveToConfig($Config);
$this->fireEvent('Installed');
PermissionModel::ResetAllRoles();
// Go to the dashboard
redirect('/settings/gettingstarted');
}
}
}
$this->render();
}
/**
* Provide default permissions for roles, based on the value in their Type column.
*
* @param PermissionModel $Sender Instance of permission model that fired the event
*/
public function permissionModel_defaultPermissions_handler($Sender)
{
$Sender->addDefault(RoleModel::TYPE_MEMBER, array('Conversations.Conversations.Add' => 1));
$Sender->addDefault(RoleModel::TYPE_MODERATOR, array('Conversations.Conversations.Add' => 1));
$Sender->addDefault(RoleModel::TYPE_ADMINISTRATOR, array('Conversations.Conversations.Add' => 1));
}
/**
* Check whether a user has access to view discussions in a particular category.
*
* @since 2.0.18
* @example $UserModel->GetCategoryViewPermission($UserID, $CategoryID).
*
* @param $Sender UserModel.
* @return bool Whether user has permission.
*/
public function UserModel_GetCategoryViewPermission_Create($Sender)
{
static $PermissionModel = NULL;
$UserID = ArrayValue(0, $Sender->EventArguments, '');
$CategoryID = ArrayValue(1, $Sender->EventArguments, '');
$Permission = GetValue(2, $Sender->EventArguments, 'Vanilla.Discussions.View');
if ($UserID && $CategoryID) {
if ($PermissionModel === NULL) {
$PermissionModel = new PermissionModel();
}
$Category = CategoryModel::Categories($CategoryID);
if ($Category) {
$PermissionCategoryID = $Category['PermissionCategoryID'];
} else {
$PermissionCategoryID = -1;
}
$Result = $PermissionModel->GetUserPermissions($UserID, $Permission, 'Category', 'PermissionCategoryID', 'CategoryID', $PermissionCategoryID);
return GetValue($Permission, GetValue(0, $Result), FALSE) ? TRUE : FALSE;
}
return FALSE;
}
/**
* Find whether the player can edit a model
*
* @param PermissionModel $model The model which will be edited
* @return boolean
*/
public function canEdit($model)
{
return $model->canBeEditedBy($this);
}
public function InsertPermissionTable()
{
// $this->LoadState();
// Clear the permission table in case the step was only half done before.
$this->SQL->Delete('Permission', array('RoleID <>' => 0));
// Grab all of the permission columns.
$PM = new PermissionModel();
$GlobalColumns = array_filter($PM->PermissionColumns());
unset($GlobalColumns['PermissionID']);
$JunctionColumns = array_filter($PM->PermissionColumns('Category', 'PermissionCategoryID'));
unset($JunctionColumns['PermissionID']);
$JunctionColumns = array_merge(array('JunctionTable' => 'Category', 'JunctionColumn' => 'PermissionCategoryID', 'JunctionID' => -1), $JunctionColumns);
if ($this->ImportExists('Permission', 'JunctionTable')) {
$ColumnSets = array(array_merge($GlobalColumns, $JunctionColumns));
$ColumnSets[0]['JunctionTable'] = NULL;
$ColumnSets[0]['JunctionColumn'] = NULL;
$ColumnSets[0]['JunctionID'] = NULL;
} else {
$ColumnSets = array($GlobalColumns, $JunctionColumns);
}
$Data = $this->SQL->Get('zPermission')->ResultArray();
foreach ($Data as $Row) {
$Presets = array_map('trim', explode(',', GetValue('_Permissions', $Row)));
foreach ($ColumnSets as $ColumnSet) {
$Set = array();
$Set['RoleID'] = $Row['RoleID'];
foreach ($Presets as $Preset) {
if (strpos($Preset, '.') !== FALSE) {
// This preset is a specific permission.
if (array_key_exists($Preset, $ColumnSet)) {
$Set["`{$Preset}`"] = 1;
}
continue;
}
$Preset = strtolower($Preset);
foreach ($ColumnSet as $ColumnName => $Default) {
if (isset($Row[$ColumnName])) {
$Value = $Row[$ColumnName];
} elseif (strpos($ColumnName, '.') === FALSE) {
$Value = $Default;
} elseif ($Preset == 'all') {
$Value = 1;
} elseif ($Preset == 'view') {
$Value = StringEndsWith($ColumnName, 'View', TRUE) && !in_array($ColumnName, array('Garden.Settings.View'));
} elseif ($Preset == $ColumnName) {
$Value = 1;
} else {
$Value = $Default & 1;
}
$Set["`{$ColumnName}`"] = $Value;
}
}
$this->SQL->Insert('Permission', $Set);
unset($Set);
}
}
return TRUE;
}
/**
* Apply database structure updates
*/
public function Structure()
{
$PM = new PermissionModel();
$PM->Define(array('Plugins.Tagging.Add' => 'Garden.Profiles.Edit'));
}
/**
* Reset all role permissions based on role type.
*/
public function resetPermissions()
{
$this->permission('Garden.Settings.Manage');
if ($this->Request->isAuthenticatedPostBack()) {
PermissionModel::resetAllRoles();
$this->setData('Result', array('Complete' => true));
}
$this->setData('Title', 'Reset all role permissions');
$this->_setJob($this->data('Title'));
$this->addSideMenu();
$this->render('Job');
}
/**
* Add the permissions from a permissions array to this session's permissions.
*
* @param array $perms The permissions to add.
*/
public function addPermissions($perms)
{
$this->_Permissions = PermissionModel::addPermissions($this->_Permissions, $perms);
}
/**
* If any role has no permission records, set Member-like permissions on it.
*
* @return array
*/
public function fixPermissions()
{
$Roles = RoleModel::roles();
$RoleModel = new RoleModel();
$PermissionModel = new PermissionModel();
// Find roles missing permission records
foreach ($Roles as $RoleID => $Role) {
$Permissions = $this->SQL->select('*')->from('Permission p')->where('p.RoleID', $RoleID)->get()->resultArray();
if (!count($Permissions)) {
// Set basic permission record
$DefaultRecord = array('RoleID' => $RoleID, 'JunctionTable' => null, 'JunctionColumn' => null, 'JunctionID' => null, 'Garden.Email.View' => 1, 'Garden.SignIn.Allow' => 1, 'Garden.Activity.View' => 1, 'Garden.Profiles.View' => 1, 'Garden.Profiles.Edit' => 1, 'Conversations.Conversations.Add' => 1);
$PermissionModel->save($DefaultRecord);
// Set default category permission
$DefaultCategory = array('RoleID' => $RoleID, 'JunctionTable' => 'Category', 'JunctionColumn' => 'PermissionCategoryID', 'JunctionID' => -1, 'Vanilla.Discussions.View' => 1, 'Vanilla.Discussions.Add' => 1, 'Vanilla.Comments.Add' => 1);
$PermissionModel->save($DefaultCategory);
}
}
return array('Complete' => true);
}
/**
* Check whether a user has access to view discussions in a particular category.
*
* @since 2.0.18
* @example $UserModel->GetCategoryViewPermission($UserID, $CategoryID).
*
* @param $Sender UserModel.
* @return bool Whether user has permission.
*/
public function userModel_getCategoryViewPermission_create($Sender)
{
static $PermissionModel = null;
$UserID = val(0, $Sender->EventArguments, '');
$CategoryID = val(1, $Sender->EventArguments, '');
$Permission = val(2, $Sender->EventArguments, 'Vanilla.Discussions.View');
if ($UserID && $CategoryID) {
if ($PermissionModel === null) {
$PermissionModel = new PermissionModel();
}
$Category = CategoryModel::categories($CategoryID);
if ($Category) {
$PermissionCategoryID = $Category['PermissionCategoryID'];
} else {
$PermissionCategoryID = -1;
}
$Result = $PermissionModel->getUserPermissions($UserID, $Permission, 'Category', 'PermissionCategoryID', 'CategoryID', $PermissionCategoryID);
return val($Permission, val(0, $Result), false) ? true : false;
}
return false;
}
public function InsertPermissionTable()
{
if ($this->ImportExists('Permission', 'JunctionTable')) {
$this->_InsertTable('Permission');
return TRUE;
}
// Clear the permission table in case the step was only half done before.
$this->SQL->Delete('Permission', array('RoleID <>' => 0));
// Grab all of the permission columns.
$PM = new PermissionModel();
$GlobalColumns = array_filter($PM->PermissionColumns());
unset($GlobalColumns['PermissionID']);
$JunctionColumns = array_filter($PM->PermissionColumns('Category', 'PermissionCategoryID'));
unset($JunctionColumns['PermissionID']);
$JunctionColumns = array_merge(array('JunctionTable' => 'Category', 'JunctionColumn' => 'PermissionCategoryID', 'JunctionID' => -1), $JunctionColumns);
$ColumnSets = array($GlobalColumns, $JunctionColumns);
$Data = $this->SQL->Get('zPermission')->ResultArray();
foreach ($Data as $Row) {
$Preset = strtolower(GetValue('_Permissions', $Row));
foreach ($ColumnSets as $ColumnSet) {
$Set = array();
$Set['RoleID'] = $Row['RoleID'];
foreach ($ColumnSet as $ColumnName => $Default) {
if (isset($Row[$ColumnName])) {
$Value = $Row[$ColumnName];
} elseif (strpos($ColumnName, '.') === FALSE) {
$Value = $Default;
} elseif ($Preset == 'all') {
$Value = 1;
} elseif ($Preset == 'view') {
$Value = StringEndsWith($ColumnName, 'View', TRUE);
} else {
$Value = $Default & 1;
}
$Set["`{$ColumnName}`"] = $Value;
}
$this->SQL->Insert('Permission', $Set);
unset($Set);
}
}
return TRUE;
}
/**
* Test that a permission is marked as expired
*/
public function testPermissionIsExpired()
{
$ds = $this->buildMock(true);
$perm = new PermissionModel($ds, ['id' => 1234, 'expire' => strtotime('-1 day')]);
$this->assertTrue($perm->isExpired());
}
/**
* After executing /settings/utility/update check if any role permissions have been changed, if not reset all the permissions on the roles.
*
* @param $sender
*/
public function updateModel_afterStructure_handler($sender)
{
// Only setup default permissions if no role permissions are set.
$hasPermissions = Gdn::sql()->getWhere('Permission', array('RoleID >' => 0))->firstRow(DATASET_TYPE_ARRAY);
if (!$hasPermissions) {
PermissionModel::resetAllRoles();
}
}
/**
* {@inheritDoc}
*/
public function delete()
{
$this->updateMatchCount(true);
$this->resetELOs();
return parent::delete();
}
/**
* Enable applications and create permisisions for roles.
*
* @return void
*/
protected function enableApplications()
{
$ApplicationManager = new Gdn_ApplicationManager();
$AppNames = c('Garden.Install.Applications', ['Conversations', 'Vanilla']);
foreach ($AppNames as $AppName) {
$Validation = new Gdn_Validation();
$ApplicationManager->RegisterPermissions($AppName, $Validation);
$ApplicationManager->EnableApplication($AppName, $Validation);
}
Gdn::pluginManager()->start(true);
// Flag the application as installed
saveToConfig('Garden.Installed', true);
// Setup default permissions for all roles
PermissionModel::ResetAllRoles();
}
/**
* Check whether a user has access to view discussions in a particular category.
*
* @since 2.0.18
* @example $UserModel->GetCategoryViewPermission($UserID, $CategoryID).
*
* @param $Sender UserModel.
* @return bool Whether user has permission.
*/
public function UserModel_GetCategoryViewPermission_Create($Sender) {
static $PermissionModel = NULL;
$UserID = ArrayValue(0, $Sender->EventArguments, '');
$CategoryID = ArrayValue(1, $Sender->EventArguments, '');
if ($UserID && $CategoryID) {
if ($PermissionModel === NULL)
$PermissionModel = new PermissionModel();
$Result = $PermissionModel->GetUserPermissions($UserID, 'Vanilla.Discussions.View', 'Category', 'PermissionCategoryID', 'CategoryID', $CategoryID);
return (ArrayValue('Vanilla.Discussions.View', $Result[0], FALSE)) ? TRUE : FALSE;
}
return FALSE;
}
