Пример #1
0
 /**
  * A fixture to set up page & collection permissions. Currently it only supports setting a blanket permission of
  * "public", "loggedin", "friends", or "private", and allowcomments & approvecomments
  *
  * Example:
  * Given the following "permissions" exist:
  * | title | accesstype | accessname | allowcomments |
  * | Page 1 | loggedin | loggedin | 1 |
  * | Collection 1 | public | public | 1 |
  * | Page 2 | user | userA | 0 |
  * @param unknown $record
  * @throws SystemException
  */
 public function create_permission($record)
 {
     $sql = "SELECT id, 'view' AS \"type\" FROM {view} WHERE LOWER(TRIM(title))=?\n                UNION\n                SELECT id, 'collection' AS \"type\" FROM {collection} WHERE LOWER(TRIM(name))=?";
     $title = strtolower(trim($record['title']));
     $ids = get_records_sql_array($sql, array($title, $title));
     if (!$ids || count($ids) > 1) {
         throw new SystemException("Invalid page/collection name '" . $record['title'] . "'. The page/collection title does not exist, or is duplicated.");
     }
     $id = $ids[0];
     $viewids = array();
     if ($id->type == 'view') {
         $viewids[] = $id->id;
     } else {
         $records = get_records_array('collection_view', 'collection', $id->id, 'displayorder', 'view');
         if (!$records) {
             throw new SystemException("Can't set permissions on empty collection named '" . $record['title'] . "'.");
         }
         foreach ($records as $view) {
             $viewids[] = $view->view;
         }
     }
     if ($record['accesstype'] == 'private') {
         $accesslist = array();
     } else {
         switch ($record['accesstype']) {
             case 'user':
                 $ids = get_records_sql_array('SELECT id FROM {usr} WHERE LOWER(TRIM(username)) = ?', array(strtolower(trim($record['accessname']))));
                 if (!$ids || count($ids) > 1) {
                     throw new SystemException("Invalid access user '" . $record['accessname'] . "'. The username does not exist or duplicated");
                 }
                 $id = $ids[0]->id;
                 $type = 'user';
                 break;
             case 'public':
             case 'friends':
             case 'loggedin':
                 $type = $id = $record['accesstype'];
                 break;
         }
         // TODO: This only supports one access record at a time per page
         $accesslist = array(array('startdate' => null, 'stopdate' => null, 'type' => $type, 'id' => $id));
     }
     $viewconfig = array('startdate' => null, 'stopdate' => null, 'template' => 0, 'retainview' => (int) (isset($record['retainview']) ? $record['retainview'] : 0), 'allowcomments' => (int) (isset($record['allowcomments']) ? $record['allowcomments'] : 1), 'approvecomments' => (int) (isset($record['approvecomments']) ? $record['approvecomments'] : 0), 'accesslist' => $accesslist);
     require_once 'view.php';
     View::update_view_access($viewconfig, $viewids);
 }
Пример #2
0
function editaccess_submit(Pieform $form, $values)
{
    global $SESSION, $institution, $collections, $views, $view;
    if ($values['accesslist']) {
        $dateformat = get_string('strftimedatetimeshort');
        foreach ($values['accesslist'] as &$item) {
            if (!empty($item['startdate'])) {
                $item['startdate'] = ptimetotime(strptime($item['startdate'], $dateformat));
            }
            if (!empty($item['stopdate'])) {
                $item['stopdate'] = ptimetotime(strptime($item['stopdate'], $dateformat));
            }
        }
    }
    $viewconfig = array('startdate' => $values['startdate'], 'stopdate' => $values['stopdate'], 'template' => (int) $values['template'], 'retainview' => isset($values['retainview']) ? (int) $values['retainview'] : 0, 'allowcomments' => (int) $values['allowcomments'], 'approvecomments' => (int) ($values['allowcomments'] && $values['approvecomments']), 'accesslist' => $values['accesslist']);
    $toupdate = array();
    if ($institution) {
        if (isset($values['copynewuser'])) {
            $viewconfig['copynewuser'] = (int) $values['copynewuser'];
        }
        if ($institution == 'mahara') {
            $createfor = array();
            foreach (group_get_grouptypes() as $grouptype) {
                if ($values['copyfornewgroups_' . $grouptype]) {
                    $createfor[] = $grouptype;
                }
            }
            $viewconfig['copynewgroups'] = $createfor;
        }
    }
    if (isset($values['collections'])) {
        foreach ($values['collections'] as $cid) {
            if (!isset($collections[$cid])) {
                throw new UserException(get_string('editaccessinvalidviewset', 'view'));
            }
            $toupdate = array_merge($toupdate, array_keys($collections[$cid]['views']));
        }
    }
    if (isset($values['views'])) {
        foreach ($values['views'] as $viewid) {
            if (!isset($views[$viewid])) {
                throw new UserException(get_string('editaccessinvalidviewset', 'view'));
            }
            $toupdate[] = $viewid;
        }
    } else {
        if ($view->get('type') == 'profile') {
            // Force default Advanced options
            $felements = $form->get_property('elements');
            if (!empty($felements['more']['elements'])) {
                foreach (array_keys($felements['more']['elements']) as $ename) {
                    if (property_exists($view, $ename)) {
                        $viewconfig[$ename] = $view->get($ename);
                    }
                }
            }
            $toupdate[] = $view->get('id');
        }
    }
    if (!empty($toupdate)) {
        View::update_view_access($viewconfig, $toupdate);
        if ($view->get('type') == 'profile') {
            // Ensure the user's institutions are still added to the access list
            $view->add_owner_institution_access();
            if (get_config('loggedinprofileviewaccess')) {
                // Force logged-in user access
                $viewaccess = new stdClass();
                $viewaccess->accesstype = 'loggedin';
                $view->add_access($viewaccess);
            }
        }
    }
    $SESSION->add_ok_msg(get_string('updatedaccessfornumviews', 'view', count($toupdate)));
    if ($view->get('owner')) {
        redirect('/view/share.php');
    }
    if ($view->get('group')) {
        redirect(get_config('wwwroot') . '/group/shareviews.php?group=' . $view->get('group'));
    }
    if ($view->get('institution')) {
        redirect(get_config('wwwroot') . '/view/institutionshare.php?institution=' . $view->get('institution'));
    }
    $view->post_edit_redirect();
}
Пример #3
0
 /**
  * Submits the selected views to the collection
  *
  * @param array values selected views
  * @return integer count so we know what SESSION message to display
  */
 public function add_views($values)
 {
     require_once get_config('libroot') . 'view.php';
     $count = 0;
     // how many views we are adding
     db_begin();
     // each view was marked with a key of view_<id> in order to identify the correct items
     // from the form values
     foreach ($values as $key => $value) {
         if (substr($key, 0, 5) === 'view_' and $value == true) {
             $cv = array();
             $cv['view'] = substr($key, 5);
             $cv['collection'] = $this->get('id');
             // set displayorder value
             $max = get_field('collection_view', 'MAX(displayorder)', 'collection', $this->get('id'));
             $cv['displayorder'] = is_numeric($max) ? $max + 1 : 0;
             insert_record('collection_view', (object) $cv);
             $count++;
         }
     }
     $viewids = get_column('collection_view', 'view', 'collection', $this->id);
     // Set the most permissive access records on all views
     View::combine_access($viewids, true);
     // Copy the whole view config from the first view to all the others
     if (count($viewids)) {
         $firstview = new View($viewids[0]);
         $viewconfig = array('startdate' => $firstview->get('startdate'), 'stopdate' => $firstview->get('stopdate'), 'template' => $firstview->get('template'), 'retainview' => $firstview->get('retainview'), 'allowcomments' => $firstview->get('allowcomments'), 'approvecomments' => (int) ($firstview->get('allowcomments') && $firstview->get('approvecomments')), 'accesslist' => $firstview->get_access());
         View::update_view_access($viewconfig, $viewids);
     }
     db_commit();
     return $count;
 }