Exemplo n.º 1
0
 /**
  * {@inheritdoc}
  */
 public function dump(\Twig_Environment $env, $context)
 {
     // Return if 'debug' is `false` in Twig, or there's no logged on user _and_ `debug_show_loggedoff` in
     // config.yml is `false`.
     if (!$env->isDebug() || $this->users->getCurrentUser() === null && !$this->debugShowLoggedoff) {
         return null;
     }
     if (func_num_args() === 2) {
         $vars = [];
         foreach ($context as $key => $value) {
             if (!$value instanceof \Twig_Template) {
                 $vars[$key] = $value;
             }
         }
         $vars = [$vars];
     } else {
         $vars = func_get_args();
         unset($vars[0], $vars[1]);
     }
     $output = fopen('php://memory', 'r+b');
     $prevOutput = $this->dumper->setOutput($output);
     foreach ($vars as $value) {
         $this->dumper->dump($this->cloner->cloneVar($value));
     }
     $this->dumper->setOutput($prevOutput);
     rewind($output);
     return stream_get_contents($output);
 }
Exemplo n.º 2
0
 /**
  * Do the edit form for a record.
  *
  * @param Content $content     A content record
  * @param array   $contentType The contenttype data
  * @param boolean $duplicate   If TRUE create a duplicate record
  *
  * @return array
  */
 public function action(Content $content, array $contentType, $duplicate)
 {
     $contentTypeSlug = $contentType['slug'];
     $new = $content->getId() === null ?: false;
     $oldStatus = $content->getStatus();
     $allStatuses = ['published', 'held', 'draft', 'timed'];
     $allowedStatuses = [];
     foreach ($allStatuses as $status) {
         if ($this->users->isContentStatusTransitionAllowed($oldStatus, $status, $contentTypeSlug, $content->getId())) {
             $allowedStatuses[] = $status;
         }
     }
     // For duplicating a record, clear base field values.
     if ($duplicate) {
         $content->setId('');
         $content->setSlug('');
         $content->setDatecreated('');
         $content->setDatepublish('');
         $content->setDatedepublish(null);
         $content->setDatechanged('');
         $content->setUsername('');
         $content->setOwnerid('');
         $this->loggerFlash->info(Trans::__('contenttypes.generic.duplicated-finalize', ['%contenttype%' => $contentTypeSlug]));
     }
     // Set the users and the current owner of this content.
     if ($new || $duplicate) {
         // For brand-new and duplicated items, the creator becomes the owner.
         $contentowner = $this->users->getCurrentUser();
     } else {
         // For existing items, we'll just keep the current owner.
         $contentowner = $this->users->getUser($content->getOwnerid());
     }
     // Build list of incoming non inverted related records.
     $incomingNotInverted = [];
     foreach ($content->getRelation()->incoming($content) as $relation) {
         if ($relation->isInverted()) {
             continue;
         }
         $fromContentType = $relation->getFromContenttype();
         $record = $this->em->getContent($fromContentType . '/' . $relation->getFromId());
         if ($record) {
             $incomingNotInverted[$fromContentType][] = $record;
         }
     }
     // Test write access for uploadable fields.
     $contentType['fields'] = $this->setCanUpload($contentType['fields']);
     $templateFields = $content->getTemplatefields();
     if ($templateFields instanceof TemplateFields && ($templateFieldsData = $templateFields->getContenttype()->getFields())) {
         $templateFields->getContenttype()['fields'] = $this->setCanUpload($templateFields->getContenttype()->getFields());
     }
     // Build context for Twig.
     $contextCan = ['upload' => $this->users->isAllowed('files:uploads'), 'publish' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':publish:' . $content->getId()), 'depublish' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':depublish:' . $content->getId()), 'change_ownership' => $this->users->isAllowed('contenttype:' . $contentTypeSlug . ':change-ownership:' . $content->getId())];
     $contextHas = ['incoming_relations' => count($incomingNotInverted) > 0, 'relations' => isset($contentType['relations']), 'tabs' => $contentType['groups'] !== false, 'taxonomy' => isset($contentType['taxonomy']), 'templatefields' => empty($templateFieldsData) ? false : true];
     $contextValues = ['datepublish' => $this->getPublishingDate($content->getDatepublish(), true), 'datedepublish' => $this->getPublishingDate($content->getDatedepublish())];
     $context = ['incoming_not_inv' => $incomingNotInverted, 'contenttype' => $contentType, 'content' => $content, 'allowed_status' => $allowedStatuses, 'contentowner' => $contentowner, 'fields' => $this->config->fields->fields(), 'fieldtemplates' => $this->getTemplateFieldTemplates($contentType, $content), 'fieldtypes' => $this->getUsedFieldtypes($contentType, $content, $contextHas), 'groups' => $this->createGroupTabs($contentType, $contextHas), 'can' => $contextCan, 'has' => $contextHas, 'values' => $contextValues, 'relations_list' => $this->getRelationsList($contentType)];
     return $context;
 }
Exemplo n.º 3
0
 /**
  * When redirecting to the backend dashboard (while logged in),
  * if the user does not have access change the redirect to the homepage.
  *
  * @param \Symfony\Component\HttpFoundation\RedirectResponse $response
  */
 protected function handleNoBackendAccess(RedirectResponse $response)
 {
     $authCookie = $this->session->get('authentication');
     if (!$this->authentication->isValidSession((string) $authCookie)) {
         return;
     }
     $dashboardPath = $this->urlGenerator->generate('dashboard');
     $dashboardAccess = $this->users->isAllowed('dashboard');
     if ($response->getTargetUrl() === $dashboardPath && !$dashboardAccess) {
         $this->session->getFlashBag()->clear();
         $response->setTargetUrl($this->urlGenerator->generate('homepage'));
     }
 }
Exemplo n.º 4
0
Arquivo: Stack.php Projeto: bolt/bolt
 /**
  * Persist the contents of the current stack to the session, as well as the database.
  */
 private function persist()
 {
     $items = $this->persistableList();
     $this->session->set('stack', $items);
     $user = $this->users->getCurrentUser();
     $user['stack'] = $items;
     $this->users->saveUser($user);
 }
Exemplo n.º 5
0
 public function onRequest(GetResponseEvent $event)
 {
     if (!Zone::isBackend($event->getRequest())) {
         return;
     }
     foreach ($this->config->getRolesAdmin() as $role) {
         if ($this->users->isAllowed($role)) {
             return;
         }
     }
     throw new AccessDeniedException('Logged in user does not have the correct rights to use this class.');
 }
Exemplo n.º 6
0
 /**
  * Transition a record's owner if permitted.
  *
  * @param Content $entity
  * @param integer $ownerId
  */
 protected function transistionRecordOwner(Content $entity, $ownerId)
 {
     $recordId = $entity->getId();
     $contentTypeName = (string) $entity->getContenttype();
     $canChangeOwner = $this->users->isAllowed("contenttype:{$contentTypeName}:change-ownership:{$recordId}");
     if (!$canChangeOwner) {
         $this->loggerFlash->error(Trans::__('general.access-denied.content-not-modified', ['%title%' => $entity->getTitle()]));
         return;
     }
     $entity->setOwnerid($ownerId);
     $entity->_modified = true;
 }
Exemplo n.º 7
0
 public function testAddNewFile()
 {
     $expectedList = ['files://h.txt', 'files://a.jpg', 'files://b.txt', 'files://c.txt', 'files://d.doc', 'files://e.mp3', 'theme://f.txt'];
     $this->users->expects($this->once())->method('saveUser')->with(['stack' => $expectedList]);
     $file = $this->stack->add('h.txt', $removed);
     $this->assertTrue($file instanceof FileInterface, 'File object should be returned from add method');
     $this->assertEquals('files://h.txt', $file->getFullPath(), 'File object should be returned from add method');
     $this->assertTrue($removed instanceof FileInterface, 'Add method should set the removed parameter to the file object removed');
     $this->assertEquals('theme://g.txt', $removed->getFullPath(), 'Removed file should be the last file on the stack before the new one was added');
     $this->assertFiles($this->stack->getList(), $expectedList, 'Adding new file should prepend it to the stack and remove the oldest file');
     $this->assertEquals($expectedList, $this->session->get('stack'), 'Adding a file to the stack should persist change to session');
 }
Exemplo n.º 8
0
Arquivo: Save.php Projeto: bolt/bolt
 /**
  * Set a ContentType record values from a HTTP POST.
  *
  * @param Entity\Content $content
  * @param array          $formValues
  * @param array          $contentType
  *
  * @throws AccessControlException
  */
 private function setPostedValues(Entity\Content $content, $formValues, $contentType)
 {
     // Ensure all fields have valid values
     $formValues = $this->setSuccessfulControlValues($formValues, $contentType['fields']);
     $formValues = Input::cleanPostedData($formValues);
     unset($formValues['contenttype']);
     $user = $this->users->getCurrentUser();
     if ($id = $content->getId()) {
         // Owner is set explicitly, is current user is allowed to do this?
         if (isset($formValues['ownerid']) && (int) $formValues['ownerid'] !== $content->getOwnerid()) {
             if (!$this->users->isAllowed("contenttype:{$contentType['slug']}:change-ownership:{$id}")) {
                 throw new AccessControlException('Changing ownership is not allowed.');
             }
             $content->setOwnerid($formValues['ownerid']);
         }
     } else {
         $content->setOwnerid($user['id']);
     }
     // Hack … remove soon
     $formValues += ['status' => 'draft'];
     // Make sure we have a proper status.
     if (!in_array($formValues['status'], ['published', 'timed', 'held', 'draft'])) {
         if ($status = $content->getStatus()) {
             $formValues['status'] = $status;
         } else {
             $formValues['status'] = 'draft';
         }
     }
     // Set the object values appropriately
     foreach ($formValues as $name => $value) {
         if ($name === 'relation' || $name === 'taxonomy') {
             continue;
         } else {
             $content->set($name, empty($value) ? null : $value);
         }
     }
     $this->setPostedRelations($content, $formValues);
     $this->setPostedTaxonomies($content, $formValues);
 }