public function display($tpl = null) { // Initialise variables. $app = JFactory::getApplication(); $user = JFactory::getUser(); // Get model data. $this->state = $this->get('State'); $this->item = $this->get('Item'); $this->form = $this->get('Form'); $this->return_page = $this->get('ReturnPage'); $this->toolbar = $this->getToolbar(); // Permission check. if ($this->item->id <= 0) { $access = PFdesignsHelper::getRevisionActions(0, (int) $this->state->get('revisionform.parent_id')); $authorised = $access->get('core.create'); } else { $authorised = $this->item->params->get('access-edit'); } if ($authorised !== true) { JError::raiseError(403, JText::_('JERROR_ALERTNOAUTHOR')); return false; } // Check for errors. if (count($errors = $this->get('Errors'))) { JError::raiseWarning(500, implode("\n", $errors)); return false; } //Escape strings for HTML output $this->pageclass_sfx = htmlspecialchars($this->state->params->get('pageclass_sfx')); $this->params = $this->state->params; $this->user = $user; // Prepare the document $this->_prepareDocument(); // Display the view parent::display($tpl); }
/** * Method to auto-populate the model state. * Note. Calling getState in this method will result in recursion. * * @return void */ protected function populateState() { // Load state from the request. $pk = JRequest::getUInt('id'); $this->setState($this->getName() . '.id', $pk); $offset = JRequest::getUInt('limitstart'); $this->setState('list.offset', $offset); // Load the parameters. $params = JFactory::getApplication('site')->getParams(); $this->setState('params', $params); $access = PFdesignsHelper::getRevisionActions($pk); if (!$access->get('core.edit.state') && !$access->get('core.edit')) { $this->setState('filter.published', 1); $this->setState('filter.archived', 2); } }
/** * Display the view * * @return void */ public function display($tpl = null) { $item = $this->get('Item'); $params = JComponentHelper::getParams('com_pfdesigns', true); $layout = JRequest::getCmd('layout', 'preview'); // Permission check. if ($item->params->get('access-view') !== true) { JError::raiseError(403, JText::_('JERROR_ALERTNOAUTHOR')); return false; } if ($layout == 'download' || $layout == 'downloadAll') { if (headers_sent($file, $line)) { JError::raiseError(500, JText::sprintf('COM_PROJECTFORK_WARNING_FILE_DL_ERROR_HEADERS_SENT', $file, $line)); return false; } // Download permission check. $access = PFdesignsHelper::getActions($item->id); if (($access->get('core.admin') || $access->get('core.download')) !== true) { JError::raiseError(403, JText::_('JERROR_ALERTNOAUTHOR')); return false; } // Download a file if ($layout == 'download') { $base_path = PFdesignsHelper::getBasePath($item->project_id); if ($item->revision) { $file_path = $base_path . '/' . $item->revision->file_name; $name = $item->revision->alias . '.' . $item->revision->file_extension; } else { $file_path = $base_path . '/' . $item->file_name; $name = $item->alias . '.' . $item->file_extension; } if (!JFile::exists($file_path)) { JError::raiseError(404, JText::_('COM_PROJECTFORK_ERROR_FILE_NOT_FOUND')); return false; } ob_end_clean(); header("Content-Type: APPLICATION/OCTET-STREAM"); header("Content-Length: " . filesize($file_path)); header("Content-Disposition: attachment; filename=\"" . $name . "\";"); header("Content-Transfer-Encoding: Binary"); if (function_exists('readfile')) { readfile($file_path); } else { echo file_get_contents($file_path); } } else { // Download including revisions if (!class_exists('ZipArchive')) { JError::raiseError(500, JText::_('COM_PROJECTFORK_DESIGNS_ERROR_ZIP_EXTENSION')); return false; } // Get all revisions $revs_model = JModelLegacy::getInstance('Revisions', 'PFdesignsModel'); $revisions = (array) $revs_model->getItems(); // Collect files $base_path = PFdesignsHelper::getBasePath($item->project_id); $files = array(); // Add the design itself to the list $file_path = $base_path . '/' . $item->file_name; if (JFile::exists($file_path)) { $files[$file_path] = '0-' . $item->alias . '.' . $item->file_extension; } foreach ($revisions as $rev) { // Download permission check. $access = PFdesignsHelper::getRevisionActions($rev->id); if (($access->get('core.admin') || $access->get('core.download')) !== true) { continue; } $file_path = $base_path . '/' . $rev->file_name; if (JFile::exists($file_path)) { $files[$file_path] = $rev->ordering . '-' . $rev->alias . '.' . $rev->file_extension; } } // Make sure we have files if (!count($files)) { JError::raiseError(404, JText::_('COM_PROJECTFORK_ERROR_FILE_NOT_FOUND')); return false; } // Delete old archive if exists $archive = $base_path . '/' . $item->alias . '.zip'; if (JFile::exists($archive)) { if (!JFile::delete($archive)) { JError::raiseError(500, JText::_('COM_PROJECTFORK_DESIGNS_ERROR_ZIP_DELETE_FAILED')); return false; } } // Create new archive $zip = new ZipArchive(); $zip_class = true; if (!$zip->open($archive, ZIPARCHIVE::CREATE)) { JError::raiseError(500, JText::_('COM_PROJECTFORK_DESIGNS_ERROR_ZIP_CREATE_FAILED')); return false; } // Add files to archive foreach ($files as $path => $name) { $zip->addFile($path, $name); } // Close archive $zip->close(); if (JFile::exists($archive)) { ob_end_clean(); header("Content-Type: APPLICATION/OCTET-STREAM"); header("Content-Length: " . filesize($archive)); header("Content-Disposition: attachment; filename=\"" . $item->alias . '.zip' . "\";"); header("Content-Transfer-Encoding: Binary"); if (function_exists('readfile')) { readfile($archive); } else { echo file_get_contents($archive); } } else { JError::raiseError(500, JText::_('COM_PROJECTFORK_DESIGNS_ERROR_ZIP_STORE_FAILED')); return false; } } } else { // Generate thumbnail $options = array(); switch ($layout) { case 'full': $options['crop'] = false; $options['quality'] = 90; $options['size'] = $params->get('img_full_size', '1280x720'); break; case 'cover': $options['crop'] = true; $options['quality'] = 75; $options['size'] = $params->get('img_cover_size', '1280x720'); break; case 'preview': default: $options['crop'] = true; $options['quality'] = 75; $options['size'] = $params->get('img_preview_size', '300x200'); break; } $source = PFdesignsHelper::getBasePath($item->project_id) . '/' . $item->file_name; $image = JModelLegacy::getInstance('Image', 'PFdesignsModel', $options); $image->setSource($source); $image->setCacheId('design', $item->project_id, $item->id); $image->setAuthor($item->author_name); $image->save(); if ($image->isCached()) { JFactory::getApplication()->redirect($image->getCachedURL()); } else { $buffer = $image->getBuffer(); if ($buffer) { ob_end_clean(); header("Content-Type: image/jpeg"); header("Accept-Ranges: bytes"); header("Content-Length: " . filesize($image->getCachedFilePath())); echo $buffer; } } } die; }
/** * Generates the toolbar for the top of the view * * @return string Toolbar with buttons */ protected function getToolbar() { $config = JComponentHelper::getParams('com_pfdesigns', true); $uid = JFactory::getUser()->get('id'); $slug = $this->item->id . ':' . $this->item->alias; $return = base64_encode(JFactory::getURI()->toString()); $rev = $this->item->revision; $access = PFdesignsHelper::getActions($this->item->id); $access2 = $rev ? PFdesignsHelper::getRevisionActions($rev->id) : null; // Get the permissions $is_owner = $uid == $this->item->created_by; $can_add = $access->get('core.create'); $can_edit = $access->get('core.edit') || $access->get('core.edit.own') && $is_owner; $can_dl = $access->get('core.download'); $can_zip = class_exists('ZipArchive'); $can_edit_state = $access->get('core.edit.state'); $can_delete = $access->get('core.delete'); $can_approve = $access->get('core.approve'); $has_approved = array_key_exists($uid, $this->item->approved); $has_declined = array_key_exists($uid, $this->item->declined); $list_view = 'designs'; // Overwrite permissions when looking at a revision if ($rev) { $is_owner = $uid == $rev->created_by; $can_edit = $access2->get('core.edit') || $access2->get('core.edit.own') && $is_owner; $can_dl = $access2->get('core.download'); $can_edit_state = $access2->get('core.edit.state'); $can_delete = $access2->get('core.delete'); $can_approve = $access2->get('core.approve'); $has_approved = array_key_exists($uid, $rev->approved); $has_declined = array_key_exists($uid, $rev->declined); $list_view = 'revisions'; } $options = array(); if ($access->get('core.create')) { $options[] = array('text' => 'JACTION_ADD', 'task' => 'revisionform.add', 'access' => $access->get('core.create')); } if ($can_edit) { $options[] = array('text' => 'COM_PROJECTFORK_ACTION_EDIT', 'task' => $rev ? 'revisionform.edit' : 'designform.edit', 'access' => $can_edit); } PFToolbar::dropdownButton($options, array('icon' => 'icon-white icon-plus')); // Download button if ($can_dl) { $link = PFdesignsHelperRoute::getDesignRoute($this->item->slug, $this->item->project_slug, $this->item->album_slug, $rev ? $rev->slug : '0:original'); PFToolbar::button('JACTION_DOWNLOAD', null, false, array('access' => true, 'icon' => 'icon-download', 'href' => $link . '&tmpl=component&layout=download&format=raw')); } // Approve and Decline buttons if ($can_approve) { $behavior = $config->get('approval_behavior', 'changeable'); $final = $behavior == 'final'; PFToolbar::group(); if ($final && !$has_declined || !$final) { PFToolbar::button($has_approved ? 'COM_PFDESIGNS_ACTION_APPROVED' : 'COM_PFDESIGNS_ACTION_APPROVE', $has_approved || $final ? '' : ($rev ? 'revisionform.approve' : 'designform.approve'), false, array('access' => true, 'icon' => 'icon-thumbs-up', 'class' => 'btn' . ($has_approved ? ' btn-success active' . ($final ? ' disabled' : '') : ''), 'href' => !$final || $has_approved ? null : "javascript:confirmApprove('approve-design');", 'id' => 'approve-design')); } if (!$has_declined && !$has_approved) { PFToolbar::button('COM_PFDESIGNS_UNDECIDED', '', false, array('access' => true, 'href' => '#', 'icon' => '', 'class' => 'btn active')); } if ($final && !$has_approved || !$final) { PFToolbar::button($has_declined ? 'COM_PFDESIGNS_ACTION_DECLINED' : 'COM_PFDESIGNS_ACTION_DECLINE', $has_declined || $final ? '' : ($rev ? 'revisionform.decline' : 'designform.decline'), false, array('access' => true, 'icon' => 'icon-thumbs-down', 'class' => 'btn' . ($has_declined ? ' btn-danger active' . ($final ? ' disabled' : '') : ''), 'href' => !$final || $has_declined ? null : "javascript:confirmDecline('decline-design');", 'id' => 'decline-design')); } PFToolbar::group(); } return PFToolbar::render(); }
/** * Method override to check if you can edit an existing record. * * @param array $data An array of input data. * @param string $key The name of the key for the primary key. * * @return boolean */ protected function allowEdit($data = array(), $key = 'id') { // Initialise variables. $id = (int) isset($data[$key]) ? $data[$key] : 0; $uid = JFactory::getUser()->get('id'); $access = PFdesignsHelper::getRevisionActions($id); // Check general edit permission first. if ($access->get('core.edit')) { return true; } // Fallback on edit.own. // First test if the permission is available. if ($access->get('core.edit.own')) { // Now test the owner is the user. $owner = (int) isset($data['created_by']) ? $data['created_by'] : 0; if (empty($owner) && $id) { // Need to do a lookup from the model. $record = $this->getModel()->getItem($id); if (empty($record)) { return false; } $owner = $record->created_by; } // If the owner matches 'me' then do the test. if ($owner == $uid) { return true; } } // Since there is no asset tracking, revert to the component permissions. return parent::allowEdit($data, $key); }