/** * @param \Claroline\CoreBundle\Entity\Resource\ResourceNode $resourceNode * @param \Claroline\CoreBundle\Entity\Resource\ResourceNode $copy * @param array $workspaceRoles */ private function duplicateRights(ResourceNode $resourceNode, ResourceNode $copy, array $workspaceRoles) { $rights = $resourceNode->getRights(); $workspace = $resourceNode->getWorkspace(); foreach ($rights as $right) { $role = $right->getRole(); $key = $role->getTranslationKey(); $newRight = new ResourceRights(); $newRight->setResourceNode($copy); $newRight->setMask($right->getMask()); $newRight->setCreatableResourceTypes($right->getCreatableResourceTypes()->toArray()); if ($role->getWorkspace() === $workspace && isset($workspaceRoles[$key]) && !empty($workspaceRoles[$key])) { $newRight->setRole($workspaceRoles[$key]); } else { $newRight->setRole($role); } $this->om->persist($newRight); } $this->om->flush(); }
/** * Returns true of the token owns the workspace of the resource node. * * @param ResourceNode $node * @param TokenInterface $token * * @return boolean */ public function isWorkspaceOwnerOf(ResourceNode $node, TokenInterface $token) { $workspace = $node->getWorkspace(); $managerRoleName = 'ROLE_WS_MANAGER_' . $workspace->getGuid(); return in_array($managerRoleName, $this->secut->getRoles($token)) ? true : false; }
/** * Checks if a resource whose type is $type * can be created in the directory $resource by the $token. * * @param $type * @param ResourceNode $node * @param TokenInterface $token * @param \Claroline\CoreBundle\Entity\Workspace\Workspace $workspace * * @return array */ public function checkCreation($type, ResourceNode $node, TokenInterface $token, Workspace $workspace) { $errors = array(); //even the workspace manager can't break the file limit. $workspace = $node->getWorkspace(); $isLimitExceeded = $this->resourceManager->checkResourceLimitExceeded($workspace); if ($isLimitExceeded) { $currentCount = $this->workspaceManager->countResources($workspace); $errors[] = $this->translator->trans('resource_limit_exceeded', array('%current%' => $currentCount, '%max%' => $workspace->getMaxUploadResources()), 'platform'); } //if I am the manager, I can do whatever I want if ($this->isWorkspaceManager($workspace, $token)) { return $errors; } //otherwise we need to check $rightsCreation = $this->repository->findCreationRights($this->ut->getRoles($token), $node); if (!$this->canCreate($rightsCreation, $type)) { $errors[] = $this->translator->trans('resource_creation_wrong_type', array('%path%' => $node->getPathForDisplay(), '%type%' => $this->translator->trans(strtolower($type), array(), 'resource')), 'platform'); } return $errors; }
public function createDefaultPostRights(ResourceNode $node) { $workspace = $node->getWorkspace(); $resourceType = $node->getResourceType(); $role = $this->roleRepo->findOneBaseWorkspaceRole('COLLABORATOR', $workspace); if (!is_null($role)) { $postDecoder = $this->maskManager->getDecoder($resourceType, 'post'); if (!is_null($postDecoder)) { $rights = $this->rightsManager->getOneByRoleAndResource($role, $node); $value = $postDecoder->getValue(); $mask = $rights->getMask(); $permissions = $mask | $value; $this->rightsManager->editPerms($permissions, $role, $node); } } }
private function isWorkspaceManager(ResourceNode $node, array $roles) { $rolenames = array(); foreach ($roles as $role) { if ($role instanceof \Symfony\Component\Security\Core\Role\Role) { $rolenames[] = $role->getRole(); } else { $rolenames[] = $role; } } $isWorkspaceManager = false; $ws = $node->getWorkspace(); $managerRole = 'ROLE_WS_MANAGER_' . $ws->getGuid(); if (in_array($managerRole, $rolenames)) { $isWorkspaceManager = true; } if (in_array('ROLE_ADMIN', $rolenames)) { $isWorkspaceManager = true; } return $isWorkspaceManager; }
/** * @param File $template * @param User $owner */ public function importResources(File $template, User $owner, ResourceNode $directory) { $data = $this->container->get('claroline.manager.workspace_manager')->getTemplateData($template, true); $data = $this->reorderData($data); $workspace = $directory->getWorkspace(); $this->om->startFlushSuite(); $this->setImporters($template, $workspace->getCreator()); $resourceImporter = $this->container->get('claroline.tool.resource_manager_importer'); if (isset($data['tools']) && is_array($data['tools'])) { foreach ($data['tools'] as $dataTool) { $tool = $dataTool['tool']; if ($tool['type'] === 'resource_manager') { $resourceImporter->import($tool, $workspace, [], $this->container->get('claroline.manager.resource_manager')->getResourceFromNode($directory), false); break; } } } $this->om->endFlushSuite(); $this->importRichText($directory->getWorkspace(), $data); $this->container->get('claroline.manager.workspace_manager')->removeTemplate($template); }
/** * @param Configuration $configuration * @param User $owner */ public function importResources(Configuration $configuration, User $owner, ResourceNode $directory) { $configuration->setOwner($owner); $data = $configuration->getData(); $data = $this->reorderData($data); $this->data = $data; $this->workspace = $directory->getWorkspace(); $this->om->startFlushSuite(); $this->setImporters($configuration, $data); $resourceImporter = $this->container->get('claroline.tool.resource_manager_importer'); if (isset($data['tools']) && is_array($data['tools'])) { foreach ($data['tools'] as $dataTool) { $tool = $dataTool['tool']; if ($tool['type'] === 'resource_manager') { $resourceImporter->import($tool, $this->workspace, array(), $this->container->get('claroline.manager.resource_manager')->getResourceFromNode($directory), false); break; } } } $this->om->endFlushSuite(); }
private function uploadFile(\DirectoryIterator $file, ResourceNode $parent, array $perms, $published = true) { $workspaceId = $parent->getWorkspace()->getId(); $entityFile = new File(); $fileName = $file->getFilename(); $size = @filesize($file); $extension = pathinfo($fileName, PATHINFO_EXTENSION); $mimeType = $this->container->get('claroline.utilities.mime_type_guesser')->guess($extension); $hashName = 'WORKSPACE_' . $workspaceId . DIRECTORY_SEPARATOR . $this->container->get('claroline.utilities.misc')->generateGuid() . "." . $extension; $destination = $this->container->getParameter('claroline.param.files_directory') . DIRECTORY_SEPARATOR . $hashName; copy($file->getPathname(), $destination); $entityFile->setSize($size); $entityFile->setName($fileName); $entityFile->setHashName($hashName); $entityFile->setMimeType($mimeType); return $this->resourceManager->create($entityFile, $this->resourceManager->getResourceTypeByName('file'), $this->tokenStorage->getToken()->getUser(), $parent->getWorkspace(), $parent, null, $perms, $published); }
/** * Constructor. * * LogResourceEvent is used by plugins for creating custom events when * action occured on a resource, or child resource (e.g. post in forum, * comment in blog, event in calendar etc.) * * Possible changes over a resource's child are: creation, delete, update, published, unpublished, etc. * * "$details" is an array that contains all necessary info to describe indirect resource modification. * * For example when a comment is published to a blog resource the details could be: * * array( * 'comment' => array( * 'text' => 'Very useful post thx', * 'owner' => array( * 'username' => 'JohnDoe', * 'email' => '*****@*****.**' * ) * ) * ) * * Please respect lowerCamelCase naming convention for property names in details */ public function __construct(ResourceNode $node, $details) { $commonDetails = array('resource' => array('name' => $node->getName(), 'path' => $node->getPathForDisplay()), 'workspace' => array('name' => $node->getWorkspace()->getName()), 'owner' => array('lastName' => $node->getCreator()->getLastName(), 'firstName' => $node->getCreator()->getFirstName())); $detailsData = array_merge($commonDetails, $details); parent::__construct(static::ACTION, $detailsData, null, null, $node, null, $node->getWorkspace(), $node->getCreator(), null); }
/** * Copies a file (no persistence). * * @param File $resource * * @return File */ private function copy(File $resource, ResourceNode $destParent) { $ds = DIRECTORY_SEPARATOR; $workspace = $destParent->getWorkspace(); $newFile = new File(); $newFile->setSize($resource->getSize()); $newFile->setName($resource->getName()); $newFile->setMimeType($resource->getMimeType()); $hashName = 'WORKSPACE_' . $workspace->getId() . $ds . $this->container->get('claroline.utilities.misc')->generateGuid() . '.' . pathinfo($resource->getHashName(), PATHINFO_EXTENSION); $newFile->setHashName($hashName); $fileDir = $this->container->getParameter('claroline.param.files_directory'); $filePath = $fileDir . $ds . $resource->getHashName(); $newPath = $fileDir . $ds . $hashName; $workspaceDir = $fileDir . $ds . 'WORKSPACE_' . $workspace->getId(); if (!is_dir($workspaceDir)) { mkdir($workspaceDir); } copy($filePath, $newPath); return $newFile; }
/** * @todo to be removed */ public function findConfigurableRights(ResourceNode $resource) { $dql = "\n SELECT rights\n FROM Claroline\\CoreBundle\\Entity\\Resource\\ResourceRights rights\n JOIN rights.resourceNode resource\n JOIN rights.role role\n WHERE resource.id = :resourceId\n AND role.name <> :resourceManagerRole\n AND role.type <> :roleType\n ORDER BY role.name\n "; $query = $this->_em->createQuery($dql); $query->setParameter('resourceId', $resource->getId()); $query->setParameter('resourceManagerRole', 'ROLE_WS_MANAGER_' . $resource->getWorkspace()->getGuid()); $query->setParameter('roleType', Role::USER_ROLE); return $query->getResult(); }
private function getPermsArray(ResourceNode $node) { $rights = $node->getRights(); $roles = []; foreach ($rights as $right) { $perms = $this->maskManager->decodeMask($right->getMask(), $node->getResourceType()); //we only keep workspace in the current workspace and platform roles if ($right->getRole()->getWorkspace() === $node->getWorkspace()) { //creation rights are missing here but w/e $name = $this->roleManager->getWorkspaceRoleBaseName($right->getRole()); $data = array('name' => $name, 'rights' => $perms); //don't keep the role manager if (!strpos('_' . $name, 'ROLE_WS_MANAGER')) { $roles[] = array('role' => $data); } } } return $roles; }
/** * Constructor. * $resource is the final copy * while $source is the original object */ public function __construct(ResourceNode $resource, ResourceNode $source) { parent::__construct(self::ACTION, array('resource' => array('name' => $resource->getName(), 'path' => $resource->getPathForDisplay()), 'workspace' => array('name' => $resource->getWorkspace()->getName()), 'owner' => array('lastName' => $resource->getCreator()->getLastName(), 'firstName' => $resource->getCreator()->getFirstName()), 'source' => array('resource' => array('id' => $source->getId(), 'name' => $source->getName(), 'path' => $source->getPathForDisplay()), 'workspace' => array('id' => $source->getWorkspace()->getId(), 'name' => $source->getWorkspace()->getName()))), null, null, $resource, null, $resource->getWorkspace(), $resource->getCreator()); }
/** * @EXT\Route( * "directory/{nodeId}", * name="claro_resource_directory", * options={"expose"=true}, * defaults={"nodeId"=0} * ) * @EXT\ParamConverter( * "node", * class="ClarolineCoreBundle:Resource\ResourceNode", * options={"id" = "nodeId", "strictId" = true} * ) * * Returns a json representation of a directory, containing the following items : * - The path of the directory * - The resource types the user is allowed to create in the directory * - The immediate children resources of the directory which are visible for the user * * If the directory id is '0', a pseudo-directory containing the root directories * of the workspaces whose the user is a member is returned. * If the directory id is a shortcut id, the directory targeted by the shortcut * is returned. * * @param ResourceNode $node the directory node * * @return \Symfony\Component\HttpFoundation\Response * * @throws Exception if the id doesn't match any existing directory */ public function openDirectoryAction(ResourceNode $node = null) { $user = $this->tokenStorage->getToken()->getUser(); $path = array(); $creatableTypes = array(); $currentRoles = $this->roleManager->getStringRolesFromToken($this->tokenStorage->getToken()); $canChangePosition = false; $nodesWithCreatorPerms = array(); if ($node === null) { $nodes = $this->resourceManager->getRoots($user); $isRoot = true; $workspaceId = 0; foreach ($nodes as $el) { $item = $el; $dateModification = $el['modification_date']; $item['modification_date'] = $dateModification->format($this->translator->trans('date_range.format.with_hours', array(), 'platform')); $dateCreation = $el['creation_date']; $item['creation_date'] = $dateCreation->format($this->translator->trans('date_range.format.with_hours', array(), 'platform')); $nodesWithCreatorPerms[] = $item; } } else { $isRoot = false; $workspaceId = $node->getWorkspace()->getId(); $isPws = $node->getWorkspace()->isPersonal(); $node = $this->getRealTarget($node); $collection = new ResourceCollection(array($node)); $this->checkAccess('OPEN', $collection); if ($user !== 'anon.') { if ($user === $node->getCreator() || $this->authorization->isGranted('ROLE_ADMIN')) { $canChangePosition = true; } } $path = $this->resourceManager->getAncestors($node); $nodes = $this->resourceManager->getChildren($node, $currentRoles, $user, true); //set "admin" mask if someone is the creator of a resource or the resource workspace owner. //if someone needs admin rights, the resource type list will go in this array $adminTypes = []; $isOwner = $this->resourceManager->isWorkspaceOwnerOf($node, $this->tokenStorage->getToken()); if ($isOwner || $this->authorization->isGranted('ROLE_ADMIN')) { $resourceTypes = $this->resourceManager->getAllResourceTypes(); foreach ($resourceTypes as $resourceType) { $adminTypes[$resourceType->getName()] = $this->translator->trans($resourceType->getName(), array(), 'resource'); } } $enableRightsEdition = true; if ($isPws && !$this->rightsManager->canEditPwsPerm($this->tokenStorage->getToken())) { $enableRightsEdition = false; } //get the file list in that directory to know their size. $files = $this->fileManager->getDirectoryChildren($node); foreach ($nodes as $el) { $item = $el; if ($user !== 'anon.') { if ($item['creator_username'] === $user->getUsername() && !$this->isUsurpatingWorkspaceRole($this->tokenStorage->getToken())) { $item['mask'] = 32767; } } $item['new'] = true; $item['enableRightsEdition'] = $enableRightsEdition; $dateModification = $el['modification_date']; $item['modification_date'] = $dateModification->format($this->translator->trans('date_range.format.with_hours', array(), 'platform')); $dateCreation = $el['creation_date']; $item['timestamp_last_modification'] = $dateModification->getTimeStamp(); if (isset($el['last_opened'])) { $item['last_opened'] = $el['last_opened']->getTimeStamp(); if ($item['last_opened'] >= $item['timestamp_last_modification']) { $item['new'] = false; } } $item['creation_date'] = $dateCreation->format($this->translator->trans('date_range.format.with_hours', array(), 'platform')); foreach ($files as $file) { if ($file->getResourceNode()->getId() === $el['id']) { $item['size'] = $file->getFormattedSize(); } } $nodesWithCreatorPerms[] = $item; } $creatableTypes = $this->rightsManager->getCreatableTypes($currentRoles, $node); $creatableTypes = array_merge($creatableTypes, $adminTypes); asort($creatableTypes); $this->dispatcher->dispatch('log', 'Log\\LogResourceRead', array($node)); } $directoryId = $node ? $node->getId() : '0'; if ($this->request->query->has('keep-id')) { $this->request->getSession()->set('pickerDirectoryId', $directoryId); } foreach ($nodesWithCreatorPerms as &$element) { $element['path_for_display'] = ResourceNode::convertPathForDisplay($element['path']); } $jsonResponse = new JsonResponse(array('id' => $directoryId, 'path' => $path, 'creatableTypes' => $creatableTypes, 'nodes' => $nodesWithCreatorPerms, 'canChangePosition' => $canChangePosition, 'workspace_id' => $workspaceId, 'is_root' => $isRoot)); $jsonResponse->headers->set('Cache-Control', 'no-cache, no-store, must-revalidate'); $jsonResponse->headers->add(array('Expires' => '-1')); return $jsonResponse; }
public function getUsersByResource(ResourceNode $node, $mask) { $rights = $node->getRights(); $roles = []; foreach ($rights as $right) { //1 is the default "open" mask if ($right->getMask() & 1) { $roles[] = $right->getRole(); } } $roles[] = $this->roleRepo->findOneByName('ROLE_WS_MANAGER_' . $node->getWorkspace()->getGuid()); //we must also add the ROLE_WS_MANAGER_{ws_guid} return $this->userRepo->findByRolesIncludingGroups($roles, false, 'id', 'ASC'); }
/** * @EXT\Route( * "/resources/widget/resource/{resourceNode}/open", * name="claro_tag_resource_from_widget_open", * options={"expose"=true} * ) */ public function resourceFromWidgetOpenAction(ResourceNode $resourceNode) { $resourceType = $resourceNode->getResourceType(); if ($resourceType->getName() === 'directory') { $route = $this->router->generate('claro_workspace_open_tool', array('toolName' => 'resource_manager', 'workspaceId' => $resourceNode->getWorkspace()->getId())); $route .= '?#resources/' . $resourceNode->getId(); return new RedirectResponse($route); } else { $route = $this->router->generate('claro_resource_open_short', array('node' => $resourceNode->getId())); return new RedirectResponse($route); } }