public function preview() { $request = \Request::getInstance(); $c = \Page::getByID($this->request->get('cID')); $cp = new \Permissions($c); if ($cp->canViewPageVersions()) { $c->loadVersionObject(\Core::make('helper/security')->sanitizeInt($_REQUEST['cvID'])); $spoofed_request = \Request::createFromGlobals(); if ($device_handle = $request->headers->get('x-device-handle')) { if ($device = \Core::make('device/manager')->get($device_handle)) { if ($agent = $device->getUserAgent()) { $spoofed_request->headers->set('User-Agent', $agent); } } } $spoofed_request->setCustomRequestUser(-1); $spoofed_request->setCurrentPage($c); \Request::setInstance($spoofed_request); $controller = $c->getPageController(); $controller->runTask('view', array()); $view = $controller->getViewObject(); $response = new \Response(); $content = $view->render(); // Reset just in case. \Request::setInstance($request); $response->setContent($content); $response->send(); exit; } }
public function on_start() { $c = Page::getByPath('/dashboard/blocks/stacks'); $cp = new Permissions($c); if ($cp->canViewPage()) { $c = Page::getCurrentPage(); $pcp = new Permissions($c); if (!$pcp->canViewPageVersions() || $_GET['vtask'] != 'view_versions' && $_GET['vtask'] != 'compare') { $cID = $c->getCollectionID(); $this->redirect('/dashboard/blocks/stacks', 'view_details', $cID); } else { $this->theme = 'dashboard'; } } else { global $c; // ugh $v = View::getInstance(); $c = new Page(); $c->loadError(COLLECTION_NOT_FOUND); $v->setCollectionObject($c); $this->c = $c; $cont = Loader::controller("/page_not_found"); $v->setController($cont); $v->render('/page_not_found'); } }
public function testForErrors() { if (!$this->object->getVersionID()) { $c = Page::getByID($this->object->getCollectionID()); $cp = new Permissions($c); if ($cp->canViewPageVersions()) { return COLLECTION_FORBIDDEN; } else { return COLLECTION_NOT_FOUND; } } else { if (!$this->object->isMostRecent()) { return VERSION_NOT_RECENT; } } }
public function get($itemsToGet = 0, $offset = 0) { $_pages = DatabaseItemList::get($itemsToGet, $offset); $pages = array(); foreach ($_pages as $row) { $c = Page::getByID($row['cID']); $cp = new Permissions($c); if ($cp->canViewPageVersions()) { $c->loadVersionObject('RECENT'); } else { $c->loadVersionObject('ACTIVE'); } $wp = PageWorkflowProgress::getByID($row['wpID']); $pages[] = new PageWorkflowProgressPage($c, $wp); } return $pages; }
public function getWorkflowRequestAdditionalActions(WorkflowProgress $wp) { $buttons = array(); $c = Page::getByID($this->cID, 'ACTIVE'); $cp = new Permissions($c); if ($cp->canViewPageVersions()) { $button = new WorkflowProgressAction(); $button->setWorkflowProgressActionLabel(t('Compare Versions')); $button->addWorkflowProgressActionButtonParameter('dialog-title', t('Compare Versions')); $button->addWorkflowProgressActionButtonParameter('dialog-width', '90%'); $button->addWorkflowProgressActionButtonParameter('dialog-height', '70%'); $button->setWorkflowProgressActionStyleInnerButtonLeftHTML('<i class="icon-eye-open"></i>'); $button->setWorkflowProgressActionURL(REL_DIR_FILES_TOOLS_REQUIRED . '/workflow/dialogs/approve_page_preview.php?wpID=' . $wp->getWorkflowProgressID()); $button->setWorkflowProgressActionStyleClass('dialog-launch'); $buttons[] = $button; } return $buttons; }
/** * @param $queryRow * * @return \Concrete\Core\File\File */ public function getResult($queryRow) { $c = ConcretePage::getByID($queryRow['cID'], 'ACTIVE'); if (is_object($c) && $this->checkPermissions($c)) { if ($this->pageVersionToRetrieve == self::PAGE_VERSION_RECENT) { $cp = new \Permissions($c); if ($cp->canViewPageVersions() || $this->permissionsChecker === -1) { $c->loadVersionObject('RECENT'); } } if (isset($queryRow['cIndexScore'])) { $c->setPageIndexScore($queryRow['cIndexScore']); } return $c; } }
/** * Get all of the blocks within the current area for a given page * @param Page|Collection $c * @return Block[] */ public function getAreaBlocksArray($c) { if (is_array($this->areaBlocksArray)) { return $this->areaBlocksArray; } $this->cID = $c->getCollectionID(); $this->c = $c; $this->areaBlocksArray = array(); if ($this->arIsGlobal) { $blocks = array(); $cp = new Permissions($c); if ($cp->canViewPageVersions()) { $c = Stack::getByName($this->arHandle); } else { $c = Stack::getByName($this->arHandle, 'ACTIVE'); } if (is_object($c)) { $blocks = $c->getBlocks(STACKS_AREA_NAME); $globalArea = self::get($c, STACKS_AREA_NAME); } } else { $blocks = $c->getBlocks($this->arHandle); } foreach ($blocks as $ab) { if ($this->arIsGlobal && is_object($globalArea)) { $ab->setBlockAreaObject($globalArea); } else { $ab->setBlockAreaObject($this); } $this->areaBlocksArray[] = $ab; $this->totalBlocks++; } return $this->areaBlocksArray; }
function getNode($cItem, $level = 0, $autoOpenNodes = true) { if (!is_object($cItem)) { $cID = $cItem; $c = Page::getByID($cID, 'RECENT'); } else { $cID = $cItem->getCollectionID(); $c = $cItem; } $cp = new Permissions($c); $canEditPageProperties = $cp->canEditPageProperties(); $canEditPageSpeedSettings = $cp->canEditPageSpeedSettings(); $canEditPagePermissions = $cp->canEditPagePermissions(); $canEditPageDesign = $cp->canEditPageTheme() || $cp->canEditPageType(); $canViewPageVersions = $cp->canViewPageVersions(); $canDeletePage = $cp->canDeletePage(); $canAddSubpages = $cp->canAddSubpage(); $canAddExternalLinks = $cp->canAddExternalLink(); $nodeOpen = false; if (is_array($_SESSION['dsbSitemapNodes'])) { if (in_array($cID, $_SESSION['dsbSitemapNodes'])) { $nodeOpen = true; } } $status = ''; $cls = $c->getNumChildren() > 0 ? "folder" : "file"; $leaf = $c->getNumChildren() > 0 ? false : true; $numSubpages = $c->getNumChildren() > 0 ? $c->getNumChildren() : ''; $cvName = $c->getCollectionName() ? $c->getCollectionName() : '(No Title)'; $cvName = $c->isSystemPage() ? t($cvName) : $cvName; $selected = ConcreteDashboardSitemapHelper::isOneTimeActiveNode($cID) ? true : false; $ct = CollectionType::getByID($c->getCollectionTypeID()); $isInTrash = $c->isInTrash(); $canCompose = false; if (is_object($ct)) { if ($ct->isCollectionTypeIncludedInComposer()) { $h = Loader::helper('concrete/dashboard'); if ($cp->canEditPageProperties() && $h->canAccessComposer()) { $canCompose = true; } } } $isTrash = $c->getCollectionPath() == TRASH_PAGE_PATH; if ($isTrash || $isInTrash) { $pk = PermissionKey::getByHandle('empty_trash'); if (!$pk->validate()) { return false; } } $cIcon = $c->getCollectionIcon(); $cAlias = $c->isAlias(); $cPointerID = $c->getCollectionPointerID(); if ($cAlias) { if ($cPointerID > 0) { $cIcon = ASSETS_URL_IMAGES . '/icons/alias.png'; $cAlias = 'POINTER'; $cID = $c->getCollectionPointerOriginalID(); } else { $cIcon = ASSETS_URL_IMAGES . '/icons/alias_external.png'; $cAlias = 'LINK'; } } $node = array('cvName' => $cvName, 'cIcon' => $cIcon, 'cAlias' => $cAlias, 'isInTrash' => $isInTrash, 'isTrash' => $isTrash, 'numSubpages' => $numSubpages, 'status' => $status, 'canEditPageProperties' => $canEditPageProperties, 'canEditPageSpeedSettings' => $canEditPageSpeedSettings, 'canEditPagePermissions' => $canEditPagePermissions, 'canEditPageDesign' => $canEditPageDesign, 'canViewPageVersions' => $canViewPageVersions, 'canDeletePage' => $canDeletePage, 'canAddSubpages' => $canAddSubpages, 'canAddExternalLinks' => $canAddExternalLinks, 'canCompose' => $canCompose, 'id' => $cID, 'selected' => $selected); if ($cID == 1 || $nodeOpen && $autoOpenNodes) { // We open another level $node['subnodes'] = $this->getSubNodes($cID, $level, false, $autoOpenNodes); } return $node; }
dialog-modal="false" dialog-title="<?php echo t('Design'); ?> " href="<?php echo URL::to('/ccm/system/dialogs/page/design'); ?> ?cID=<?php echo $cID; ?> "><?php echo t('Design'); ?> </a></li> <?php } if ($permissions->canViewPageVersions()) { ?> <li><a class="dialog-launch" dialog-width="640" dialog-height="340" dialog-modal="false" dialog-title="<?php echo t('Versions'); ?> " href="<?php echo URL::to('/ccm/system/panels/page/versions'); ?> ?cID=<?php echo $cID; ?> "><?php echo t('Versions'); ?> </a></li>
$h = Loader::helper('concrete/dashboard'); $dsh = Loader::helper('concrete/dashboard/sitemap'); foreach ($pages as $cobj) { $cpobj = new Permissions($cobj); if (!isset($striped) || $striped == 'ccm-list-record-alt') { $striped = ''; } else { if ($striped == '') { $striped = 'ccm-list-record-alt'; } } $canEditPageProperties = $cpobj->canEditPageProperties(); $canEditPageSpeedSettings = $cpobj->canEditPageSpeedSettings(); $canEditPagePermissions = $cpobj->canEditPagePermissions(); $canEditPageDesign = $cpobj->canEditPageTheme() || $cpobj->canEditPageType(); $canViewPageVersions = $cpobj->canViewPageVersions(); $canDeletePage = $cpobj->canDeletePage(); $canAddSubpages = $cpobj->canAddSubpage(); $canAddExternalLinks = $cpobj->canAddExternalLink(); $permissionArray = array('canEditPageProperties' => $canEditPageProperties, 'canEditPageSpeedSettings' => $canEditPageSpeedSettings, 'canEditPagePermissions' => $canEditPagePermissions, 'canEditPageDesign' => $canEditPageDesign, 'canViewPageVersions' => $canViewPageVersions, 'canDeletePage' => $canDeletePage, 'canAddSubpages' => $canAddSubpages, 'canAddExternalLinks' => $canAddExternalLinks); $canCompose = false; $ct = CollectionType::getByID($cobj->getCollectionTypeID()); if (is_object($ct)) { if ($ct->isCollectionTypeIncludedInComposer()) { if ($canEditPageProperties && $h->canAccessComposer()) { $canCompose = 1; } } } ?> <tr class="ccm-list-record <?php
<?php defined('C5_EXECUTE') or die("Access Denied."); $wp = \Concrete\Core\Workflow\Progress\Progress::getByID($_REQUEST['wpID']); $ih = Loader::helper('concrete/ui'); $wf = $wp->getWorkflowObject(); $req = $wp->getWorkflowRequestObject(); if ($wp instanceof \Concrete\Core\Workflow\Progress\PageProgress) { $rvc = Page::getByID($req->getRequestedPageID(), $req->getRequestedVersionID()); $rvcp = new Permissions($rvc); if ($rvcp->canViewPageVersions()) { $rv = $rvc->getVersionObject(); $rvl = Page::getByID($req->getRequestedPageID(), 'ACTIVE'); $rvr = Page::getByID($req->getRequestedPageID(), 'RECENT'); $liveCVID = $rvl->getVersionID(); $recentCVID = $rvr->getVersionID(); $tabs = array(array('requested-version', t('Requested Version: %s', $rv->getVersionComments()), true), array('live-version', t('Live Version'))); if ($liveCVID != $recentCVID) { $tabs[] = array('recent-version', t('Most Recent Version')); } ?> <div class="ccm-ui" style="height: 100%"> <?php echo $ih->tabs($tabs); ?> <div style="display: block; height: 100%" id="ccm-tab-content-requested-version"> <iframe border="0" id="v<?php echo time();
<?php defined('C5_EXECUTE') or die("Access Denied."); if (!Loader::helper('validation/numbers')->integer($_GET['cID'])) { die(t('Access Denied')); } $valt = Loader::helper('validation/token'); $fh = Loader::helper('file'); $token = '&' . $valt->getParameter(); $c = Page::getByID($_REQUEST['cID']); $cID = $c->getCollectionID(); $cp = new Permissions($c); $u = new User(); $isCheckedOut = $c->isCheckedOut() && !$c->isEditMode(); if (!$cp->canViewPageVersions() && !$cp->canApprovePageVersions()) { die(t("Access Denied.")); } if ($_GET['vtask'] == 'view_versions') { ?> <div class="ccm-ui"> <?php $ih = Loader::helper('concrete/interface'); $display = 'block'; $i = 0; if (count($_REQUEST['cvID']) > 0) { $tabs = array(); foreach ($_REQUEST['cvID'] as $cvID) { $tabs[] = array('view-version-' . $cvID, t('Version %s', $cvID), $i == 0); $i++;
## Get a permissions object for this particular collection. $cp = new Permissions($c); ## Now that we have a collections and permissions object, we check to make sure ## everything is okay with collections and permissions if ($cp->isError()) { // if we've gotten an error getting information about this particular collection // than we load up the Content class, and get prepared to fire away switch ($cp->getError()) { case COLLECTION_FORBIDDEN: $v = View::getInstance(); $v->setCollectionObject($c); $v->render('/page_forbidden'); break; } } if (!$c->isActive() && !$cp->canViewPageVersions()) { $v = View::getInstance(); $v->render('/page_not_found'); } ## If there's no error, then we build the collection, but first we load it with the appropriate ## version. We pass the function the collection object, as well as the collection permissions ## object, which the function will use to determine what version we get to see if ($cp->canEditPageContents() || $cp->canEditPageProperties() || $cp->canViewPageVersions()) { $cvID = $_REQUEST['cvID'] ? $_REQUEST['cvID'] : "RECENT"; $c->loadVersionObject($cvID); } $vp = new Permissions($c->getVersionObject()); if ($_REQUEST['ccm-disable-controls'] == true || intval($cvID) > 0) { $v = View::getInstance(); $v->disableEditing(); $v->disableLinks();
?> )" <? } ?> dialog-append-buttons="true" id="ccm-toolbar-nav-permissions" dialog-width="420" dialog-height="630" dialog-modal="false" dialog-title="<?php echo t('Permissions'); ?> " href="<?php echo REL_DIR_FILES_TOOLS_REQUIRED; ?> /edit_collection_popup.php?&cID=<?php echo $cID; ?> &ctask=edit_permissions"><?php echo t('Permissions'); ?> </a></li>'; <? } ?> <? if ($cp->canViewPageVersions()) { ?> menuHTML += '<li><a class="ccm-menu-icon ccm-icon-versions" <? if (!$c->isCheckedOut()) { ?> dialog-on-close="ccm_sitemapExitEditMode(<?php echo $c->getCollectionID(); ?> )" <? } ?> id="ccm-toolbar-nav-versions" dialog-width="640" dialog-height="340" dialog-modal="false" dialog-title="<?php echo t('Page Versions'); ?> " id="menuVersions<?php echo $cID; ?> " href="<?php echo REL_DIR_FILES_TOOLS_REQUIRED; ?> /versions.php?cID=<?php echo $cID; ?>
public function getGlobalBlocks() { $db = Loader::db(); $v = array( Stack::ST_TYPE_GLOBAL_AREA ); $rs = $db->GetCol('select stName from Stacks where Stacks.stType = ?', $v ); $blocks = array(); if (count($rs) > 0) { $pcp = new Permissions($this); foreach($rs as $garHandle) { if ($pcp->canViewPageVersions()) { $s = Stack::getByName($garHandle, 'RECENT'); } else { $s = Stack::getByName($garHandle, 'ACTIVE'); } if (is_object($s)) { $blocksTmp = $s->getBlocks(STACKS_AREA_NAME); $blocks = array_merge($blocks, $blocksTmp); } } } return $blocks; }
/** * Returns an array of page objects based on current settings */ public function get($itemsToGet = 0, $offset = 0) { $pages = array(); if ($this->getQuery() == '') { $this->setBaseQuery(); } $this->setItemsPerPage($itemsToGet); $r = parent::get($itemsToGet, $offset); foreach ($r as $row) { $nc = $this->loadPageID($row['cID'], 'ACTIVE'); if (!$this->displayOnlyApprovedPages) { $cp = new Permissions($nc); if ($cp->canViewPageVersions()) { $nc->loadVersionObject('RECENT'); } } $nc->setPageIndexScore($row['cIndexScore']); $pages[] = $nc; } return $pages; }