protected function executeImpl(kshow $kshow, entry &$entry) { $this->res = ""; $likuser_id = $this->getLoggedInUserId(); if ($likuser_id != $entry->getKuserId()) { // ERROR - attempting to update an entry which doesnt belong to the user return "<xml>!</xml>"; //$this->securityViolation( $kshow->getId() ); } $name = @$_GET["RoughcutName"]; $entry->setName($name); $entry->save(); //myEntryUtils::createWidgetImage($entry, false); $this->name = $name; }
/** * Throws an error if the non-onwer session user is trying to update entitledPusersEdit or entitledPusersPublish * * @param KalturaBaseEntry $entry * @param entry $dbEntry */ protected function validateEntitledUsersUpdate(KalturaBaseEntry $entry, entry $dbEntry) { if (!$this->getKs() || !$this->getKs()->isAdmin()) { //non owner cannot change entitledUsersEdit and entitledUsersPublish if ($this->getKuser()->getId() != $dbEntry->getKuserId()) { if ($entry->entitledUsersEdit !== null && strtolower($entry->entitledUsersEdit) != strtolower($dbEntry->getEntitledPusersEdit())) { throw new KalturaAPIException(KalturaErrors::INVALID_KS, "", ks::INVALID_TYPE, ks::getErrorStr(ks::INVALID_TYPE)); } if ($entry->entitledUsersPublish !== null && strtolower($entry->entitledUsersPublish) != strtolower($dbEntry->getEntitledPusersPublish())) { throw new KalturaAPIException(KalturaErrors::INVALID_KS, "", ks::INVALID_TYPE, ks::getErrorStr(ks::INVALID_TYPE)); } } } }
/** * Sets the valid user for the entry * Throws an error if the session user is trying to update entry to another user and not using an admin session * * @param KalturaBaseEntry $entry * @param entry $dbEntry */ protected function checkAndSetValidUserUpdate(KalturaBaseEntry $entry, entry $dbEntry) { KalturaLog::debug("DB puser id [" . $dbEntry->getPuserId() . "] kuser id [" . $dbEntry->getKuserId() . "]"); // user id not being changed if ($entry->userId === null) { KalturaLog::debug("entry->userId is null, not changing user"); return; } if (!$this->getKs() || !$this->getKs()->isAdmin()) { $entryPuserId = $dbEntry->getPuserId(); // non admin cannot change the owner of an existing entry if (strtolower($entry->userId) != strtolower($entryPuserId)) { KalturaLog::debug('API entry userId [' . $entry->userId . '], DB entry userId [' . $entryPuserId . '] - change required but KS is not admin'); throw new KalturaAPIException(KalturaErrors::INVALID_KS, "", ks::INVALID_TYPE, ks::getErrorStr(ks::INVALID_TYPE)); } } // need to create kuser if this is an admin changing the owner of the entry to a different user $kuser = kuserPeer::createKuserForPartner($dbEntry->getPartnerId(), $entry->userId); KalturaLog::debug("Set kuser id [" . $kuser->getId() . "] line [" . __LINE__ . "]"); $dbEntry->setKuserId($kuser->getId()); }
/** * Indicates that the KS user is the owner of the entry * @return bool */ protected function isKsUserOwnsEntry() { return !$this->isKsWidget() && $this->ks && $this->entry && $this->entry->getKuserId() == $this->ks->getKuserId(); }
/** * Executes addComment action, which returns a form enabling the insertion of a comment * The request may include 1 fields: entry id. */ protected function executeImpl(kshow $kshow, entry &$entry) { $kshow_id = $kshow->getId(); if ($this->partner_id != null) { // this part overhere should be in a more generic place - part of the services $multiple_roghcuts = Partner::allowMultipleRoughcuts($this->partner_id); $likuser_id = $this->getLoggedInUserId(); } else { // is the logged-in-user is not an admin or the producer - check if show can be published $likuser_id = $this->getLoggedInUserId(); $multiple_roghcuts = true; } if (!$likuser_id) { return $this->securityViolation($kshow->getId()); } $isIntro = $kshow->getIntroId() == $entry->getId(); if ($multiple_roghcuts) { // create a new entry in two cases: // 1. the user saving the roughcut isnt the owner of the entry // 2. the entry is an intro and the current entry is not show (probably an image or video) if ($entry->getKuserId() != $likuser_id || $isIntro && $entry->getMediaType() != entry::ENTRY_MEDIA_TYPE_SHOW) { // TODO: add security check to whether multiple roughcuts are allowed // create a new roughcut entry by cloning the original entry $entry = myEntryUtils::deepClone($entry, $kshow_id, false); $entry->setKuserId($likuser_id); $entry->setCreatorKuserId($likuser_id); $entry->setCreatedAt(time()); $entry->setMediaType(entry::ENTRY_MEDIA_TYPE_SHOW); $entry->save(); } } /* $viewer_type = myKshowUtils::getViewerType($kshow, $likuser_id); if ( $viewer_type != KshowKuser::KSHOWKUSER_VIEWER_PRODUCER && ( ! $kshow->getCanPublish() ) ) { // ERROR - attempting to publish a non-publishable show return $this->securityViolation( $kshow->getId() ); } */ $this->xml_content = "<xml><EntryID>" . $entry->getId() . "</EntryID></xml>"; if ($isIntro) { $kshow->setIntroId($entry->getId()); } else { $kshow->setShowEntryId($entry->getId()); $has_roughcut = @$_REQUEST["HasRoughCut"]; if ($has_roughcut === "0") { $kshow->setHasRoughcut(false); $kshow->save(); return; } } $content = @$_REQUEST["xml"]; $update_kshow = false; if ($content != NULL) { list($xml_content, $this->comments, $update_kshow) = myMetadataUtils::setMetadata($content, $kshow, $entry); // Send an email alert to producer if ($kshow->getProducerId() != $likuser_id) { // don't send producer alerts when the producer is the editor alertPeer::sendEmailIfNeeded($kshow->getProducerId(), alert::KALTURAS_PRODUCED_ALERT_TYPE_ROUGHCUT_CREATED, array('screenname' => $this->getUser()->getAttribute('screenname'), 'kshow_name' => $kshow->getName(), 'kshow_id' => $kshow->getId())); } // TODO: efficiency: see if there is a wa to search for contributors based on some other method than full entry table scan // Send email alerts to contributors $c = new Criteria(); $c->add(entryPeer::KSHOW_ID, $kshow_id); $c->add(entryPeer::KUSER_ID, $likuser_id, Criteria::NOT_EQUAL); // the current user knows they just edited $c->addAnd(entryPeer::KUSER_ID, $kshow->getProducerId(), Criteria::NOT_EQUAL); // the producer knows they just edited $c->add(entryPeer::TYPE, entryType::MEDIA_CLIP); $c->addGroupByColumn(entryPeer::KUSER_ID); $entries = entryPeer::doSelect($c); $already_received_alert_array = array(); foreach ($entries as $entry) { alertPeer::sendEmailIfNeeded($entry->getKuserId(), alert::KALTURAS_PARTOF_ALERT_TYPE_ROUGHCUT_CREATED, array('screenname' => $this->getUser()->getAttribute('screenname'), 'kshow_name' => $kshow->getName(), 'kshow_id' => $kshow->getId())); $already_received_alert_array[$entry->getKuserId()] = true; } // send email alert to subscribers $c = new Criteria(); $c->add(KshowKuserPeer::KSHOW_ID, $kshow_id); //only subsribers of this show $c->add(KshowKuserPeer::KUSER_ID, $likuser_id, Criteria::NOT_EQUAL); // the current user knows they just edited $c->add(KshowKuserPeer::SUBSCRIPTION_TYPE, KshowKuser::KSHOW_SUBSCRIPTION_NORMAL); // this table stores other relations too $subscriptions = KshowKuserPeer::doSelect($c); foreach ($subscriptions as $subscription) { if (!isset($already_received_alert_array[$subscription->getKuserId()])) { // don't send emails to subscribed users who are also contributors alertPeer::sendEmailIfNeeded($subscription->getKuserId(), alert::KALTURAS_SUBSCRIBEDTO_ALERT_TYPE_ROUGHCUT_CREATED, array('screenname' => $this->getUser()->getAttribute('screenname'), 'kshow_name' => $kshow->getName(), 'kshow_id' => $kshow->getId())); } } if ($this->debug) { return "text/html; charset=utf-8"; } } else { $this->comments = ""; // if there is no xml - receive it from the user $this->debug = true; $file_name = myContentStorage::getFSContentRootPath() . "/" . $entry->getDataPath(); //$this->xml_content = kFile::getFileContent( $file_name ); return "text/html; charset=utf-8"; } }
/** * @param entry $dbEntry * @return bool if current user is admin / entyr owner / co-editor */ public static function validateUserEntitledForQuizEdit(entry $dbEntry) { if (kCurrentContext::$is_admin_session || kCurrentContext::getCurrentKsKuserId() == $dbEntry->getKuserId()) { return true; } $entitledKusers = QuizPlugin::getObjectIdsAsArray($dbEntry->getEntitledKusersEdit()); if (in_array(kCurrentContext::getCurrentKsKuserId(), $entitledKusers)) { return true; } return false; }
/** * Throws an error if the user is trying to update entry that doesn't belong to him and the session is not admin * * @param entry $dbEntry */ protected function checkIfUserAllowedToUpdateEntry(entry $dbEntry) { // if session is not admin, but privileges are // edit:* or edit:ENTRY_ID or editplaylist:PLAYLIST_ID // edit is allowed if (!$this->getKs() || !$this->getKs()->isAdmin()) { // check if wildcard on 'edit' if ($this->getKs()->verifyPrivileges(ks::PRIVILEGE_EDIT, ks::PRIVILEGE_WILDCARD)) { return; } // check if entryID on 'edit' if ($this->getKs()->verifyPrivileges(ks::PRIVILEGE_EDIT, $dbEntry->getId())) { return; } // if ($this->getKs()->verifyPlaylistPrivileges(ks::PRIVILEGE_EDIT_ENTRY_OF_PLAYLIST, $dbEntry->getId(), $this->getPartnerId())) { return; } } // if user is not the entry owner, and the KS is user type - do not allow update if ($dbEntry->getKuserId() != $this->getKuser()->getId() && (!$this->getKs() || !$this->getKs()->isAdmin())) { throw new KalturaAPIException(KalturaErrors::INVALID_KS, "", ks::INVALID_TYPE, ks::getErrorStr(ks::INVALID_TYPE)); } }
/** * Returns true if kuser or current kuser is entitled to entryId * @param entry $entry * @param int $kuser * @return bool */ public static function isEntryEntitled(entry $entry, $kuserId = null) { $ks = ks::fromSecureString(kCurrentContext::$ks); // entry is entitled when entitlement is disable // for actions with no ks - need to check if partner have default entitlement feature enable. if (!self::getEntitlementEnforcement() && $ks) { KalturaLog::debug('Entry entitled: entitlement disabled'); return true; } $partner = $entry->getPartner(); if (!$ks && !$partner->getDefaultEntitlementEnforcement()) { KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: no ks and default is with no enforcement'); return true; } if ($ks && $ks->isWidgetSession() && $ks->getDisableEntitlementForEntry() == $entry->getId()) { KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: widget session that disble entitlement for this entry'); return true; } $allCategoriesEntry = categoryEntryPeer::retrieveActiveAndPendingByEntryId($entry->getId()); $categories = array(); foreach ($allCategoriesEntry as $categoryEntry) { $categories[] = $categoryEntry->getCategoryId(); } //if entry doesn't belong to any category. $categories[] = category::CATEGORY_ID_THAT_DOES_NOT_EXIST; $c = KalturaCriteria::create(categoryPeer::OM_CLASS); $c->add(categoryPeer::ID, $categories, Criteria::IN); $privacy = array(PrivacyType::ALL); if ($ks && !$ks->isWidgetSession()) { $privacy[] = PrivacyType::AUTHENTICATED_USERS; } $crit = $c->getNewCriterion(categoryPeer::PRIVACY, $privacy, Criteria::IN); $ksPrivacyContexts = null; // entry that doesn't belong to any category is public //when ks is not provided - the entry is still public (for example - download action) $categoryEntries = categoryEntryPeer::retrieveActiveByEntryId($entry->getId()); if (!count($categoryEntries) && !$ks) { KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: entry does not belong to any category'); return true; } if ($ks) { $ksPrivacyContexts = $ks->getPrivacyContext(); if (!$ksPrivacyContexts || trim($ksPrivacyContexts) == '') { $ksPrivacyContexts = self::DEFAULT_CONTEXT . $partner->getId(); if (!count($allCategoriesEntry)) { // entry that doesn't belong to any category is public KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: entry does not belong to any category and privacy context on the ks is not set'); return true; } } $c->add(categoryPeer::PRIVACY_CONTEXTS, $ksPrivacyContexts, KalturaCriteria::IN_LIKE); if (!$kuserId) { $partnerId = kCurrentContext::$partner_id ? kCurrentContext::$partner_id : kCurrentContext::$ks_partner_id; $kuser = kuserPeer::getKuserByPartnerAndUid($partnerId, kCurrentContext::$ks_uid, true); if ($kuser) { $kuserId = $kuser->getId(); } } if ($kuserId) { // kuser is set on the entry as creator or uploader if ($kuserId != '' && $entry->getKuserId() == $kuserId) { KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: ks user is the same as entry->kuserId or entry->creatorKuserId [' . $kuserId . ']'); return true; } // kuser is set on the entry entitled users edit or publish $entitledKusers = array_merge(explode(',', $entry->getEntitledKusersEdit()), explode(',', $entry->getEntitledKusersPublish())); if (in_array($kuserId, $entitledKusers)) { KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: ks user is the same as entry->entitledKusersEdit or entry->entitledKusersPublish'); return true; } } // kuser is set on the category as member // this ugly code is temporery - since we have a bug in sphinxCriteria::getAllCriterionFields if ($kuserId) { $membersCrit = $c->getNewCriterion(categoryPeer::MEMBERS, $kuserId, Criteria::LIKE); $membersCrit->addOr($crit); $crit = $membersCrit; } } else { //no ks = set privacy context to default. $c->add(categoryPeer::PRIVACY_CONTEXTS, array(self::DEFAULT_CONTEXT . $partner->getId()), KalturaCriteria::IN_LIKE); } $c->addAnd($crit); //remove default FORCED criteria since categories that has display in search = public - doesn't mean that all of their entries are public KalturaCriterion::disableTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY); $category = categoryPeer::doSelectOne($c); KalturaCriterion::restoreTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY); if ($category) { KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] entitled: ks user is a member of this category or category privacy is set to public of authenticated'); return true; } KalturaLog::debug('Entry [' . print_r($entry->getId(), true) . '] not entitled'); return false; }
protected function executeImpl(kshow $kshow, entry &$entry) { $this->res = ""; $likuser_id = $this->getLoggedInUserId(); // if we allow multiple rouchcuts - there is no reason for one suer to override someone else's thumbnail if ($this->allowMultipleRoughcuts()) { if ($likuser_id != $entry->getKuserId()) { // ERROR - attempting to update an entry which doesnt belong to the user return "<xml>!!</xml>"; //$this->securityViolation( $kshow->getId() ); } } $debug = @$_GET["debug"]; /* $kshow_id = @$_GET["kshow_id"]; $debug = @$_GET["debug"]; $this->kshow_id = $kshow_id; if ( $kshow_id == NULL || $kshow_id == 0 ) return; $kshow = kshowPeer::retrieveByPK( $kshow_id ); if ( ! $kshow ) { $this->res = "No kshow " . $kshow_id ; return; } // is the logged-in-user is not an admin or the producer - check if show can be published $likuser_id = $this->getLoggedInUserId(); $viewer_type = myKshowUtils::getViewerType($kshow, $likuser_id); if ( $viewer_type != KshowKuser::KSHOWKUSER_VIEWER_PRODUCER && ( ! $kshow->getCanPublish() ) ) { // ERROR - attempting to publish a non-publishable show return "<xml>!</xml>";//$this->securityViolation( $kshow->getId() ); } // ASSUME - the kshow & roughcut already exist $show_entry_id = $kshow->getShowEntryId(); $roughcut = entryPeer::retrieveByPK( $show_entry_id ); $roughcut = entryPeer::retrieveByPK( $entry_id ); if ( ! $roughcut) { $this->res = "No roughcut for kshow " . $kshow->getId() ; return; } */ // echo "for entry: $show_entry_id current thumb path: " . $entry->getThumbnail() ; $entry->setThumbnail(".jpg"); $entry->setCreateThumb(false); $entry->save(); //$thumb_data = $_REQUEST["ThumbData"]; if (isset($HTTP_RAW_POST_DATA)) { $thumb_data = $HTTP_RAW_POST_DATA; } else { $thumb_data = file_get_contents("php://input"); } // $thumb_data = $GLOBALS["HTTP_RAW_POST_DATA"]; $thumb_data_size = strlen($thumb_data); $bigThumbPath = myContentStorage::getFSContentRootPath() . $entry->getBigThumbnailPath(); kFile::fullMkdir($bigThumbPath); kFile::setFileContent($bigThumbPath, $thumb_data); $path = myContentStorage::getFSContentRootPath() . $entry->getThumbnailPath(); kFile::fullMkdir($path); myFileConverter::createImageThumbnail($bigThumbPath, $path); $roughcutPath = myContentStorage::getFSContentRootPath() . $entry->getDataPath(); $xml_doc = new KDOMDocument(); $xml_doc->load($roughcutPath); if (myMetadataUtils::updateThumbUrl($xml_doc, $entry->getBigThumbnailUrl())) { $xml_doc->save($roughcutPath); } $this->res = $entry->getBigThumbnailUrl(); }
public static function deleteEntry(entry $entry) { $kshow = $entry->getkshow(); if ($kshow) { $v = $kshow->getEntries(); self::dec($v); $kshow->setEntries($v); $c = new Criteria(); myCriteria::addComment($c, __METHOD__); $c->add(entryPeer::KSHOW_ID, $entry->getKshowId()); $c->add(entryPeer::KUSER_ID, $entry->getKuserId()); $c->setLimit(2); $res = entryPeer::doCount($c); if ($res == 1) { // if $res > 1 - this kuser contributed more than one entry, deleting this one should still leave him a contributor // if $res < 1 - this kuser never contributed - strange! but no need to dec the contributors // kuser did contribute to this kshow - decrement $v = $kshow->getContributors(); self::dec($v); $kshow->setContributors($v); } $kuser = $entry->getkuser(); if ($kuser) { $v = $kuser->getEntries(); self::dec($v); $kuser->setEntries($v); } self::add($kshow); self::add($kuser); } }
/** * @param entry $dbEntry * @return bool if current user is admin / entry's owner / co-editor */ public static function isEntitledForEditEntry(entry $dbEntry) { if (kCurrentContext::$is_admin_session || kCurrentContext::getCurrentKsKuserId() == $dbEntry->getKuserId()) { return true; } return $dbEntry->isEntitledKuserEdit(kCurrentContext::getCurrentKsKuserId()); }