/**
* Gets a list of the actions that can be performed.
*
* @return Object
*/
public static function getActions()
{
$result = new \Hubzero\Base\Object();
$actions = JAccess::getActions('com_modules');
foreach ($actions as $action) {
$result->set($action->name, User::authorise($action->name, 'com_modules'));
}
return $result;
}
/**
* Gets a list of the actions that can be performed.
*
* @return Object
*/
public static function getActions()
{
$result = new \Hubzero\Base\Object();
$assetName = 'com_languages';
$actions = JAccess::getActions($assetName);
foreach ($actions as $action) {
$result->set($action->name, User::authorise($action->name, $assetName));
}
return $result;
}
/**
* Gets a list of the actions that can be performed.
*
* @param int The menu ID.
*
* @return Object
* @since 1.6
*/
public static function getActions($parentId = 0)
{
$result = new \Hubzero\Base\Object();
if (empty($parentId)) {
$assetName = 'com_menus';
} else {
$assetName = 'com_menus.item.' . (int) $parentId;
}
$actions = JAccess::getActions('com_menus');
foreach ($actions as $action) {
$result->set($action->name, User::authorise($action->name, $assetName));
}
return $result;
}
/**
* Gets a list of the actions that can be performed.
*
* @param int The category ID.
*
* @return Object
*/
public static function getActions($categoryId = 0, $newsfeedId = 0)
{
$result = new \Hubzero\Base\Object();
if (empty($categoryId)) {
$assetName = 'com_newsfeeds';
$level = 'component';
} else {
$assetName = 'com_newsfeeds.category.' . (int) $categoryId;
$level = 'category';
}
$actions = JAccess::getActions('com_newsfeeds', $level);
foreach ($actions as $action) {
$result->set($action->name, User::authorise($action->name, $assetName));
}
return $result;
}
/**
* Gets a list of the actions that can be performed.
*
* @param int The category ID.
* @param int The article ID.
*
* @return Object
* @since 1.6
*/
public static function getActions($categoryId = 0, $articleId = 0)
{
// Reverted a change for version 2.5.6
$result = new \Hubzero\Base\Object();
if (empty($articleId) && empty($categoryId)) {
$assetName = 'com_content';
} elseif (empty($articleId)) {
$assetName = 'com_content.category.' . (int) $categoryId;
} else {
$assetName = 'com_content.article.' . (int) $articleId;
}
$actions = array('core.admin', 'core.manage', 'core.create', 'core.edit', 'core.edit.own', 'core.edit.state', 'core.delete');
foreach ($actions as $action) {
$result->set($action, User::authorise($action, $assetName));
}
return $result;
}
/**
* Gets a list of the actions that can be performed.
*
* @param string $extension The extension.
* @param int $categoryId The category ID.
* @return Object
* @since 1.6
*/
public static function getActions($extension, $categoryId = 0)
{
$result = new \Hubzero\Base\Object();
$parts = explode('.', $extension);
$component = $parts[0];
if (empty($categoryId)) {
$assetName = $component;
$level = 'component';
} else {
$assetName = $component . '.category.' . (int) $categoryId;
$level = 'category';
}
$actions = JAccess::getActions($component, $level);
foreach ($actions as $action) {
$result->set($action->name, User::authorise($action->name, $assetName));
}
return $result;
}
/**
* Renders the auth factor challenge
*
* @return string
**/
public function onRenderChallenge()
{
// Setup our response
$response = new \Hubzero\Base\Object();
// Route based on an action
switch (Request::getWord('action', '')) {
case 'register':
$this->register();
break;
case 'verify':
$this->verify();
break;
default:
$this->display();
break;
}
$response->set('html', $this->view->loadTemplate());
// Return the response
return $response;
}
/**
* Method to get a single record.
*
* @param integer The id of the primary key.
*
* @return mixed Object on success, false on failure.
*/
public function &getItem()
{
// Initialise variables.
$item = new \Hubzero\Base\Object();
$db = $this->getDbo();
$query = $db->getQuery(true);
$query->select('cfg_name, cfg_value');
$query->from('#__messages_cfg');
$query->where('user_id = ' . (int) $this->getState('user.id'));
$db->setQuery($query);
$rows = $db->loadObjectList();
if ($error = $db->getErrorMsg()) {
$this->setError($error);
return false;
}
foreach ($rows as $row) {
$item->set($row->cfg_name, $row->cfg_value);
}
return $item;
}
/**
* Display the button
*
* @return array A two element array of (imageName, textToInsert)
*/
public function onDisplay($name)
{
$template = App::get('template')->template;
$link = 'index.php?option=com_content&view=article&layout=pagebreak&tmpl=component&e_name=' . $name;
Html::behavior('modal');
$button = new \Hubzero\Base\Object();
$button->set('modal', true);
$button->set('link', $link);
$button->set('text', Lang::txt('PLG_EDITORSXTD_PAGEBREAK_BUTTON_PAGEBREAK'));
$button->set('name', 'pagebreak');
$button->set('options', "{handler: 'iframe', size: {x: 400, y: 100}}");
return $button;
}
public static function parseXMLTemplateFile($templateBaseDir, $templateDir)
{
$data = new \Hubzero\Base\Object();
// Check of the xml file exists
$filePath = Filesystem::cleanPath($templateBaseDir . '/templates/' . $templateDir . '/templateDetails.xml');
if (is_file($filePath)) {
$xml = JInstaller::parseXMLInstallFile($filePath);
if ($xml['type'] != 'template') {
return false;
}
foreach ($xml as $key => $value) {
$data->set($key, $value);
}
}
return $data;
}
/**
* readmore button
*
* @return array A two element array of (imageName, textToInsert)
*/
public function onDisplay($name)
{
$template = App::get('template')->template;
// button is not active in specific content components
$getContent = $this->_subject->getContent($name);
$present = Lang::txt('PLG_READMORE_ALREADY_EXISTS', true);
$js = "\n\t\t\tfunction insertReadmore(editor) {\n\t\t\t\tvar content = {$getContent}\n\t\t\t\tif (content.match(/<hr\\s+id=(\"|')system-readmore(\"|')\\s*\\/*>/i)) {\n\t\t\t\t\talert('{$present}');\n\t\t\t\t\treturn false;\n\t\t\t\t} else {\n\t\t\t\t\tjInsertEditorText('<hr id=\"system-readmore\" />', editor);\n\t\t\t\t}\n\t\t\t}\n\t\t\t";
Document::addScriptDeclaration($js);
$button = new \Hubzero\Base\Object();
$button->set('modal', false);
$button->set('onclick', 'insertReadmore(\'' . $name . '\');return false;');
$button->set('text', Lang::txt('PLG_READMORE_BUTTON_READMORE'));
$button->set('name', 'readmore');
// TODO: The button writer needs to take into account the javascript directive
//$button->set('link', 'javascript:void(0)');
$button->set('link', '#');
return $button;
}
/**
* Display the button
*
* @return array A four element array of (article_id, article_title, category_id, object)
*/
public function onDisplay($name)
{
// Javascript to insert the link
// View element calls jSelectArticle when an article is clicked
// jSelectArticle creates the link tag, sends it to the editor,
// and closes the select frame.
$js = "\n\t\tfunction jSelectArticle(id, title, catid, object, link, lang) {\n\t\t\tvar hreflang = '';\n\t\t\tif (lang !== '') {\n\t\t\t\tvar hreflang = ' hreflang = \"' + lang + '\"';\n\t\t\t}\n\t\t\tvar tag = '<a' + hreflang + ' href=\"' + link + '\">' + title + '</a>';\n\t\t\tjInsertEditorText(tag, '" . $name . "');\n\t\t\t\$.fancybox.close();\n\t\t}";
Document::addScriptDeclaration($js);
Html::behavior('modal');
// Use the built-in element view to select the article.
// Currently uses blank class.
$link = 'index.php?option=com_content&view=articles&layout=modal&tmpl=component&' . Session::getFormToken() . '=1';
$button = new \Hubzero\Base\Object();
$button->set('modal', true);
$button->set('link', $link);
$button->set('text', Lang::txt('PLG_ARTICLE_BUTTON_ARTICLE'));
$button->set('name', 'article');
$button->set('options', "{handler: 'iframe', size: {x: 770, y: 400}}");
return $button;
}
/**
* Display the button
*
* @param string $name
* @param string $asset
* @param integer $author
* @return array A two element array of (imageName, textToInsert)
*/
public function onDisplay($name, $asset, $author)
{
$params = Component::params('com_media');
$extension = Request::getCmd('option');
if ($asset == '') {
$asset = $extension;
}
if (User::authorise('core.edit', $asset) || User::authorise('core.create', $asset) || count(User::getAuthorisedCategories($asset, 'core.create')) > 0 || User::authorise('core.edit.own', $asset) && $author == User::get('id') || count(User::getAuthorisedCategories($extension, 'core.edit')) > 0 || count(User::getAuthorisedCategories($extension, 'core.edit.own')) > 0 && $author == User::get('id')) {
$link = 'index.php?option=com_media&view=images&tmpl=component&e_name=' . $name . '&asset=' . $asset . '&author=' . $author;
Html::behavior('modal');
$button = new \Hubzero\Base\Object();
$button->set('modal', true);
$button->set('link', $link);
$button->set('text', Lang::txt('PLG_IMAGE_BUTTON_IMAGE'));
$button->set('name', 'image');
$button->set('options', "{handler: 'iframe', size: {x: 800, y: 500}}");
return $button;
}
return false;
}
/**
* Upload a file
*
* @since 1.5
*/
function upload()
{
$params = Component::params('com_media');
// Check for request forgeries
if (!Session::checkToken(['get', 'post'], true)) {
$response = array('status' => '0', 'error' => Lang::txt('JINVALID_TOKEN'));
echo json_encode($response);
return;
}
// Get the user
$log = JLog::getInstance('upload.error.php');
// Get some data from the request
$file = Request::getVar('Filedata', '', 'files', 'array');
$folder = Request::getVar('folder', '', '', 'path');
$return = Request::getVar('return-url', null, 'post', 'base64');
if ($_SERVER['CONTENT_LENGTH'] > $params->get('upload_maxsize', 0) * 1024 * 1024 || $_SERVER['CONTENT_LENGTH'] > (int) ini_get('upload_max_filesize') * 1024 * 1024 || $_SERVER['CONTENT_LENGTH'] > (int) ini_get('post_max_size') * 1024 * 1024 || $_SERVER['CONTENT_LENGTH'] > (int) ini_get('memory_limit') * 1024 * 1024) {
$response = array('status' => '0', 'error' => Lang::txt('COM_MEDIA_ERROR_WARNFILETOOLARGE'));
echo json_encode($response);
return;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
// Make the filename safe
$file['name'] = Filesystem::clean($file['name']);
if (isset($file['name'])) {
// The request is valid
$err = null;
$filepath = \Hubzero\Filesystem\Util::normalizePath(COM_MEDIA_BASE . '/' . $folder . '/' . strtolower($file['name']));
if (!MediaHelper::canUpload($file, $err)) {
$log->addEntry(array('comment' => 'Invalid: ' . $filepath . ': ' . $err));
$response = array('status' => '0', 'error' => Lang::txt($err));
echo json_encode($response);
return;
}
// Trigger the onContentBeforeSave event.
$object_file = new \Hubzero\Base\Object($file);
$object_file->filepath = $filepath;
$result = Event::trigger('content.onContentBeforeSave', array('com_media.file', &$object_file, true));
if (in_array(false, $result, true)) {
// There are some errors in the plugins
$log->addEntry(array('comment' => 'Errors before save: ' . $filepath . ' : ' . implode(', ', $object_file->getErrors())));
$response = array('status' => '0', 'error' => Lang::txts('COM_MEDIA_ERROR_BEFORE_SAVE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
echo json_encode($response);
return;
}
if (Filesystem::exists($filepath)) {
// File exists
$log->addEntry(array('comment' => 'File exists: ' . $filepath . ' by user_id ' . User::get('id')));
$response = array('status' => '0', 'error' => Lang::txt('COM_MEDIA_ERROR_FILE_EXISTS'));
echo json_encode($response);
return;
} elseif (!User::authorise('core.create', 'com_media')) {
// File does not exist and user is not authorised to create
$log->addEntry(array('comment' => 'Create not permitted: ' . $filepath . ' by user_id ' . User::get('id')));
$response = array('status' => '0', 'error' => Lang::txt('COM_MEDIA_ERROR_CREATE_NOT_PERMITTED'));
echo json_encode($response);
return;
}
$file = (array) $object_file;
if (!Filesystem::upload($file['tmp_name'], $file['filepath'])) {
// Error in upload
$log->addEntry(array('comment' => 'Error on upload: ' . $filepath));
$response = array('status' => '0', 'error' => Lang::txt('COM_MEDIA_ERROR_UNABLE_TO_UPLOAD_FILE'));
echo json_encode($response);
return;
} else {
// Trigger the onContentAfterSave event.
Event::trigger('content.onContentAfterSave', array('com_media.file', &$object_file, true));
$log->addEntry(array('comment' => $folder));
$response = array('status' => '1', 'error' => Lang::txt('COM_MEDIA_UPLOAD_COMPLETE', substr($file['filepath'], strlen(COM_MEDIA_BASE))));
echo json_encode($response);
return;
}
} else {
$response = array('status' => '0', 'error' => Lang::txt('COM_MEDIA_ERROR_BAD_REQUEST'));
echo json_encode($response);
return;
}
}
/**
* Deletes paths from the current path
*
* @since 1.5
*/
public function delete()
{
Session::checkToken(['get', 'post']);
// Get some data from the request
$tmpl = Request::getCmd('tmpl');
$paths = Request::getVar('rm', array(), '', 'array');
$folder = Request::getVar('folder', '', '', 'path');
$redirect = 'index.php?option=com_media&folder=' . $folder;
if ($tmpl == 'component') {
// We are inside the iframe
$redirect .= '&view=mediaList&tmpl=component';
}
$this->setRedirect($redirect);
// Nothing to delete
if (empty($paths)) {
return true;
}
// Authorize the user
if (!$this->authoriseUser('delete')) {
return false;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
// Initialise variables.
$ret = true;
foreach ($paths as $path) {
if ($path !== Filesystem::clean($path)) {
// filename is not safe
$filename = htmlspecialchars($path, ENT_COMPAT, 'UTF-8');
Notify::warning(Lang::txt('COM_MEDIA_ERROR_UNABLE_TO_DELETE_FILE_WARNFILENAME', substr($filename, strlen(COM_MEDIA_BASE))));
continue;
}
$fullPath = Filesystem::cleanPath(implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $folder, $path)));
$object_file = new \Hubzero\Base\Object(array('filepath' => $fullPath));
if (is_file($fullPath)) {
// Trigger the onContentBeforeDelete event.
$result = Event::trigger('content.onContentBeforeDelete', array('com_media.file', &$object_file));
if (in_array(false, $result, true)) {
// There are some errors in the plugins
Notify::warning(Lang::txts('COM_MEDIA_ERROR_BEFORE_DELETE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
continue;
}
$ret &= Filesystem::delete($fullPath);
// Trigger the onContentAfterDelete event.
Event::trigger('content.onContentAfterDelete', array('com_media.file', &$object_file));
$this->setMessage(Lang::txt('COM_MEDIA_DELETE_COMPLETE', substr($fullPath, strlen(COM_MEDIA_BASE))));
} elseif (is_dir($fullPath)) {
$contents = Filesystem::files($fullPath, '.', true, false, array('.svn', 'CVS', '.DS_Store', '__MACOSX', 'index.html'));
if (empty($contents)) {
// Trigger the onContentBeforeDelete event.
$result = Event::trigger('content.onContentBeforeDelete', array('com_media.folder', &$object_file));
if (in_array(false, $result, true)) {
// There are some errors in the plugins
Notify::warning(Lang::txts('COM_MEDIA_ERROR_BEFORE_DELETE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
continue;
}
$ret &= Filesystem::deleteDirectory($fullPath);
// Trigger the onContentAfterDelete event.
Event::trigger('content.onContentAfterDelete', array('com_media.folder', &$object_file));
$this->setMessage(Lang::txt('COM_MEDIA_DELETE_COMPLETE', substr($fullPath, strlen(COM_MEDIA_BASE))));
} else {
// This makes no sense...
Notify::warning(Lang::txt('COM_MEDIA_ERROR_UNABLE_TO_DELETE_FOLDER_NOT_EMPTY', substr($fullPath, strlen(COM_MEDIA_BASE))));
}
}
}
return $ret;
}
/**
* Create a folder
*
* @param string $path Path of the folder to create
* @since 1.5
*/
public function create()
{
// Check for request forgeries
Session::checkToken(['get', 'post']);
$folder = Request::getCmd('foldername', '');
$folderCheck = Request::getVar('foldername', null, '', 'string', JREQUEST_ALLOWRAW);
$parent = Request::getVar('folderbase', '', '', 'path');
$this->setRedirect('index.php?option=com_media&folder=' . $parent . '&tmpl=' . Request::getCmd('tmpl', 'index'));
if (strlen($folder) > 0) {
if (!User::authorise('core.create', 'com_media')) {
// User is not authorised to delete
Notify::warning(Lang::txt('JLIB_APPLICATION_ERROR_CREATE_NOT_PERMITTED'));
return false;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
Request::setVar('folder', $parent);
if ($folderCheck !== null && $folder !== $folderCheck) {
$this->setMessage(Lang::txt('COM_MEDIA_ERROR_UNABLE_TO_CREATE_FOLDER_WARNDIRNAME'));
return false;
}
$path = \Hubzero\Filesystem\Util::normalizePath(COM_MEDIA_BASE . '/' . $parent . '/' . $folder);
if (!is_dir($path) && !is_file($path)) {
// Trigger the onContentBeforeSave event.
$object_file = new \Hubzero\Base\Object(array('filepath' => $path));
$result = Event::trigger('content.onContentBeforeSave', array('com_media.folder', &$object_file, true));
if (in_array(false, $result, true)) {
// There are some errors in the plugins
Notify::warning(Lang::txts('COM_MEDIA_ERROR_BEFORE_SAVE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
return false;
}
Filesystem::makeDirectory($path);
$data = "<html>\n<body bgcolor=\"#FFFFFF\">\n</body>\n</html>";
Filesystem::write($path . "/index.html", $data);
// Trigger the onContentAfterSave event.
Event::trigger('content.onContentAfterSave', array('com_media.folder', &$object_file, true));
$this->setMessage(Lang::txt('COM_MEDIA_CREATE_COMPLETE', substr($path, strlen(COM_MEDIA_BASE))));
}
Request::setVar('folder', $parent ? $parent . '/' . $folder : $folder);
}
}