示例#1
0
function getAcl($object)
{
    global $members;
    switch (get_class($object)) {
        case 'Community':
            return opCommunityTopicAclBuilder::buildCollection($object, $members);
        case 'CommunityTopic':
            return opCommunityTopicAclBuilder::buildResource($object, $members);
    }
}
示例#2
0
function init()
{
    include dirname(__FILE__) . '/../../bootstrap/functional.php';
    include dirname(__FILE__) . '/../../bootstrap/database.php';
    include dirname(__FILE__) . '/../../bootstrap/functional.php';
    $conn = Doctrine_Manager::getInstance()->getCurrentConnection();
    $listener = $conn->getListener();
    if ($listener['symfony_profiler']) {
        $listener['symfony_profiler']->setOption('logging', false);
    }
    opCommunityTopicAclBuilder::clearCache();
}
示例#3
0
 /**
  * preExecute
  */
 public function preExecute()
 {
     if ($this->getRoute() instanceof sfDoctrineRoute) {
         $object = $this->getRoute()->getObject();
         if ($object instanceof Community) {
             $this->community = $object;
             $this->acl = opCommunityTopicAclBuilder::buildCollection($this->community, array($this->getUser()->getMember()));
         } elseif ($object instanceof CommunityTopic) {
             $this->communityTopic = $object;
             $this->community = $this->communityTopic->getCommunity();
             $this->acl = opCommunityTopicAclBuilder::buildResource($this->communityTopic, array($this->getUser()->getMember()));
         }
     }
 }
示例#4
0
<?php

$acl = opCommunityTopicAclBuilder::buildResource($communityTopic, array($sf_user->getMember()));
op_mobile_page_title($community->getName(), $communityTopic->getName());
?>

<?php 
echo op_within_page_link();
echo op_format_date($communityTopic->getCreatedAt(), 'MM/dd HH:mm');
if ($communityTopic->getMemberId() === $sf_user->getMemberId()) {
}
?>
<br>
<?php 
if ($communityTopic->getMember() && $communityTopic->getMember()->getName()) {
    echo link_to($communityTopic->getMember()->getName(), 'member/profile?id=' . $communityTopic->getMember()->getId());
}
if ($communityTopic->isEditable($sf_user->getMemberId())) {
    ?>
&nbsp;[<?php 
    echo link_to(__('Edit'), '@communityTopic_edit?id=' . $communityTopic->getId());
    ?>
]
<?php 
}
?>
<br>
<?php 
echo nl2br($communityTopic->getBody());
?>
<br>
示例#5
0
<?php

use_helper('Date');
$acl = opCommunityTopicAclBuilder::buildCollection($community, array($sf_user->getMember()));
?>

<?php 
/* ** added for opNicePlugin ** */
include_customizes("topicDetailBox", "top");
?>

<div class="dparts topicDetailBox"><div class="parts">
<div class="partsHeading">
<h3><?php 
echo '[' . $community->getName() . '] ' . __('Topic');
?>
</h3>
</div>
<dl>
<dt><?php 
echo nl2br(op_format_date($communityTopic->getCreatedAt(), 'XDateTimeJaBr'));
?>
</dt>
<dd>
<div class="title">
<p><?php 
echo $communityTopic->getName();
?>
</p>
</div>
<div class="name">
示例#6
0
 public static function clearCache()
 {
     self::$collection = array();
     self::$resource = array();
 }
示例#7
0
 protected function isAllowed(opDoctrineRecord $object, Member $member, $action)
 {
     if ($object instanceof Community) {
         $acl = opCommunityTopicAclBuilder::buildCollection($object, array($this->member));
     } elseif ($object instanceof CommunityTopic || $object instanceof CommunityEvent) {
         $acl = opCommunityTopicAclBuilder::buildResource($object, array($this->member));
     }
     return $acl->isAllowed($this->member->getId(), null, $action);
 }
示例#8
0
<?php

include dirname(__FILE__) . '/../../bootstrap/functional.php';
$user = new opTestFunctional(new opBrowser(), new lime_test(null));
$user->info('1. Testing alien')->info('public_flag: public')->get('/community/2')->info('1-1. Alien cannot access the community home')->with('request')->begin()->isParameter('module', 'community')->isParameter('action', 'home')->end()->with('response')->begin()->isStatusCode(404)->end()->info('public_flag: open')->get('/community/3')->info('1-2. Alien can access the community home')->with('request')->begin()->isParameter('module', 'community')->isParameter('action', 'home')->end()->with('response')->isStatusCode(200);
opCommunityAclBuilder::clearCache();
if (class_exists('opCommunityTopicAclBuilder')) {
    opCommunityTopicAclBuilder::clearCache();
}
$user->login('*****@*****.**', 'password');
$user->info('2. Testing Community Member')->info('public_flag: public')->get('/community/2')->info('2-1. Community Member can access the community home')->with('request')->begin()->isParameter('module', 'community')->isParameter('action', 'home')->end()->with('response')->isStatusCode(200)->info('public_flag: open')->get('/community/3')->info('2-2. Community Member can access the community home')->with('request')->begin()->isParameter('module', 'community')->isParameter('action', 'home')->end()->with('response')->isStatusCode(200);
opCommunityAclBuilder::clearCache();
if (class_exists('opCommunityTopicAclBuilder')) {
    opCommunityTopicAclBuilder::clearCache();
}
$user->login('*****@*****.**', 'password');
$user->info('3. Testing SNS Member')->info('public_flag: public')->get('/community/2')->info('3-1. SNS Member can access the community home')->with('request')->begin()->isParameter('module', 'community')->isParameter('action', 'home')->end()->with('response')->isStatusCode(200)->info('public_flag: open')->get('/community/3')->info('3-2. SNS Member can access the community home')->with('request')->begin()->isParameter('module', 'community')->isParameter('action', 'home')->end()->with('response')->isStatusCode(200);
$user->login('*****@*****.**', 'password');
$user->info('community/search')->get('/community/search')->with('html_escape')->begin()->isAllEscapedData('CommunityCategory', 'name')->isAllEscapedData('Community', 'name')->countEscapedData(1, 'CommunityConfig', 'value', array('width' => 36, 'rows' => 3))->end()->info('/community/edit - CSRF')->post('/community/edit')->checkCSRF()->info('/config/communityTopicNotificationMail/1 - CSRF')->post('/config/communityTopicNotificationMail/1', array('topic_notify' => array()))->followRedirect()->checkCSRF()->info('/community/dropMember/id/1/member_id/2 - CSRF')->post('/community/dropMember/id/1/member_id/2')->checkCSRF()->info('/community/subAdminRequest/id/1/member_id/2 - CSRF')->post('/community/subAdminRequest/id/1/member_id/2', array('admin_request' => array()))->checkCSRF()->info('/community/removeSubAdmin/id/5/member_id/2 - CSRF')->post('/community/removeSubAdmin/id/5/member_id/2')->checkCSRF()->info('/community/changeAdminRequest/id/1/member_id/2 - CSRF')->post('/community/changeAdminRequest/id/1/member_id/2', array('admin_request' => array()))->checkCSRF()->info('community/delete/1 - CSRF')->post('community/delete/1', array('is_delete' => 1))->checkCSRF()->login('*****@*****.**', 'password')->info('/community/quit?id=1 - CSRF')->post('/community/quit?id=1')->checkCSRF()->login('*****@*****.**', 'password')->info('/community/join?id=1 - CSRF')->post('/community/join?id=1', array('community_join' => array()))->checkCSRF()->login('*****@*****.**', 'password')->info('/member/home - XSS')->get('/member/home')->with('html_escape')->begin()->isAllEscapedData('Community', 'name')->end()->info('/community/changeAdminRequest/id/1055/member_id/1056 - XSS')->get('/community/changeAdminRequest/id/1055/member_id/1056')->with('html_escape')->begin()->isAllEscapedData('Member', 'name')->isAllEscapedData('Community', 'name')->end()->info('/community/changeAdminRequest/id/1055/member_id/1056 - XSS')->get('/community/changeAdminRequest/id/1055/member_id/1056')->with('html_escape')->begin()->isAllEscapedData('Member', 'name')->isAllEscapedData('Community', 'name')->end()->info('/community/dropMember/id/1055/member_id/1056 - XSS')->get('/community/dropMember/id/1055/member_id/1056')->with('html_escape')->begin()->isAllEscapedData('Member', 'name')->end()->info('/community/joinlist - XSS')->get('/community/joinlist')->with('html_escape')->begin()->isAllEscapedData('Community', 'name')->end()->info('/community/memberList/id/1055 - XSS')->get('/community/memberList/id/1055')->with('html_escape')->begin()->isAllEscapedData('Member', 'name')->end()->info('/community/memberManage/id/1055 - XSS')->get('/community/memberManage/id/1055')->with('html_escape')->begin()->isAllEscapedData('Member', 'name')->end()->info('/community/search - XSS')->get('/community/search', array('community' => array('name' => 'Community.name')))->with('html_escape')->begin()->isAllEscapedData('Community', 'name')->countEscapedData(1, 'CommunityConfig', 'value', array('width' => 36))->end()->info('/community/removeSubAdmin/id/1056/member_id/1056 - XSS')->get('/community/removeSubAdmin/id/1056/member_id/1056')->with('html_escape')->begin()->isAllEscapedData('Member', 'name')->end()->info('/community/1055 - XSS')->get('/community/1055')->with('html_escape')->begin()->isAllEscapedData('Member', 'name')->isAllEscapedData('Community', 'name')->countEscapedData(1, 'CommunityConfig', 'value', array('width' => 36))->end()->login('*****@*****.**', 'password')->info('/community/quit/id/1055 - XSS')->get('/community/quit/id/1055')->with('html_escape')->begin()->isAllEscapedData('Community', 'name')->end()->login('*****@*****.**', 'password')->info('/community/join?id=1055 - XSS')->get('/community/join?id=1055')->with('html_escape')->begin()->isAllEscapedData('Community', 'name')->end();
示例#9
0
 protected function getResourceAcl($communityTopic, $member)
 {
     return opCommunityTopicAclBuilder::buildResource($communityTopic, array($member));
 }