function test_table_permissions() { $pt =& Dataface_PermissionsTool::getInstance(); $perms = $pt->getPermissions(Dataface_Table::loadTable('Profiles')); $this->assertEquals(array(1, 1, 1), array($perms['view'], $perms['edit'], $perms['delete'])); $perms = $pt->getPermissions(Dataface_Table::loadTable('Profiles'), array('field' => 'fname')); $this->assertEquals(array(1, 1, 1), array($perms['view'], $perms['edit'], $perms['delete'])); // varcharfield_checkboxes has view disabled in the fields.ini file $this->assertTrue(!$pt->view(Dataface_Table::loadTable('Test'), array('field' => 'varcharfield_checkboxes'))); $this->assertTrue($pt->edit(Dataface_Table::loadTable('Test'), array('field' => 'varcharfield_checkboxes'))); }
function loadPermissions() { $this->_permissionsLoaded = true; $configTool =& Dataface_ConfigTool::getInstance(); $conf =& $configTool->loadConfig('permissions', $this->tablename); $permissionsTool =& Dataface_PermissionsTool::getInstance(); $permissionsTool->addPermissions($conf); }
/** * @brief Builds a widget that can be added to a form. This will delegate * to the WidgetHandler::buildWidget() method if defined for the field's widget * type. * * @param Dataface_Record &$record The Dataface Record that this widget * is to be editing. * @param array &$field The field definition. * @param HTML_QuickForm The form to which the widget will be added. * @param string $formFieldName The name of the field on the form. * @returns HTML_QuickForm_element */ function &buildWidget($record, &$field, $form, $formFieldName, $new = false, $permissions = null) { $table =& $record->_table; $widget =& $field['widget']; if (!isset($permissions)) { //$permissions =& $record->getPermissions(array('field'=>$field['name'])); $permissions = Dataface_PermissionsTool::ALL(); // reference to widget descriptor array } $pt =& Dataface_PermissionsTool::getInstance(); // Reference to permissions tool to operate on $permissions $widgetHandler =& $this->getWidgetHandler($widget['type']); if (isset($widgetHandler) and method_exists($widgetHandler, 'buildWidget')) { $el =& $widgetHandler->buildWidget($record, $field, $form, $formFieldName, $new); } else { $factory =& Dataface_FormTool::factory(); // A dummy HTML_QuickForm used as a factory to create temporary elements. // Reference to the table object. $el =& $factory->addElement($widget['type'], $formFieldName, $widget['label'], array('class' => $widget['class'], 'id' => $formFieldName)); } if (PEAR::isError($el)) { throw new Exception($el->toString(), E_USER_ERROR); } $el->setFieldDef($field); if (isset($record) && $record && $record->_table->hasField($field['name'])) { if ($link = $record->getLink($field['name'])) { $el->setProperty('link', $link); } $el->setProperty('record_url', $record->getURL()); } $atts = $el->getAttributes(); if (!is_array($atts)) { $atts = array(); } $atts = array_merge($atts, $field['widget']['atts']); foreach ($atts as $k => $v) { if (strpos($k, 'data-xf-override-') === 0) { $atts[substr($k, 17)] = $v; } } if (!isset($atts['data-xf-field'])) { $atts['data-xf-field'] = $field['name']; } $el->setAttributes($atts); if ($new and !$pt->checkPermission('new', $permissions)) { $el->freeze(); } else { if (!$new and !$pt->checkPermission('edit', $permissions)) { $el->freeze(); } } /* // Deal with permissions on this field. if ( $pt->view($permissions) and !$pt->edit($permissions) ){ if ( !($new && $pt->checkPermission('new', $permissions)) ){ $el->freeze(); } } */ $el->record =& $record; $form->addElement($el); /* * * If there are any validation options set for the field, we must add these rules to the quickform * element. * */ $validators = $field['validators']; foreach ($validators as $vname => $validator) { /* * * $validator['arg'] would be specified in the INI file. * Example ini file listing: * ------------------------- * [FirstName] * widget:label = First name * widget:description = Enter your first name * validators:regex = "/[0-9a-zA-Z/" * * This would result in $validator['arg'] = "/[0-9a-zA-Z/" in this section * and $vname == "regex". Hence it would mean that a regular expression validator * is being placed on this field so that only Alphanumeric characters are accepted. * Please see documentation for HTML_QuickForm PEAR class for more information * about QuickForm validators. * */ if ($vname == 'required' && $widget['type'] == 'file') { continue; } $form->addRule($formFieldName, $validator['message'], $vname, @$validator['arg'], $widget['type'] == 'htmlarea' ? null : 'client'); } $this->pullField($record, $field, $form, $formFieldName, $new); $el->_persistantFreeze = true; return $el; }
function df_permission_names_as_string(&$perms) { $ptool = Dataface_PermissionsTool::getInstance(); return $ptool->namesAsString($perms); }
function handle(&$params) { $this->params =& $params['action']; unset($params); $params =& $this->params; Dataface_PermissionsTool::getInstance()->setDelegate(new dataface_actions_register_permissions_delegate()); $app =& Dataface_Application::getInstance(); $auth =& Dataface_AuthenticationTool::getInstance(); import('Dataface/Ontology.php'); Dataface_Ontology::registerType('Person', 'Dataface/Ontology/Person.php', 'Dataface_Ontology_Person'); $this->ontology =& Dataface_Ontology::newOntology('Person', $app->_conf['_auth']['users_table']); $atts =& $this->ontology->getAttributes(); $query =& $app->getQuery(); if (!is_array(@$app->_conf['_auth'])) { return PEAR::raiseError("Cannot register when authentication is not enabled.", DATAFACE_E_ERROR); } if (isset($app->_conf['_auth']['email_column'])) { $atts['email'] =& $this->ontology->table->getField($app->_conf['_auth']['email_column']); $this->fieldnames['email'] = $app->_conf['_auth']['email_column']; } if ($auth->isLoggedIn()) { return Dataface_Error::permissionDenied("Sorry you cannot register once you are logged in. If you want to register, you must first log out."); } if (!@$app->_conf['_auth']['allow_register']) { return PEAR::raiseError("Sorry, registration is not allowed. Please contact the administrator for an account.", DATAFACE_E_ERROR); } $pt =& Dataface_PermissionsTool::getInstance(); // Create a new record form on the users table $this->form =& df_create_new_record_form($app->_conf['_auth']['users_table']); // add the -action element so that the form will direct us back here. $this->form->addElement('hidden', '-action'); $this->form->setDefaults(array('-action' => $query['-action'])); // Check to make sure that there isn't another user with the same // username already. $validationResults = $this->validateRegistrationForm($_POST); if (count($_POST) > 0 and PEAR::isError($validationResults)) { $app->addMessage($validationResults->getMessage()); $this->form->_errors[$app->_conf['_auth']['username_column']] = $validationResults->getMessage(); } if (!PEAR::isError($validationResults) and $this->form->validate()) { // The form input seems OK. Let's process the form // Since we will be using our own form processing for this action, // we need to manually push the field inputs into the Dataface_Record // object. $this->form->push(); // Now we obtain the Dataface_Record object that is to be added. $rec =& $this->form->_record; $delegate =& $rec->_table->getDelegate(); // Give the delegate classes an opportunity to have some fun if (isset($delegate) and method_exists($delegate, 'beforeRegister')) { $res = $delegate->beforeRegister($rec); if (PEAR::isError($res)) { return $res; } } $appdel =& $app->getDelegate(); if (isset($appdel) and method_exists($appdel, 'beforeRegister')) { $res = $appdel->beforeRegister($rec); if (PEAR::isError($res)) { return $res; } } // This is where we actually do the processing. This passes control // to the processRegistrationForm method in this class. $res = $this->form->process(array(&$this, 'processRegistrationForm'), true); // If there was an error in processing mark the error, and show the // form again. Otherwise we just redirect to the next page and // let the user know that he was successful. if (PEAR::isError($res)) { $app->addError($res); } else { // Let the delegate classes perform their victory lap.. if (isset($delegate) and method_exists($delegate, 'afterRegister')) { $res = $delegate->afterRegister($rec); if (PEAR::isError($res)) { return $res; } } if (isset($appdel) and method_exists($appdel, 'afterRegister')) { $res = $appdel->afterRegister($rec); if (PEAR::isError($res)) { return $res; } } // We accept --redirect markers to specify which page to redirect // to after we're done. This will usually be the page that the // user was on before they went to the login page. if (isset($_SESSION['--redirect'])) { $url = $_SESSION['--redirect']; } else { if (isset($_SESSION['-redirect'])) { $url = $_SESSION['-redirect']; } else { if (isset($_REQUEST['--redirect'])) { $url = $_REQUEST['--redirect']; } else { if (isset($_REQUEST['-redirect'])) { $url = $_REQUEST['-redirect']; } else { $url = $app->url('-action=' . $app->_conf['default_action']); } } } } if (@$params['email_validation']) { $individual = $this->ontology->newIndividual($this->form->_record); $msg = df_translate('actions.register.MESSAGE_THANKYOU_PLEASE_VALIDATE', 'Thank you. An email has been sent to ' . $individual->strval('email') . ' with instructions on how to complete the registration process.', array('email' => $individual->strval('email'))); } else { // To save the user from having to log in after he has just filled // in the registration form, we will just log him in right here. $_SESSION['UserName'] = $this->form->exportValue($app->_conf['_auth']['username_column']); $msg = df_translate('actions.register.MESSAGE_REGISTRATION_SUCCESSFUL', "Registration successful. You are now logged in."); } // Now we actually forward to the success page along with a success message if (strpos($url, '?') === false) { $url .= '?'; } $app->redirect($url . '&--msg=' . urlencode($msg)); } } // We want to display the form, but not yet so we will use an output buffer // to store the form HTML in a variable and pass it to our template. ob_start(); $this->form->display(); $out = ob_get_contents(); ob_end_clean(); $context = array('registration_form' => $out); // We don't want to keep the registration page in history, because we want to // be able to redirect the user back to where he came from before registering. $app->prefs['no_history'] = true; df_display($context, 'Dataface_Registration.html'); }
/** * @brief Clears the current record context. The record context is a set * of related records that are meant to be used as a lense through which * to view any destination records of any related record in the set. * * @since 2.0 * @returns void * @see getRecordContext() * @see addRecordContext() */ function clearRecordContext() { $this->recordContext = array(); $contextMasks =& Dataface_PermissionsTool::getInstance()->getContextMasks(); foreach ($contextMasks as $k => $v) { unset($contextMasks[$k]); } }