function removeAction()
{
$hash = $this->getRequest()->getParam('csrf');
$key = X_Env::decode($this->getRequest()->getParam('key', false));
$csrf = new Zend_Form_Element_Hash('csrf', array('salt' => __CLASS__));
if (!$csrf->isValid($hash)) {
$this->_helper->flashMessenger(array('type' => 'error', 'text' => X_Env::_('p_auth_err_invalidhash')));
$this->_helper->redirector('index', 'acl');
return;
}
$resource = new Application_Model_AclResource();
Application_Model_AclResourcesMapper::i()->find($key, $resource);
if ($resource->isNew()) {
$this->_helper->flashMessenger(array('type' => 'error', 'text' => X_Env::_('p_auth_acl_err_invalidkey')));
$this->_helper->redirector('index', 'acl');
return;
}
Application_Model_AclResourcesMapper::i()->delete($resource);
$this->_helper->flashMessenger(array('type' => 'success', 'text' => X_Env::_('p_auth_acl_resourceremoved', $resource->getKey())));
$this->_helper->redirector('index', 'acl');
}
public function enableAction()
{
/* @var $request Zend_Controller_Request_Http */
$request = $this->getRequest();
$pluginId = $request->getParam('pluginId', false);
$plugin = new Application_Model_Plugin();
$csrfValue = $request->getParam('csrf', false);
$csrf = new Zend_Form_Element_Hash('csrf', array('salt' => __CLASS__));
if ($csrf->isValid($csrfValue)) {
if ($pluginId !== false) {
Application_Model_PluginsMapper::i()->find($pluginId, $plugin);
if ($plugin->getId() != null && $plugin->getId() == $pluginId) {
if ($plugin->getType() != Application_Model_Plugin::SYSTEM) {
try {
$plugin->setEnabled(true);
Application_Model_PluginsMapper::i()->save($plugin);
$this->_helper->flashMessenger(X_Env::_('configs_plugins_pluginenabled'));
} catch (Exception $e) {
$this->_helper->flashMessenger(X_Env::_('configs_plugins_err_db') . ": {$e->getMessage()}");
}
} else {
$this->_helper->flashMessenger(X_Env::_('configs_plugins_err_pluginId_notenable'));
}
} else {
$this->_helper->flashMessenger(X_Env::_('configs_plugins_err_pluginId_unknown'));
}
} else {
$this->_helper->flashMessenger(X_Env::_('configs_plugins_err_pluginId_missing'));
}
} else {
$this->_helper->flashMessenger(array('type' => 'error', 'text' => X_Env::_('configs_plugins_err_invalidtoken')));
}
$this->_helper->redirector('index', 'configs');
}
function removeAction()
{
$hash = $this->getRequest()->getParam('csrf');
$accountId = $this->getRequest()->getParam('id');
$csrf = new Zend_Form_Element_Hash('csrf', array('salt' => __CLASS__));
if (!$csrf->isValid($hash)) {
$this->_helper->flashMessenger(array('type' => 'error', 'text' => X_Env::_('p_auth_err_invalidhash')));
$this->_helper->redirector('accounts', 'auth');
return;
}
$account = new Application_Model_AuthAccount();
Application_Model_AuthAccountsMapper::i()->find($accountId, $account);
if (is_null($account->getId())) {
$this->_helper->flashMessenger(array('type' => 'error', 'text' => X_Env::_('p_auth_err_invalidaccount')));
$this->_helper->redirector('accounts', 'auth');
return;
}
if ($this->plugin->getCurrentUser() == $account->getUsername()) {
$this->_helper->flashMessenger(array('type' => 'error', 'text' => X_Env::_('p_auth_err_currentremovalnotallowed')));
$this->_helper->redirector('accounts', 'auth');
return;
}
Application_Model_AuthAccountsMapper::i()->delete($account);
$this->_helper->flashMessenger(array('type' => 'success', 'text' => X_Env::_('p_auth_accountremoved', $account->getUsername())));
$this->_helper->redirector('accounts', 'auth');
}
public function bookmarkAction()
{
$csrf = new Zend_Form_Element_Hash('csrf', array('salt' => __CLASS__));
$validCheck = $csrf->isValid($this->getRequest()->getParam('csrf', false));
$csrf->initCsrfToken();
$hash = $csrf->getHash();
$return = array('success' => true, 'api' => array('resolver' => $this->_helper->url->url(array('controller' => 'bookmarklets', 'action' => 'resolver', 'csrf' => $hash)), 'adder' => $this->_helper->url->url(array('controller' => 'bookmarklets', 'action' => 'add', 'csrf' => $hash)), 'bookmark' => $this->_helper->url->url(array('controller' => 'bookmarklets', 'action' => 'bookmark', 'csrf' => $hash))));
if ($validCheck) {
$url = $this->getRequest()->getParam("url", false);
$title = strip_tags($this->getRequest()->getParam("title", false));
$description = strip_tags($this->getRequest()->getParam("description", false));
$thumbnail = $this->getRequest()->getParam("thumbnail", false);
$ua = $this->getRequest()->getParam("ua", false);
$cookies = $this->getRequest()->getParam("cookies", false);
if ($url && $title) {
$model = new Application_Model_Bookmark();
$model->setUrl($url);
$model->setTitle($title);
if ($thumbnail) {
$model->setThumbnail($thumbnail);
}
if ($description) {
$model->setDescription($description);
}
if ($ua) {
$model->setUa($ua);
}
if ($cookies) {
$model->setCookies($cookies);
}
try {
Application_Model_BookmarksMapper::i()->save($model);
} catch (Exception $e) {
X_Debug::e("DB Error: {$e->getMessage()}");
$return['success'] = false;
}
} else {
X_Debug::e("Missing data");
$return['success'] = false;
}
} else {
X_Debug::e("Invalid CSRF");
$return['success'] = false;
}
$this->_helper->json($return, true, false);
}
/**
* Processes batch edit information. Only accessible via POST.
*
* @return void
*/
public function batchEditSaveAction()
{
$hashParam = $this->_getParam('batch_edit_hash');
$hash = new Zend_Form_Element_Hash('batch_edit_hash');
if (!$hash->isValid($hashParam)) {
throw new Omeka_Controller_Exception_403();
}
if ($itemIds = $this->_getParam('items')) {
$metadata = $this->_getParam('metadata');
$removeMetadata = $this->_getParam('removeMetadata');
$delete = $this->_getParam('delete');
$custom = $this->_getParam('custom');
// Set metadata values to null for "removed" metadata keys.
if ($removeMetadata && is_array($removeMetadata)) {
foreach ($removeMetadata as $key => $value) {
if ($value) {
$metadata[$key] = null;
}
}
}
$errorMessage = null;
$aclHelper = $this->_helper->acl;
if ($metadata && array_key_exists('public', $metadata) && !$aclHelper->isAllowed('makePublic')) {
$errorMessage = __('User is not allowed to modify visibility of items.');
}
if ($metadata && array_key_exists('featured', $metadata) && !$aclHelper->isAllowed('makeFeatured')) {
$errorMessage = __('User is not allowed to modify featured status of items.');
}
if (!$errorMessage) {
foreach ($itemIds as $id) {
if ($item = $this->_helper->db->getTable('Item')->find($id)) {
if ($delete && !$aclHelper->isAllowed('delete', $item)) {
$errorMessage = __('User is not allowed to delete selected items.');
break;
}
// Check to see if anything but 'tag'
if ($metadata && array_diff_key($metadata, array('tags' => '')) && !$aclHelper->isAllowed('edit', $item)) {
$errorMessage = __('User is not allowed to edit selected items.');
break;
}
if ($metadata && array_key_exists('tags', $metadata) && !$aclHelper->isAllowed('tag', $item)) {
$errorMessage = __('User is not allowed to tag selected items.');
break;
}
release_object($item);
}
}
}
$errorMessage = apply_filters('items_batch_edit_error', $errorMessage, array('metadata' => $metadata, 'custom' => $custom, 'item_ids' => $itemIds));
if ($errorMessage) {
$this->_helper->flashMessenger($errorMessage, 'error');
} else {
$dispatcher = Zend_Registry::get('job_dispatcher');
$dispatcher->send('Job_ItemBatchEdit', array('itemIds' => $itemIds, 'delete' => $delete, 'metadata' => $metadata, 'custom' => $custom));
if ($delete) {
$message = __('The items were successfully deleted!');
} else {
$message = __('The items were successfully changed!');
}
$this->_helper->flashMessenger($message, 'success');
}
}
$this->_helper->redirector('browse', 'items');
}
function clearAction()
{
$id = $this->getRequest()->getParam('id', false);
$csrf = $this->getRequest()->getParam('csrf', false);
if (!$id) {
throw new Exception("Thread id missing");
}
$hash = new Zend_Form_Element_Hash('csrf', array('salt' => __CLASS__));
if (!$hash->isValid($csrf)) {
throw new Exception("Invalid token");
}
$hash->initCsrfToken();
$thread = X_Threads_Manager::instance()->getMonitor()->getThread($id);
X_Threads_Manager::instance()->getMessenger()->clearQueue($thread);
$this->_helper->flashMessenger(array('type' => 'success', 'text' => X_Env::_('threads_done')));
$this->_helper->redirector('index', 'tmanager');
}
