/**
* {@inheritdoc}
*/
public function dump(\Twig_Environment $env, $context)
{
// Return if 'debug' is `false` in Twig, or there's no logged on user _and_ `debug_show_loggedoff` in
// config.yml is `false`.
if (!$env->isDebug() || $this->users->getCurrentUser() === null && !$this->debugShowLoggedoff) {
return null;
}
if (func_num_args() === 2) {
$vars = [];
foreach ($context as $key => $value) {
if (!$value instanceof \Twig_Template) {
$vars[$key] = $value;
}
}
$vars = [$vars];
} else {
$vars = func_get_args();
unset($vars[0], $vars[1]);
}
$output = fopen('php://memory', 'r+b');
$prevOutput = $this->dumper->setOutput($output);
foreach ($vars as $value) {
$this->dumper->dump($this->cloner->cloneVar($value));
}
$this->dumper->setOutput($prevOutput);
rewind($output);
return stream_get_contents($output);
}
/**
* Do the edit form for a record.
*
* @param Content $content A content record
* @param array $contentType The contenttype data
* @param boolean $duplicate If TRUE create a duplicate record
*
* @return array
*/
public function action(Content $content, array $contentType, $duplicate)
{
$contentTypeSlug = $contentType['slug'];
$new = $content->getId() === null ?: false;
$oldStatus = $content->getStatus();
$allStatuses = ['published', 'held', 'draft', 'timed'];
$allowedStatuses = [];
foreach ($allStatuses as $status) {
if ($this->users->isContentStatusTransitionAllowed($oldStatus, $status, $contentTypeSlug, $content->getId())) {
$allowedStatuses[] = $status;
}
}
// For duplicating a record, clear base field values.
if ($duplicate) {
$content->setId('');
$content->setSlug('');
$content->setDatecreated('');
$content->setDatepublish('');
$content->setDatedepublish(null);
$content->setDatechanged('');
$content->setUsername('');
$content->setOwnerid('');
$this->loggerFlash->info(Trans::__('contenttypes.generic.duplicated-finalize', ['%contenttype%' => $contentTypeSlug]));
}
// Set the users and the current owner of this content.
if ($new || $duplicate) {
// For brand-new and duplicated items, the creator becomes the owner.
$contentowner = $this->users->getCurrentUser();
} else {
// For existing items, we'll just keep the current owner.
$contentowner = $this->users->getUser($content->getOwnerid());
}
// Build list of incoming non inverted related records.
$incomingNotInverted = [];
foreach ($content->getRelation()->incoming($content) as $relation) {
if ($relation->isInverted()) {
continue;
}
$fromContentType = $relation->getFromContenttype();
$record = $this->em->getContent($fromContentType . '/' . $relation->getFromId());
if ($record) {
$incomingNotInverted[$fromContentType][] = $record;
}
}
// Test write access for uploadable fields.
$contentType['fields'] = $this->setCanUpload($contentType['fields']);
$templateFields = $content->getTemplatefields();
if ($templateFields instanceof TemplateFields && ($templateFieldsData = $templateFields->getContenttype()->getFields())) {
$templateFields->getContenttype()['fields'] = $this->setCanUpload($templateFields->getContenttype()->getFields());
}
// Build context for Twig.
$contextCan = ['upload' => $this->users->isAllowed('files:uploads'), 'publish' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':publish:' . $content->getId()), 'depublish' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':depublish:' . $content->getId()), 'change_ownership' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':change-ownership:' . $content->getId())];
$contextHas = ['incoming_relations' => count($incomingNotInverted) > 0, 'relations' => isset($contentType['relations']), 'tabs' => $contentType['groups'] !== false, 'taxonomy' => isset($contentType['taxonomy']), 'templatefields' => empty($templateFieldsData) ? false : true];
$contextValues = ['datepublish' => $this->getPublishingDate($content->getDatepublish(), true), 'datedepublish' => $this->getPublishingDate($content->getDatedepublish())];
$context = ['incoming_not_inv' => $incomingNotInverted, 'contenttype' => $contentType, 'content' => $content, 'allowed_status' => $allowedStatuses, 'contentowner' => $contentowner, 'fields' => $this->config->fields->fields(), 'fieldtemplates' => $this->getTemplateFieldTemplates($contentType, $content), 'fieldtypes' => $this->getUsedFieldtypes($contentType, $content, $contextHas), 'groups' => $this->createGroupTabs($contentType, $contextHas), 'can' => $contextCan, 'has' => $contextHas, 'values' => $contextValues, 'relations_list' => $this->getRelationsList($contentType)];
return $context;
}
/**
* When redirecting to the backend dashboard (while logged in),
* if the user does not have access change the redirect to the homepage.
*
* @param \Symfony\Component\HttpFoundation\RedirectResponse $response
*/
protected function handleNoBackendAccess(RedirectResponse $response)
{
$authCookie = $this->session->get('authentication');
if (!$this->authentication->isValidSession((string) $authCookie)) {
return;
}
$dashboardPath = $this->urlGenerator->generate('dashboard');
$dashboardAccess = $this->users->isAllowed('dashboard');
if ($response->getTargetUrl() === $dashboardPath && !$dashboardAccess) {
$this->session->getFlashBag()->clear();
$response->setTargetUrl($this->urlGenerator->generate('homepage'));
}
}
/**
* Persist the contents of the current stack to the session, as well as the database.
*/
private function persist()
{
$items = $this->persistableList();
$this->session->set('stack', $items);
$user = $this->users->getCurrentUser();
$user['stack'] = $items;
$this->users->saveUser($user);
}
public function onRequest(GetResponseEvent $event)
{
if (!Zone::isBackend($event->getRequest())) {
return;
}
foreach ($this->config->getRolesAdmin() as $role) {
if ($this->users->isAllowed($role)) {
return;
}
}
throw new AccessDeniedException('Logged in user does not have the correct rights to use this class.');
}
/**
* Transition a record's owner if permitted.
*
* @param Content $entity
* @param integer $ownerId
*/
protected function transistionRecordOwner(Content $entity, $ownerId)
{
$recordId = $entity->getId();
$contentTypeName = (string) $entity->getContenttype();
$canChangeOwner = $this->users->isAllowed("contenttype:{$contentTypeName}:change-ownership:{$recordId}");
if (!$canChangeOwner) {
$this->loggerFlash->error(Trans::__('general.access-denied.content-not-modified', ['%title%' => $entity->getTitle()]));
return;
}
$entity->setOwnerid($ownerId);
$entity->_modified = true;
}
public function testAddNewFile()
{
$expectedList = ['files://h.txt', 'files://a.jpg', 'files://b.txt', 'files://c.txt', 'files://d.doc', 'files://e.mp3', 'theme://f.txt'];
$this->users->expects($this->once())->method('saveUser')->with(['stack' => $expectedList]);
$file = $this->stack->add('h.txt', $removed);
$this->assertTrue($file instanceof FileInterface, 'File object should be returned from add method');
$this->assertEquals('files://h.txt', $file->getFullPath(), 'File object should be returned from add method');
$this->assertTrue($removed instanceof FileInterface, 'Add method should set the removed parameter to the file object removed');
$this->assertEquals('theme://g.txt', $removed->getFullPath(), 'Removed file should be the last file on the stack before the new one was added');
$this->assertFiles($this->stack->getList(), $expectedList, 'Adding new file should prepend it to the stack and remove the oldest file');
$this->assertEquals($expectedList, $this->session->get('stack'), 'Adding a file to the stack should persist change to session');
}
/**
* Set a ContentType record values from a HTTP POST.
*
* @param Entity\Content $content
* @param array $formValues
* @param array $contentType
*
* @throws AccessControlException
*/
private function setPostedValues(Entity\Content $content, $formValues, $contentType)
{
// Ensure all fields have valid values
$formValues = $this->setSuccessfulControlValues($formValues, $contentType['fields']);
$formValues = Input::cleanPostedData($formValues);
unset($formValues['contenttype']);
$user = $this->users->getCurrentUser();
if ($id = $content->getId()) {
// Owner is set explicitly, is current user is allowed to do this?
if (isset($formValues['ownerid']) && (int) $formValues['ownerid'] !== $content->getOwnerid()) {
if (!$this->users->isAllowed("contenttype:{$contentType['slug']}:change-ownership:{$id}")) {
throw new AccessControlException('Changing ownership is not allowed.');
}
$content->setOwnerid($formValues['ownerid']);
}
} else {
$content->setOwnerid($user['id']);
}
// Hack … remove soon
$formValues += ['status' => 'draft'];
// Make sure we have a proper status.
if (!in_array($formValues['status'], ['published', 'timed', 'held', 'draft'])) {
if ($status = $content->getStatus()) {
$formValues['status'] = $status;
} else {
$formValues['status'] = 'draft';
}
}
// Set the object values appropriately
foreach ($formValues as $name => $value) {
if ($name === 'relation' || $name === 'taxonomy') {
continue;
} else {
$content->set($name, empty($value) ? null : $value);
}
}
$this->setPostedRelations($content, $formValues);
$this->setPostedTaxonomies($content, $formValues);
}