/** * @param KalturaFilterPager $pager * @param KalturaDetachedResponseProfile $responseProfile * @return KalturaListResponse */ public function getListResponse(KalturaFilterPager $pager, KalturaDetachedResponseProfile $responseProfile = null) { $response = new KalturaUserEntryListResponse(); if (in_array(kCurrentContext::getCurrentSessionType(), array(kSessionBase::SESSION_TYPE_NONE, kSessionBase::SESSION_TYPE_WIDGET))) { $response->totalCount = 0; return $response; } $c = new Criteria(); if (!is_null($this->userIdEqualCurrent) && $this->userIdEqualCurrent) { $this->userIdEqual = kCurrentContext::getCurrentKsKuserId(); } else { $this->fixFilterUserId(); } $userEntryFilter = $this->toObject(); $userEntryFilter->attachToCriteria($c); $pager->attachToCriteria($c); $list = UserEntryPeer::doSelect($c); $resultCount = count($list); if ($resultCount && $resultCount < $pager->pageSize) { $totalCount = ($pager->pageIndex - 1) * $pager->pageSize + $resultCount; } else { KalturaFilterPager::detachFromCriteria($c); $totalCount = UserEntryPeer::doCount($c); } $response->totalCount = $totalCount; $response->objects = KalturaUserEntryArray::fromDbArray($list, $responseProfile); return $response; }
protected function doGetListResponse(KalturaFilterPager $pager, $type = null) { $this->validateEntryIdFiltered(); if (!is_null($this->userIdEqualCurrent) && $this->userIdEqualCurrent) { $this->userIdEqual = kCurrentContext::getCurrentKsKuserId(); } else { $this->translateUserIds(); } $c = KalturaCriteria::create(CuePointPeer::OM_CLASS); if ($type) { $c->add(CuePointPeer::TYPE, $type); } $entryIds = null; if ($this->entryIdEqual) { $entryIds = array($this->entryIdEqual); } else { if ($this->entryIdIn) { $entryIds = explode(',', $this->entryIdIn); } } if (!is_null($entryIds)) { $entryIds = entryPeer::filterEntriesByPartnerOrKalturaNetwork($entryIds, kCurrentContext::getCurrentPartnerId()); if (!$entryIds) { return array(array(), 0); } $this->entryIdEqual = null; $this->entryIdIn = implode(',', $entryIds); } $cuePointFilter = $this->toObject(); $cuePointFilter->attachToCriteria($c); $pager->attachToCriteria($c); $list = CuePointPeer::doSelect($c); return array($list, $c->getRecordsCount()); }
public static function setDefaultCriteriaFilter() { if (self::$s_criteria_filter == null) { self::$s_criteria_filter = new criteriaFilter(); } $c = KalturaCriteria::create(UserEntryPeer::OM_CLASS); // when session is not admin, allow access to user's userEntries only if (kCurrentContext::$ks && !kCurrentContext::$is_admin_session) { $c->addAnd(UserEntryPeer::KUSER_ID, kCurrentContext::getCurrentKsKuserId()); } self::$s_criteria_filter->setFilter($c); }
public function toInsertableObject($object_to_fill = null, $props_to_skip = array()) { $object_to_fill = parent::toInsertableObject($object_to_fill, $props_to_skip); if (empty($this->userId)) { $currentKsKuser = kCurrentContext::getCurrentKsKuserId(); $object_to_fill->setKuserId($currentKsKuser); } else { $kuser = kuserPeer::getKuserByPartnerAndUid(kCurrentContext::$ks_partner_id, $this->userId); if (!$kuser) { throw new KalturaAPIException(KalturaErrors::INVALID_USER_ID, $this->userId); } $object_to_fill->setKuserId($kuser->getKuserId()); } $object_to_fill->setPartnerId(kCurrentContext::getCurrentPartnerId()); return $object_to_fill; }
private static function getObjectSpecificCacheKey(IRelatedObject $object, $responseProfileKey) { $userRoles = kPermissionManager::getCurrentRoleIds(); sort($userRoles); $objectType = get_class($object); $objectId = $object->getPrimaryKey(); $partnerId = $object->getPartnerId(); $profileKey = $responseProfileKey; $protocol = infraRequestUtils::getProtocol(); $ksType = kCurrentContext::getCurrentSessionType(); $userRoles = implode('-', $userRoles); $host = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : ''; $entitlement = (int) kEntitlementUtils::getEntitlementEnforcement(); if (self::$cachePerUser) { $user = kCurrentContext::getCurrentKsKuserId(); return "obj_rp{$profileKey}_p{$partnerId}_o{$objectType}_i{$objectId}_h{$protocol}_k{$ksType}_u{$userRoles}_w{$host}_e{$entitlement}_us{$user}"; } else { return "obj_rp{$profileKey}_p{$partnerId}_o{$objectType}_i{$objectId}_h{$protocol}_k{$ksType}_u{$userRoles}_w{$host}_e{$entitlement}"; } }
/** * @param string $objectClass * @param string $objectId * @param string $privilege optional * @param string $options optional * @throws KalturaErrors::INVALID_KS */ protected function validateUser($objectClass, $objectId, $privilege = null, $options = null) { // don't allow operations without ks if (!kCurrentContext::$ks_object) { throw new KalturaAPIException(KalturaErrors::INVALID_KS, "", ks::INVALID_TYPE, ks::getErrorStr(ks::INVALID_TYPE)); } // if admin always allowed if (kCurrentContext::$is_admin_session) { return; } $objectGetters = null; if (strstr($objectClass, '::')) { $objectGetters = explode('::', $objectClass); $objectClass = array_shift($objectGetters); } $objectClassPeer = "{$objectClass}Peer"; if (!class_exists($objectClassPeer)) { return; } $dbObject = $objectClassPeer::retrieveByPK($objectId); if ($objectGetters) { foreach ($objectGetters as $objectGetter) { $getterMethod = "get{$objectGetter}"; $reflector = new ReflectionObject($dbObject); if (!$reflector->hasMethod($getterMethod)) { KalturaLog::err("Method " . $getterMethod . " does not exist for class " . $reflector->getName()); return; } $dbObject = $dbObject->{$getterMethod}(); } } if (!$dbObject instanceof IOwnable) { return; } if ($privilege) { // check if all ids are privileged if (kCurrentContext::$ks_object->verifyPrivileges($privilege, ks::PRIVILEGE_WILDCARD)) { return; } // check if object id is privileged if (kCurrentContext::$ks_object->verifyPrivileges($privilege, $dbObject->getId())) { return; } } if (strtolower($dbObject->getPuserId()) != strtolower(kCurrentContext::$ks_uid)) { $optionsArray = array(); if ($options) { $optionsArray = explode(",", $options); } if (!$dbObject->isEntitledKuserEdit(kCurrentContext::getCurrentKsKuserId()) || in_array(self::OWNER_ONLY_OPTION, $optionsArray)) { throw new KalturaAPIException(KalturaErrors::INVALID_KS, "", ks::INVALID_TYPE, ks::getErrorStr(ks::INVALID_TYPE)); } } }
/** * activate CategoryEntry when it is pending moderation * * @action reject * @param string $entryId * @param int $categoryId * @throws KalturaErrors::INVALID_ENTRY_ID * @throws KalturaErrors::CATEGORY_NOT_FOUND * @throws KalturaErrors::ENTRY_IS_NOT_ASSIGNED_TO_CATEGORY * @throws KalturaErrors::CANNOT_ACTIVATE_CATEGORY_ENTRY */ function rejectAction($entryId, $categoryId) { $entry = entryPeer::retrieveByPK($entryId); if (!$entry) { throw new KalturaAPIException(KalturaErrors::INVALID_ENTRY_ID, $entryId); } $category = categoryPeer::retrieveByPK($categoryId); if (!$category) { throw new KalturaAPIException(KalturaErrors::CATEGORY_NOT_FOUND, $categoryId); } $dbCategoryEntry = categoryEntryPeer::retrieveByCategoryIdAndEntryId($categoryId, $entryId); if (!$dbCategoryEntry) { throw new KalturaAPIException(KalturaErrors::ENTRY_IS_NOT_ASSIGNED_TO_CATEGORY); } //validate user is entiteld to reject entry from category if (kEntitlementUtils::getEntitlementEnforcement()) { $categoryKuser = categoryKuserPeer::retrievePermittedKuserInCategory($categoryId, kCurrentContext::getCurrentKsKuserId()); if (!$categoryKuser || $categoryKuser->getPermissionLevel() != CategoryKuserPermissionLevel::MANAGER && $categoryKuser->getPermissionLevel() != CategoryKuserPermissionLevel::MODERATOR) { throw new KalturaAPIException(KalturaErrors::CANNOT_REJECT_CATEGORY_ENTRY); } } if ($dbCategoryEntry->getStatus() != CategoryEntryStatus::PENDING) { throw new KalturaAPIException(KalturaErrors::CANNOT_REJECT_CATEGORY_ENTRY_SINCE_IT_IS_NOT_PENDING); } $dbCategoryEntry->setStatus(CategoryEntryStatus::REJECTED); $dbCategoryEntry->save(); }
public static function setDefaultCriteriaFilter() { if (self::$s_criteria_filter == null) { self::$s_criteria_filter = new criteriaFilter(); } $c = KalturaCriteria::create(entryPeer::OM_CLASS); $c->addAnd(entryPeer::STATUS, entryStatus::DELETED, Criteria::NOT_EQUAL); $critEntitled = null; $ks = ks::fromSecureString(kCurrentContext::$ks); //when entitlement is enable and admin session or user session with list:* privilege if (kEntitlementUtils::getEntitlementEnforcement() && (kCurrentContext::$is_admin_session || !self::$userContentOnly)) { $privacyContexts = kEntitlementUtils::getPrivacyContextSearch(); $critEntitled = $c->getNewCriterion(self::PRIVACY_BY_CONTEXTS, $privacyContexts, KalturaCriteria::IN_LIKE); $critEntitled->addTag(KalturaCriterion::TAG_ENTITLEMENT_ENTRY); if (kCurrentContext::getCurrentKsKuserId()) { //ENTITLED_KUSERS field includes $this->entitledUserEdit, $this->entitledUserEdit, and users on work groups categories. $entitledKuserByPrivacyContext = kEntitlementUtils::getEntitledKuserByPrivacyContext(); $critEntitledKusers = $c->getNewCriterion(self::ENTITLED_KUSERS, $entitledKuserByPrivacyContext, KalturaCriteria::IN_LIKE); $critEntitledKusers->addTag(KalturaCriterion::TAG_ENTITLEMENT_ENTRY); $categoriesIds = array(); $categoriesIds = categoryPeer::retrieveEntitledAndNonIndexedByKuser(kCurrentContext::getCurrentKsKuserId(), kConf::get('category_search_limit')); if (count($categoriesIds) >= kConf::get('category_search_limit')) { self::$kuserBlongToMoreThanMaxCategoriesForSearch = true; } if (count($categoriesIds)) { $critCategories = $c->getNewCriterion(self::CATEGORIES_IDS, $categoriesIds, KalturaCriteria::IN_LIKE); $critCategories->addTag(KalturaCriterion::TAG_ENTITLEMENT_ENTRY); $critEntitled->addOr($critCategories); } $critEntitled->addOr($critEntitledKusers); } //user should be able to get all entries s\he uploaded - outside the privacy context $kuser = kCurrentContext::getCurrentKsKuserId(); if ($kuser !== 0) { $critKuser = $c->getNewCriterion(entryPeer::KUSER_ID, $kuser, Criteria::EQUAL); $critKuser->addTag(KalturaCriterion::TAG_ENTITLEMENT_ENTRY); $critEntitled->addOr($critKuser); } } elseif (self::$userContentOnly) { $critEntitled = $c->getNewCriterion(entryPeer::KUSER_ID, kCurrentContext::getCurrentKsKuserId(), Criteria::EQUAL); $critEntitled->addTag(KalturaCriterion::TAG_WIDGET_SESSION); } if ($ks && count($ks->getDisableEntitlementForEntry())) { $entryCrit = $c->getNewCriterion(entryPeer::ENTRY_ID, $ks->getDisableEntitlementForEntry(), Criteria::IN); $entryCrit->addTag(KalturaCriterion::TAG_ENTITLEMENT_ENTRY); if ($critEntitled) { $critEntitled->addOr($entryCrit); } else { $critEntitled = $entryCrit; } } if ($critEntitled) { $c->addAnd($critEntitled); } self::$s_criteria_filter->setFilter($c); }
public static function syncEntriesCategories(entry $entry, $isCategoriesModified) { self::$skipEntrySave = true; if ($entry->getNewCategories() != null && $entry->getNewCategories() !== "") { $newCats = explode(entry::ENTRY_CATEGORY_SEPARATOR, $entry->getNewCategories()); } else { $newCats = array(); } if (!$isCategoriesModified) { if ($entry->getNewCategoriesIds() != null && $entry->getNewCategoriesIds() !== "") { $newCatsIds = explode(entry::ENTRY_CATEGORY_SEPARATOR, $entry->getNewCategoriesIds()); } else { $newCatsIds = array(); } KalturaCriterion::disableTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY); $dbCategories = categoryPeer::retrieveByPKs($newCatsIds); KalturaCriterion::restoreTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY); foreach ($dbCategories as $dbCategory) { //skip categoy with privacy contexts. if ($dbCategory->getPrivacyContexts() != null && $dbCategory->getPrivacyContexts() != '') { continue; } $newCats[] = $dbCategory->getFullName(); } } $newCats = array_unique($newCats); $allIds = array(); $allCats = array(); $addedCats = array(); $removedCats = array(); $remainingCats = array(); $oldCats = array(); $oldCatsIds = array(); $dbOldCategoriesEntry = categoryEntryPeer::selectByEntryId($entry->getId()); foreach ($dbOldCategoriesEntry as $dbOldCategoryEntry) { $oldCatsIds[] = $dbOldCategoryEntry->getCategoryId(); } $oldCategoris = categoryPeer::retrieveByPKsNoFilter($oldCatsIds); foreach ($oldCategoris as $category) { if ($category->getPrivacyContexts() != '' && $category->getPrivacyContexts() != null) { continue; } $oldCats[] = $category->getFullName(); } foreach ($oldCats as $cat) { if (array_search($cat, $newCats) === false) { $removedCats[] = $cat; } } foreach ($newCats as $cat) { if (array_search($cat, $oldCats) === false) { $addedCats[] = $cat; } else { $remainingCats[] = $cat; } } foreach ($remainingCats as $cat) { KalturaCriterion::disableTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY); $category = categoryPeer::getByFullNameExactMatch($cat); KalturaCriterion::restoreTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY); if ($category) { if ($category->getPrivacyContext() == '' || $category->getPrivacyContext() == null) { $allCats[] = $category->getFullName(); $allIds[] = $category->getId(); } } } foreach ($addedCats as $cat) { $category = categoryPeer::getByFullNameExactMatch($cat); if (!$category) { KalturaCriterion::disableTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY); $unentitedCategory = categoryPeer::getByFullNameExactMatch($cat); KalturaCriterion::restoreTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY); if (!$unentitedCategory) { $category = category::createByPartnerAndFullName($entry->getPartnerId(), $cat); //it is possible to add on an entry a few new categories on the same new parent - //and we need to sync sphinx once we add so the category will not be duplicated kEventsManager::flushEvents(); } } else { $categoryKuser = categoryKuserPeer::retrievePermittedKuserInCategory($category->getId(), kCurrentContext::getCurrentKsKuserId()); if (kEntitlementUtils::getEntitlementEnforcement() && $category->getContributionPolicy() != ContributionPolicyType::ALL && (!$categoryKuser || $categoryKuser->getPermissionLevel() == CategoryKuserPermissionLevel::MEMBER)) { //user is not entitled to add entry to this category $category = null; } } if (!$category) { continue; } //when use caetgoryEntry->add categoryEntry object was alreay created - and no need to create it. //when using baseEntry->categories = 'my category' will need to add the new category. $categoryEntry = categoryEntryPeer::retrieveByCategoryIdAndEntryId($category->getId(), $entry->getId()); if (!$categoryEntry) { $categoryEntry = new categoryEntry(); $categoryEntry->setEntryId($entry->getId()); $categoryEntry->setCategoryId($category->getId()); $categoryEntry->setPartnerId($entry->getPartnerId()); $categoryEntry->setStatus(CategoryEntryStatus::ACTIVE); $categoryEntry->save(); } if ($category->getPrivacyContext() == '' || $category->getPrivacyContext() == null) { // only categories with no context should be set on entry->categories and entry->categoriesIds $allCats[] = $category->getFullName(); $allIds[] = $category->getId(); } $alreadyAddedCatIds[] = $category->getId(); $alreadyAddedCatIds = array_merge($alreadyAddedCatIds, $category->getAllParentsIds()); } foreach ($removedCats as $cat) { $category = categoryPeer::getByFullNameExactMatch($cat); if ($category) { $categoryEntryToDelete = categoryEntryPeer::retrieveByCategoryIdAndEntryId($category->getId(), $entry->getId()); if ($categoryEntryToDelete) { $categoryKuser = categoryKuserPeer::retrievePermittedKuserInCategory($categoryEntryToDelete->getCategoryId(), kCurrentContext::getCurrentKsKuserId()); if ($category->getPrivacyContexts() && (!$categoryKuser || $categoryKuser->getPermissionLevel() == CategoryKuserPermissionLevel::MEMBER)) { //not entiteld to delete - should be set back on the entry. $allCats[] = $category->getFullName(); $allIds[] = $category->getId(); } else { $categoryEntryToDelete->setStatus(CategoryEntryStatus::DELETED); $categoryEntryToDelete->save(); } } } else { //category was not found - it could be that user is not entitled to remove it KalturaCriterion::disableTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY); $category = categoryPeer::getByFullNameExactMatch($cat); KalturaCriterion::restoreTag(KalturaCriterion::TAG_ENTITLEMENT_CATEGORY); if ($category) { $allCats[] = $category->getFullName(); $allIds[] = $category->getId(); } } } self::$skipEntrySave = false; $entry->parentSetCategories(implode(",", $allCats)); $entry->parentSetCategoriesIds(implode(',', $allIds)); }
/** * reject CategoryUser * * @action deactivate * @param int $categoryId * @param string $userId * @return KalturaCategoryUser */ function deactivateAction($categoryId, $userId) { $partnerId = kCurrentContext::$partner_id ? kCurrentContext::$partner_id : kCurrentContext::$ks_partner_id; $kuser = kuserPeer::getKuserByPartnerAndUid($partnerId, $userId); if (!$kuser) { throw new KalturaAPIException(KalturaErrors::INVALID_USER_ID, $userId); } $dbCategoryKuser = categoryKuserPeer::retrieveByCategoryIdAndKuserId($categoryId, $kuser->getId()); if (!$dbCategoryKuser) { throw new KalturaAPIException(KalturaErrors::INVALID_CATEGORY_USER_ID, $categoryId, $userId); } $currentKuserCategoryKuser = categoryKuserPeer::retrievePermittedKuserInCategory($dbCategoryKuser->getCategoryId(), kCurrentContext::getCurrentKsKuserId()); if (kEntitlementUtils::getEntitlementEnforcement() && (!$currentKuserCategoryKuser || $currentKuserCategoryKuser->getPermissionLevel() != CategoryKuserPermissionLevel::MANAGER && kCurrentContext::$ks_uid != $userId)) { throw new KalturaAPIException(KalturaErrors::CANNOT_UPDATE_CATEGORY_USER); } $dbCategoryKuser->setStatus(CategoryKuserStatus::NOT_ACTIVE); $dbCategoryKuser->save(); $categoryUser = new KalturaCategoryUser(); $categoryUser->fromObject($dbCategoryKuser, $this->getResponseProfile()); return $categoryUser; }
public function validateForUpdate($sourceObject, $propertiesToSkip = null) { /* @var $sourceObject categoryKuser */ $category = categoryPeer::retrieveByPK($sourceObject->getCategoryId()); if (!$category) { throw new KalturaAPIException(KalturaErrors::CATEGORY_NOT_FOUND, $sourceObject->getCategoryId()); } if ($this->permissionNames && $this->permissionNames != $sourceObject->getPermissionNames()) { if ($sourceObject->getKuserId() == $category->getKuserId()) { if (strpos($this->permissionNames, PermissionName::CATEGORY_EDIT) === false) { throw new KalturaAPIException(KalturaErrors::CANNOT_UPDATE_CATEGORY_USER_OWNER); } } } $currentKuserCategoryKuser = categoryKuserPeer::retrievePermittedKuserInCategory($sourceObject->getCategoryId(), kCurrentContext::getCurrentKsKuserId()); if (kEntitlementUtils::getEntitlementEnforcement() && (!$currentKuserCategoryKuser || !$currentKuserCategoryKuser->hasPermission(PermissionName::CATEGORY_EDIT))) { throw new KalturaAPIException(KalturaErrors::CANNOT_UPDATE_CATEGORY_USER, $sourceObject->getCategoryId()); } return parent::validateForUpdate($sourceObject, $propertiesToSkip); }
/** * * @param array $categoriesIds * @param int $kuserId * @param array $requiredPermissions * @param $con * * @return categoryKuser */ public static function areCategoriesAllowed(array $categoriesIds, $kuserId = null, $requiredPermissions = null, $con = null) { if (is_null($kuserId)) { $kuserId = kCurrentContext::getCurrentKsKuserId(); } if (is_null($requiredPermissions)) { $requiredPermissions = array(PermissionName::CATEGORY_VIEW); } $categories = categoryPeer::retrieveByPKs($categoriesIds); if (count($categories) < count($categoriesIds)) { return false; } $categoriesIds = array(); foreach ($categories as $category) { /* @var $category category */ $categoriesIds[] = $category->getInheritedParentId() ? $category->getInheritedParentId() : $category->getId(); } $categoriesIds = array_unique($categoriesIds); $criteria = new Criteria(); $criteria->add(categoryKuserPeer::CATEGORY_ID, $categoriesIds, Criteria::IN); $criteria->add(categoryKuserPeer::KUSER_ID, $kuserId); $criteria->add(categoryKuserPeer::STATUS, CategoryKuserStatus::ACTIVE); $categoryKusers = categoryKuserPeer::doSelectOne($criteria, $con); if (count($categoryKusers) < count($categoriesIds)) { return false; } foreach ($categoryKusers as $categoryKuser) { $permissions = explode(',', $categoryKuser->getPermissionNames()); foreach ($requiredPermissions as $requiredPermission) { if (!in_array($requiredPermission, $permissions)) { return false; } } } return true; }
/** * Delete a Category * * @action delete * @param int $id * @param KalturaNullableBoolean $moveEntriesToParentCategory */ function deleteAction($id, $moveEntriesToParentCategory = KalturaNullableBoolean::TRUE_VALUE) { if ($this->getPartner()->getFeaturesStatusByType(IndexObjectType::LOCK_CATEGORY)) { throw new KalturaAPIException(KalturaErrors::CATEGORIES_LOCKED); } $categoryDb = categoryPeer::retrieveByPK($id); if (!$categoryDb) { throw new KalturaAPIException(KalturaErrors::CATEGORY_NOT_FOUND, $id); } if (kEntitlementUtils::getEntitlementEnforcement()) { $currentKuserCategoryKuser = categoryKuserPeer::retrievePermittedKuserInCategory($categoryDb->getId(), kCurrentContext::getCurrentKsKuserId()); if (!$currentKuserCategoryKuser || $currentKuserCategoryKuser->getPermissionLevel() != CategoryKuserPermissionLevel::MANAGER) { throw new KalturaAPIException(KalturaErrors::NOT_ENTITLED_TO_UPDATE_CATEGORY); } } $this->getPartner()->addFeaturesStatus(IndexObjectType::LOCK_CATEGORY); try { if ($moveEntriesToParentCategory) { $categoryDb->setDeletedAt(time()); } else { $categoryDb->setDeletedAt(time(), 0); } $categoryDb->save(); $this->getPartner()->removeFeaturesStatus(IndexObjectType::LOCK_CATEGORY); } catch (Exception $ex) { $this->getPartner()->removeFeaturesStatus(IndexObjectType::LOCK_CATEGORY); throw $ex; } }
public static function getEntitledKuserByPrivacyContext() { $partnerId = kCurrentContext::$partner_id ? kCurrentContext::$partner_id : kCurrentContext::$ks_partner_id; $privacyContextSearch = array(); $ks = ks::fromSecureString(kCurrentContext::$ks); $ksPrivacyContexts = null; if ($ks) { $ksPrivacyContexts = $ks->getPrivacyContext(); } if (is_null($ksPrivacyContexts) || $ksPrivacyContexts == '') { $ksPrivacyContexts = self::DEFAULT_CONTEXT . $partnerId; } $ksPrivacyContexts = explode(',', $ksPrivacyContexts); $privacyContexts = $ksPrivacyContexts; $privacyContexts[] = self::ENTRY_PRIVACY_CONTEXT; // get the groups that the user belongs to in case she is not associated to the category directly $kuserIds = KuserKgroupPeer::retrieveKgroupIdsByKuserId(kCurrentContext::getCurrentKsKuserId()); $kuserIds[] = kCurrentContext::getCurrentKsKuserId(); foreach ($privacyContexts as $privacyContext) { foreach ($kuserIds as $kuserId) { $privacyContextSearch[] = $privacyContext . '_' . $kuserId; } } return $privacyContextSearch; }
public function getListResponse(KalturaFilterPager $pager, KalturaDetachedResponseProfile $responseProfile = null) { if ($this->entryIdEqual == null && $this->categoryIdIn == null && $this->categoryIdEqual == null && (kEntitlementUtils::getEntitlementEnforcement() || !kCurrentContext::$is_admin_session)) { throw new KalturaAPIException(KalturaErrors::MUST_FILTER_ON_ENTRY_OR_CATEGORY); } if (kEntitlementUtils::getEntitlementEnforcement()) { //validate entitl for entry if ($this->entryIdEqual != null) { $entry = entryPeer::retrieveByPK($this->entryIdEqual); if (!$entry) { throw new KalturaAPIException(KalturaErrors::ENTRY_ID_NOT_FOUND, $this->entryIdEqual); } } //validate entitl for entryIn if ($this->entryIdIn != null) { $entry = entryPeer::retrieveByPKs($this->entryIdIn); if (!$entry) { throw new KalturaAPIException(KalturaErrors::ENTRY_ID_NOT_FOUND, $this->entryIdIn); } } //validate entitl categories if ($this->categoryIdIn != null) { $categoryIdInArr = explode(',', $this->categoryIdIn); if (!categoryKuserPeer::areCategoriesAllowed($categoryIdInArr)) { $categoryIdInArr = array_unique($categoryIdInArr); } $entitledCategories = categoryPeer::retrieveByPKs($categoryIdInArr); if (!count($entitledCategories) || count($entitledCategories) != count($categoryIdInArr)) { throw new KalturaAPIException(KalturaErrors::CATEGORY_NOT_FOUND, $this->categoryIdIn); } $categoriesIdsUnlisted = array(); foreach ($entitledCategories as $category) { if ($category->getDisplayInSearch() == DisplayInSearchType::CATEGORY_MEMBERS_ONLY) { $categoriesIdsUnlisted[] = $category->getId(); } } if (count($categoriesIdsUnlisted)) { if (!categoryKuserPeer::areCategoriesAllowed($categoriesIdsUnlisted)) { throw new KalturaAPIException(KalturaErrors::CATEGORY_NOT_FOUND, $this->categoryIdIn); } } } //validate entitl category if ($this->categoryIdEqual != null) { $category = categoryPeer::retrieveByPK($this->categoryIdEqual); if (!$category && kCurrentContext::$master_partner_id != Partner::BATCH_PARTNER_ID) { throw new KalturaAPIException(KalturaErrors::CATEGORY_NOT_FOUND, $this->categoryIdEqual); } if ($category->getDisplayInSearch() == DisplayInSearchType::CATEGORY_MEMBERS_ONLY && !categoryKuserPeer::retrievePermittedKuserInCategory($category->getId(), kCurrentContext::getCurrentKsKuserId())) { throw new KalturaAPIException(KalturaErrors::CATEGORY_NOT_FOUND, $this->categoryIdEqual); } } } $categoryEntryFilter = $this->toObject(); $c = KalturaCriteria::create(categoryEntryPeer::OM_CLASS); $categoryEntryFilter->attachToCriteria($c); if (!kEntitlementUtils::getEntitlementEnforcement() || $this->entryIdEqual == null) { $pager->attachToCriteria($c); } $dbCategoriesEntry = categoryEntryPeer::doSelect($c); if (kEntitlementUtils::getEntitlementEnforcement() && count($dbCategoriesEntry) && $this->entryIdEqual != null) { //remove unlisted categories: display in search is set to members only $categoriesIds = array(); foreach ($dbCategoriesEntry as $dbCategoryEntry) { $categoriesIds[] = $dbCategoryEntry->getCategoryId(); } $c = KalturaCriteria::create(categoryPeer::OM_CLASS); $c->add(categoryPeer::ID, $categoriesIds, Criteria::IN); $pager->attachToCriteria($c); $c->applyFilters(); $categoryIds = $c->getFetchedIds(); foreach ($dbCategoriesEntry as $key => $dbCategoryEntry) { if (!in_array($dbCategoryEntry->getCategoryId(), $categoryIds)) { KalturaLog::info('Category [' . print_r($dbCategoryEntry->getCategoryId(), true) . '] is not listed to user'); unset($dbCategoriesEntry[$key]); } } $totalCount = $c->getRecordsCount(); } else { $resultCount = count($dbCategoriesEntry); if ($resultCount && $resultCount < $pager->pageSize) { $totalCount = ($pager->pageIndex - 1) * $pager->pageSize + $resultCount; } else { KalturaFilterPager::detachFromCriteria($c); $totalCount = categoryEntryPeer::doCount($c); } } $categoryEntrylist = KalturaCategoryEntryArray::fromDbArray($dbCategoriesEntry, $responseProfile); $response = new KalturaCategoryEntryListResponse(); $response->objects = $categoryEntrylist; $response->totalCount = $totalCount; // no pager since category entry is limited to ENTRY::MAX_CATEGORIES_PER_ENTRY return $response; }
protected function validateUserEntry() { $dbUserEntry = UserEntryPeer::retrieveByPK($this->quizUserEntryId); if (!$dbUserEntry) { throw new KalturaAPIException(KalturaErrors::USER_ENTRY_NOT_FOUND, $this->quizUserEntryId); } if ($dbUserEntry->getEntryId() !== $this->entryId) { throw new KalturaAPIException(KalturaCuePointErrors::USER_ENTRY_DOES_NOT_MATCH_ENTRY_ID, $this->quizUserEntryId); } if ($dbUserEntry->getStatus() === QuizPlugin::getCoreValue('UserEntryStatus', QuizUserEntryStatus::QUIZ_SUBMITTED)) { throw new KalturaAPIException(KalturaQuizErrors::USER_ENTRY_QUIZ_ALREADY_SUBMITTED); } if (!kCurrentContext::$is_admin_session && $dbUserEntry->getKuserId() != kCurrentContext::getCurrentKsKuserId()) { throw new KalturaAPIException(KalturaErrors::INVALID_USER_ID); } }
/** * Retrieves a user object for a user's login ID and partner ID. * A login ID is the email address used by a user to log into the system. * * @action getByLoginId * @param string $loginId The user's email address that identifies the user for login * @return KalturaUser The user object represented by the login and partner IDs * * @throws KalturaErrors::LOGIN_DATA_NOT_FOUND * @throws KalturaErrors::USER_NOT_FOUND */ public function getByLoginIdAction($loginId) { $loginData = UserLoginDataPeer::getByEmail($loginId); if (!$loginData) { throw new KalturaAPIException(KalturaErrors::LOGIN_DATA_NOT_FOUND); } $kuser = kuserPeer::getByLoginDataAndPartner($loginData->getId(), $this->getPartnerId()); if (!$kuser) { throw new KalturaAPIException(KalturaErrors::USER_NOT_FOUND); } // users that are not publisher administrator are only allowed to get their own object if ($kuser->getId() != kCurrentContext::getCurrentKsKuserId() && !in_array(PermissionName::MANAGE_ADMIN_USERS, kPermissionManager::getCurrentPermissions())) { throw new KalturaAPIException(KalturaErrors::INVALID_USER_ID, $loginId); } $user = new KalturaUser(); $user->fromObject($kuser, $this->getResponseProfile()); return $user; }
/** * @param entry $dbEntry * @return bool if current user is admin / entyr owner / co-editor */ public static function validateUserEntitledForQuizEdit(entry $dbEntry) { if (kCurrentContext::$is_admin_session || kCurrentContext::getCurrentKsKuserId() == $dbEntry->getKuserId()) { return true; } $entitledKusers = QuizPlugin::getObjectIdsAsArray($dbEntry->getEntitledKusersEdit()); if (in_array(kCurrentContext::getCurrentKsKuserId(), $entitledKusers)) { return true; } return false; }
/** * @param entry $dbEntry * @return bool if current user is admin / entry's owner / co-editor */ public static function isEntitledForEditEntry(entry $dbEntry) { if (kCurrentContext::$is_admin_session || kCurrentContext::getCurrentKsKuserId() == $dbEntry->getKuserId()) { return true; } return $dbEntry->isEntitledKuserEdit(kCurrentContext::getCurrentKsKuserId()); }