private function generateRss() { $author = new Author(); $author->clause('author_id', Application::param('author_id')); $posts = $author->also('Entry'); $posts->order('entry_timestamp'); $posts->descending(); $posts->limit(10); $blog_entries = $posts->fetch(); echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n"; echo '<rss version="2.0">' . "\n"; echo ' <channel>' . "\n"; echo ' <title>' . $this->title() . '</title>' . "\n"; echo ' <description>' . $this->description() . '</description>' . "\n"; echo ' <link>' . $this->url() . '</link>' . "\n"; foreach ($blog_entries as $entry) { echo ' <item>' . "\n"; echo ' <title>' . $entry->get('entry_title') . '</title>' . "\n"; echo ' <description>' . $entry->get('entry_body') . '</description>' . "\n"; echo " <link>'.{$this->url}().'/index.php?h=ViewBlogEntry</link>\n"; echo ' <guid isPermalink="true">' . $this->url() . '/index.php?h=ViewBlogEntry&author_id=' . $entry->get('author_id') . '&entry_id=' . $entry->get('entry_id') . '</guid>' . "\n"; echo ' <pubDate>' . $entry->entryDate() . '</pubDate>' . "\n"; echo ' </item>' . "\n"; } echo ' </channel>' . "\n"; echo '</rss>' . "\n"; }
protected function editAboutMe() { $form = Form::load('logbook.views.EditBlogAuthorDetails'); if($form->validate()) { $item = new Author(); $item->clause('user_id',Application::current()->user()->id()); $item->parse(); $item->synch(); Application::setParam('author_id',$item->id()); $this->redirectOnSave(); } }
public function save() { $form = Form::load('logbook.views.AddBlogEntry'); if($form->validate()) { $auth = new Author(); $auth->clause('user_id',Application::current()->user()->id()); if($auth->id()) { $item = new Entry(); $item->parse(); $item->set('author_id',$auth->id()); if(!Application::param('entry_date')) $item->set('entry_date',date('Y-m-d H:i:s')); $item->synch(); Entry::setTagsAndSave($item,Application::param('entry_tags')); $group = new Group(); $group->noForeign(); $author_id = $item->get('author_id'); $entry_id = $item->get('entry_id'); if($groups = $group->fetch()) { foreach($groups as $group) { if(file_exists(Application::MANAGED_CODE.'lbk_default_access_'.$group->get('access_id'))) { $data = file_get_contents(Application::MANAGED_CODE.'lbk_default_access_'.$group->get('access_id')); $perms = unserialize($data); ManageGroupAccess::setPermissionsOnEntryForGroup($author_id,$entry_id,$group->id(),$perms); } } } Application::setUrlParam('author_id',Application::param('author_id')); Application::setUrlParam('entry_id',Application::param('entry_id')); LogbookAccess::publishLookupTables(); $this->redirectOnSave(); } else die('You are not an author!'); } }
public function userCanDoAction($user, $entry, $action) { //DEFAULT RETURN VALUE IS TRUE $ret = true; //GRANT ALL PERMISSIONS TO THE AUTHOR $author = new Author(); $author->clause('author_id', $entry->get('author_id')); $author->noForeign(); $author_user_id = $author->get('user_id'); if ($author_user_id != $user->id()) { //FIRST CHECK IF WE ARE EXCLUDED BASED ON ACCESS LEVEL $min_level = Application::user()->minAccessLevel(); $check_entry = $entry->restrict(); //IF THE ENTRY ACCESS ID IS GREATER THAN THE MIN LEVEL //OF THE CURRENT APP USER (0 IS ROOT LEVEL ACCESS) if ($access = $check_entry->fetchSingle('Access')) { $level = $access->get('access_level'); } else { $level = 0; } if ($level >= $min_level) { if ($user->id()) { $access = new EntryGroupAccess(); //NOW CHECK IF THERE IS GROUP ACCESS CONTROL FOR //ANY GROUPS THIS USER IS A MEMBER OF $user = $user->restrict(); $user->also('Group'); $access->clause('author_id', $entry->get('author_id')); $access->clause('entry_id', $entry->get('entry_id')); //IF THE USER IS IN ANY GROUPS if ($groups = $user->fetch('Group')) { $access->clause('group_id', $groups, Clause::IN); } else { $access->clause('group_id', 0); } //IF THERE WERE ACCESS ENTRIES FOR GROUPS THAT THIS USER IS IN if ($entries = $access->fetch()) { //LOOP THROUGH UNTIL WE FIND A GROUP THAT DIASALLOWS //THEN STOP foreach ($entries as $access_entry) { if ($ret) { $ret = $access_entry->get($action); } else { end($entries); } } } else { if ($action != LogbookAccess::VIEW) { $ret = false; } } } else { if ($action != LogbookAccess::VIEW) { $ret = false; } } } else { $ret = false; } } return $ret; }