exit_error($GLOBALS["Language"]->getText('global', 'error'), $GLOBALS["Language"]->getText('plugin_forumml', 'specify_list'));
} else {
$list_id = $request->get('list');
if (!user_isloggedin() || !mail_is_list_public($list_id) && !user_ismember($group_id)) {
exit_error($GLOBALS["Language"]->getText('include_exit', 'info'), $GLOBALS["Language"]->getText('include_exit', 'mail_list_no_perm'));
}
if (!mail_is_list_active($list_id)) {
exit_error($GLOBALS["Language"]->getText('global', 'error'), $GLOBALS["Language"]->getText('plugin_forumml', 'wrong_list'));
}
}
$message_posted = false;
// If message is posted, send a mail
if ($request->isPost() && $request->exist('post')) {
// Checks if mail subject is empty
$vSub = new Valid_String('subject');
$vSub->required();
if (!$request->valid($vSub)) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_forumml', 'type_subject'));
} else {
// process the mail
$return = plugin_forumml_process_mail($p);
if ($return) {
$message_posted = true;
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('plugin_forumml', 'delay_redirection', array($p->getThemePath() . "/images/ic/spinner-greenie.gif", $group_id, $list_id, 0)), CODENDI_PURIFIER_DISABLED);
}
}
} else {
$GLOBALS['Response']->addFeedback('warning', $GLOBALS['Language']->getText('plugin_forumml', 'warn_post_without_confirm'));
}
$params['title'] = 'ForumML';
$params['group'] = $group_id;
$vRevId2->required();
if ($request->valid($vRevId2)) {
$_rev_id = $request->get('_rev_id');
} else {
$_rev_id = '';
}
}
$vCommiter = new Valid_String('_commiter');
$vCommiter->required();
if ($request->valid($vCommiter)) {
$_commiter = $request->get('_commiter');
} else {
$_commiter = '';
}
$vSrch = new Valid_String('_srch');
$vSrch->required();
if ($request->valid($vSrch)) {
$_srch = $request->get('_srch');
} else {
$_srch = '';
}
$vPv = new Valid_Pv();
$vPv->required();
if ($request->valid($vPv)) {
$pv = $request->get('pv');
} else {
$pv = 0;
}
// No treatment
$request->valid(new Valid_String('SUBMIT'));
$vSet = new Valid_WhiteList('set', array('custom', 'my', 'any'));
/*
News uber-user admin pages
Show all waiting news items except those already rejected.
Admin members of project #$sys_news_group (news project)
can edit/change/approve news items
*/
if ($request->get('post_changes') && $request->get('approve')) {
$validStatus = new Valid_WhiteList('status', array(0, 1, 2));
if ($request->valid($validStatus)) {
$status = $request->get('status');
} else {
$status = 0;
}
$validSummary = new Valid_String('summary');
$validSummary->setErrorMessage('Summary is required');
$validSummary->required();
$validDetails = new Valid_Text('details');
if ($request->valid($validSummary) && $request->valid($validDetails)) {
if ($status == 1) {
/*
Update the db so the item shows on the home page
*/
$sql = "UPDATE news_bytes SET is_approved='1', date='" . time() . "', " . "summary='" . db_es(htmlspecialchars($request->get('summary'))) . "', details='" . db_es(htmlspecialchars($request->get('details'))) . "' WHERE id=" . db_ei($id);
$result = db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$GLOBALS['Response']->addFeedback('error', $Language->getText('news_admin_index', 'update_err'));
} else {
$GLOBALS['Response']->addFeedback('info', $Language->getText('news_admin_index', 'newsbyte_updated'));
}
} else {
if ($status == 2) {
require_once 'my_utils.php';
$request = HTTPRequest::instance();
$vId = new Valid_UInt('bookmark_id');
$vId->setErrorMessage('bookmark_id is required');
$vId->required();
if (!$request->valid($vId)) {
$GLOBALS['Response']->redirect('/my');
} else {
$bookmark_id = (int) $request->get('bookmark_id');
}
$vUrl = new Valid_String('bookmark_url');
$vUrl->setErrorMessage('Url is required');
$vUrl->required();
$vTitle = new Valid_String('bookmark_title');
$vTitle->setErrorMessage('Title is required');
$vTitle->required();
$bookmark_url_id = '/my/bookmark_edit.php?bookmark_id=' . $bookmark_id;
$csrf_token = new CSRFSynchronizerToken($bookmark_url_id);
if ($request->isPost() && $request->valid($vUrl) && $request->valid($vTitle)) {
$csrf_token->check();
$bookmark_url = $request->get('bookmark_url');
$bookmark_title = $request->get('bookmark_title');
my_check_bookmark_URL($bookmark_url, $bookmark_url_id);
bookmark_edit($bookmark_id, $bookmark_url, $bookmark_title);
$GLOBALS['Response']->redirect('/my');
}
$purifier = Codendi_HTMLPurifier::instance();
$HTML->header(array("title" => $Language->getText('bookmark_edit', 'title')));
print "<H3>" . $Language->getText('bookmark_edit', 'title') . "</H3>\n";
$result = db_query("SELECT * from user_bookmarks where " . "bookmark_id=" . db_ei($bookmark_id) . " and user_id=" . db_ei(user_getid()));
if ($result) {
private function linkLDAPGroup($ldapUserGroupManager)
{
$vBindWithGroup = new Valid_String('bind_with_group');
$vBindWithGroup->required();
$this->bindOption = $this->getBindOption();
$this->synchro = $this->getSynchro();
if ($this->request->valid($vBindWithGroup)) {
if ($this->request->existAndNonEmpty('confirm')) {
//
// Perform ProjectUGroup <-> LDAP Group synchro
//
$ldapUserGroupManager->bindWithLdap($this->bindOption, $this->synchro);
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('project_ugroup_binding', 'link_ldap_group', array($this->request->get('bind_with_group'))));
$this->redirect();
} elseif ($this->request->exist('cancel')) {
// Display the screen below!
continue;
} else {
if ($ldapUserGroupManager->getGroupDn()) {
$view = new Project_Admin_UGroup_View_UGroupAction($this->ugroup, $this->ugroup_binding, $ldapUserGroupManager, $this->request, $this->bindOption, $this->synchro);
$this->render($view);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('project_ugroup_binding', 'ldap_group_error', array($this->request->get('bind_with_group'))));
$this->edit_directory_group($this->bindOption, $this->synchro);
}
}
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('project_ugroup_binding', 'ldap_group_empty'));
$this->edit_directory_group();
}
}
function create($request)
{
$content_id = false;
$vUrl = new Valid_String('url');
$vUrl->setErrorMessage("Can't add empty rss url");
$vUrl->required();
if ($request->validInArray('rss', $vUrl)) {
$rss = $request->get('rss');
$vTitle = new Valid_String('title');
$vTitle->required();
if (!$request->validInArray('rss', $vTitle)) {
require_once 'common/rss/libs/SimplePie/simplepie.inc';
if (!is_dir($GLOBALS['codendi_cache_dir'] . '/rss')) {
mkdir($GLOBALS['codendi_cache_dir'] . '/rss');
}
$rss_reader = new SimplePie($rss['url'], $GLOBALS['codendi_cache_dir'] . '/rss', null, $GLOBALS['sys_proxy']);
$rss['title'] = $rss_reader->get_title();
}
$sql = 'INSERT INTO widget_rss (owner_id, owner_type, title, url) VALUES (' . $this->owner_id . ", '" . $this->owner_type . "', '" . db_escape_string($rss['title']) . "', '" . db_escape_string($rss['url']) . "')";
$res = db_query($sql);
$content_id = db_insertid($res);
}
return $content_id;
}
/**
* Validate request values
*
* @param HTTPRequest $request request containing form values
*
* @return Array
*/
function validateRequest($request)
{
$status = true;
$invalid = array();
$valid = new Valid_String('request_summary');
$valid->required();
$summary = trim($request->get('request_summary'));
if ($request->valid($valid) && strlen($summary) < self::MAX_SUMMARY_LENGTH && $summary != '') {
$params['summary'] = $summary;
} else {
$status = false;
$invalid[] = $GLOBALS['Language']->getText('plugin_requesthelp', 'summary');
}
$valid = new Valid_Text('request_description');
$valid->required();
$description = trim($request->get('request_description'));
$defaultDescription = $GLOBALS['Language']->getText('plugin_requesthelp', 'requesthelp_default_description');
if ($request->valid($valid) && strlen($description) < self::MAX_DESCRIPTION_LENGTH && $description != '' && $description != $defaultDescription) {
$params['description'] = $description;
} else {
$status = false;
$invalid[] = 'Description';
}
$valid = new Valid_UInt('type');
$valid->required();
if ($request->valid($valid)) {
$requestType = $request->get('type');
$params['type'] = $requestType;
switch ($requestType) {
case RequestHelp::TYPE_SUPPORT:
$params['text_type'] = $this->_getPluginProperty('support_request');
break;
case RequestHelp::TYPE_ENHANCEMENT:
$params['text_type'] = $this->_getPluginProperty('enhancement_request');
break;
default:
$status = false;
$invalid[] = 'Type';
break;
}
} else {
$status = false;
$invalid[] = 'Type';
}
$valid = new Valid_UInt('severity');
$valid->required();
if ($request->valid($valid)) {
$severity = $request->get('severity');
$params['severity'] = $severity;
switch ($severity) {
case RequestHelp::SEVERITY_MINOR:
$params['text_severity'] = 'Minor';
break;
case RequestHelp::SEVERITY_SERIOUS:
$params['text_severity'] = 'Serious';
break;
case RequestHelp::SEVERITY_CRITICAL:
$params['text_severity'] = 'Critical';
break;
default:
$status = false;
$invalid[] = $GLOBALS['Language']->getText('plugin_requesthelp', 'severity');
break;
}
} else {
$status = false;
$invalid[] = $GLOBALS['Language']->getText('plugin_requesthelp', 'severity');
}
$cc = array();
$mails = array_map('trim', preg_split('/[,;]/', $request->get('cc')));
$rule = new Rule_Email();
$um = $this->_getUserManager();
$invalidCc = array();
foreach ($mails as $mail) {
if ($rule->isValid($mail)) {
$cc[] = $mail;
} else {
if (trim($mail) != '') {
$user = $um->findUser($mail);
if ($user) {
$mail = $user->getUserName();
if ($mail) {
$cc[] = $mail;
} else {
$invalidCc[] = $mail;
}
} else {
$invalidCc[] = $mail;
}
}
}
}
if (!empty($invalidCc)) {
$c = $this->getController();
$c->addWarn($GLOBALS['Language']->getText('plugin_requesthelp', 'requesthelp_invalid_cc', implode(", ", $invalidCc)));
}
$params['cc'] = implode(";", $cc);
return array('status' => $status, 'params' => $params, 'invalid' => $invalid);
}
//frs valid
$header = array('valid' => true);
} else {
//frs non valid
$errors = $validator->getErrors();
$feedback = new Feedback();
$feedback->log('error', $errors[0]);
$header = array('valid' => false, 'msg' => $feedback->fetch());
}
header(json_header($header));
}
} else {
if ($action == 'validator_frs_update') {
$vName = new Valid_String('name');
$vDate = new Valid_String('date');
$vDate->required();
$vPackageId = new Valid_UInt('package_id');
$vPackageId->required();
$vReleaseId = new Valid_UInt('release_id');
$vReleaseId->required();
$vGroupId = new Valid_GroupId();
$vGroupId->required();
if ($request->valid($vName) && $request->valid($vDate) && $request->valid($vGroupId) && $request->valid($vPackageId) && $request->valid($vReleaseId)) {
$name = $request->get('name');
$package_id = $request->get('package_id');
$date = $request->get('date');
$group_id = $request->get('group_id');
$release_id = $request->get('release_id');
$validator = new frsValidator();
$release = array('name' => $name, 'release_id' => $release_id, 'package_id' => $package_id, 'date' => $date);
if ($validator->isValidForUpdate($release, $group_id)) {
*
* You should have received a copy of the GNU General Public License
* along with Codendi; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
require_once 'pre.php';
$pluginManager = PluginManager::instance();
$ldapPlugin = $pluginManager->getPluginByName('ldap');
if ($ldapPlugin && $pluginManager->isPluginAvailable($ldapPlugin)) {
$pluginPath = $ldapPlugin->getPluginPath();
} else {
return;
}
$groupList = array();
$vGroupName = new Valid_String('ldap_group_name');
$vGroupName->required();
if ($request->valid($vGroupName)) {
$ldap = $ldapPlugin->getLdap();
$lri = $ldap->searchGroupAsYouType($request->get('ldap_group_name'), 15);
if ($lri !== false) {
while ($lri->valid()) {
$lr = $lri->current();
$groupList[] = $lr->getCommonName();
$lri->next();
}
if ($ldap->getErrno() == LDAP::ERR_SIZELIMIT) {
$groupList[] = "<strong>...</strong>";
}
}
}
$purifier = Codendi_HTMLPurifier::instance();
} else {
if ($procname == "") {
$feedback .= " " . $Language->getText('file_admin_manageprocessors', 'proc_fill', $Language->getText('file_file_utils', 'proc_name'));
} else {
file_utils_add_proc($procname, $procrank);
}
}
} else {
$feedback .= $Language->getText('file_file_utils', 'add_proc_fail');
}
}
$vProcId = new Valid_UInt('proc_id');
$vProcId->required();
$vUpdate = new Valid_String('update');
$vProcessName = new Valid_String('processname');
$vProcessName->required();
$vProcessRank = new Valid_UInt('processrank');
$vProcessRank->required();
if ($request->isPost() && $request->existAndNonEmpty('update')) {
# update a processor
if ($request->valid($vProcessName) && $request->valid($vProcessRank) && $request->valid($vProcId) && $request->valid($vUpdate)) {
$proc_id = $request->get('proc_id');
$processname = $request->get('processname');
$processrank = $request->get('processrank');
if ($processrank == "") {
$feedback .= " " . $Language->getText('file_admin_manageprocessors', 'proc_fill', $Language->getText('file_file_utils', 'proc_rank'));
} else {
if ($processname == "") {
$feedback .= " " . $Language->getText('file_admin_manageprocessors', 'proc_fill', $Language->getText('file_file_utils', 'proc_name'));
} else {
file_utils_update_proc($proc_id, $processname, $processrank);
function create(&$request)
{
$content_id = false;
$vUrl = new Valid_String('url');
$vUrl->setErrorMessage("Can't add empty image url");
$vUrl->required();
if ($request->validInArray('image', $vUrl)) {
$image = $request->get('image');
$vTitle = new Valid_String('title');
$vTitle->required();
if (!$request->validInArray('image', $vTitle)) {
$image['title'] = 'Image';
}
$sql = 'INSERT INTO widget_image (owner_id, owner_type, title, url) VALUES (' . $this->owner_id . ", '" . $this->owner_type . "', '" . db_escape_string($image['title']) . "', '" . db_escape_string($image['url']) . "')";
$res = db_query($sql);
$content_id = db_insertid($res);
}
return $content_id;
}
if ($request->existAndNonEmpty('synchronize')) {
$synchro = LDAP_GroupManager::AUTO_SYNCHRONIZATION;
}
$hp = Codendi_HTMLPurifier::instance();
$btn_update = $Language->getText('plugin_ldap', 'ugroup_edit_btn_update');
$btn_unlink = $Language->getText('plugin_ldap', 'ugroup_edit_btn_unlink');
$vSubmit = new Valid_WhiteList('submit', array($btn_update, $btn_unlink));
$vSubmit->required();
if ($request->isPost() && $request->valid($vSubmit)) {
if ($request->get('submit') == $btn_unlink) {
if ($ldapUserGroupManager->unbindFromBindLdap()) {
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_ldap', 'ugroup_manager_unlink'));
}
} else {
$vBindWithGroup = new Valid_String('bind_with_group');
$vBindWithGroup->required();
if ($request->valid($vBindWithGroup)) {
if ($request->existAndNonEmpty('confirm')) {
//
// Perform Ugroup <-> LDAP Group synchro
//
$ldapUserGroupManager->bindWithLdap($bindOption, $synchro);
} elseif ($request->exist('cancel')) {
// Display the screen below!
continue;
} else {
//
// Display to user what will be done with Ugroup members.
//
$toRemove = $ldapUserGroupManager->getUsersToBeRemoved($bindOption);
$toAdd = $ldapUserGroupManager->getUsersToBeAdded($bindOption);
$user_permissions = array();
$user_permissions['admin_flags'] = ${$admin_flags};
foreach ($flags as $flag) {
if (isset(${${$flag}})) {
$user_permissions[$flag] = ${${$flag}};
}
}
$em->processEvent('project_admin_change_user_permissions', array('group_id' => $group_id, 'user_id' => $row_dev['user_id'], 'user_permissions' => $user_permissions, 'previous_permissions' => $row_dev));
}
}
if (count($row_dev) > $nb_errors) {
$GLOBALS['Response']->addFeedback('info', $Language->getText('project_admin_userperms', 'perm_upd'));
}
}
$vPattern = new Valid_String('search');
$vPattern->required();
if ($request->valid($vPattern)) {
$pattern = $request->get('search');
} else {
$pattern = '';
}
$offset = $request->getValidated('offset', 'uint', 0);
if (!$offset) {
$offset = 0;
}
$number_per_page = 25;
$sql = array();
$sql['select'] = "SELECT SQL_CALC_FOUND_ROWS user.user_name AS user_name,\n user.realname AS realname,\n user.user_id AS user_id,\n user_group.admin_flags,\n user_group.bug_flags,\n user_group.forum_flags,\n user_group.project_flags,\n user_group.patch_flags,\n user_group.doc_flags,\n user_group.file_flags,\n user_group.support_flags,\n user_group.wiki_flags,\n user_group.svn_flags,\n user_group.news_flags";
$sql['from'] = " FROM user,user_group ";
$sql['where'] = " WHERE user.user_id = user_group.user_id \n AND user_group.group_id = " . db_ei($group_id);
if ($request->exist('search') && $request->get('search') != null) {
$vThreadId = new Valid_UInt('thread_id');
$vThreadId->required();
if ($request->valid($vMonitor) && $request->valid($vThreadId)) {
if (user_isloggedin()) {
if (!user_monitor_forum($forum_id, user_getid())) {
if (!forum_thread_add_monitor($forum_id, $request->get('thread_id'), user_getid())) {
$feedback .= $Language->getText('forum_forum_utils', 'insert_err');
}
}
}
}
// Note: there is a 'msg_id' send but not used here.
$vFollowUp = new Valid_UInt('is_followup_to');
$vFollowUp->required();
$vSubject = new Valid_String('subject');
$vSubject->required();
$vSubject->setErrorMessage($GLOBALS['Language']->getText('forum_forum_utils', 'include_body_and_subject'));
$vBody = new Valid_Text('body');
$vBody->required();
$vBody->setErrorMessage($GLOBALS['Language']->getText('forum_forum_utils', 'include_body_and_subject'));
if ($request->valid($vThreadId) && $request->valid($vFollowUp) && $request->valid($vSubject) && $request->valid($vBody)) {
post_message($request->get('thread_id'), $request->get('is_followup_to'), $request->get('subject'), $request->get('body'), $forum_id);
}
}
/*
set up some defaults if they aren't provided
*/
// Offset
if ($request->valid(new Valid_UInt('offset'))) {
$offset = $request->get('offset');
} else {
public function _doDispatchForkRepositories($request, $user)
{
$this->addAction('getProjectRepositoryList', array($this->groupId));
$this->checkSynchronizerToken('/plugins/git/?group_id=' . (int) $this->groupId . '&action=fork_repositories');
$repos_ids = array();
$valid = new Valid_String('path');
$valid->required();
$path = '';
if ($request->valid($valid)) {
$path = trim($request->get('path'));
}
$path = userRepoPath($user->getUserName(), $path);
$forkPermissions = $this->getForkPermissionsFromRequest($request);
$valid = new Valid_String('repos');
$valid->required();
$repos_ids = explode(',', $request->get('repos'));
$to_project = $this->projectManager->getProject($this->groupId);
$repos = $this->getRepositoriesFromIds($repos_ids);
$scope = GitRepository::REPO_SCOPE_INDIVIDUAL;
$redirect_url = '/plugins/git/?group_id=' . (int) $this->groupId . '&user='******'fork', array($repos, $to_project, $path, $scope, $user, $GLOBALS['HTML'], $redirect_url, $forkPermissions));
}
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Codendi; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
require_once 'pre.php';
require_once 'common/event/EventManager.class.php';
require_once 'common/dao/UserDao.class.php';
//
// Input treatment
//
$vUserName = new Valid_String('name');
$vUserName->required();
if ($request->valid($vUserName)) {
$userName = $request->get('name');
} else {
// Finish script, no output
exit;
}
$codendiUserOnly = false;
$vCodendiUserOnly = new Valid_UInt('codendi_user_only');
if ($request->valid($vCodendiUserOnly)) {
if ($request->get('codendi_user_only') == 1) {
$codendiUserOnly = true;
}
}
// Number of user to display
$limit = 15;
function _dispatch($view, $item, $root, $get_show_view)
{
$item_factory =& $this->_getItemFactory();
$user =& $this->getUser();
$dpm = $this->_getPermissionsManager();
switch ($view) {
case 'show':
if ($item->isObsolete()) {
if (!$this->userCanAdmin($item->getId())) {
// redirect to details view
$this->view = 'Details';
break;
}
}
$this->view = $item->accept($get_show_view, $this->request->get('report'));
break;
case 'expandFolder':
$this->action = 'expandFolder';
if ($this->request->get('view') == 'ulsubfolder') {
$this->view = 'RawTree';
} else {
$this->_viewParams['item'] =& $root;
$this->view = 'Tree';
}
break;
case 'getRootFolder':
$this->_viewParams['action_result'] = $root->getId();
$this->_setView('getRootFolder');
break;
case 'collapseFolder':
$this->action = 'collapseFolder';
$this->_viewParams['item'] =& $root;
$this->view = 'Tree';
break;
case 'admin_set_permissions':
$this->action = $view;
$this->view = 'Admin_Permissions';
break;
case 'admin_change_view':
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'admin_view', 'id' => $item->getParentId());
$this->view = 'RedirectAfterCrud';
break;
case 'admin':
case 'details':
$this->view = ucfirst($view);
break;
case 'admin_view':
$this->view = 'Admin_View';
break;
case 'admin_permissions':
$this->view = 'Admin_Permissions';
break;
case 'admin_metadata':
$this->view = 'Admin_Metadata';
$mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
$mdIter =& $mdFactory->getMetadataForGroup();
$this->_viewParams['mdIter'] =& $mdIter;
break;
case 'admin_md_details':
// Sanitize
$_mdLabel = $this->request->get('md');
$md = null;
$mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
$valid = $this->validateMetadata($_mdLabel, $md);
if (!$valid) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_invalid_md'));
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
} else {
$this->view = 'Admin_MetadataDetails';
$mdFactory->appendMetadataValueList($md, false);
$this->_viewParams['md'] =& $md;
}
break;
case 'admin_md_details_update':
$_name = trim($this->request->get('name'));
$_label = $this->request->get('label');
$mdFactory = $this->_getMetadataFactory($this->_viewParams['group_id']);
if ($mdFactory->isValidLabel($_label)) {
$this->_viewParams['default_url_params'] = array('action' => 'admin_md_details', 'md' => $_label);
if ($mdFactory->isHardCodedMetadata($_label) || $this->validateUpdateMetadata($_name, $_label)) {
$this->action = $view;
}
} else {
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
}
$this->view = 'RedirectAfterCrud';
break;
case 'admin_create_metadata':
$_name = trim($this->request->get('name'));
$valid = $this->validateNewMetadata($_name);
if ($valid) {
$this->action = $view;
}
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
$this->view = 'RedirectAfterCrud';
break;
case 'admin_delete_metadata':
$valid = false;
// md
// Sanitize
$_mdLabel = $this->request->get('md');
// Valid
$logmsg = '';
$mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
$md = null;
$vld = $this->validateMetadata($_mdLabel, $md);
if ($vld) {
if (!$mdFactory->isHardCodedMetadata($md->getLabel())) {
$valid = true;
} else {
$logmsg = $GLOBALS['Language']->getText('plugin_docman', 'error_cannot_delete_hc_md');
}
} else {
$logmsg = $GLOBALS['Language']->getText('plugin_docman', 'error_invalid_md');
}
if (!$valid) {
if ($logmsg != '') {
$this->feedback->log('error', $logmsg);
}
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
} else {
$this->action = $view;
$this->_actionParams['md'] = $md;
}
break;
case 'admin_create_love':
$mdFactory = $this->_getMetadataFactory($this->_viewParams['group_id']);
if ($mdFactory->isValidLabel($this->request->get('md'))) {
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'admin_md_details', 'md' => $this->request->get('md'));
} else {
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
}
$this->view = 'RedirectAfterCrud';
break;
case 'admin_delete_love':
$mdFactory = $this->_getMetadataFactory($this->_viewParams['group_id']);
if ($mdFactory->isValidLabel($this->request->get('md'))) {
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'admin_md_details', 'md' => $this->request->get('md'));
} else {
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
}
$this->view = 'RedirectAfterCrud';
break;
case 'admin_display_love':
$valid = false;
// Required params:
// md (string [a-z_]+)
// loveid (int)
// Sanitize
$_mdLabel = $this->request->get('md');
$_loveId = (int) $this->request->get('loveid');
// Valid
$md = null;
$love = null;
$this->validateMetadata($_mdLabel, $md);
if ($md !== null && $md->getLabel() !== 'status') {
$valid = $this->validateLove($_loveId, $md, $love);
}
if (!$valid) {
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
} else {
$mdFactory = new Docman_MetadataFactory($this->groupId);
$mdFactory->appendMetadataValueList($md, false);
$this->view = 'Admin_MetadataDetailsUpdateLove';
$this->_viewParams['md'] = $md;
$this->_viewParams['love'] = $love;
}
break;
case 'admin_update_love':
$valid = false;
// Required params:
// md (string [a-z_]+)
// loveid (int)
//
// rank (beg, end, [0-9]+)
// name
// descr
// Sanitize
/// @todo sanitize md, rank, name, descr
$_mdLabel = $this->request->get('md');
$_loveId = (int) $this->request->get('loveid');
$_rank = $this->request->get('rank');
$_name = $this->request->get('name');
$_descr = $this->request->get('descr');
// Valid
$md = null;
$love = null;
$this->validateMetadata($_mdLabel, $md);
if ($md !== null && $md->getLabel() !== 'status') {
$valid = $this->validateLove($_loveId, $md, $love);
}
if (!$valid) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_md_or_love'));
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
} else {
// Set parameters
$love->setRank($_rank);
$love->setName($_name);
$love->setDescription($_descr);
// define action
$this->action = $view;
$this->_actionParams['md'] = $md;
$this->_actionParams['love'] = $love;
}
break;
case 'admin_import_metadata_check':
$ok = false;
if ($this->request->existAndNonEmpty('plugin_docman_metadata_import_group')) {
$pm = ProjectManager::instance();
$srcGroup = $pm->getProjectFromAutocompleter($this->request->get('plugin_docman_metadata_import_group'));
if ($srcGroup && !$srcGroup->isError()) {
$this->_viewParams['sSrcGroupId'] = $srcGroup->getGroupId();
$this->view = 'Admin_MetadataImport';
$ok = true;
}
}
if (!$ok) {
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
}
break;
case 'admin_import_metadata':
if ($this->request->existAndNonEmpty('confirm')) {
if ($this->request->existAndNonEmpty('plugin_docman_metadata_import_group')) {
$pm = ProjectManager::instance();
$srcGroup = $pm->getProjectFromAutocompleter($this->request->get('plugin_docman_metadata_import_group'));
$srcGroupId = $srcGroup->getGroupId();
$this->_actionParams['sSrcGroupId'] = $srcGroupId;
$this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
$this->action = $view;
} else {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'missing_param'));
$this->feedback->log('info', $GLOBALS['Language']->getText('plugin_docman', 'operation_canceled'));
}
} else {
$this->feedback->log('info', $GLOBALS['Language']->getText('plugin_docman', 'operation_canceled'));
}
$this->view = 'RedirectAfterCrud';
$this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
break;
case 'admin_obsolete':
$this->view = 'Admin_Obsolete';
break;
case 'admin_lock_infos':
$this->view = 'Admin_LockInfos';
break;
case 'move':
if (!$this->userCanWrite($item->getId()) || !$this->userCanWrite($item->getParentId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_move'));
$this->view = 'Details';
} else {
if ($this->request->exist('quick_move')) {
$this->action = 'move';
$this->view = null;
} else {
$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
$this->view = ucfirst($view);
}
}
break;
case 'newGlobalDocument':
if ($dpm->oneFolderIsWritable($user)) {
$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
$this->view = 'New_FolderSelection';
} else {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_create'));
$this->view = $item->accept($get_show_view, $this->request->get('report'));
}
break;
case 'newDocument':
case 'newFolder':
if ($this->request->exist('cancel')) {
$this->_set_redirectView();
} else {
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_create'));
$this->view = 'Details';
} else {
//$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
$this->_viewParams['ordering'] = $this->request->get('ordering');
if ($this->request->get('item_type') == PLUGIN_DOCMAN_ITEM_TYPE_FOLDER) {
$view = 'newFolder';
}
$this->view = ucfirst($view);
}
}
break;
case 'monitor':
if ($this->request->exist('monitor')) {
$this->_actionParams['monitor'] = $this->request->get('monitor');
if ($this->request->exist('cascade')) {
$this->_actionParams['cascade'] = $this->request->get('cascade');
}
$this->_actionParams['item'] =& $item;
$this->action = 'monitor';
}
$this->_setView('Details');
break;
case 'remove_monitoring':
$this->_actionParams['listeners_to_delete'] = array();
if ($this->userCanManage($item->getId())) {
if ($this->request->exist('listeners_to_delete')) {
$um = UserManager::instance();
$vUserId = new Valid_UInt('listeners_to_delete');
if ($this->request->validArray($vUserId)) {
$userIds = $this->request->get('listeners_to_delete');
$users = array();
foreach ($userIds as $userId) {
$users[] = $um->getUserById($userId);
}
$this->_actionParams['listeners_to_delete'] = $users;
$this->_actionParams['item'] = $item;
}
}
$this->action = 'remove_monitoring';
$this->_setView('Details');
} else {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'notifications_permission_denied'));
$this->_setView('Details');
}
break;
case 'add_monitoring':
$this->_actionParams['listeners_to_add'] = array();
$this->_actionParams['invalid_users'] = false;
if ($this->userCanManage($item->getId())) {
if ($this->request->exist('listeners_to_add')) {
$um = UserManager::instance();
$vUser = new Valid_Text('listeners_to_add');
if ($this->request->valid($vUser)) {
$usernames = array_map('trim', preg_split('/[,;]/', $this->request->get('listeners_to_add')));
$users = array();
$vUserName = new Valid_String();
$vUserName->required();
foreach ($usernames as $username) {
if ($vUserName->validate($username) && ($user = $um->findUser($username))) {
$users[] = $user;
} else {
$this->_actionParams['invalid_users'] = true;
}
}
if ($this->request->exist('monitor_cascade')) {
$this->_actionParams['monitor_cascade'] = $this->request->get('monitor_cascade');
}
$this->_actionParams['listeners_to_add'] = $users;
$this->_actionParams['item'] = $item;
}
}
$this->action = 'add_monitoring';
$this->_setView('Details');
} else {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'notifications_permission_denied'));
$this->_setView('Details');
}
break;
case 'move_here':
if (!$this->request->exist('item_to_move')) {
$this->feedback->log('error', 'Missing parameter.');
$this->view = 'DocmanError';
} else {
$item_to_move =& $item_factory->getItemFromDb($this->request->get('item_to_move'));
$this->view = null;
if ($this->request->exist('confirm')) {
if (!$item_to_move || !($this->userCanWrite($item->getId()) && $this->userCanWrite($item_to_move->getId()) && $this->userCanWrite($item_to_move->getParentId()))) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_move'));
$this->_set_moveView_errorPerms();
} else {
$this->action = 'move';
}
}
if (!$this->view) {
$this->_set_redirectView();
}
}
break;
case 'permissions':
if (!$this->userCanManage($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_perms'));
$this->view = 'Details';
} else {
$this->action = 'permissions';
$this->view = 'Details';
}
break;
case 'confirmDelete':
if (!$this->userCanWrite($item->getId()) || !$this->userCanWrite($item->getParentId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_delete'));
$this->view = 'Details';
} else {
$this->view = 'Delete';
}
break;
case 'action_new_version':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
$this->view = 'Details';
} else {
$dPm = $this->_getPermissionsManager();
if ($dPm->getLockFactory()->itemIsLocked($item)) {
$this->feedback->log('warning', $GLOBALS['Language']->getText('plugin_docman', 'event_lock_add'));
}
$this->view = 'NewVersion';
}
break;
case 'action_update':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
$this->view = 'Details';
} else {
$this->view = 'Update';
}
break;
case 'action_copy':
//@XSS: validate action against a regexp.
$_action = $this->request->get('orig_action');
$_id = (int) $this->request->get('orig_id');
$this->_actionParams['item'] = $item;
$this->action = $view;
if (!$this->request->exist('ajax_copy')) {
$this->_viewParams['default_url_params'] = array('action' => $_action, 'id' => $_id);
$this->view = 'RedirectAfterCrud';
}
break;
case 'action_cut':
$_action = $this->request->get('orig_action');
$_id = (int) $this->request->get('orig_id');
$this->_actionParams['item'] = $item;
$this->action = $view;
if (!$this->request->exist('ajax_cut')) {
$this->_viewParams['default_url_params'] = array('action' => $_action, 'id' => $_id);
$this->view = 'RedirectAfterCrud';
}
break;
case 'action_paste':
$itemToPaste = null;
$mode = null;
$allowed = $this->checkPasteIsAllowed($item, $itemToPaste, $mode);
if (!$allowed) {
$this->view = 'Details';
} else {
$this->_viewParams['itemToPaste'] = $itemToPaste;
$this->_viewParams['srcMode'] = $mode;
$this->view = 'Paste';
}
break;
case 'paste_cancel':
// intend to be only called through ajax call
$item_factory->delCopyPreference();
$item_factory->delCutPreference();
break;
case 'paste':
if ($this->request->exist('cancel')) {
$this->_viewParams['default_url_params'] = array('action' => 'show');
$this->view = 'RedirectAfterCrud';
} else {
$itemToPaste = null;
$mode = null;
$allowed = $this->checkPasteIsAllowed($item, $itemToPaste, $mode);
if (!$allowed) {
$this->view = 'Details';
} else {
$this->_viewParams['importMd'] = false;
if ($this->userCanAdmin()) {
if ($this->request->exist('import_md') && $this->request->get('import_md') == '1') {
$this->_viewParams['importMd'] = true;
}
}
$this->_viewParams['item'] = $item;
$this->_viewParams['rank'] = $this->request->get('rank');
$this->_viewParams['itemToPaste'] = $itemToPaste;
$this->_viewParams['srcMode'] = $mode;
/*$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'show',
'id' => $item->getId());
$this->view = 'RedirectAfterCrud';*/
$this->_viewParams['item'] = $item;
$this->_viewParams['rank'] = $this->request->get('rank');
$this->_viewParams['itemToPaste'] = $itemToPaste;
$this->_viewParams['srcMode'] = $mode;
$this->view = 'PasteInProgress';
}
}
break;
case 'approval_create':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->view = 'ApprovalCreate';
}
break;
case 'approval_delete':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
if ($this->request->exist('confirm')) {
$this->action = $view;
$this->_actionParams['item'] = $item;
// Version
$vVersion = new Valid_UInt('version');
$vVersion->required();
if ($this->request->valid($vVersion)) {
$this->_actionParams['version'] = $this->request->get('version');
} else {
$this->_actionParams['version'] = null;
}
}
$this->_viewParams['default_url_params'] = array('action' => 'details', 'section' => 'approval', 'id' => $item->getId());
$this->view = 'RedirectAfterCrud';
}
break;
case 'approval_update':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->_actionParams['item'] = $item;
// Settings
$this->_actionParams['status'] = (int) $this->request->get('status');
$this->_actionParams['description'] = $this->request->get('description');
$this->_actionParams['notification'] = (int) $this->request->get('notification');
$this->_actionParams['reminder'] = $this->request->get('reminder');
$this->_actionParams['occurence'] = (int) $this->request->get('occurence');
$this->_actionParams['period'] = (int) $this->request->get('period');
// Users
$this->_actionParams['user_list'] = $this->request->get('user_list');
$this->_actionParams['ugroup_list'] = null;
if (is_array($this->request->get('ugroup_list'))) {
$this->_actionParams['ugroup_list'] = array_map('intval', $this->request->get('ugroup_list'));
}
// Selected users
$this->_actionParams['sel_user'] = null;
if (is_array($this->request->get('sel_user'))) {
$this->_actionParams['sel_user'] = array_map('intval', $this->request->get('sel_user'));
}
$allowedAct = array('100', 'mail', 'del');
$this->_actionParams['sel_user_act'] = null;
if (in_array($this->request->get('sel_user_act'), $allowedAct)) {
$this->_actionParams['sel_user_act'] = $this->request->get('sel_user_act');
}
// Resend
$this->_actionParams['resend_notif'] = false;
if ($this->request->get('resend_notif') == 'yes') {
$this->_actionParams['resend_notif'] = true;
}
// Version
$vVersion = new Valid_UInt('version');
$vVersion->required();
if ($this->request->valid($vVersion)) {
$this->_actionParams['version'] = $this->request->get('version');
} else {
$this->_actionParams['version'] = null;
}
// Import
$vImport = new Valid_WhiteList('app_table_import', array('copy', 'reset', 'empty'));
$vImport->required();
$this->_actionParams['import'] = $this->request->getValidated('app_table_import', $vImport, false);
// Owner
$vOwner = new Valid_String('table_owner');
$vOwner->required();
$this->_actionParams['table_owner'] = $this->request->getValidated('table_owner', $vOwner, false);
//
// Special handeling of table deletion
if ($this->_actionParams['status'] == PLUGIN_DOCMAN_APPROVAL_TABLE_DELETED) {
$this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'delete' => 'confirm', 'id' => $item->getId());
} else {
// Action!
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
}
if ($this->_actionParams['version'] !== null) {
$this->_viewParams['default_url_params']['version'] = $this->_actionParams['version'];
}
$this->view = 'RedirectAfterCrud';
}
break;
case 'approval_upd_user':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->_actionParams['item'] = $item;
$this->_actionParams['user_id'] = (int) $this->request->get('user_id');
$this->_actionParams['rank'] = $this->request->get('rank');
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
$this->view = 'RedirectAfterCrud';
}
break;
case 'approval_del_user':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->_actionParams['item'] = $item;
$this->_actionParams['user_id'] = (int) $this->request->get('user_id');
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
$this->view = 'RedirectAfterCrud';
}
break;
case 'approval_user_commit':
$atf =& Docman_ApprovalTableFactoriesFactory::getFromItem($item);
$table = $atf->getTable();
$atrf =& new Docman_ApprovalTableReviewerFactory($table, $item);
if (!$this->userCanRead($item->getId()) || !$atrf->isReviewer($user->getId()) || !$table->isEnabled()) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->_actionParams['item'] = $item;
$svState = 0;
$sState = (int) $this->request->get('state');
if ($sState >= 0 && $sState < 5) {
$svState = $sState;
}
$this->_actionParams['svState'] = $svState;
$this->_actionParams['sVersion'] = null;
if ($this->request->exist('version')) {
$sVersion = (int) $this->request->get('version');
switch ($item_factory->getItemTypeForItem($item)) {
case PLUGIN_DOCMAN_ITEM_TYPE_WIKI:
if ($sVersion <= 0) {
$sVersion = null;
}
case PLUGIN_DOCMAN_ITEM_TYPE_FILE:
case PLUGIN_DOCMAN_ITEM_TYPE_EMBEDDEDFILE:
// assume ok: do nothing.
break;
default:
$sVersion = null;
}
$this->_actionParams['sVersion'] = $sVersion;
}
$this->_actionParams['usComment'] = $this->request->get('comment');
$this->_actionParams['monitor'] = (int) $this->request->get('monitor');
$this->action = $view;
$this->_viewParams['default_url_params'] = array('action' => 'details', 'section' => 'approval', 'id' => $item->getId());
$this->view = 'RedirectAfterCrud';
}
break;
case 'approval_notif_resend':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $this->txt('error_perms_edit'));
$this->view = 'Details';
} else {
$this->action = $view;
$this->_actionParams['item'] = $item;
$this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
$this->view = 'RedirectAfterCrud';
}
break;
case 'edit':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
$this->view = 'Details';
} else {
$mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
$mdFactory->appendAllListOfValuesToItem($item);
$this->view = 'Edit';
}
break;
case 'delete':
if (!($this->userCanWrite($item->getId()) && $this->userCanWrite($item->getParentId()))) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_delete'));
$this->_set_deleteView_errorPerms();
} else {
if ($this->request->exist('confirm')) {
$this->action = $view;
$this->_set_redirectView();
} else {
$this->view = 'Details';
}
}
break;
case 'deleteVersion':
if (!($this->userCanWrite($item->getId()) && $this->userCanWrite($item->getParentId()))) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_delete'));
$this->_set_deleteView_errorPerms();
} else {
if ($this->request->exist('confirm')) {
$this->action = $view;
$this->_set_redirectView();
} else {
$this->view = 'Details';
}
}
break;
case 'createFolder':
case 'createDocument':
case 'createItem':
if ($this->request->exist('cancel')) {
$this->_set_redirectView();
} else {
$i = $this->request->get('item');
if (!$i || !isset($i['parent_id'])) {
$this->feedback->log('error', 'Missing parameter.');
$this->view = 'DocmanError';
} else {
$parent =& $item_factory->getItemFromDb($i['parent_id']);
if (!$parent || $parent->getGroupId() != $this->getGroupId() || !$this->userCanWrite($parent->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_create'));
$this->_set_createItemView_errorParentDoesNotExist($item, $get_show_view);
} else {
//Validations
$new_item = $this->createItemFromUserInput();
$valid = $this->_validateRequest(array_merge($new_item->accept(new Docman_View_GetFieldsVisitor()), $new_item->accept(new Docman_View_GetSpecificFieldsVisitor(), array('request' => &$this->request))));
if ($user->isMember($this->getGroupId(), 'A') || $user->isMember($this->getGroupId(), 'N1') || $user->isMember($this->getGroupId(), 'N2')) {
$news = $this->request->get('news');
if ($news) {
$is_news_details = isset($news['details']) && trim($news['details']);
$is_news_summary = isset($news['summary']) && trim($news['summary']);
if ($is_news_details && !$is_news_summary) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_create_news_summary'));
$valid = false;
}
if (!$is_news_details && $is_news_summary) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_create_news_details'));
$valid = false;
}
}
}
if ($valid) {
$this->action = $view;
$this->_set_redirectView();
} else {
// Propagate return page
$this->_viewParams['token'] = $this->request->get('token');
$this->_viewParams['force_item'] = $new_item;
$this->_viewParams['force_news'] = $this->request->get('news');
$this->_viewParams['force_permissions'] = $this->request->get('permissions');
$this->_viewParams['force_ordering'] = $this->request->get('ordering');
$this->_viewParams['display_permissions'] = $this->request->exist('user_has_displayed_permissions');
$this->_viewParams['display_news'] = $this->request->exist('user_has_displayed_news');
$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
$this->_set_createItemView_afterCreate($view);
}
}
}
}
break;
case 'update':
$this->_viewParams['recurseOnDocs'] = false;
$this->_actionParams['recurseOnDocs'] = false;
if ($this->request->get('recurse_on_doc') == 1) {
$this->_viewParams['recurseOnDocs'] = true;
$this->_actionParams['recurseOnDocs'] = true;
}
case 'update_wl':
case 'new_version':
if (!$this->userCanWrite($item->getId())) {
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
$this->view = 'Details';
} else {
// For properties update ('update' action), we need to confirm
// the recursive application of metadata update.
if ($view == 'update' && $this->request->exist('recurse') && !$this->request->exist('cancel')) {
$this->_viewParams['recurse'] = $this->request->get('recurse');
if (!$this->request->exist('validate_recurse')) {
$updateConfirmed = false;
} elseif ($this->request->get('validate_recurse') != 'true') {
$updateConfirmed = false;
} else {
$updateConfirmed = true;
}
} else {
$updateConfirmed = true;
}
$valid = true;
if ($this->request->exist('confirm')) {
//Validations
if ($view == 'update') {
$this->updateMetadataFromUserInput($item);
$valid = $this->_validateRequest($item->accept(new Docman_View_GetFieldsVisitor()));
} else {
$this->updateItemFromUserInput($item);
$valid = $this->_validateApprovalTable($this->request, $item) && $this->_validateRequest($item->accept(new Docman_View_GetSpecificFieldsVisitor(), array('request' => &$this->request)));
}
//Actions
if ($valid && $updateConfirmed) {
if ($view == 'update_wl') {
$this->action = 'update';
} else {
$this->action = $view;
}
}
}
//Views
if ($valid && $updateConfirmed) {
if ($redirect_to = Docman_Token::retrieveUrl($this->request->get('token'))) {
$this->_viewParams['redirect_to'] = $redirect_to;
}
$this->view = 'RedirectAfterCrud';
} else {
if ($view == 'update_wl') {
$this->view = 'Update';
} else {
if ($view == 'new_version') {
// Keep fields values
$v = $this->request->get('version');
$this->_viewParams['label'] = $v['label'];
$this->_viewParams['changelog'] = $v['changelog'];
if ($item instanceof Docman_EmbeddedFile) {
$v = $item->getCurrentVersion();
$v->setContent($this->request->get('content'));
}
$this->view = 'NewVersion';
} else {
$mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
$mdFactory->appendAllListOfValuesToItem($item);
if ($this->request->existAndNonEmpty('token')) {
// propagate the token so the user will be
// redirected to the original page even after
// several properties update errors or
// confirmations.
$this->_viewParams['token'] = $this->request->get('token');
}
$this->_viewParams['updateConfirmed'] = $updateConfirmed;
// The item may have changed (new user input)
unset($this->_viewParams['item']);
$this->_viewParams['item'] =& $item;
$this->view = 'Edit';
}
}
}
}
break;
case 'change_view':
$this->action = $view;
break;
case 'install':
$this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_alreadyinstalled'));
$this->view = 'DocmanError';
break;
case 'search':
$this->view = 'Table';
break;
case 'positionWithinFolder':
$this->_viewParams['force_ordering'] = $this->request->get('default_position');
$this->_viewParams['exclude'] = $this->request->get('exclude');
$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
$this->view = ucfirst($view);
break;
case 'permissionsForItem':
$this->_viewParams['user_can_manage'] = $this->userCanManage($item->getId());
$this->view = ucfirst($view);
break;
case 'report_settings':
$this->view = 'ReportSettings';
break;
case 'report_del':
if ($this->request->exist('report_id')) {
$this->_actionParams['sReportId'] = (int) $this->request->get('report_id');
$this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
$this->action = $view;
}
$this->_viewParams['default_url_params'] = array('action' => 'report_settings');
$this->view = 'RedirectAfterCrud';
break;
case 'report_upd':
if ($this->request->exist('report_id')) {
$this->_actionParams['sReportId'] = (int) $this->request->get('report_id');
$this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
$usScope = $this->request->get('scope');
if ($usScope === 'I' || $usScope === 'P') {
$this->_actionParams['sScope'] = $usScope;
}
$this->_actionParams['description'] = $this->request->get('description');
$this->_actionParams['title'] = $this->request->get('title');
$this->_actionParams['sImage'] = (int) $this->request->get('image');
$this->action = $view;
}
$this->_viewParams['default_url_params'] = array('action' => 'report_settings');
$this->view = 'RedirectAfterCrud';
break;
case 'report_import':
if ($this->request->exist('import_search_report_from_group')) {
$pm = ProjectManager::instance();
$srcGroup = $pm->getProjectFromAutocompleter($this->request->get('import_search_report_from_group'));
if ($srcGroup && !$srcGroup->isError()) {
$this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
$this->_actionParams['sImportGroupId'] = $srcGroup->getGroupId();
$this->_actionParams['sImportReportId'] = null;
if ($this->request->exist('import_report_id') && trim($this->request->get('import_report_id')) != '') {
$this->_actionParams['sImportReportId'] = (int) $this->request->get('import_report_id');
}
$this->action = $view;
}
}
$this->_viewParams['default_url_params'] = array('action' => 'report_settings');
$this->view = 'RedirectAfterCrud';
break;
case 'action_lock_add':
$this->_actionParams['item'] = $item;
$this->action = 'action_lock_add';
break;
case 'action_lock_del':
$this->_actionParams['item'] = $item;
$this->action = 'action_lock_del';
break;
case 'ajax_reference_tooltip':
$this->view = 'AjaxReferenceTooltip';
break;
default:
$event_manager =& EventManager::instance();
$eParams = array('view' => $view, 'docmanPath' => $this->pluginPath, 'docmanThemePath' => $this->themePath);
$event_manager->processEvent('plugin_docman_after_dispacher', $eParams);
die(htmlspecialchars($view) . ' is not supported');
break;
}
}
case User::STATUS_VALIDATED_RESTRICTED:
$user->setUserName($request->get('form_loginname'));
break;
default:
$em->processEvent(Event::USER_RENAME, array('user_id' => $user->getId(), 'new_name' => $request->get('form_loginname')));
$GLOBALS['Response']->addFeedback('info', $Language->getText('admin_usergroup', 'rename_user_msg', array($user->getUserName(), $request->get('form_loginname'))));
$GLOBALS['Response']->addFeedback('warning', $Language->getText('admin_usergroup', 'rename_user_warn'));
}
}
} else {
$GLOBALS['Response']->addFeedback('warning', $Language->getText('admin_usergroup', 'rename_user_already_queued'), CODENDI_PURIFIER_DISABLED);
}
}
if ($GLOBALS['sys_auth_type'] == 'ldap') {
$vLdapId = new Valid_String('ldap_id');
$vLdapId->required();
if ($request->existAndNonEmpty('ldap_id') && $request->valid($vLdapId)) {
$user->setLdapId($request->get('ldap_id'));
} else {
$user->setLdapId("");
}
}
// Run the update
if ($um->updateDb($user)) {
$GLOBALS['Response']->addFeedback('info', $Language->getText('admin_usergroup', 'success_upd_u'));
if ($accountActivationEvent) {
$em->processEvent($accountActivationEvent, array('user_id' => $user->getId()));
}
}
if ($user->getUnixStatus() != 'N' && !$user->getUnixUid()) {
$um->assignNextUnixUid($user);
protected function _showProjectAdmins()
{
$html = '';
$hp = Codendi_HTMLPurifier::instance();
$request = HTTPRequest::instance();
$vFunc = new Valid_WhiteList('plugin_admindelegation_func', array('show_admins'));
$vFunc->required();
if ($request->valid($vFunc)) {
$func = $request->get('plugin_admindelegation_func');
} else {
$func = '';
}
$vGroup = new Valid_String('plugin_admindelegation_group');
$vGroup->required();
if ($request->valid($vGroup)) {
$pm = ProjectManager::instance();
$project = $pm->getProjectFromAutocompleter($request->get('plugin_admindelegation_group'));
if ($project && $project->isActive()) {
$groupValue = $project->getPublicName() . ' (' . $project->getUnixName() . ')';
} else {
$groupValue = '';
}
} else {
$project = false;
$groupValue = '';
}
$html .= '<form method="post" action="?">';
$html .= '<label>' . $GLOBALS['Language']->getText('plugin_admindelegation', 'widget_admins_label') . '</label>';
$html .= '<input type="hidden" name="plugin_admindelegation_func" value="show_admins" />';
$html .= '<input type="text" name="plugin_admindelegation_group" value="' . $groupValue . '" size ="40" id="plugin_admindelegation_group" />';
$html .= ' ';
$html .= '<input type="submit" value="' . $GLOBALS['Language']->getText('plugin_admindelegation', 'widget_btn_search') . '"/>';
$html .= '</form>';
$js = "new ProjectAutoCompleter('plugin_admindelegation_group', '" . util_get_dir_image_theme() . "', false);";
$GLOBALS['HTML']->includeFooterJavascriptSnippet($js);
if ($func == 'show_admins' && $project && $project->isActive()) {
$allAdmins = array();
$users = $this->getProjectAdmins($project->getId());
if (count($users) > 0) {
$uh = UserHelper::instance();
$html .= '<table width="100%">';
$html .= '<theader>';
$html .= '<tr>';
$html .= '<th>' . $GLOBALS['Language']->getText('plugin_admindelegation', 'widget_admins_name') . '</th>';
$html .= '<th>' . $GLOBALS['Language']->getText('plugin_admindelegation', 'widget_admins_email') . '</th>';
$html .= '</tr>';
$html .= '</theader>';
$html .= '<tbody>';
$i = 1;
foreach ($users as $u) {
$mailto = $u->getRealname() . ' <' . $u->getEmail() . '>';
$allAdmins[] = $mailto;
$html .= '<tr class="' . util_get_alt_row_color($i++) . '">';
$html .= '<td>' . $hp->purify($uh->getDisplayNameFromUser($u)) . '</td>';
$html .= '<td><a href="mailto:' . $mailto . '">' . $u->getEmail() . '</a></td>';
$html .= '</tr>';
}
$html .= '</tbody>';
$html .= '</table>';
// Mail to all admins
$html .= '<div style="text-align:center" class="' . util_get_alt_row_color($i++) . '">';
$html .= '<a href="mailto:' . implode(',', $allAdmins) . '?Subject=' . $GLOBALS['Language']->getText('plugin_admindelegation', 'widget_admins_mass_mail_subject', array($GLOBALS['sys_name'], $project->getPublicName())) . '">' . $GLOBALS['Language']->getText('plugin_admindelegation', 'widget_admins_mass_mail') . '</a>';
$html .= '</div>';
}
}
return $html;
}
/**
* Create a new content for this widget
* @param Codendi_Request $request
* @return int the id of the new content
*/
public function create($request)
{
$content_id = false;
$vItem_id = new Valid_String('item_id');
$vItem_id->setErrorMessage("Unable to add the widget. Please give an item id.");
$vItem_id->required();
if ($request->validInArray('plugin_docman_widget_embedded', $vItem_id)) {
$plugin_docman_widget_embedded = $request->get('plugin_docman_widget_embedded');
$vTitle = new Valid_String('title');
$vTitle->required();
if (!$request->validInArray('plugin_docman_widget_embedded', $vTitle)) {
if ($item = $this->getItem($plugin_docman_widget_embedded['item_id'])) {
$plugin_docman_widget_embedded['title'] = $item->getTitle();
}
}
$sql = 'INSERT INTO plugin_docman_widget_embedded (owner_id, owner_type, title, item_id) VALUES (' . $this->owner_id . ", '" . $this->owner_type . "', '" . db_escape_string($plugin_docman_widget_embedded['title']) . "', '" . db_escape_string($plugin_docman_widget_embedded['item_id']) . "')";
$res = db_query($sql);
$content_id = db_insertid($res);
}
return $content_id;
}
<?php
//
// SourceForge: Breaking Down the Barriers to Open Source Development
// Copyright 1999-2000 (c) The SourceForge Crew
// http://sourceforge.net
//
//
require_once 'pre.php';
require_once 'viewvc_utils.php';
require_once 'www/svn/svn_utils.php';
if (user_isloggedin()) {
$vRoot = new Valid_String('root');
$vRoot->required();
if (!$request->valid($vRoot)) {
exit_no_group();
}
$root = $request->get('root');
$group_id = group_getid_by_name($root);
if ($group_id === false) {
exit_no_group();
}
$vRootType = new Valid_WhiteList('roottype', array('svn'));
$vRootType->setErrorMessage($Language->getText('svn_viewvc', 'bad_roottype'));
$vRootType->required();
if ($request->valid($vRootType)) {
if (!svn_utils_check_access(user_getname(), $root, viewvc_utils_getfile("/svn/viewvc.php"))) {
exit_error($Language->getText('svn_viewvc', 'access_denied'), $Language->getText('svn_viewvc', 'acc_den_comment', session_make_url("/project/memberlist.php?group_id={$group_id}")));
}
viewvc_utils_track_browsing($group_id, 'svn');
$display_header_footer = viewvc_utils_display_header();
* Codendi is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Codendi. If not, see <http://www.gnu.org/licenses/>.
*/
require_once 'pre.php';
//require_once('common/event/EventManager.class.php');
require_once 'common/project/ProjectManager.class.php';
//
// Input treatment
//
$vName = new Valid_String('name');
$vName->required();
if ($request->valid($vName)) {
$name = $request->get('name');
} else {
// Finish script, no output
exit;
}
// Number of user to display
$limit = 15;
$list = array();
$isMember = false;
$isAdmin = false;
$user = UserManager::instance()->getCurrentUser();
if ($user->isRestricted()) {
$isMember = true;
}
function register_valid($confirm_hash)
{
global $Language;
$request =& HTTPRequest::instance();
$vLoginName = new Valid_UserNameFormat('form_loginname');
$vLoginName->required();
if (!$request->valid($vLoginName)) {
return 0;
}
$vRealName = new Valid_RealNameFormat('form_realname');
$vRealName->required();
if (!$request->valid($vRealName)) {
$GLOBALS['Response']->addFeedback('error', $Language->getText('account_register', 'err_realname'));
return 0;
}
if (!$request->existAndNonEmpty('form_pw')) {
$GLOBALS['Response']->addFeedback('error', $Language->getText('account_register', 'err_nopasswd'));
return 0;
}
$tz = $request->get('timezone');
if (!is_valid_timezone($tz)) {
$GLOBALS['Response']->addFeedback('error', $Language->getText('account_register', 'err_notz'));
return 0;
}
if (!$request->existAndNonEmpty('form_register_purpose') && ($GLOBALS['sys_user_approval'] && $request->get('page') != "admin_creation")) {
$GLOBALS['Response']->addFeedback('error', $Language->getText('account_register', 'err_nopurpose'));
return 0;
}
if (!validate_email($request->get('form_email'))) {
$GLOBALS['Response']->addFeedback('error', $Language->getText('account_register', 'err_email'));
return 0;
}
if ($request->get('page') != "admin_creation" && $request->get('form_pw') != $request->get('form_pw2')) {
$GLOBALS['Response']->addFeedback('error', $Language->getText('account_register', 'err_passwd'));
return 0;
}
if (!account_pwvalid($request->get('form_pw'), $errors)) {
foreach ($errors as $e) {
$GLOBALS['Response']->addFeedback('error', $e);
}
return 0;
}
$expiry_date = 0;
if ($request->exist('form_expiry') && $request->get('form_expiry') != '' && !ereg("[0-9]{4}-[0-9]{1,2}-[0-9]{1,2}", $request->get('form_expiry'))) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('account_register', 'data_not_parsed'));
return 0;
}
$vDate = new Valid_String();
$vDate->required();
if ($request->exist('form_expiry') && $vDate->validate($request->get('form_expiry'))) {
$date_list = split("-", $request->get('form_expiry'), 3);
$unix_expiry_time = mktime(0, 0, 0, $date_list[1], $date_list[2], $date_list[0]);
$expiry_date = $unix_expiry_time;
}
$status = 'P';
if ($request->get('page') == "admin_creation") {
if ($request->get('form_restricted')) {
$status = 'R';
} else {
$status = 'A';
}
}
//use sys_lang as default language for each user at register
$res = account_create($request->get('form_loginname'), $request->get('form_pw'), '', $request->get('form_realname'), $request->get('form_register_purpose'), $request->get('form_email'), $status, $confirm_hash, $request->get('form_mail_site'), $request->get('form_mail_va'), $tz, UserManager::instance()->getCurrentUser()->getLocale(), 'A', $expiry_date);
return $res;
}
public function process(Tracker_IDisplayTrackerLayout $layout, $request, $current_user)
{
//TODO: log the admin actions (add a formElement, ...) ?
$hp = Codendi_HTMLPurifier::instance();
$func = (string) $request->get('func');
switch ($func) {
case 'new-artifact':
if ($this->userCanSubmitArtifact($current_user)) {
$this->displaySubmit($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'get-create-in-place':
if ($this->userCanSubmitArtifact($current_user)) {
$artifact_link_id = $request->get('artifact-link-id');
$render_with_javascript = $request->get('fetch-js') == 'false' ? false : true;
$renderer = new Tracker_Artifact_Renderer_CreateInPlaceRenderer($this, TemplateRendererFactory::build()->getRenderer(dirname(TRACKER_BASE_DIR) . '/templates'));
$renderer->display($artifact_link_id, $render_with_javascript);
} else {
$GLOBALS['Response']->send400JSONErrors();
}
break;
case 'new-artifact-link':
$link = $request->get('id');
if ($this->userCanSubmitArtifact($current_user)) {
$this->displaySubmit($layout, $request, $current_user, $link);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
}
break;
case 'delete':
if ($this->userCanDeleteTracker($current_user)) {
if ($this->getTrackerFactory()->markAsDeleted($this->id)) {
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_tracker_admin_index', 'delete_success', $hp->purify($this->name, CODENDI_PURIFIER_CONVERT_HTML)));
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_tracker_admin_index', 'tracker_deleted', $GLOBALS['sys_email_admin']), CODENDI_PURIFIER_FULL);
$reference_manager = ReferenceManager::instance();
$ref = $reference_manager->loadReferenceFromKeywordAndNumArgs(strtolower($this->getItemName()), $this->getGroupId(), 1);
if ($ref) {
if ($reference_manager->deleteReference($ref)) {
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('project_reference', 't_r_deleted'));
}
}
EventManager::instance()->processEvent(TRACKER_EVENT_TRACKER_DELETE, array('tracker' => $this));
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin_index', 'deletion_failed', $hp->purify($this->name, CODENDI_PURIFIER_CONVERT_HTML)));
}
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
}
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?group_id=' . $this->group_id);
break;
case 'admin':
if ($this->userIsAdmin($current_user)) {
$this->displayAdmin($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-editoptions':
if ($this->userIsAdmin($current_user)) {
if ($request->get('update')) {
$this->editOptions($request);
}
$this->displayAdminOptions($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-perms':
if ($this->userIsAdmin($current_user)) {
$this->displayAdminPerms($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-perms-tracker':
if ($this->userIsAdmin($current_user)) {
$this->getPermissionController()->process($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-perms-fields':
if ($this->userIsAdmin($current_user)) {
if ($request->exist('update')) {
if ($request->exist('permissions') && is_array($request->get('permissions'))) {
plugin_tracker_permission_process_update_fields_permissions($this->getGroupId(), $this->getId(), Tracker_FormElementFactory::instance()->getUsedFields($this), $request->get('permissions'));
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('project_admin_userperms', 'perm_upd'));
}
}
$this->displayAdminPermsFields($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-formElements':
if ($this->userIsAdmin($current_user)) {
if (is_array($request->get('add-formElement'))) {
list($formElement_id, ) = each($request->get('add-formElement'));
if (Tracker_FormElementFactory::instance()->addFormElement($formElement_id)) {
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_tracker_admin_index', 'field_added'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . (int) $this->getId() . '&func=admin-formElements');
}
} else {
if (is_array($request->get('create-formElement'))) {
list($type, ) = each($request->get('create-formElement'));
if ($request->get('docreate-formElement') && is_array($request->get('formElement_data'))) {
try {
$this->createFormElement($type, $request->get('formElement_data'), $current_user);
} catch (Exception $e) {
$GLOBALS['Response']->addFeedback('error', $e->getMessage());
}
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?' . http_build_query(array('tracker' => $this->getId(), 'func' => $func)));
} else {
Tracker_FormElementFactory::instance()->displayAdminCreateFormElement($layout, $request, $current_user, $type, $this);
exit;
}
}
}
$this->displayAdminFormElements($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-formElement-update':
case 'admin-formElement-remove':
case 'admin-formElement-delete':
if ($this->userIsAdmin($current_user)) {
if ($formElement = Tracker_FormElementFactory::instance()->getFormElementById((int) $request->get('formElement'))) {
$formElement->process($layout, $request, $current_user);
} else {
$this->displayAdminFormElements($layout, $request, $current_user);
}
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-semantic':
if ($this->userIsAdmin($current_user)) {
$this->getTrackerSemanticManager()->process($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-notifications':
if ($this->userIsAdmin($current_user)) {
$this->getDateReminderManager()->processReminder($layout, $request, $current_user);
$this->getNotificationsManager()->process($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'notifications':
// you just need to be registered to have access to this part
if ($current_user->isLoggedIn()) {
$this->getDateReminderManager()->processReminder($layout, $request, $current_user);
$this->getNotificationsManager()->process($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'display_reminder_form':
print $this->getDateReminderManager()->getDateReminderRenderer()->getNewDateReminderForm();
break;
case 'admin-canned':
// TODO : project members can access this part ?
if ($this->userIsAdmin($current_user)) {
$this->getCannedResponseManager()->process($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case Workflow::FUNC_ADMIN_RULES:
case Workflow::FUNC_ADMIN_CROSS_TRACKER_TRIGGERS:
case Workflow::FUNC_ADMIN_TRANSITIONS:
case Workflow::FUNC_ADMIN_GET_TRIGGERS_RULES_BUILDER_DATA:
case Workflow::FUNC_ADMIN_ADD_TRIGGER:
case Workflow::FUNC_ADMIN_DELETE_TRIGGER:
if ($this->userIsAdmin($current_user)) {
$this->getWorkflowManager()->process($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-csvimport':
$session = new Codendi_Session();
if ($this->userIsAdmin($current_user)) {
if ($request->exist('action') && $request->get('action') == 'import_preview' && array_key_exists('csv_filename', $_FILES)) {
// display preview before importing artifacts
$this->displayImportPreview($layout, $request, $current_user, $session);
} elseif ($request->exist('action') && $request->get('action') == 'import') {
$csv_header = $session->get('csv_header');
$csv_body = $session->get('csv_body');
if ($this->importFromCSV($layout, $request, $current_user, $csv_header, $csv_body)) {
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_tracker_admin_import', 'import_succeed'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin_import', 'import_failed'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
}
$this->displayAdminCSVImport($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-export':
if ($this->userIsAdmin($current_user)) {
// TODO: change directory
$xml_element = new SimpleXMLElement('<?xml version="1.0" encoding="UTF-8"?><tracker />');
$this->sendXML($this->exportToXML($xml_element));
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-dependencies':
if ($this->userIsAdmin($current_user)) {
$this->getGlobalRulesManager()->process($layout, $request, $current_user);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'submit-artifact':
$action = new Tracker_Action_CreateArtifact($this, $this->getTrackerArtifactFactory(), $this->getTrackerFactory(), $this->getFormElementFactory());
$action->process($layout, $request, $current_user);
break;
case 'submit-copy-artifact':
$logger = new Tracker_XML_Importer_CopyArtifactInformationsAggregator(new BackendLogger());
$xml_importer = $this->getArtifactXMLImporterForArtifactCopy($logger);
$artifact_factory = $this->getTrackerArtifactFactory();
$file_xml_updater = $this->getFileXMLUpdater();
$export_children_collector = $this->getChildrenCollector($request);
$file_path_xml_exporter = new Tracker_XML_Exporter_LocalAbsoluteFilePathXMLExporter();
$artifact_xml_exporter = $this->getArtifactXMLExporter($export_children_collector, $file_path_xml_exporter, $current_user);
$action = new Tracker_Action_CopyArtifact($this, $artifact_factory, $artifact_xml_exporter, $xml_importer, $this->getChangesetXMLUpdater(), $file_xml_updater, new Tracker_XML_Exporter_ChildrenXMLExporter($artifact_xml_exporter, $file_xml_updater, $artifact_factory, $export_children_collector), new Tracker_XML_Importer_ChildrenXMLImporter($xml_importer, $this->getTrackerFactory(), $this->getTrackerArtifactFactory(), new Tracker_XML_ChildrenCollector()), new Tracker_XML_Importer_ArtifactImportedMapping(), $logger);
$action->process($layout, $request, $current_user);
break;
case 'submit-artifact-in-place':
$action = new Tracker_Action_CreateArtifactFromModal($request, $this, $this->getTrackerArtifactFactory());
$action->process($current_user);
break;
case 'admin-hierarchy':
if ($this->userIsAdmin($current_user)) {
$this->displayAdminItemHeader($layout, 'hierarchy');
$this->getHierarchyController($request)->edit();
$this->displayFooter($layout);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-hierarchy-update':
if ($this->userIsAdmin($current_user)) {
$this->getHierarchyController($request)->update();
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-clean':
if ($this->userIsAdmin($current_user)) {
$this->displayAdminClean($layout);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-delete-artifact-confirm':
if ($this->userIsAdmin($current_user)) {
$token = new CSRFSynchronizerToken(TRACKER_BASE_URL . '/?tracker=' . (int) $this->id . '&func=admin-delete-artifact-confirm');
$token->check();
$artifact_id = $request->getValidated('id', 'uint', 0);
$artifact = $this->getTrackerArtifactFactory()->getArtifactById($artifact_id);
if ($artifact) {
$this->displayAdminConfirmDelete($layout, $artifact);
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'clean_error_noart', array($request->get('id'))));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId() . '&func=admin-clean');
}
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'admin-delete-artifact':
if ($this->userIsAdmin($current_user)) {
$token = new CSRFSynchronizerToken(TRACKER_BASE_URL . '/?tracker=' . (int) $this->id . '&func=admin-delete-artifact');
$token->check();
if ($request->exist('confirm')) {
$artifact = $this->getTrackerArtifactFactory()->getArtifactById($request->get('id'));
if ($artifact && $artifact->getTrackerId() == $this->getId()) {
$artifact->delete($current_user);
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_tracker_admin', 'clean_info_deleted', array($request->get('id'))));
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'clean_error_noart', array($request->get('id'))));
}
} else {
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_tracker_admin', 'clean_cancel_deleted'));
}
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId() . '&func=admin');
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
break;
case 'create_new_public_report':
if (!$this->userIsAdmin($current_user)) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_admin', 'access_denied'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
$name = $request->get('new_report_name');
$validator = new Valid_String('new_report_name');
$validator->required();
if (!$request->valid($validator)) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker', 'create_new_report_invalid'));
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
}
$hp = Codendi_HTMLPurifier::instance();
$hp->purify($name);
$report = new Tracker_Report(0, $name, 'Public rapport', 0, 0, null, 0, $this->getId(), 1, null, 0);
$report->criterias = array();
$this->getReportFactory()->saveObject($this->id, $report);
$GLOBALS['Response']->redirect(TRACKER_BASE_URL . '/?tracker=' . $this->getId());
break;
default:
if ($this->userCanView($current_user)) {
$this->displayAReport($layout, $request, $current_user);
}
break;
}
return false;
}
$vPostChanges->required();
if ($request->isPost() && $request->valid($vPostChanges)) {
/*
Update the DB to reflect the changes
*/
//
// Prepare validators
//
// Forum Name
$vForumName = new Valid_String('forum_name');
$vForumName->setErrorMessage($Language->getText('forum_admin_index', 'params_missing'));
$vForumName->required();
// Description
$vDescription = new Valid_String('description');
$vDescription->setErrorMessage($Language->getText('forum_admin_index', 'params_missing'));
$vDescription->required();
// Is public
$vIsPublic = new Valid_WhiteList('is_public', array(0, 1, 9));
$vIsPublic->required();
if ($request->existAndNonEmpty('delete')) {
$vMsg = new Valid_Uint('msg_id');
$vMsg->required();
if ($request->valid($vMsg)) {
/*
Deleting messages or threads
*/
// First, check if the message exists
$sql = "SELECT forum_group_list.group_id, forum.group_forum_id FROM forum,forum_group_list " . "WHERE forum.group_forum_id=forum_group_list.group_forum_id AND forum.msg_id=" . db_ei($msg_id);
$result = db_query($sql);
if (db_numrows($result) > 0) {
$message_group_id = db_result($result, 0, 'group_id');
// Must be a project admin
session_require(array('group' => $groupId, 'admin_flags' => 'A'));
// Ensure LDAP plugin is active
$pluginManager = PluginManager::instance();
$ldapPlugin = $pluginManager->getPluginByName('ldap');
if (!$ldapPlugin || !$pluginManager->isPluginAvailable($ldapPlugin)) {
$GLOBALS['Response']->redirect('/project/admin/index.php?group_id=' . $groupId);
}
// Check if user have choosen the preserve members option.
$bindOption = 'bind';
if ($request->exist('preserve_members') && $request->get('preserve_members') == 'on') {
$bindOption = 'preserve_members';
}
// Get LDAP group name
$vLdapGroup = new Valid_String('ldap_group');
$vLdapGroup->required();
if ($request->isPost() && $request->valid($vLdapGroup)) {
$ldapGroupManager = new LDAP_ProjectGroupManager($ldapPlugin->getLdap());
$ldapGroupManager->setId($groupId);
$ldapGroupManager->setGroupName($request->get('ldap_group'));
if ($request->existAndNonEmpty('delete')) {
//
// Remove link between Project Members and LDAP Group
//
$ldapGroupManager->unbindFromBindLdap();
$GLOBALS['Response']->redirect('/project/admin/index.php?group_id=' . $groupId);
} elseif ($request->existAndNonEmpty('update')) {
//
// Perform Project Members <-> LDAP Group synchro
//
$ldapGroupManager->bindWithLdap($bindOption);
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
*
*/
require 'pre.php';
$hp = Codendi_HTMLPurifier::instance();
$vPv = new Valid_Pv();
if ($request->valid($vPv) && $request->get('pv') == 2) {
$pv = 2;
$HTML->pv_header(array());
} else {
$pv = 0;
site_header(array('title' => $Language->getText('my_redirect', 'page_title')));
}
$vReturnTo = new Valid_String('return_to');
$vReturnTo->required();
if ($request->valid($vReturnTo)) {
// if return_to URL start with a protocol name then take as is
// otherwise prepend the proper http protocol
// Re-serialize feedback to display it on the 'return_to' page.
$HTML->_serializeFeedback();
$return_to = trim($request->get('return_to'));
$use_ssl = session_issecure() || $GLOBALS['sys_force_ssl'];
if ($use_ssl) {
$server_url = "https://" . $GLOBALS['sys_https_host'];
} else {
$server_url = "http://" . $GLOBALS['sys_default_domain'];
}
if (preg_match("/^[A-Za-z]+:\\/\\//i", $return_to)) {
$return_url = $return_to;
} else {
exit_error($Language->getText('global', 'error'), "Cannot modify this ugroup with LDAP plugin");
}
} else {
exit_error($Language->getText('global', 'error'), $Language->getText('project_admin_editugroup', 'ug_not_found', array($ugroupId, db_error())));
}
$group_id = $row['group_id'];
$ldapUserGroupManager = new LDAP_UserGroupManager($ldapPlugin->getLdap());
$ldapUserGroupManager->setId($ugroupId);
$hp = Codendi_HTMLPurifier::instance();
$btn_update = $Language->getText('plugin_ldap', 'ugroup_edit_btn_update');
$vSubmit = new Valid_WhiteList('submit', array($btn_update));
$vSubmit->required();
if ($request->isPost() && $request->valid($vSubmit)) {
if ($request->get('submit') == $btn_update) {
$vUserAdd = new Valid_String('user_add');
$vUserAdd->required();
if ($request->valid($vUserAdd)) {
$ldapUserGroupManager->addListOfUsersToGroup($request->get('user_add'));
}
}
}
//
// Display
//
$ugroupRow = ugroup_db_get_ugroup($ugroupId);
$ugroupName = util_translate_name_ugroup($row['name']);
$clean_ugroupName = $hp->purify($ugroupName);
project_admin_header(array('title' => $Language->getText('project_admin_editugroup', 'edit_ug'), 'group' => $group_id));
echo '<h2>' . $Language->getText('project_admin_editugroup', 'ug_admin', $clean_ugroupName) . '</h2>';
echo '<p>' . $GLOBALS['Language']->getText('plugin_ldap', 'ugroup_edit_group_add_users_help') . '</p>';
echo '<form name="plugin_ldap_edit_ugroup" method="post" action="">';
/**
* Checks whether name is present in the parameters.
*
* @param PlanningParameters $planning_parameters The validated parameters.
*
* @return bool
*/
private function nameIsPresent(PlanningParameters $planning_parameters)
{
$name = new Valid_String();
$name->required();
return $name->validate($planning_parameters->name);
}
/**
* Handle the HTTP request
*
* @param HTTPRequest $request HTTP request
*
* @return Void
*/
public function handleRequest(HTTPRequest $request)
{
$validAction = new Valid_WhiteList('action', array('add', 'delete'));
if ($request->valid($validAction)) {
$action = $request->get('action');
switch ($action) {
case 'add':
$this->csrf->check();
$validProject = new Valid_String('project');
$validProject->required();
$project = null;
if ($request->valid($validProject)) {
$project = $request->get('project');
}
$validRequester = new Valid_String('requester');
$validRequester->required();
$requester = null;
if ($request->valid($validRequester)) {
$requester = $request->get('requester');
}
$validQuota = new Valid_UInt('quota');
$validQuota->required();
$quota = null;
if ($request->valid($validQuota)) {
$quota = $request->get('quota');
}
$validMotivation = new Valid_Text('motivation');
$validMotivation->required();
$motivation = null;
if ($request->valid($validMotivation)) {
$motivation = $request->get('motivation');
}
$this->projectQuotaManager->addQuota($project, $requester, $quota, $motivation);
break;
case 'delete':
$this->csrf->check();
$list = $request->get('delete_quota');
$projects = array();
$validProjectId = new Valid_UInt();
foreach ($list as $projectId) {
if ($validProjectId->validate($projectId)) {
$project = $this->projectManager->getProject($projectId);
if ($project) {
$projects[$project->getId()] = $project->getPublicName();
}
}
}
$this->projectQuotaManager->deleteCustomQuota($projects);
break;
default:
break;
}
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_statistics', 'invalid_action'));
}
}
