示例#1
0
 /**
  * Authorize current user
  *
  * @param      mixed $idx Index value
  * @return     array
  */
 private function _authorize()
 {
     // NOT logged in
     if (User::isGuest()) {
         // If the resource is published and public
         if ($this->published() && ($this->resource->access == 0 || $this->resource->access == 3)) {
             // Allow view access
             $this->params->set('access-view-resource', true);
             if ($this->resource->access == 0) {
                 $this->params->set('access-view-all-resource', true);
             }
         }
         $this->_authorized = true;
         return;
     }
     if ($this->isTool()) {
         $tconfig = Component::params('com_tools');
         if ($admingroup = trim($tconfig->get('admingroup', ''))) {
             // Check if they're a member of admin group
             $ugs = \Hubzero\User\Helper::getGroups(User::get('id'));
             if ($ugs && count($ugs) > 0) {
                 $admingroup = strtolower($admingroup);
                 foreach ($ugs as $ug) {
                     if (strtolower($ug->cn) == $admingroup) {
                         $this->params->set('access-view-resource', true);
                         $this->params->set('access-view-all-resource', true);
                         $this->params->set('access-admin-resource', true);
                         $this->params->set('access-manage-resource', true);
                         $this->params->set('access-create-resource', true);
                         $this->params->set('access-delete-resource', true);
                         $this->params->set('access-edit-resource', true);
                         $this->params->set('access-edit-state-resource', true);
                         $this->params->set('access-edit-own-resource', true);
                         break;
                     }
                 }
             }
         }
         if (!$this->params->get('access-admin-resource') && !$this->params->get('access-manage-resource')) {
             // If logged in and resource is published and public or registered
             if ($this->published() && ($this->resource->access == 0 || $this->resource->access == 1)) {
                 // Allow view access
                 $this->params->set('access-view-resource', true);
                 $this->params->set('access-view-all-resource', true);
             }
             if ($this->resource->group_owner) {
                 // For protected resources, make sure users can see abstract
                 if ($this->resource->access < 3) {
                     $this->params->set('access-view-resource', true);
                     $this->params->set('access-view-all-resource', true);
                 } else {
                     if ($this->resource->access == 3) {
                         $this->params->set('access-view-resource', true);
                     }
                 }
                 // Get the groups the user has access to
                 $xgroups = \Hubzero\User\Helper::getGroups(User::get('id'), 'all');
                 $usersgroups = array();
                 if (!empty($xgroups)) {
                     foreach ($xgroups as $group) {
                         if ($group->regconfirmed) {
                             $usersgroups[] = $group->cn;
                         }
                     }
                 }
                 // Get the groups that can access this resource
                 $allowedgroups = $this->resource->getGroups();
                 // Find what groups the user has in common with the resource, if any
                 $common = array_intersect($usersgroups, $allowedgroups);
                 // Check if the user is apart of the group that owns the resource
                 // or if they have any groups in common
                 if (in_array($this->resource->group_owner, $usersgroups) || count($common) > 0) {
                     $this->params->set('access-view-resource', true);
                     $this->params->set('access-view-all-resource', true);
                 }
             }
             $obj = new \Components\Tools\Tables\Tool($this->_db);
             $obj->loadFromName($this->resource->alias);
             // check if user in tool dev team
             if ($developers = $obj->getToolDevelopers($obj->id)) {
                 foreach ($developers as $dv) {
                     if ($dv->uidNumber == User::get('id')) {
                         $this->params->set('access-create-resource', true);
                         $this->params->set('access-delete-resource', true);
                         $this->params->set('access-edit-resource', true);
                         $this->params->set('access-edit-state-resource', true);
                         $this->params->set('access-edit-own-resource', true);
                     }
                 }
             }
         }
         $this->_authorized = true;
         return;
     } else {
         // Check if they're a site admin (from Joomla)
         $this->params->set('access-admin-resource', User::authorise('core.admin', null));
         $this->params->set('access-manage-resource', User::authorise('core.manage', null));
         if ($this->params->get('access-admin-resource') || $this->params->get('access-manage-resource')) {
             $this->params->set('access-view-resource', true);
             $this->params->set('access-view-all-resource', true);
             $this->params->set('access-create-resource', true);
             $this->params->set('access-delete-resource', true);
             $this->params->set('access-edit-resource', true);
             $this->params->set('access-edit-state-resource', true);
             $this->params->set('access-edit-own-resource', true);
             $this->_authorized = true;
             return;
         }
         // If they're not an admin
         // If logged in and resource is published and public or registered
         if ($this->published() && ($this->resource->access == 0 || $this->resource->access == 1)) {
             // Allow view access
             $this->params->set('access-view-resource', true);
             $this->params->set('access-view-all-resource', true);
         }
         // Check if they're the resource creator
         if ($this->resource->created_by == User::get('id')) {
             // Give full access
             $this->params->set('access-view-resource', true);
             $this->params->set('access-view-all-resource', true);
             $this->params->set('access-create-resource', true);
             $this->params->set('access-delete-resource', true);
             $this->params->set('access-edit-resource', true);
             $this->params->set('access-edit-state-resource', true);
             $this->params->set('access-edit-own-resource', true);
         } else {
             if (in_array(User::get('id'), $this->contributors('id'))) {
                 // Give full access
                 $this->params->set('access-view-resource', true);
                 $this->params->set('access-view-all-resource', true);
                 $this->params->set('access-create-resource', true);
                 $this->params->set('access-delete-resource', true);
                 $this->params->set('access-edit-resource', true);
                 $this->params->set('access-edit-state-resource', true);
                 $this->params->set('access-edit-own-resource', true);
             } else {
                 if ($this->resource->group_owner) {
                     // For protected resources, make sure users can see abstract
                     if ($this->resource->access < 3) {
                         $this->params->set('access-view-resource', true);
                         $this->params->set('access-view-all-resource', true);
                     } else {
                         if ($this->resource->access == 3) {
                             $this->params->set('access-view-resource', true);
                         }
                     }
                     // Get the groups the user has access to
                     $xgroups = \Hubzero\User\Helper::getGroups(User::get('id'), 'all');
                     $usersgroups = array();
                     if (!empty($xgroups)) {
                         foreach ($xgroups as $group) {
                             if ($group->regconfirmed) {
                                 $usersgroups[] = $group->cn;
                             }
                         }
                     }
                     // Get the groups that can access this resource
                     $allowedgroups = $this->resource->getGroups();
                     // Find what groups the user has in common with the resource, if any
                     $common = array_intersect($usersgroups, $allowedgroups);
                     // Check if the user is apart of the group that owns the resource
                     // or if they have any groups in common
                     if (in_array($this->resource->group_owner, $usersgroups) || count($common) > 0) {
                         $this->params->set('access-view-resource', true);
                         $this->params->set('access-view-all-resource', true);
                         // if (!empty($xgroups))
                         // {
                         // 	foreach ($xgroups as $group)
                         // 	{
                         // 		if ($this->resource->group_owner == $group->cn && $group->manager)
                         // 		{
                         // 			$this->params->set('access-delete-resource', true);
                         // 			$this->params->set('access-edit-resource', true);
                         // 			$this->params->set('access-edit-state-resource', true);
                         // 			$this->params->set('access-edit-own-resource', true);
                         // 			break;
                         // 		}
                         // 	}
                         // }
                     }
                 } else {
                     $this->params->set('access-view-resource', true);
                     $this->params->set('access-view-all-resource', true);
                 }
             }
         }
     }
     $this->_authorized = true;
 }
示例#2
0
 /**
  * Check if user has access
  *
  * @param      integer $toolid       Tool ID
  * @param      boolean $allowAuthors Allow tool authors?
  * @return     boolean True if user has access, False if not
  */
 private function _checkAccess($toolid, $allowAuthors = false)
 {
     // Create a Tool object
     $obj = new \Components\Tools\Tables\Tool($this->database);
     // allow to view if admin
     if ($this->config->get('access-manage-component')) {
         return true;
     }
     // check if user in tool dev team
     if ($developers = $obj->getToolDevelopers($toolid)) {
         foreach ($developers as $dv) {
             if ($dv->uidNumber == User::get('id')) {
                 return true;
             }
         }
     }
     // allow access to tool authors
     if ($allowAuthors) {
         // Nothing here?
     }
     return false;
 }
示例#3
0
 /**
  * Check if a user has access to a tool
  *
  * @param      integer $toolid Tool ID
  * @return     boolean True if user has access, false if not
  */
 private function _checkToolaccess($toolid)
 {
     // Check if they're a site admin
     if (User::authorize($this->_option, 'manage')) {
         return true;
     }
     // Create a Tool object
     $obj = new \Components\Tools\Tables\Tool($this->database);
     // check if user in tool dev team
     $developers = $obj->getToolDevelopers($toolid);
     if ($developers) {
         foreach ($developers as $dv) {
             if ($dv->uidNumber == User::get('id')) {
                 return true;
             }
         }
     }
     return false;
 }
示例#4
0
 /**
  * Display a list of authors
  *
  * @param   integer  $id  Resource ID
  * @return  void
  */
 public function displayTask($id = null)
 {
     // Incoming
     if (!$id) {
         $id = Request::getInt('rid', 0);
     }
     // Ensure we have an ID to work with
     if (!$id) {
         App::abort(500, Lang::txt('COM_TOOLS_CONTRIBUTE_NO_ID'));
     }
     $this->view->version = Request::getVar('version', 'dev');
     // Get all contributors of this resource
     $helper = new \Components\Resources\Helpers\Helper($id, $this->database);
     if ($this->view->version == 'dev') {
         $helper->getCons();
     } else {
         $obj = new \Components\Tools\Tables\Tool($this->database);
         $toolname = $obj->getToolnameFromResource($id);
         $objV = new \Components\Tools\Tables\Version($this->database);
         $revision = $objV->getCurrentVersionProperty($toolname, 'revision');
         $helper->getToolAuthors($toolname, $revision);
     }
     // Get a list of all existing contributors
     include_once PATH_CORE . DS . 'components' . DS . 'com_resources' . DS . 'tables' . DS . 'contributor' . DS . 'roletype.php';
     $resource = new \Components\Resources\Tables\Resource($this->database);
     $resource->load($id);
     $rt = new \Components\Resources\Tables\Contributor\RoleType($this->database);
     // Output HTML
     $this->view->config = $this->config;
     $this->view->contributors = $helper->_contributors;
     $this->view->id = $id;
     $this->view->roles = $rt->getRolesForType($resource->type);
     $this->view->setErrors($this->getErrors())->setLayout('display')->display();
 }
示例#5
0
 /**
  * Finalize a tool
  *
  * @param      string &$out Output messages container
  * @return     boolean True on success, False if errors
  */
 protected function _finalizeTool(&$out = '')
 {
     Log::debug("finalizeTool(): checkpoint 1");
     if (!$this->_toolid) {
         return false;
     }
     // We need to make sure we don't prepend with PATH_APP if we already have a root-relative path
     $tarball_path = $this->config->get('sourcecodePath', 'site/protected/source');
     if (substr($tarball_path, 0, 1) != DS) {
         $tarball_path = PATH_APP . DS . trim($this->config->get('sourcecodePath', 'site/protected/source'), DS);
     }
     Log::debug("finalizeTool(): checkpoint 2");
     // Create a Tool object
     $obj = new \Components\Tools\Tables\Tool($this->database);
     $obj->getToolStatus($this->_toolid, $this->_option, $status, 'dev');
     if (count($status) > 0) {
         // Make sure the path exist
         if (!is_dir('/tmp')) {
             if (!Filesystem::makeDirectory('/tmp')) {
                 $out .= Lang::txt('COM_TOOLS_ERR_UNABLE_TO_CREATE_PATH') . ' /tmp';
                 return false;
             }
         }
         $token = md5(uniqid());
         $fname = '/tmp/license' . $this->_toolid . '-r' . $status['revision'] . '-' . $token . '.txt';
         $handle = fopen($fname, "w");
         fwrite($handle, $status['license']);
         fclose($handle);
         chmod($fname, 0664);
         $command = '/usr/bin/sudo -u apps /usr/bin/finalizetool -hubdir ' . PATH_CORE . '/../ -title "' . $status['title'] . '" -version "' . $status['version'] . '" -license ' . $fname . ' ' . $status['toolname'];
         Log::debug("finalizeTool(): checkpoint 3: {$command}");
         if (!$this->_invokescript($command, Lang::txt('COM_TOOLS_NOTICE_VERSION_FINALIZED'))) {
             $out .= " invoke script failure";
             unlink($fname);
             return false;
         }
         unlink($fname);
         if ($this->getError()) {
             $out .= " invoke script failure";
             return false;
         }
         // get tarball
         $tar = explode("source tarball: /tmp/", $this->getMessage());
         $tar = $tar[1];
         $file_path = $tarball_path . DS . $status['toolname'];
         // Make sure the upload path exist
         if (!is_dir($file_path)) {
             if (!Filesystem::makeDirectory($file_path)) {
                 Log::debug("findalizeTool(): failed to create tarball path {$file_path}");
                 $out .= Lang::txt('COM_TOOLS_ERR_UNABLE_TO_CREATE_TAR_PATH');
                 return false;
             }
         }
         Log::debug("finalizeTool(): checkpoint 4: " . DS . 'tmp' . DS . $tar . " to " . $file_path . '/' . $tar);
         if (!@copy(DS . 'tmp' . DS . $tar, $file_path . '/' . $tar)) {
             $out .= " failed to copy {$tar} to {$file_path}";
             Log::debug("findalizeTool(): failed tarball copy");
             return false;
         } else {
             Log::debug("findalizeTool(): deleting tmp files");
             exec('sudo -u apps rm -f /tmp/' . $tar, $out, $result);
         }
         return true;
     } else {
         $out = Lang::txt('COM_TOOLS_ERR_CANNOT_RETRIEVE');
         return false;
     }
     return true;
 }