public function search() { $offset_start = (int) $this->request->get('offset_start'); $offset_start = $offset_start < 0 ? 0 : $offset_start; $results_quantity = (int) $this->request->get('per_page'); $results_quantity = $results_quantity < 10 || $results_quantity > 50 ? 20 : $results_quantity; $this->query_parms = ['inactives' => $this->request->get('inactives'), 'like_field' => $this->request->get('like_field'), 'like_value' => $this->request->get('like_value'), 'sbas_id' => $this->request->get('sbas_id'), 'base_id' => $this->request->get('base_id'), 'last_model' => $this->request->get('last_model'), 'srt' => $this->request->get("srt", \User_Query::SORT_CREATIONDATE), 'ord' => $this->request->get("ord", \User_Query::ORD_DESC), 'per_page' => $results_quantity, 'offset_start' => $offset_start]; $query = new \User_Query($this->app); if (is_array($this->query_parms['base_id'])) { $query->on_base_ids($this->query_parms['base_id']); } elseif (is_array($this->query_parms['sbas_id'])) { $query->on_sbas_ids($this->query_parms['sbas_id']); } $this->results = $query->sort_by($this->query_parms["srt"], $this->query_parms["ord"])->like($this->query_parms['like_field'], $this->query_parms['like_value'])->last_model_is($this->query_parms['last_model'])->get_inactives($this->query_parms['inactives'])->include_templates(true)->on_bases_where_i_am($this->app['acl']->get($this->app['authentication']->getUser()), ['canadmin'])->limit($offset_start, $results_quantity)->execute(); if (null === ($invite = $this->app['manipulator.user']->getRepository()->findByLogin(User::USER_GUEST))) { $invite = $this->app['manipulator.user']->createUser(User::USER_GUEST, User::USER_GUEST); } if (null == ($autoregister = $this->app['manipulator.user']->getRepository()->findByLogin(User::USER_AUTOREGISTER))) { $autoregister = $this->app['manipulator.user']->createUser(User::USER_AUTOREGISTER, User::USER_AUTOREGISTER); } foreach ($this->query_parms as $k => $v) { if (is_null($v)) { $this->query_parms[$k] = false; } } $query = new \User_Query($this->app); $templates = $query->only_templates(true)->execute()->get_results(); return ['users' => $this->results, 'parm' => $this->query_parms, 'invite_user' => $invite, 'autoregister_user' => $autoregister, 'templates' => $templates]; }
/** * * @param string $event * @param Array $params * @param mixed content $object * @return Void */ public function fire($event, $params, &$object) { $default = ['usr_id' => '', 'order_id' => []]; $params = array_merge($default, $params); $order_id = $params['order_id']; $users = []; try { $repository = $this->app['EM']->getRepository('Phraseanet:OrderElement'); $results = $repository->findBy(['orderId' => $order_id]); $base_ids = []; foreach ($results as $result) { $base_ids[] = $result->getBaseId(); } $base_ids = array_unique($base_ids); $query = new User_Query($this->app); $users = $query->on_base_ids($base_ids)->who_have_right(['order_master'])->execute()->get_results(); } catch (\Exception $e) { } if (count($users) == 0) { return; } $dom_xml = new DOMDocument('1.0', 'UTF-8'); $dom_xml->preserveWhiteSpace = false; $dom_xml->formatOutput = true; $root = $dom_xml->createElement('datas'); $usr_id_dom = $dom_xml->createElement('usr_id'); $order_id_dom = $dom_xml->createElement('order_id'); $usr_id_dom->appendChild($dom_xml->createTextNode($params['usr_id'])); $order_id_dom->appendChild($dom_xml->createTextNode($order_id)); $root->appendChild($usr_id_dom); $root->appendChild($order_id_dom); $dom_xml->appendChild($root); $datas = $dom_xml->saveXml(); if (null === ($orderInitiator = $this->app['manipulator.user']->getRepository()->find($params['usr_id']))) { return; } foreach ($users as $user) { $mailed = false; if ($this->shouldSendNotificationFor($user->getId())) { $readyToSend = false; try { $receiver = Receiver::fromUser($user); $readyToSend = true; } catch (\Exception $e) { continue; } if ($readyToSend) { $mail = MailInfoNewOrder::create($this->app, $receiver); $mail->setUser($orderInitiator); $this->app['notification.deliverer']->deliver($mail); $mailed = true; } } $this->broker->notify($user->getId(), __CLASS__, $datas, $mailed); } return; }
/** * * @param string $query * @param User $for_user * @param \databox $on_databox * @return \Doctrine\Common\Collections\ArrayCollection */ public function find($query, User $for_user, \databox $on_databox = null) { $user_query = new \User_Query($this->app); $users = $user_query->like(\User_Query::LIKE_EMAIL, $query)->like(\User_Query::LIKE_NAME, $query)->like(\User_Query::LIKE_LOGIN, $query)->like_match(\User_Query::LIKE_MATCH_OR)->include_phantoms(true)->on_bases_where_i_am($this->app['acl']->get($for_user), ['canadmin'])->limit(0, 50)->execute()->get_results(); $results = new ArrayCollection(); foreach ($users as $user) { $results->add(new Term($user->getDisplayName(), '', $this, $user->getId())); } return $results; }
/** * * @param string $event * @param Array $params * @param mixed content $object * @return boolean */ public function fire($event, $params, &$entry) { $params = ['entry_id' => $entry->getId(), 'notify_email' => $params['notify_email']]; $dom_xml = new DOMDocument('1.0', 'UTF-8'); $dom_xml->preserveWhiteSpace = false; $dom_xml->formatOutput = true; $root = $dom_xml->createElement('datas'); $entry_id = $dom_xml->createElement('entry_id'); $entry_id->appendChild($dom_xml->createTextNode($params['entry_id'])); $root->appendChild($entry_id); $dom_xml->appendChild($root); $datas = $dom_xml->saveXml(); $Query = new \User_Query($this->app); $Query->include_phantoms(true)->include_invite(false)->include_templates(false)->email_not_null(true); if ($entry->getFeed()->getCollection($this->app)) { $Query->on_base_ids([$entry->getFeed()->getCollection($this->app)->get_base_id()]); } $start = 0; $perLoop = 100; $from = ['email' => $entry->getAuthorEmail(), 'name' => $entry->getAuthorName()]; do { $results = $Query->limit($start, $perLoop)->execute()->get_results(); foreach ($results as $user_to_notif) { $mailed = false; if ($params['notify_email'] && $this->shouldSendNotificationFor($user_to_notif->getId())) { $readyToSend = false; try { $token = $this->app['tokens']->getUrlToken(\random::TYPE_FEED_ENTRY, $user_to_notif->getId(), null, $entry->getId()); $url = $this->app->url('lightbox', ['LOG' => $token]); $receiver = Receiver::fromUser($user_to_notif); $readyToSend = true; } catch (\Exception $e) { } if ($readyToSend) { $mail = MailInfoNewPublication::create($this->app, $receiver); $mail->setButtonUrl($url); $mail->setAuthor($entry->getAuthorName()); $mail->setTitle($entry->getTitle()); $this->app['notification.deliverer']->deliver($mail); $mailed = true; } } $this->broker->notify($user_to_notif->getId(), __CLASS__, $datas, $mailed); } $start += $perLoop; } while (count($results) > 0); return true; }
protected function doExecute(InputInterface $input, OutputInterface $output) { $databox = $this->container['phraseanet.appbox']->get_databox((int) $input->getArgument('databox_id')); $new_collection = \collection::create($this->container, $databox, $this->container['phraseanet.appbox'], $input->getArgument('collname')); if ($new_collection && $input->getOption('base_id_rights')) { $query = new \User_Query($this->container); $total = $query->on_base_ids([$input->getOption('base_id_rights')])->get_total(); $n = 0; while ($n < $total) { $results = $query->limit($n, 40)->execute()->get_results(); foreach ($results as $user) { $this->container['acl']->get($user)->duplicate_right_from_bas($input->getOption('base_id_rights'), $new_collection->get_base_id()); } $n += 40; } } $app = $this->container; $this->container['manipulator.acl']->resetAdminRights($this->container['manipulator.user']->getRepository()->findAdmins()); $this->container['dispatcher']->dispatch(PhraseaEvents::COLLECTION_CREATE, new CollectionCreateEvent($new_collection)); }
/** * * @param string $event * @param Array $params * @param mixed content $object */ public function fire($event, $params, &$object) { if (isset($params['lazaret_file']) && $params['lazaret_file'] instanceof LazaretFile) { /* @var $lazaretFile LazaretFile */ $lazaretFile = $params['lazaret_file']; $domXML = new DOMDocument('1.0', 'UTF-8'); $domXML->preserveWhiteSpace = false; $domXML->formatOutput = true; $root = $domXML->createElement('datas'); //Filename $filename = $domXML->createElement('filename'); $filename->appendChild($domXML->createTextNode($lazaretFile->getOriginalName())); $root->appendChild($filename); //Reasons for quarantine $reasons = $domXML->createElement('reasons'); foreach ($lazaretFile->getChecks() as $check) { /* @var $check LazaretCheck */ $reason = $domXML->createElement('checkClassName'); $reason->appendChild($domXML->createTextNode($check->getCheckClassname())); $reasons->appendChild($reason); } $root->appendChild($reasons); $domXML->appendChild($root); $datas = $domXML->saveXml(); //Sender if (null !== ($user = $lazaretFile->getSession()->getUser())) { $sender = $domXML->createElement('sender'); $sender->appendChild($domXML->createTextNode($user->getDisplayName())); $root->appendChild($sender); $this->notifyUser($user, $datas); } else { //No lazaretSession user, fil is uploaded via automated tasks etc .. $query = new User_Query($this->app); $users = $query->on_base_ids([$lazaretFile->getBaseId()])->who_have_right(['canaddrecord'])->execute()->get_results(); foreach ($users as $user) { $this->notifyUser($user, $datas); } } } return; }
public function unmount_databox() { foreach ($this->get_collections() as $collection) { $collection->unmount_collection($this->app); } $query = new User_Query($this->app); $total = $query->on_sbas_ids([$this->id])->include_phantoms(false)->include_special_users(true)->include_invite(true)->include_templates(true)->get_total(); $n = 0; while ($n < $total) { $results = $query->limit($n, 50)->execute()->get_results(); foreach ($results as $user) { $this->app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS); $this->app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS); $this->app['acl']->get($user)->delete_injected_rights_sbas($this); } $n += 50; } foreach ($this->app['EM']->getRepository('Phraseanet:StoryWZ')->findByDatabox($this->app, $this) as $story) { $this->app['EM']->remove($story); } foreach ($this->app['EM']->getRepository('Phraseanet:BasketElement')->findElementsByDatabox($this) as $element) { $this->app['EM']->remove($element); } $this->app['EM']->flush(); $params = [':site_id' => $this->app['conf']->get(['main', 'key'])]; $sql = 'DELETE FROM clients WHERE site_id = :site_id'; $stmt = $this->get_connection()->prepare($sql); $stmt->execute($params); $stmt->closeCursor(); $sql = 'DELETE FROM memcached WHERE site_id = :site_id'; $stmt = $this->get_connection()->prepare($sql); $stmt->execute($params); $stmt->closeCursor(); $sql = "DELETE FROM sbas WHERE sbas_id = :sbas_id"; $stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql); $stmt->execute([':sbas_id' => $this->id]); $stmt->closeCursor(); $sql = "DELETE FROM sbasusr WHERE sbas_id = :sbas_id"; $stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql); $stmt->execute([':sbas_id' => $this->id]); $stmt->closeCursor(); $this->app['phraseanet.appbox']->delete_data_from_cache(appbox::CACHE_LIST_BASES); return; }
/** * Create a new collection * * @param Application $app The silex application * @param Request $request The current HTTP request * @param integer $databox_id The requested databox * @return Response */ public function createCollection(Application $app, Request $request, $databox_id) { if (($name = trim($request->request->get('name', ''))) === '') { return $app->redirectPath('admin_database_display_new_collection_form', ['databox_id' => $databox_id, 'error' => 'name']); } try { $databox = $app['phraseanet.appbox']->get_databox($databox_id); $collection = \collection::create($app, $databox, $app['phraseanet.appbox'], $name, $app['authentication']->getUser()); if ($request->request->get('ccusrothercoll') === "on" && null !== ($othcollsel = $request->request->get('othcollsel'))) { $query = new \User_Query($app); $total = $query->on_base_ids([$othcollsel])->get_total(); $n = 0; while ($n < $total) { $results = $query->limit($n, 20)->execute()->get_results(); foreach ($results as $user) { $app['acl']->get($user)->duplicate_right_from_bas($othcollsel, $collection->get_base_id()); } $n += 20; } } $app['dispatcher']->dispatch(PhraseaEvents::COLLECTION_CREATE, new CollectionCreateEvent($collection)); return $app->redirectPath('admin_display_collection', ['bas_id' => $collection->get_base_id(), 'success' => 1, 'reload-tree' => 1]); } catch (\Exception $e) { return $app->redirectPath('admin_database_submit_collection', ['databox_id' => $databox_id, 'error' => 'error']); } }
public function connect(Application $app) { $app['controller.admin.users'] = $this; $controllers = $app['controllers_factory']; $app['firewall']->addMandatoryAuthentication($controllers); $controllers->before(function (Request $request) use($app) { $app['firewall']->requireAccessToModule('admin')->requireRight('manageusers'); }); $controllers->post('/rights/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers.html.twig', $rights->get_users_rights()); }); $controllers->get('/rights/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers.html.twig', $rights->get_users_rights()); }); $controllers->post('/rights/reset/', function (Application $app, Request $request) { try { $datas = ['error' => false]; $helper = new UserHelper\Edit($app, $request); $helper->resetRights(); } catch (\Exception $e) { $datas['error'] = true; $datas['message'] = $e->getMessage(); } return $app->json($datas); })->bind('admin_users_rights_reset'); $controllers->post('/delete/', function (Application $app) { $module = new UserHelper\Edit($app, $app['request']); $module->delete_users(); return $app->redirectPath('admin_users_search'); }); $controllers->post('/rights/apply/', function (Application $app) { $datas = ['error' => true]; try { $rights = new UserHelper\Edit($app, $app['request']); if (!$app['request']->request->get('reset_before_apply')) { $rights->apply_rights(); } if ($app['request']->request->get('template')) { if ($app['request']->request->get('reset_before_apply')) { $rights->resetRights(); } $rights->apply_template(); } $rights->apply_infos(); $datas = ['error' => false]; } catch (\Exception $e) { $datas['message'] = $e->getMessage(); } return $app->json($datas); })->bind('admin_users_rights_apply'); $controllers->post('/rights/quotas/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers_quotas.html.twig', $rights->get_quotas()); }); $controllers->post('/rights/quotas/apply/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); $rights->apply_quotas(); return $app->json(['message' => '', 'error' => false]); }); $controllers->post('/rights/time/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers_timelimit.html.twig', $rights->get_time()); }); $controllers->post('/rights/time/sbas/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers_timelimit_sbas.html.twig', $rights->get_time_sbas()); }); $controllers->post('/rights/time/apply/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); $rights->apply_time(); return $app->json(['message' => '', 'error' => false]); }); $controllers->post('/rights/masks/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers_masks.html.twig', $rights->get_masks()); }); $controllers->post('/rights/masks/apply/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); $rights->apply_masks(); return $app->json(['message' => '', 'error' => false]); }); $controllers->match('/search/', function (Application $app) { $users = new UserHelper\Manage($app, $app['request']); return $app['twig']->render('admin/users.html.twig', $users->search()); })->bind('admin_users_search'); $controllers->post('/search/export/', function () use($app) { $request = $app['request']; $users = new UserHelper\Manage($app, $app['request']); $userTable = [['ID', 'Login', 'Last Name', 'First Name', 'E-Mail', 'Created', 'Updated', 'Address', 'City', 'Zip', 'Country', 'Phone', 'Fax', 'Job', 'Company', 'Position']]; foreach ($users->export() as $user) { $userTable[] = [$user->getId(), $user->getLogin(), $user->getLastName(), $user->getFirstName(), $user->getEmail(), $user->getCreated()->format(DATE_ATOM), $user->getUpdated()->format(DATE_ATOM), $user->getAddress(), $user->getCity(), $user->getZipCode(), $user->getCountry(), $user->getPhone(), $user->getFax(), $user->getJob(), $user->getCompany(), $user->getActivity()]; } $CSVDatas = \format::arr_to_csv($userTable); $response = new Response($CSVDatas, 200, ['Content-Type' => 'text/csv']); $response->headers->set('Content-Disposition', 'attachment; filename=export.csv'); return $response; })->bind('admin_users_search_export'); $controllers->post('/apply_template/', function () use($app) { $users = new UserHelper\Edit($app, $app['request']); if ($app['request']->request->get('reset_before_apply')) { $users->resetRights(); } $users->apply_template(); return $app->redirectPath('admin_users_search'); })->bind('admin_users_apply_template'); $controllers->get('/typeahead/search/', function (Application $app) { $request = $app['request']; $user_query = new \User_Query($app); $like_value = $request->query->get('term'); $rights = $request->query->get('filter_rights') ?: []; $have_right = $request->query->get('have_right') ?: []; $have_not_right = $request->query->get('have_not_right') ?: []; $on_base = $request->query->get('on_base') ?: []; $elligible_users = $user_query->on_sbas_where_i_am($app['acl']->get($app['authentication']->getUser()), $rights)->like(\User_Query::LIKE_EMAIL, $like_value)->like(\User_Query::LIKE_FIRSTNAME, $like_value)->like(\User_Query::LIKE_LASTNAME, $like_value)->like(\User_Query::LIKE_LOGIN, $like_value)->like_match(\User_Query::LIKE_MATCH_OR)->who_have_right($have_right)->who_have_not_right($have_not_right)->on_base_ids($on_base)->execute()->get_results(); $datas = []; foreach ($elligible_users as $user) { $datas[] = ['email' => $user->getEmail() ?: '', 'login' => $user->getLogin() ?: '', 'name' => $user->getDisplayName(), 'id' => $user->getId()]; } return $app->json($datas); }); $controllers->post('/create/', function (Application $app) { $datas = ['error' => false, 'message' => '', 'data' => null]; try { $request = $app['request']; $module = new UserHelper\Manage($app, $app['request']); if ($request->request->get('template') == '1') { $user = $module->create_template(); } else { $user = $module->create_newuser(); } if (!$user instanceof User) { throw new \Exception('Unknown error'); } $datas['data'] = $user->getId(); } catch (\Exception $e) { $datas['error'] = true; if ($request->request->get('template') == '1') { $datas['message'] = $app->trans('Unable to create template, the name is already used.'); } else { $datas['message'] = $app->trans('Unable to create the user.'); } } return $app->json($datas); }); $controllers->post('/export/csv/', function (Application $app) { $request = $app['request']; $user_query = new \User_Query($app); $like_value = $request->request->get('like_value'); $like_field = $request->request->get('like_field'); $on_base = $request->request->get('base_id') ?: null; $on_sbas = $request->request->get('sbas_id') ?: null; $elligible_users = $user_query->on_bases_where_i_am($app['acl']->get($app['authentication']->getUser()), ['canadmin'])->like($like_field, $like_value)->on_base_ids($on_base)->on_sbas_ids($on_sbas); $offset = 0; $buffer = []; $buffer[] = ['ID', 'Login', $app->trans('admin::compte-utilisateur nom'), $app->trans('admin::compte-utilisateur prenom'), $app->trans('admin::compte-utilisateur email'), 'CreationDate', 'ModificationDate', $app->trans('admin::compte-utilisateur adresse'), $app->trans('admin::compte-utilisateur ville'), $app->trans('admin::compte-utilisateur code postal'), $app->trans('admin::compte-utilisateur pays'), $app->trans('admin::compte-utilisateur telephone'), $app->trans('admin::compte-utilisateur fax'), $app->trans('admin::compte-utilisateur poste'), $app->trans('admin::compte-utilisateur societe'), $app->trans('admin::compte-utilisateur activite')]; do { $elligible_users->limit($offset, 20); $offset += 20; $results = $elligible_users->execute()->get_results(); foreach ($results as $user) { $buffer[] = [$user->getId(), $user->getLogin(), $user->getLastName(), $user->getFirstName(), $user->getEmail(), $app['date-formatter']->format_mysql($user->getCreated()), $app['date-formatter']->format_mysql($user->getUpdated()), $user->getAddress(), $user->getCity(), $user->getZipCode(), $user->getCountry(), $user->getPhone(), $user->getFax(), $user->getJob(), $user->getCompany(), $user->getActivity()]; } } while (count($results) > 0); $out = \format::arr_to_csv($buffer); $response = new Response($out, 200, ['Content-type' => 'text/csv', 'Content-Disposition' => 'attachment; filename=export.csv']); $response->setCharset('UTF-8'); return $response; })->bind('admin_users_export_csv'); $controllers->get('/registrations/', function (Application $app) { $app['manipulator.registration']->deleteOldRegistrations(); $models = $app['manipulator.user']->getRepository()->findModelOf($app['authentication']->getUser()); $userRegistrations = []; foreach ($app['manipulator.registration']->getRepository()->getUserRegistrations($app['authentication']->getUser(), $app['acl']->get($app['authentication']->getUser())->get_granted_base(['canadmin'])) as $registration) { $user = $registration->getUser(); $userRegistrations[$user->getId()]['user'] = $user; $userRegistrations[$user->getId()]['registrations'][$registration->getBaseid()] = $registration; } return $app['twig']->render('admin/user/registrations.html.twig', ['user_registrations' => $userRegistrations, 'models' => $models]); })->bind('users_display_registrations'); $controllers->post('/registrations/', function (Application $app, Request $request) { $templates = $deny = $accept = $options = []; foreach ($request->request->get('template', []) as $tmp) { if ('' === trim($tmp)) { continue; } $tmp = explode('_', $tmp); if (count($tmp) == 2) { $templates[$tmp[0]] = $tmp[1]; } } foreach ($request->request->get('deny', []) as $den) { $den = explode('_', $den); if (count($den) == 2 && !isset($templates[$den[0]])) { $deny[$den[0]][$den[1]] = $den[1]; } } foreach ($request->request->get('accept', []) as $acc) { $acc = explode('_', $acc); if (count($acc) == 2 && !isset($templates[$acc[0]])) { $accept[$acc[0]][$acc[1]] = $acc[1]; $options[$acc[0]][$acc[1]] = ['HD' => false, 'WM' => false]; } } foreach ($request->request->get('accept_hd', []) as $accHD) { $accHD = explode('_', $accHD); if (count($accHD) == 2 && isset($accept[$accHD[0]]) && isset($options[$accHD[0]][$accHD[1]])) { $options[$accHD[0]][$accHD[1]]['HD'] = true; } } foreach ($request->request->get('watermark', []) as $wm) { $wm = explode('_', $wm); if (count($wm) == 2 && isset($accept[$wm[0]]) && isset($options[$wm[0]][$wm[1]])) { $options[$wm[0]][$wm[1]]['WM'] = true; } } if (count($templates) > 0 || count($deny) > 0 || count($accept) > 0) { $cacheToUpdate = $done = []; foreach ($templates as $usr => $template_id) { if (null === ($user = $app['manipulator.user']->getRepository()->find($usr))) { $app->abort(400, srpintf("User with id % in provided in 'template' request variable could not be found", $usr)); } $cacheToUpdate[$usr] = $user; $user_template = $app['manipulator.user']->getRepository()->find($template_id); $collections = $app['acl']->get($user_template)->get_granted_base(); $baseIds = array_keys($collections); $app['acl']->get($user)->apply_model($user_template, $baseIds); foreach ($collections as $collection) { $done[$usr][$collection->get_base_id()] = true; } $app['manipulator.registration']->deleteUserRegistrations($user, $collections); } foreach ($deny as $usr => $bases) { if (null === ($user = $app['manipulator.user']->getRepository()->find($usr))) { $app->abort(400, srpintf("User with id % in provided in 'deny' request variable could not be found", $usr)); } $cacheToUpdate[$usr] = $user; foreach ($app['manipulator.registration']->getRepository()->getUserRegistrations($user, array_map(function ($baseId) use($app) { return \collection::get_from_base_id($app, $baseId); }, $bases)) as $registration) { $app['manipulator.registration']->rejectRegistration($registration); $done[$usr][$registration->getBaseId()] = false; } } foreach ($accept as $usr => $bases) { if (null === ($user = $app['manipulator.user']->getRepository()->find($usr))) { $app->abort(400, srpintf("User with id % in provided in 'accept' request variable could not be found", $usr)); } $cacheToUpdate[$usr] = $user; foreach ($app['manipulator.registration']->getRepository()->getUserRegistrations($user, array_map(function ($baseId) use($app) { return \collection::get_from_base_id($app, $baseId); }, $bases)) as $registration) { $done[$usr][$registration->getBaseId()] = true; $app['manipulator.registration']->acceptRegistration($registration, $options[$usr][$registration->getBaseId()]['HD'], $options[$usr][$registration->getBaseId()]['WM']); } } array_walk($cacheToUpdate, function (User $user) use($app) { $app['acl']->get($user)->delete_data_from_cache(); }); unset($cacheToUpdate); foreach ($done as $usr => $bases) { $user = $app['manipulator.user']->getRepository()->find($usr); $acceptColl = $denyColl = []; foreach ($bases as $bas => $isok) { $collection = \collection::get_from_base_id($app, $bas); if ($isok) { $acceptColl[] = $collection->get_label($app['locale']); continue; } $denyColl[] = $collection->get_label($app['locale']); } if (0 !== count($acceptColl) || 0 !== count($denyColl)) { $message = ''; if (0 !== count($acceptColl)) { $message .= "\n" . $app->trans('login::register:email: Vous avez ete accepte sur les collections suivantes : ') . implode(', ', $acceptColl) . "\n"; } if (0 !== count($denyColl)) { $message .= "\n" . $app->trans('login::register:email: Vous avez ete refuse sur les collections suivantes : ') . implode(', ', $denyColl) . "\n"; } $receiver = new Receiver(null, $user->getEmail()); $mail = MailSuccessEmailUpdate::create($app, $receiver, null, $message); $app['notification.deliverer']->deliver($mail); } } } return $app->redirectPath('users_display_registrations', ['success' => 1]); })->bind('users_submit_registrations'); $controllers->get('/import/file/', function (Application $app, Request $request) { return $app['twig']->render('admin/user/import/file.html.twig'); })->bind('users_display_import_file'); $controllers->post('/import/file/', function (Application $app, Request $request) { if (null === ($file = $request->files->get('files')) || !$file->isValid()) { return $app->redirectPath('users_display_import_file', ['error' => 'file-invalid']); } $equivalenceToMysqlField = self::getEquivalenceToMysqlField(); $loginDefined = $pwdDefined = $mailDefined = false; $loginNew = []; $out = ['ignored_row' => [], 'errors' => []]; $nbUsrToAdd = 0; $lines = \format::csv_to_arr($file->getPathname()); $roughColumns = array_shift($lines); $columnsSanitized = array_map(function ($columnName) { return trim(mb_strtolower($columnName)); }, $roughColumns); $columns = array_filter($columnsSanitized, function ($columnName) use(&$out, $equivalenceToMysqlField) { if (!isset($equivalenceToMysqlField[$columnName])) { $out['ignored_row'][] = $columnName; return false; } return true; }); foreach ($columns as $columnName) { if ($equivalenceToMysqlField[$columnName] === 'usr_login') { $loginDefined = true; } if ($equivalenceToMysqlField[$columnName] === 'usr_password') { $pwdDefined = true; } if ($equivalenceToMysqlField[$columnName] === 'usr_mail') { $mailDefined = true; } } if (!$loginDefined) { return $app->redirectPath('users_display_import_file', ['error' => 'row-login']); } if (!$pwdDefined) { return $app->redirectPath('users_display_import_file', ['error' => 'row-pwd']); } if (!$mailDefined) { return $app->redirectPath('users_display_import_file', ['error' => 'row-mail']); } foreach ($lines as $nbLine => $line) { $loginValid = false; $pwdValid = false; $mailValid = false; foreach ($columns as $nbCol => $colName) { if (!isset($equivalenceToMysqlField[$colName])) { unset($lines[$nbCol]); continue; } $sqlField = $equivalenceToMysqlField[$colName]; $value = $line[$nbCol]; if ($sqlField === 'usr_login') { $loginToAdd = $value; if ($loginToAdd === "") { $out['errors'][] = $app->trans("Login line %line% is empty", ['%line%' => $nbLine + 1]); } elseif (in_array($loginToAdd, $loginNew)) { $out['errors'][] = $app->trans("Login %login% is already defined in the file at line %line%", ['%login%' => $loginToAdd, '%line%' => $nbLine]); } else { if (null !== $app['manipulator.user']->getRepository()->findByLogin($loginToAdd)) { $out['errors'][] = $app->trans("Login %login% already exists in database", ['%login%' => $loginToAdd]); } else { $loginValid = true; } } } if ($loginValid && $sqlField === 'usr_mail') { $mailToAdd = $value; if ($mailToAdd === "") { $out['errors'][] = $app->trans("Mail line %line% is empty", ['%line%' => $nbLine + 1]); } elseif (null !== $app['manipulator.user']->getRepository()->findByEmail($mailToAdd)) { $out['errors'][] = $app->trans("Email '%email%' for login '%login%' already exists in database", ['%email%' => $mailToAdd, '%login%' => $loginToAdd]); } else { $mailValid = true; } } if ($sqlField === 'usr_password') { $passwordToVerif = $value; if ($passwordToVerif === "") { $out['errors'][] = $app->trans("Password is empty at line %line%", ['%line%' => $nbLine]); } else { $pwdValid = true; } } } if ($loginValid && $pwdValid && $mailValid) { $loginNew[] = $loginToAdd; $nbUsrToAdd++; } } if (count($out['errors']) > 0 && $nbUsrToAdd === 0) { return $app['twig']->render('admin/user/import/file.html.twig', ['errors' => $out['errors']]); } if ($nbUsrToAdd === 0) { return $app->redirectPath('users_display_import_file', ['error' => 'no-user']); } $basList = array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(['manage'])); $models = $app['EM.native-query']->getModelForUser($app['authentication']->getUser(), $basList); return $app['twig']->render('/admin/user/import/view.html.twig', ['nb_user_to_add' => $nbUsrToAdd, 'models' => $models, 'lines_serialized' => serialize($lines), 'columns_serialized' => serialize($columns), 'errors' => $out['errors']]); })->bind('users_submit_import_file'); $controllers->post('/import/', function (Application $app, Request $request) { $nbCreation = 0; if (null === ($serializedColumns = $request->request->get('sr_columns')) || '' === $serializedColumns) { $app->abort(400); } if (null === ($serializedLines = $request->request->get('sr_lines')) || '' === $serializedLines) { $app->abort(400); } if (null === ($model = $request->request->get("modelToApply"))) { $app->abort(400); } $lines = unserialize($serializedLines); $columns = unserialize($serializedColumns); $equivalenceToMysqlField = Users::getEquivalenceToMysqlField(); foreach ($lines as $nbLine => $line) { $curUser = []; foreach ($columns as $nbCol => $colName) { if (!isset($equivalenceToMysqlField[$colName]) || !isset($line[$nbCol])) { continue; } $sqlField = $equivalenceToMysqlField[$colName]; $value = trim($line[$nbCol]); if ($sqlField === "usr_sexe") { switch ($value) { case "Mlle": case "Mlle.": case "mlle": case "Miss": case "miss": case "0": $curUser[$sqlField] = 0; break; case "Mme": case "Madame": case "Ms": case "Ms.": case "1": $curUser[$sqlField] = 1; break; case "M": case "M.": case "Mr": case "Mr.": case "Monsieur": case "Mister": case "2": $curUser[$sqlField] = 2; break; } } else { $curUser[$sqlField] = $value; } } if (isset($curUser['usr_login']) && trim($curUser['usr_login']) !== '' && isset($curUser['usr_password']) && trim($curUser['usr_password']) !== '' && isset($curUser['usr_mail']) && trim($curUser['usr_mail']) !== '') { if (null === $app['manipulator.user']->getRepository()->findByLogin($curUser['usr_login']) && false === $app['manipulator.user']->getRepository()->findByEmail($curUser['usr_mail'])) { $newUser = $app['manipulator.user']->createUser($curUser['usr_login'], $curUser['usr_password'], $curUser['usr_mail']); $ftpCredential = new FtpCredential(); $ftpCredential->setUser($newUser); if (isset($curUser['activeFTP'])) { $ftpCredential->setActive((int) $curUser['activeFTP']); } if (isset($curUser['addrFTP'])) { $ftpCredential->setAddress((string) $curUser['addrFTP']); } if (isset($curUser['passifFTP'])) { $ftpCredential->setPassive((int) $curUser['passifFTP']); } if (isset($curUser['destFTP'])) { $ftpCredential->setReceptionFolder($curUser['destFTP']); } if (isset($curUser['prefixFTPfolder'])) { $ftpCredential->setRepositoryPrefixName($curUser['prefixFTPfolder']); } if (isset($curUser['usr_prenom'])) { $newUser->setFirstName($curUser['usr_prenom']); } if (isset($curUser['usr_nom'])) { $newUser->setLastName($curUser['usr_nom']); } if (isset($curUser['adresse'])) { $newUser->setAdress($curUser['adresse']); } if (isset($curUser['cpostal'])) { $newUser->setZipCode($curUser['cpostal']); } if (isset($curUser['usr_sexe'])) { $newUser->setGender((int) $curUser['usr_sexe']); } if (isset($curUser['tel'])) { $newUser->setPhone($curUser['tel']); } if (isset($curUser['fax'])) { $newUser->setFax($curUser['fax']); } if (isset($curUser['activite'])) { $newUser->setJob($curUser['activite']); } if (isset($curUser['fonction'])) { $newUser->setPosition($curUser['fonction']); } if (isset($curUser['societe'])) { $newUser->setCompany($curUser['societe']); } $app['acl']->get($newUser)->apply_model($app['manipulator.user']->getRepository()->find($model), array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(['manage']))); $nbCreation++; } } } return $app->redirectPath('admin_users_search', ['user-updated' => $nbCreation]); })->bind('users_submit_import'); $controllers->get('/import/example/csv/', function (Application $app) { $file = new \SplFileInfo($app['root.path'] . '/lib/Fixtures/exampleImportUsers.csv'); if (!$file->isFile()) { $app->abort(400); } $response = new Response(); $response->setStatusCode(200); $response->headers->set('Pragma', 'public'); $response->headers->set('Content-Disposition', 'attachment; filename=' . $file->getFilename()); $response->headers->set('Content-Length', $file->getSize()); $response->headers->set('Content-Type', 'text/csv'); $response->setContent(file_get_contents($file->getPathname())); return $response; })->bind('users_import_csv'); $controllers->get('/import/example/rtf/', function (Application $app) { $file = new \SplFileInfo($app['root.path'] . '/lib/Fixtures/Fields.rtf'); if (!$file->isFile()) { $app->abort(400); } $response = new Response(); $response->setStatusCode(200); $response->headers->set('Pragma', 'public'); $response->headers->set('Content-Disposition', 'attachment; filename=' . $file->getFilename()); $response->headers->set('Content-Length', $file->getSize()); $response->headers->set('Content-Type', 'text/rtf'); $response->setContent(file_get_contents($file->getPathname())); return $response; })->bind('users_import_rtf'); return $controllers; }
public function unmount_collection(Application $app) { $params = [':base_id' => $this->get_base_id()]; $query = new User_Query($app); $total = $query->on_base_ids([$this->get_base_id()])->include_phantoms(false)->include_special_users(true)->include_invite(true)->include_templates(true)->get_total(); $n = 0; while ($n < $total) { $results = $query->limit($n, 50)->execute()->get_results(); foreach ($results as $user) { $app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS); $app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS); } $n += 50; } $sql = "DELETE FROM basusr WHERE base_id = :base_id"; $stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql); $stmt->execute($params); $stmt->closeCursor(); $sql = "DELETE FROM bas WHERE base_id = :base_id"; $stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql); $stmt->execute($params); $stmt->closeCursor(); $this->app['manipulator.registration']->deleteRegistrationsOnCollection($this); phrasea::reset_baseDatas($app['phraseanet.appbox']); return $this; }
/** * Create a new order * * @param Application $app * @param Request $request * * @return RedirectResponse|JsonResponse */ public function createOrder(Application $app, Request $request) { $success = false; $collectionHasOrderAdmins = new ArrayCollection(); $toRemove = []; $records = RecordsRequest::fromRequest($app, $request, true, ['cancmd']); $hasOneAdmin = []; if (!$records->isEmpty()) { $order = new OrderEntity(); $order->setUser($app['authentication']->getUser()); $order->setDeadline(null !== ($deadLine = $request->request->get('deadline')) ? new \DateTime($deadLine) : $deadLine); $order->setOrderUsage($request->request->get('use', '')); foreach ($records as $key => $record) { if ($collectionHasOrderAdmins->containsKey($record->get_base_id())) { if (!$collectionHasOrderAdmins->get($record->get_base_id())) { $records->remove($key); } } if (!isset($hasOneAdmin[$record->get_base_id()])) { $query = new \User_Query($app); $hasOneAdmin[$record->get_base_id()] = (bool) count($query->on_base_ids([$record->get_base_id()])->who_have_right(['order_master'])->execute()->get_results()); } $collectionHasOrderAdmins->set($record->get_base_id(), $hasOneAdmin[$record->get_base_id()]); if (!$hasOneAdmin[$record->get_base_id()]) { $toRemove[] = $key; } else { $orderElement = new OrderElement(); $order->addElement($orderElement); $orderElement->setOrder($order); $orderElement->setBaseId($record->get_base_id()); $orderElement->setRecordId($record->get_record_id()); $app['EM']->persist($orderElement); } } foreach ($toRemove as $key) { if ($records->containsKey($key)) { $records->remove($key); } } $noAdmins = $collectionHasOrderAdmins->forAll(function ($key, $hasAdmin) { return false === $hasAdmin; }); if ($noAdmins) { $msg = $app->trans('There is no one to validate orders, please contact an administrator'); } $order->setTodo($order->getElements()->count()); try { $app['events-manager']->trigger('__NEW_ORDER__', ['order_id' => $order->getId(), 'usr_id' => $order->getUser()->getId()]); $success = true; $app['EM']->persist($order); $app['EM']->flush(); } catch (\Exception $e) { } if ($success) { $msg = $app->trans('The records have been properly ordered'); } else { $msg = $app->trans('An error occured'); } } else { $msg = $app->trans('There is no record eligible for an order'); } if ('json' === $app['request']->getRequestFormat()) { return $app->json(['success' => $success, 'msg' => $msg]); } return $app->redirectPath('prod_orders', ['success' => (int) $success, 'action' => 'send']); }
/** * * @return record_exportElement */ protected function get_actions() { $this->downloadable = $downloadable = []; $this->orderable = $orderable = []; $sd = $this->get_subdefs(); $sbas_id = phrasea::sbasFromBas($this->app, $this->base_id); $subdefgroups = $this->app['phraseanet.appbox']->get_databox($sbas_id)->get_subdef_structure(); $subdefs = []; foreach ($subdefgroups as $subdef_type => $subdefs_obj) { if ($subdef_type == $this->get_type()) { $subdefs = $subdefs_obj; break; } } $go_dl = ['document' => false, 'preview' => false, 'thumbnail' => true]; if ($this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($this->get_base_id(), 'candwnldhd')) { $go_dl['document'] = true; } if ($this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($this->get_base_id(), 'candwnldpreview')) { $go_dl['preview'] = true; } if ($this->app['acl']->get($this->app['authentication']->getUser())->has_hd_grant($this)) { $go_dl['document'] = true; $go_dl['preview'] = true; } if ($this->app['acl']->get($this->app['authentication']->getUser())->has_preview_grant($this)) { $go_dl['preview'] = true; } $query = new User_Query($this->app); $masters = $query->on_base_ids([$this->base_id])->who_have_right(['order_master'])->execute()->get_results(); $go_cmd = count($masters) > 0 && $this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($this->base_id, 'cancmd'); $orderable['document'] = false; $downloadable['document'] = false; if (isset($sd['document']) && is_file($sd['document']->get_pathfile())) { if ($go_dl['document'] === true) { if ($this->app['acl']->get($this->app['authentication']->getUser())->is_restricted_download($this->base_id)) { $this->remain_hd--; if ($this->remain_hd >= 0) { $localizedLabel = $this->app->trans('document original'); $downloadable['document'] = ['class' => 'document', 'label' => $localizedLabel]; } } else { $localizedLabel = $this->app->trans('document original'); $downloadable['document'] = ['class' => 'document', 'label' => $localizedLabel]; } } if ($go_cmd === true) { $orderable['document'] = true; } $this->add_count('document', $sd['document']->get_size()); } foreach ($subdefs as $subdef) { $name = $subdef->get_name(); $class = $subdef->get_class(); $subdef_label = $name; foreach ($subdef->get_labels() as $lang => $label) { if (trim($label) == '') { continue; } if ($lang == $this->app['locale']) { $subdef_label = $label; break; } $subdef_label = $label; } $downloadable[$name] = false; $downloadable_settings = $subdef->is_downloadable(); if (!$downloadable_settings || $go_dl[$class] === false) { continue; } if ($go_dl[$class]) { if (isset($sd[$name]) && $sd[$name]->is_physically_present()) { if ($class == 'document') { if ($this->app['acl']->get($this->app['authentication']->getUser())->is_restricted_download($this->base_id)) { $this->remain_hd--; if ($this->remain_hd >= 0) { $downloadable[$name] = ['class' => $class, 'label' => $subdef_label]; } } else { $downloadable[$name] = ['class' => $class, 'label' => $subdef_label]; } } else { $downloadable[$name] = ['class' => $class, 'label' => $subdef_label]; } $this->add_count($name, $sd[$name]->get_size()); } } } $xml = $this->app['serializer.caption']->serialize($this->get_caption(), CaptionSerializer::SERIALIZE_XML); if ($xml) { $localizedLabel = $this->app->trans('caption XML'); $downloadable['caption'] = ['class' => 'caption', 'label' => $localizedLabel]; $this->add_count('caption', strlen($xml)); $localizedLabel = $this->app->trans('caption YAML'); $downloadable['caption-yaml'] = ['class' => 'caption', 'label' => $localizedLabel]; $this->add_count('caption-yaml', strlen(strip_tags($xml))); } $this->downloadable = $downloadable; $this->orderable = $orderable; return $this; }
public function get_users_rights() { $list = array_keys($this->app['acl']->get($this->app['authentication']->getUser())->get_granted_base(['canadmin'])); $sql = "SELECT\n b.sbas_id,\n b.base_id,\n sum(actif) as actif,\n sum(canputinalbum) as canputinalbum,\n sum(candwnldpreview) as candwnldpreview,\n sum(candwnldhd) as candwnldhd,\n sum(cancmd) as cancmd,\n sum(nowatermark) as nowatermark,\n\n sum(canaddrecord) as canaddrecord,\n sum(canmodifrecord) as canmodifrecord,\n sum(chgstatus) as chgstatus,\n sum(candeleterecord) as candeleterecord,\n sum(imgtools) as imgtools,\n\n sum(canadmin) as canadmin,\n sum(canreport) as canreport,\n sum(canpush) as canpush,\n sum(manage) as manage,\n sum(modify_struct) as modify_struct,\n\n sum(sbu.bas_modif_th) as bas_modif_th,\n sum(sbu.bas_manage) as bas_manage,\n sum(sbu.bas_modify_struct) as bas_modify_struct,\n sum(sbu.bas_chupub) as bas_chupub,\n\n sum(time_limited) as time_limited,\n DATE_FORMAT(limited_from,'%Y%m%d') as limited_from,\n DATE_FORMAT(limited_to,'%Y%m%d') as limited_to,\n\n sum(restrict_dwnld) as restrict_dwnld,\n sum(remain_dwnld) as remain_dwnld,\n sum(month_dwnld_max) as month_dwnld_max,\n\n sum(mask_and + mask_xor) as masks\n\n FROM (Users u, bas b, sbas s)\n LEFT JOIN (basusr bu)\n ON (bu.base_id = b.base_id AND u.id = bu.usr_id)\n LEFT join sbasusr sbu\n ON (sbu.sbas_id = b.sbas_id AND u.id = sbu.usr_id)\n WHERE ( (u.id = " . implode(' OR u.id = ', $this->users) . " )\n AND b.sbas_id = s.sbas_id\n AND (b.base_id = '" . implode("' OR b.base_id = '", $list) . "'))\n GROUP BY b.base_id\n ORDER BY s.ord, s.sbas_id, b.ord, b.base_id "; $stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql); $stmt->execute(); $rs = $stmt->fetchAll(\PDO::FETCH_ASSOC); $stmt->closeCursor(); $sql = 'SELECT base_id, sum(1) as access FROM basusr WHERE (usr_id = ' . implode(' OR usr_id = ', $this->users) . ') AND (base_id = ' . implode(' OR base_id = ', $list) . ') GROUP BY base_id'; $stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql); $stmt->execute(); $access = $stmt->fetchAll(\PDO::FETCH_ASSOC); $stmt->closeCursor(); $base_ids = []; foreach ($access as $acc) { $base_ids[$acc['base_id']] = $acc; } unset($access); foreach ($rs as $k => $row) { $rs[$k]['access'] = array_key_exists($row['base_id'], $base_ids) ? $base_ids[$row['base_id']]['access'] : '0'; foreach ($row as $dk => $data) { if (is_null($data)) { $rs[$k][$dk] = '0'; } } } $query = new \User_Query($this->app); $templates = $query->only_templates(true)->execute()->get_results(); $this->users_datas = $rs; $out = ['datas' => $this->users_datas, 'users' => $this->users, 'users_serial' => implode(';', $this->users), 'base_id' => $this->base_id, 'main_user' => null, 'templates' => $templates]; if (count($this->users) == 1) { $usr_id = array_pop($this->users); $out['main_user'] = $this->app['manipulator.user']->getRepository()->find($usr_id); } return $out; }
/** * Set new admin to handle orders * * @param Application $app The silex application * @param Request $request The current request * @param integer $bas_id The collection base_id * @return RedirectResponse */ public function setOrderAdmins(Application $app, Request $request, $bas_id) { $success = false; $admins = array_values($request->request->get('admins', [])); if (count($admins) === 0) { $app->abort(400, 'No admins provided.'); } if (!is_array($admins)) { $app->abort(400, 'Admins must be an array.'); } $admins = array_map(function ($usrId) use($app) { if (null === ($user = $app['manipulator.user']->getRepository()->find($usrId))) { throw new RuntimeException(sprintf('Invalid usrId %s provided.', $usrId)); } return $user; }, $admins); $conn = $app['phraseanet.appbox']->get_connection(); $conn->beginTransaction(); try { $userQuery = new \User_Query($app); $result = $userQuery->on_base_ids([$bas_id])->who_have_right(['order_master'])->execute()->get_results(); foreach ($result as $user) { $app['acl']->get($user)->update_rights_to_base($bas_id, ['order_master' => false]); } foreach ($admins as $admin) { $app['acl']->get($admin)->update_rights_to_base($bas_id, ['order_master' => true]); } $conn->commit(); $success = true; } catch (\Exception $e) { $conn->rollBack(); throw $e; } return $app->redirectPath('admin_display_collection', ['bas_id' => $bas_id, 'success' => (int) $success]); }
public function connect(Application $app) { $app['controller.prod.push'] = $this; $controllers = $app['controllers_factory']; $app['firewall']->addMandatoryAuthentication($controllers); $controllers->before(function (Request $request) use($app) { $app['firewall']->requireRight('push'); }); $userFormatter = $this->getUserFormatter($app); $listFormatter = $this->getListFormatter($app); $userSelection = $this->getUsersInSelectionExtractor(); $controllers->post('/sendform/', function (Application $app) use($userSelection) { $push = new RecordHelper\Push($app, $app['request']); $repository = $app['EM']->getRepository('Phraseanet:UsrList'); $RecommendedUsers = $userSelection($push->get_elements()); $params = ['push' => $push, 'message' => '', 'lists' => $repository->findUserLists($app['authentication']->getUser()), 'context' => 'Push', 'RecommendedUsers' => $RecommendedUsers]; return $app['twig']->render('prod/actions/Push.html.twig', $params); }); $controllers->post('/validateform/', function (Application $app) use($userSelection) { $push = new RecordHelper\Push($app, $app['request']); $repository = $app['EM']->getRepository('Phraseanet:UsrList'); $RecommendedUsers = $userSelection($push->get_elements()); $params = ['push' => $push, 'message' => '', 'lists' => $repository->findUserLists($app['authentication']->getUser()), 'context' => 'Feedback', 'RecommendedUsers' => $RecommendedUsers]; return $app['twig']->render('prod/actions/Push.html.twig', $params); }); $controllers->post('/send/', function (Application $app) { $request = $app['request']; $ret = ['success' => false, 'message' => $app->trans('Unable to send the documents')]; try { $pusher = new RecordHelper\Push($app, $app['request']); $push_name = $request->request->get('name', $app->trans('Push from %user%', ['%user%' => $app['authentication']->getUser()->getDisplayName()])); $push_description = $request->request->get('push_description'); $receivers = $request->request->get('participants'); if (!is_array($receivers) || count($receivers) === 0) { throw new ControllerException($app->trans('No receivers specified')); } if (!is_array($pusher->get_elements()) || count($pusher->get_elements()) === 0) { throw new ControllerException($app->trans('No elements to push')); } foreach ($receivers as $receiver) { try { $user_receiver = $app['manipulator.user']->getRepository()->find($receiver['usr_id']); } catch (\Exception $e) { throw new ControllerException($app->trans('Unknown user %user_id%', ['%user_id%' => $receiver['usr_id']])); } $Basket = new Basket(); $Basket->setName($push_name); $Basket->setDescription($push_description); $Basket->setUser($user_receiver); $Basket->setPusher($app['authentication']->getUser()); $Basket->setIsRead(false); $app['EM']->persist($Basket); foreach ($pusher->get_elements() as $element) { $BasketElement = new BasketElement(); $BasketElement->setRecord($element); $BasketElement->setBasket($Basket); $app['EM']->persist($BasketElement); $Basket->addElement($BasketElement); if ($receiver['HD']) { $app['acl']->get($user_receiver)->grant_hd_on($BasketElement->getRecord($app), $app['authentication']->getUser(), \ACL::GRANT_ACTION_PUSH); } else { $app['acl']->get($user_receiver)->grant_preview_on($BasketElement->getRecord($app), $app['authentication']->getUser(), \ACL::GRANT_ACTION_PUSH); } } $app['EM']->flush(); $url = $app->url('lightbox_compare', ['basket' => $Basket->getId(), 'LOG' => $app['tokens']->getUrlToken(\random::TYPE_VIEW, $user_receiver->getId(), null, $Basket->getId())]); $receipt = $request->get('recept') ? $app['authentication']->getUser()->getEmail() : ''; $params = ['from' => $app['authentication']->getUser()->getId(), 'from_email' => $app['authentication']->getUser()->getEmail(), 'to' => $user_receiver->getId(), 'to_email' => $user_receiver->getEmail(), 'to_name' => $user_receiver->getDisplayName(), 'url' => $url, 'accuse' => $receipt, 'message' => $request->request->get('message'), 'ssel_id' => $Basket->getId()]; $app['events-manager']->trigger('__PUSH_DATAS__', $params); } $app['phraseanet.logger']($BasketElement->getRecord($app)->get_databox())->log($BasketElement->getRecord($app), \Session_Logger::EVENT_VALIDATE, $user_receiver->getId(), ''); $app['EM']->flush(); $message = $app->trans('%quantity_records% records have been sent to %quantity_users% users', ['%quantity_records%' => count($pusher->get_elements()), '%quantity_users%' => count($receivers)]); $ret = ['success' => true, 'message' => $message]; } catch (ControllerException $e) { $ret['message'] = $e->getMessage() . $e->getFile() . $e->getLine(); } return $app->json($ret); })->bind('prod_push_send'); $controllers->post('/validate/', function (Application $app) { $request = $app['request']; $ret = ['success' => false, 'message' => $app->trans('Unable to send the documents')]; $app['EM']->beginTransaction(); try { $pusher = new RecordHelper\Push($app, $app['request']); $validation_name = $request->request->get('name', $app->trans('Validation from %user%', ['%user%' => $app['authentication']->getUser()->getDisplayName()])); $validation_description = $request->request->get('validation_description'); $participants = $request->request->get('participants'); if (!is_array($participants) || count($participants) === 0) { throw new ControllerException($app->trans('No participants specified')); } if (!is_array($pusher->get_elements()) || count($pusher->get_elements()) === 0) { throw new ControllerException($app->trans('No elements to validate')); } if ($pusher->is_basket()) { $Basket = $pusher->get_original_basket(); } else { $Basket = new Basket(); $Basket->setName($validation_name); $Basket->setDescription($validation_description); $Basket->setUser($app['authentication']->getUser()); $Basket->setIsRead(false); $app['EM']->persist($Basket); foreach ($pusher->get_elements() as $element) { $BasketElement = new BasketElement(); $BasketElement->setRecord($element); $BasketElement->setBasket($Basket); $app['EM']->persist($BasketElement); $Basket->addElement($BasketElement); } $app['EM']->flush(); } $app['EM']->refresh($Basket); if (!$Basket->getValidation()) { $Validation = new ValidationSession(); $Validation->setInitiator($app['authentication']->getUser()); $Validation->setBasket($Basket); $duration = (int) $request->request->get('duration'); if ($duration > 0) { $date = new \DateTime('+' . $duration . ' day' . ($duration > 1 ? 's' : '')); $Validation->setExpires($date); } $Basket->setValidation($Validation); $app['EM']->persist($Validation); } else { $Validation = $Basket->getValidation(); } $found = false; foreach ($participants as $participant) { if ($participant['usr_id'] === $app['authentication']->getUser()->getId()) { $found = true; break; } } if (!$found) { $participants[] = ['see_others' => 1, 'usr_id' => $app['authentication']->getUser()->getId(), 'agree' => 0, 'HD' => 0]; } foreach ($participants as $key => $participant) { foreach (['see_others', 'usr_id', 'agree', 'HD'] as $mandatoryparam) { if (!array_key_exists($mandatoryparam, $participant)) { throw new ControllerException($app->trans('Missing mandatory parameter %parameter%', ['%parameter%' => $mandatoryparam])); } } try { $participant_user = $app['manipulator.user']->getRepository()->find($participant['usr_id']); } catch (\Exception $e) { throw new ControllerException($app->trans('Unknown user %usr_id%', ['%usr_id%' => $participant['usr_id']])); } try { $Participant = $Validation->getParticipant($participant_user); continue; } catch (NotFoundHttpException $e) { } $Participant = new ValidationParticipant(); $Participant->setUser($participant_user); $Participant->setSession($Validation); $Participant->setCanAgree($participant['agree']); $Participant->setCanSeeOthers($participant['see_others']); $app['EM']->persist($Participant); foreach ($Basket->getElements() as $BasketElement) { $ValidationData = new ValidationData(); $ValidationData->setParticipant($Participant); $ValidationData->setBasketElement($BasketElement); $BasketElement->addValidationData($ValidationData); if ($participant['HD']) { $app['acl']->get($participant_user)->grant_hd_on($BasketElement->getRecord($app), $app['authentication']->getUser(), \ACL::GRANT_ACTION_VALIDATE); } else { $app['acl']->get($participant_user)->grant_preview_on($BasketElement->getRecord($app), $app['authentication']->getUser(), \ACL::GRANT_ACTION_VALIDATE); } $app['EM']->merge($BasketElement); $app['EM']->persist($ValidationData); $app['phraseanet.logger']($BasketElement->getRecord($app)->get_databox())->log($BasketElement->getRecord($app), \Session_Logger::EVENT_PUSH, $participant_user->getId(), ''); $Participant->addData($ValidationData); } $Participant = $app['EM']->merge($Participant); $app['EM']->flush(); $url = $app->url('lightbox_validation', ['basket' => $Basket->getId(), 'LOG' => $app['tokens']->getUrlToken(\random::TYPE_VALIDATE, $participant_user->getId(), null, $Basket->getId())]); $receipt = $request->get('recept') ? $app['authentication']->getUser()->getEmail() : ''; $params = ['from' => $app['authentication']->getUser()->getId(), 'from_email' => $app['authentication']->getUser()->getEmail(), 'to' => $participant_user->getId(), 'to_email' => $participant_user->getEmail(), 'to_name' => $participant_user->getDisplayName(), 'url' => $url, 'accuse' => $receipt, 'message' => $request->request->get('message'), 'ssel_id' => $Basket->getId(), 'duration' => (int) $request->request->get('duration')]; $app['events-manager']->trigger('__PUSH_VALIDATION__', $params); } $Basket = $app['EM']->merge($Basket); $Validation = $app['EM']->merge($Validation); $app['EM']->flush(); $message = $app->trans('%quantity_records% records have been sent for validation to %quantity_users% users', ['%quantity_records%' => count($pusher->get_elements()), '%quantity_users%' => count($request->request->get('participants'))]); $ret = ['success' => true, 'message' => $message]; $app['EM']->commit(); } catch (ControllerException $e) { $ret['message'] = $e->getMessage(); $app['EM']->rollback(); } return $app->json($ret); })->bind('prod_push_validate'); $controllers->get('/user/{usr_id}/', function (Application $app, $usr_id) use($userFormatter) { $datas = null; $request = $app['request']; $query = new \User_Query($app); $query->on_bases_where_i_am($app['acl']->get($app['authentication']->getUser()), ['canpush']); $query->in([$usr_id]); $result = $query->include_phantoms()->limit(0, 1)->execute()->get_results(); if ($result) { foreach ($result as $user) { $datas = $userFormatter($user); } } return $app->json($datas); })->assert('usr_id', '\\d+'); $controllers->get('/list/{list_id}/', function (Application $app, $list_id) use($listFormatter) { $datas = null; $repository = $app['EM']->getRepository('Phraseanet:UsrList'); $list = $repository->findUserListByUserAndId($app['authentication']->getUser(), $list_id); if ($list) { $datas = $listFormatter($list); } return $app->json($datas); })->bind('prod_push_lists_list')->assert('list_id', '\\d+'); $controllers->post('/add-user/', function (Application $app, Request $request) use($userFormatter) { $result = ['success' => false, 'message' => '', 'user' => null]; try { if (!$app['acl']->get($app['authentication']->getUser())->has_right('manageusers')) { throw new ControllerException($app->trans('You are not allowed to add users')); } if (!$request->request->get('firstname')) { throw new ControllerException($app->trans('First name is required')); } if (!$request->request->get('lastname')) { throw new ControllerException($app->trans('Last name is required')); } if (!$request->request->get('email')) { throw new ControllerException($app->trans('Email is required')); } if (!\Swift_Validate::email($request->request->get('email'))) { throw new ControllerException($app->trans('Email is invalid')); } } catch (ControllerException $e) { $result['message'] = $e->getMessage(); return $app->json($result); } $user = null; $email = $request->request->get('email'); try { $user = $app['manipulator.user']->getRepository()->findByEmail($email); $result['message'] = $app->trans('User already exists'); $result['success'] = true; $result['user'] = $userFormatter($user); } catch (\Exception $e) { } if (!$user instanceof User) { try { $password = \random::generatePassword(); $user = $app['manipulator.user']->getRepository()->createUser($email, $password, $email); $user->setFirstName($request->request->get('firstname'))->setLastName($request->request->get('lastname')); if ($request->request->get('company')) { $user->setCompany($request->request->get('company')); } if ($request->request->get('job')) { $user->setCompany($request->request->get('job')); } if ($request->request->get('form_geonameid')) { $app['manipulator.user']->setGeonameId($user, $request->request->get('form_geonameid')); } $result['message'] = $app->trans('User successfully created'); $result['success'] = true; $result['user'] = $userFormatter($user); } catch (\Exception $e) { $result['message'] = $app->trans('Error while creating user'); } } return $app->json($result); })->bind('prod_push_do_add_user'); $controllers->get('/add-user/', function (Application $app, Request $request) { $params = ['callback' => $request->query->get('callback')]; return $app['twig']->render('prod/User/Add.html.twig', $params); })->bind('prod_push_add_user'); $controllers->get('/search-user/', function (Application $app) use($userFormatter, $listFormatter) { $request = $app['request']; $query = new \User_Query($app); $query->on_bases_where_i_am($app['acl']->get($app['authentication']->getUser()), ['canpush']); $query->like(\User_Query::LIKE_FIRSTNAME, $request->query->get('query'))->like(\User_Query::LIKE_LASTNAME, $request->query->get('query'))->like(\User_Query::LIKE_LOGIN, $request->query->get('query'))->like_match(\User_Query::LIKE_MATCH_OR); $result = $query->include_phantoms()->limit(0, 50)->execute()->get_results(); $repository = $app['EM']->getRepository('Phraseanet:UsrList'); $lists = $repository->findUserListLike($app['authentication']->getUser(), $request->query->get('query')); $datas = []; if ($lists) { foreach ($lists as $list) { $datas[] = $listFormatter($list); } } if ($result) { foreach ($result as $user) { $datas[] = $userFormatter($user); } } return $app->json($datas); }); $controllers->match('/edit-list/{list_id}/', function (Application $app, Request $request, $list_id) { $repository = $app['EM']->getRepository('Phraseanet:UsrList'); $list = $repository->findUserListByUserAndId($app['authentication']->getUser(), $list_id); $query = new \User_Query($app); $query->on_bases_where_i_am($app['acl']->get($app['authentication']->getUser()), ['canpush']); if ($request->get('query')) { $query->like($request->get('like_field'), $request->get('query'))->like_match(\User_Query::LIKE_MATCH_OR); } if (is_array($request->get('Activity'))) { $query->haveActivities($request->get('Activity')); } if (is_array($request->get('Template'))) { $query->haveTemplate($request->get('Template')); } if (is_array($request->get('Company'))) { $query->inCompanies($request->get('Company')); } if (is_array($request->get('Country'))) { $query->inCountries($request->get('Country')); } if (is_array($request->get('Position'))) { $query->havePositions($request->get('Position')); } $sort = $request->get('srt', 'usr_creationdate'); $ord = $request->get('ord', 'desc'); $perPage = 10; $offset_start = Max(((int) $request->get('page') - 1) * $perPage, 0); $query->sort_by($sort, $ord); $results = $query->include_phantoms()->limit($offset_start, $perPage)->execute()->get_results(); $params = ['query' => $query, 'results' => $results, 'list' => $list, 'sort' => $sort, 'ord' => $ord]; if ($request->get('type') === 'fragment') { return new Response($app['twig']->render('prod/actions/Feedback/ResultTable.html.twig', $params)); } else { return new Response($app['twig']->render('prod/actions/Feedback/list.html.twig', $params)); } })->bind('prod_push_list_edit')->assert('list_id', '\\d+'); return $controllers; }