/** * Get the search results * * @param array $words array of words to search for * @param string $searchType AND|OR|EXACT * @param array|null $modVars module form vars passed though * @return array */ function getResults(array $words, $searchType = 'AND', $modVars = null) { if (!SecurityUtil::checkPermission($this->name . '::', '::', ACCESS_READ)) { return array(); } $qb = $this->entityManager->createQueryBuilder(); $qb->select('p')->from('Zikula\\PagesModule\\Entity\\PageEntity', 'p'); $whereExpr = $this->formatWhere($qb, $words, array('p.title', 'p.content'), $searchType); $qb->andWhere($whereExpr); $pages = $qb->getQuery()->getResult(); $sessionId = session_id(); $enableCategorization = ModUtil::getVar($this->name, 'enablecategorization'); $records = array(); foreach ($pages as $page) { /** @var $page \Zikula\PagesModule\Entity\PageEntity */ $pagePermissionCheck = SecurityUtil::checkPermission($this->name . '::', $page->getTitle() . '::' . $page->getPageid(), ACCESS_OVERVIEW); if ($enableCategorization) { $pagePermissionCheck = $pagePermissionCheck && \CategoryUtil::hasCategoryAccess($page->getCategories(), $this->name); } if (!$pagePermissionCheck) { continue; } $records[] = array('title' => $page->getTitle(), 'text' => $page->getContent(), 'created' => $page->getCr_date(), 'module' => $this->name, 'sesid' => $sessionId, 'url' => RouteUrl::createFromRoute('zikulapagesmodule_user_display', array('urltitle' => $page->getUrltitle()))); } return $records; }
/** * get a specific item * * @param $args['pageid'] id of example item to get * * @return mixed item array, or false on failure */ public function get($args) { // Argument check if ((!isset($args['pageid']) || !is_numeric($args['pageid'])) && !isset($args['title'])) { return LogUtil::registerArgsError(); } // define the permission filter to apply $permFilter = array(); $permFilter[] = array('component_left' => 'Pages', 'instance_left' => 'title', 'instance_right' => 'pageid', 'level' => ACCESS_READ); if (isset($args['pageid']) && is_numeric($args['pageid'])) { $item = DBUtil::selectObjectByID('pages', $args['pageid'], 'pageid', '', $permFilter); } else { $item = DBUtil::selectObjectByID('pages', $args['title'], 'urltitle', '', $permFilter); } // need to do this here as the category expansion code can't know the // root category which we need to build the relative path component if ($item && isset($args['catregistry']) && $args['catregistry']) { ObjectUtil::postProcessExpandedObjectCategories($item, $args['catregistry']); } if (ModUtil::getVar('Pages', 'enablecategorization') && !empty($item['__CATEGORIES__'])) { if (!CategoryUtil::hasCategoryAccess($item['__CATEGORIES__'], 'Pages')) { return false; } } return $item; }
function checkResult(&$item) { $ok = (SecurityUtil::checkPermission('News::', "$item[cr_uid]::$item[sid]", ACCESS_OVERVIEW)); if ($this->enablecategorization && $this->enablecategorybasedpermissions) { ObjectUtil::expandObjectWithCategories($item, 'news', 'sid'); $ok = $ok && CategoryUtil::hasCategoryAccess($item['__CATEGORIES__'], 'News'); } return $ok; }
function checkResult(&$item) { $ok = SecurityUtil::checkPermission('Pages::', "$item[title]::$item[pageid]", ACCESS_OVERVIEW); if ($this->enablecategorization) { ObjectUtil::expandObjectWithCategories($item, 'pages', 'pageid'); $ok = $ok && CategoryUtil::hasCategoryAccess($item['__CATEGORIES__'], 'Pages'); } return $ok; }
/** * Returns true if the current user can view the event $event. * * @param array $eventDate TimeIt_Model_EventDate as an array. * @param int $level ACCESS_* constant. * * @return boolean */ public static function canViewEvent(array $eventDate, $level = ACCESS_READ) { $event = $eventDate['Event']; $groups = UserUtil::getGroupsForUser(UserUtil::getVar('uid')); // hack: Admins (group id 2 are in group 1(users) to) if (in_array(2, $groups)) { $groups[] = 1; } if ($event['group'] == 'all') { $groupId = null; // group irrelevant } else { $groupId = explode(',', $event['group']); } static $calendarCache = array(); if (!isset($calendarCache[(int) $event['id']])) { // get calendar $calendarCache[(int) $event['id']] = $eventDate['Calendar']; } $calendar = $calendarCache[(int) $event['id']]; // check permissions // hierarchy level 1: module itself if (!SecurityUtil::checkPermission('TimeIt::', '::', $level)) { return false; } // hierarchy level 2: calendar if (!SecurityUtil::checkPermission('TimeIt:Calendar:', $calendar['id'] . '::', $level)) { return false; } // hierarchy level 3: group if (!empty($groupId)) { $access = false; foreach ($groupId as $grpId) { if (in_array($grpId, $groups)) { $access = true; } } if (!$access) { return false; } } // hierarchy level 5: timeit category permission if (count($event['__CATEGORIES__']) > 0) { $permissionOk = false; foreach ($event['__CATEGORIES__'] as $cat) { $cid = $cat; if (is_array($cat)) { $cid = $cat['id']; } $permissionOk = SecurityUtil::checkPermission('TimeIt:Category:', $cid . "::", $level); if ($permissionOk) { // user has got permission -> stop permission checks $hasPermission = true; break; } } if (!$hasPermission) { return false; } } // hierarchy level 6: zikula category permission if (ModUtil::getVar('TimeIt', 'filterByPermission', 0) && !CategoryUtil::hasCategoryAccess($event['__CATEGORIES__'], 'TimeIt', $level)) { return false; } // hierarchy level 7: event if (!SecurityUtil::checkPermission('TimeIt::Event', $event['id'] . '::', $level)) { return false; } // hierarchy level 8: contact list if (ModUtil::available('ContactList')) { // cache static $ignored = null; if ($ignored == null) { $ignored = ModUtil::apiFunc('ContactList', 'user', 'getallignorelist', array('uid' => UserUtil::getVar('uid'))); } if ($calendar['friendCalendar']) { $buddys = ModUtil::apiFunc('ContactList', 'user', 'getBuddyList', array('uid' => $event['cr_uid'])); } if ((int) $event['sharing'] == 4 && $event['cr_uid'] != UserUtil::getVar('uid')) { $buddyFound = false; foreach ($buddys as $buddy) { if ($buddy['uid'] == UserUtil::getVar('uid')) { $buddyFound = true; break; } } if (!$buddyFound) { return false; } } $ignoredFound = false; foreach ($ignored as $ignore) { if ($ignore['iuid'] == $obj['cr_uid']) { $ignoredFound = true; break; } } if ($ignoredFound) { return false; } } return true; }
/** * get a specific item * @author Mark West * @param $args['sid'] id of news item to get * @return mixed item array, or false on failure */ public function get($args) { // optional arguments if (isset($args['objectid'])) { $args['sid'] = $args['objectid']; } // Argument check if ((!isset($args['sid']) || !is_numeric($args['sid'])) && !isset($args['title'])) { return LogUtil::registerArgsError(); } // Check for caching of the DBUtil calls (needed for AJAX editing) if (!isset($args['SQLcache'])) { $args['SQLcache'] = true; } // form a date using some ofif present... // step 1 - convert month name into if (isset($args['monthname']) && !empty($args['monthname'])) { $months = explode(' ', $this->__('Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec')); $keys = array_flip($months); $args['monthnum'] = $keys[ucfirst($args['monthname'])] + 1; } // step 2 - convert to a timestamp and back to a db format if (isset($args['year']) && !empty($args['year']) && isset($args['monthnum']) && !empty($args['monthnum']) && isset($args['day']) && !empty($args['day'])) { // use PHP strftime directly, since DateUtil translates dateformat strings, which is not ok in this case $timestring = strftime('%Y-%m-%d', mktime(0, 0, 0, $args['monthnum'], $args['day'], $args['year'])); } $permFilter = array(); $permFilter[] = array('realm' => 0, 'component_left' => 'News', 'component_middle' => '', 'component_right' => '', 'instance_left' => 'cr_uid', 'instance_middle' => '', 'instance_right' => 'sid', 'level' => ACCESS_READ); if (isset($args['sid']) && is_numeric($args['sid'])) { $item = DBUtil::selectObjectByID('news', $args['sid'], 'sid', null, $permFilter, null, $args['SQLcache']); } elseif (isset($timestring)) { $tables = DBUtil::getTables(); $col = $tables['news_column']; $where = "{$col['urltitle']} = '".DataUtil::formatForStore($args['title'])."' AND {$col['from']} LIKE '{$timestring}%'"; $item = DBUtil::selectObject('news', $where, null, $permFilter, null, $args['SQLcache']); } else { $item = DBUtil::selectObjectByID('news', $args['title'], 'urltitle', null, $permFilter, null, $args['SQLcache']); } if (empty($item)) return false; // Sanity check for the published status if required if (isset($args['status'])) { if ($item['published_status'] != $args['status']) { return false; } } // process the relative paths of the categories if ($this->getVar('enablecategorization') && !empty($item['__CATEGORIES__'])) { static $registeredCats; if (!isset($registeredCats)) { $registeredCats = CategoryRegistryUtil::getRegisteredModuleCategories('News', 'news'); } ObjectUtil::postProcessExpandedObjectCategories($item['__CATEGORIES__'], $registeredCats); if (!CategoryUtil::hasCategoryAccess($item['__CATEGORIES__'], 'News')) { return false; } } return $item; }
function checkResult(&$item) { $ok = SecurityUtil::checkPermission('AddressBook::', "::", ACCESS_OVERVIEW); if ($this->enablecategorization) { ObjectUtil::expandObjectWithCategories($item, 'AddressBook', 'id'); $ok = $ok && CategoryUtil::hasCategoryAccess($item['__CATEGORIES__'], 'AddressBook'); } return $ok; }