function do_deleteSearch()
{
$this->startTransaction();
$iSearchId = KTUtil::arrayGet($_REQUEST, 'fSavedSearchId', false);
$oSearch = KTSavedSearch::get($iSearchId);
if (PEAR::isError($oSearch) || $oSearch == false) {
$this->errorRedirectToMain(_kt('No such search'));
exit(0);
}
$res = $oSearch->delete();
$this->oValidator->notError($res, array('redirect_to' => 'main', 'message' => _kt('Error deleting search')));
$this->commitTransaction();
$iFolderId = KTUtil::arrayGet($_REQUEST, 'fFolderId', false);
$iDocumentId = KTUtil::arrayGet($_REQUEST, 'fFolderId', false);
if ($iFolderId) {
controllerRedirect('browse', 'fFolderId=' . $iFolderId);
} else {
controllerRedirect('viewDocument', 'fDocumentId=' . $iDocumentId);
}
}
function getConfigDescription()
{
if (!$this->isLoaded()) {
return _kt('This trigger has no configuration.');
}
// the actual permissions are stored in the array.
$perms = array();
if (empty($this->aConfig) || is_null($this->aConfig['condition_id'])) {
return _kt('No condition must be fulfilled before this transition becomes available.');
}
$oCondition = KTSavedSearch::get($this->aConfig['condition_id']);
if (PEAR::isError($oCondition)) {
return _kt('The condition required for this trigger has been deleted, so it is always available.');
} else {
return sprintf(_kt('The document must match condition "<strong>%s</strong>".'), htmlentities($oCondition->getName(), ENT_NOQUOTES, 'UTF-8'));
}
}
function do_updateSearch()
{
$id = KTUtil::arrayGet($_REQUEST, 'fSavedSearchId');
$sName = KTUtil::arrayGet($_REQUEST, 'name');
$oSearch = KTSavedSearch::get($id);
if (PEAR::isError($oSearch) || $oSearch == false) {
$this->errorRedirectToMain('No such search');
}
$datavars = KTUtil::arrayGet($_REQUEST, 'boolean_search');
if (!is_array($datavars)) {
$datavars = unserialize($datavars);
}
if (empty($datavars)) {
$this->errorRedirectToMain(_kt('You need to have at least 1 condition.'));
}
//$sName = "Neil's saved search";
if (!empty($sName)) {
$oSearch->setName($sName);
}
$oSearch->setSearch($datavars);
$res = $oSearch->update();
$this->oValidator->notError($res, array('redirect_to' => 'main', 'message' => _kt('Search not saved')));
$this->successRedirectToMain(_kt('Search saved'));
}
function do_main()
{
$this->oPage->setBreadcrumbDetails(_kt('Permissions'));
$oTemplate = $this->oValidator->validateTemplate('ktcore/folder/view_permissions');
$oPO = KTPermissionObject::get($this->oFolder->getPermissionObjectID());
$aPermissions = KTPermission::getList();
$aMapPermissionGroup = array();
$aMapPermissionRole = array();
$aMapPermissionUser = array();
$aAllGroups = Group::getList();
// probably small enough
$aAllRoles = Role::getList();
// probably small enough.
// users are _not_ fetched this way.
$aActiveGroups = array();
$aActiveUsers = array();
$aActiveRoles = array();
foreach ($aPermissions as $oPermission) {
$oPLA = KTPermissionAssignment::getByPermissionAndObject($oPermission, $oPO);
if (PEAR::isError($oPLA)) {
continue;
}
$oDescriptor = KTPermissionDescriptor::get($oPLA->getPermissionDescriptorID());
$iPermissionID = $oPermission->getID();
$aIDs = $oDescriptor->getGroups();
$aMapPermissionGroup[$iPermissionID] = array();
foreach ($aIDs as $iID) {
$aMapPermissionGroup[$iPermissionID][$iID] = true;
$aActiveGroups[$iID] = true;
}
$aIds = $oDescriptor->getRoles();
$aMapPermissionRole[$iPermissionID] = array();
foreach ($aIds as $iId) {
$aMapPermissionRole[$iPermissionID][$iId] = true;
$aActiveRoles[$iId] = true;
}
$aIds = $oDescriptor->getUsers();
$aMapPermissionUser[$iPermissionID] = array();
foreach ($aIds as $iId) {
$aMapPermissionUser[$iPermissionID][$iId] = true;
$aActiveUsers[$iId] = true;
}
}
// now we constitute the actual sets.
$users = array();
$groups = array();
$roles = array();
// should _always_ be empty, barring a bug in permissions::updatePermissionLookup
// this should be quite limited - direct role -> user assignment is typically rare.
foreach ($aActiveUsers as $id => $marker) {
$oUser = User::get($id);
if (is_null($oUser)) {
continue;
}
// this is just a patch in case there is a db integrity issue.
$users[$oUser->getName()] = $oUser;
}
asort($users);
// ascending, per convention.
foreach ($aActiveGroups as $id => $marker) {
$oGroup = Group::get($id);
if (is_null($oGroup)) {
continue;
}
// this is just a patch in case there is a db integrity issue.
$groups[$oGroup->getName()] = $oGroup;
}
asort($groups);
foreach ($aActiveRoles as $id => $marker) {
$oRole = Role::get($id);
if (is_null($oRole)) {
continue;
}
// this is just a patch in case there is a db integrity issue.
$roles[$oRole->getName()] = $oRole;
}
asort($roles);
$bEdit = KTPermissionUtil::userHasPermissionOnItem($this->oUser, $this->_sEditShowPermission, $this->oFolder);
if (KTBrowseUtil::inAdminMode($this->oUser, $this->oFolder)) {
$bEdit = true;
}
$sInherited = '';
$oInherited = KTPermissionUtil::findRootObjectForPermissionObject($oPO);
// This is fine, since a folder can only inherit permissions
// from a folder.
if ($oInherited->getId() !== $this->oFolder->getId()) {
$iInheritedFolderId = $oInherited->getId();
$sInherited = join(' > ', $oInherited->getPathArray());
}
// only allow inheritance if not inherited, -and- folders is editable
$bInheritable = $bEdit && $oInherited->getId() !== $this->oFolder->getId();
// only allow edit if the folder is editable.
$bEdit = $bEdit && $oInherited->getId() == $this->oFolder->getId();
$aConditions = array();
$aDynConditions = KTPermissionDynamicCondition::getByPermissionObject($oPO);
foreach ($aDynConditions as $oDynCondition) {
$g = Group::get($oDynCondition->getGroupId());
if (is_null($g)) {
continue;
}
// db integrity catch
if (PEAR::isError($g)) {
continue;
}
$c = KTSavedSearch::get($oDynCondition->getConditionId());
if (is_null($c)) {
continue;
}
// db integrity catch
if (PEAR::isError($c)) {
continue;
}
$aInfo = array('group' => $g->getName(), 'name' => $c->getName());
$aAssign = $oDynCondition->getAssignment();
$perms = array();
foreach ($aAssign as $iPermissionId) {
$perms[$iPermissionId] = true;
}
$aInfo['perms'] = $perms;
$aConditions[] = $aInfo;
}
$aTemplateData = array('context' => $this, 'permissions' => $aPermissions, 'groups' => $groups, 'users' => $users, 'roles' => $roles, 'oFolder' => $this->oFolder, 'aMapPermissionGroup' => $aMapPermissionGroup, 'aMapPermissionRole' => $aMapPermissionRole, 'aMapPermissionUser' => $aMapPermissionUser, 'edit' => $bEdit, 'inheritable' => $bInheritable, 'inherited' => $sInherited, 'conditions' => $aConditions);
return $oTemplate->render($aTemplateData);
}
function do_updateSearch()
{
$id = KTUtil::arrayGet($_REQUEST, 'fSavedSearchId');
$sName = KTUtil::arrayGet($_REQUEST, 'name');
$oSearch = KTSavedSearch::get($id);
if (PEAR::isError($oSearch) || $oSearch == false) {
$this->errorRedirectToMain('No such dynamic condition');
}
$datavars = KTUtil::arrayGet($_REQUEST, 'boolean_search');
if (!is_array($datavars)) {
$datavars = unserialize($datavars);
}
if (empty($datavars)) {
$this->errorRedirectToMain(_kt('You need to have at least 1 condition.'));
}
//$sName = "Neil's saved search";
if (!empty($sName)) {
$oSearch->setName($sName);
}
$oSearch->setSearch($datavars);
$res = $oSearch->update();
$this->oValidator->notError($res, array('redirect_to' => 'main', 'message' => _kt('Search not saved')));
// Update permission object if exists
$sWhere = 'condition_id = ?';
$aParams = array($id);
$aPermissionObjects = KTPermissionDynamicCondition::getPermissionObjectIdList($sWhere, $aParams);
if (!PEAR::isError($aPermissionObjects) && !empty($aPermissionObjects)) {
// update permission objects
foreach ($aPermissionObjects as $iPermObjectId) {
$oPO = KTPermissionObject::get($iPermObjectId['permission_object_id']);
KTPermissionUtil::updatePermissionLookupForPO($oPO);
}
}
$this->successRedirectToMain(_kt('Dynamic condition saved'));
}
