/** * tx_dam::access_checkPath() */ public function test_access_checkPath() { $GLOBALS['T3_VAR']['ext']['dam']['pathInfoCache'] = array(); $filepath = $this->getFixtureFilename(); $testpath = tx_dam::file_dirname($filepath); // path is cached so we need to use a different: 01/ $access = tx_dam::access_checkPath($testpath . '01/'); self::assertFalse($access, 'Path is accessable: ' . $testpath . '01/'); $access = tx_dam::access_checkPath(PATH_site . 'fileadmin/'); self::assertTrue($access, 'Path not accessable: ' . PATH_site . 'fileadmin/'); $access = tx_dam::access_checkPath(PATH_site . 'fileadmin/zfhucnzushbfxcazu/'); self::assertFalse($access, 'Path is accessable: ' . PATH_site . 'fileadmin/zfhucnzushbfxcazu/'); $this->addFixturePathToFilemount(); $access = tx_dam::access_checkPath($testpath); self::assertTrue($access, 'Path not accessable: ' . $testpath); $this->removeFixturePathFromFilemount(); }
function main(&$backRef, $menuItems, $file, $uid) { // Returns directly, because the clicked item was not a file if ($backRef->cmLevel == 0 && $uid != '') { return $menuItems; } // Returns directly, because the clicked item was not the second level menu from DAM records if ($backRef->cmLevel == 1 && t3lib_div::_GP('subname') != 'tx_dam_cm_file') { return $menuItems; } $this->backRef =& $backRef; // this is second level menu from DAM records $fileDAM = t3lib_div::_GP('txdamFile'); $file = $fileDAM ? $fileDAM : $file; if (@is_file($file)) { $item = tx_dam::file_compileInfo($file); $permsEdit = tx_dam::access_checkFile($item) && tx_dam::access_checkFileOperation('editFile'); $permsDelete = tx_dam::access_checkFile($item) && tx_dam::access_checkFileOperation('deleteFile'); } elseif (@is_dir($file)) { $item = tx_dam::path_compileInfo($file); $permsEdit = tx_dam::access_checkPath($item) && tx_dam::access_checkFileOperation('renameFolder'); $permsDelete = tx_dam::access_checkPath($item) && tx_dam::access_checkFileOperation('deleteFolder'); } else { return $menuItems; } // clear the existing menu now and fill it with DAM specific things $damMenuItems = array(); // see typo3/alt_clickmenu.php:clickmenu::enableDisableItems() for iParts[3] // which is called after this function $backRef->iParts[3] = ''; $actionCall = t3lib_div::makeInstance('tx_dam_actionCall'); if (is_array($backRef->disabledItems)) { foreach ($backRef->disabledItems as $idName) { $actionCall->removeAction($idName); } } $actionCall->setRequest('context', $item); $actionCall->setEnv('returnUrl', t3lib_div::_GP('returnUrl')); $actionCall->setEnv('backPath', $backRef->PH_backPath); $actionCall->setEnv('defaultCmdScript', PATH_txdam_rel . 'mod_cmd/index.php'); $actionCall->setEnv('defaultEditScript', PATH_txdam_rel . 'mod_edit/index.php'); $actionCall->setEnv('actionPerms', tx_dam::access_checkFileOperation()); $actionCall->setEnv('permsEdit', $permsEdit); $actionCall->setEnv('permsDelete', $permsDelete); $actionCall->setEnv('cmLevel', $backRef->cmLevel); $actionCall->setEnv('cmParent', t3lib_div::_GP('parentname')); $actionCall->initActions(true); $actions = $actionCall->renderActionsContextMenu(true); foreach ($actions as $id => $action) { if ($action['isDivider']) { $damMenuItems[$id] = 'spacer'; } else { $onclick = $action['onclick'] ? $action['onclick'] : $this->createOnClick($action['url'], $action['dontHide']); $damMenuItems[$id] = $backRef->linkItem($GLOBALS['LANG']->makeEntities($action['label']), $backRef->excludeIcon($action['icon']), $onclick, $action['onlyCM'], $action['dontHide']); } } // clear the file context menu, allow additional items from extensions, // like TemplaVoila, and the display constraints // once a DAM file is found foreach ($menuItems as $key => $var) { if (!t3lib_div::inList('edit,rename,info,copy,cut,delete', $key) && !array_key_exists($key, $damMenuItems)) { $damMenuItems[$key] = $var; } } return $damMenuItems; }
/** * Main function of the module. Write the content to $this->content * * @return void */ function main() { global $BE_USER, $LANG, $BACK_PATH, $TYPO3_CONF_VARS, $HTTP_GET_VARS, $HTTP_POST_VARS; $this->extObjCmdInit(); // // Initialize the template object // if (!is_object($this->doc)) { $this->doc = t3lib_div::makeInstance('template'); $this->doc->backPath = $BACK_PATH; $this->doc->setModuleTemplate(t3lib_extMgm::extRelPath('dam') . 'res/templates/mod_cmd.html'); $this->doc->styleSheetFile2 = t3lib_extMgm::extRelPath('dam') . 'res/css/stylesheet.css'; $this->doc->docType = 'xhtml_trans'; } // // check access // $access = false; $this->actionAccess = $this->extObjAccess(); if ($this->actionAccess) { $this->accessDenied = array(); if ($this->file) { foreach ($this->file as $key => $filename) { if (!tx_dam::access_checkFile($filename, $this->extObj->passthroughMissingFiles)) { $this->accessDenied['file'][] = tx_dam::file_normalizePath($filename); unset($this->file[$key]); } } if ($this->file) { $access = true; } } elseif ($this->folder) { foreach ($this->folder as $key => $path) { if (!tx_dam::access_checkPath($path)) { $this->accessDenied['folder'][] = tx_dam::path_makeRelative($path); unset($this->folder[$key]); } } if ($this->folder) { $access = true; } } elseif ($this->record and $this->defaultPid) { foreach ($this->record as $table => $uidList) { $where = array(); $where['enableFields'] = tx_dam_db::deleteClause($table); $where['pidList'] = $table . '.pid IN (' . $this->defaultPid . ')'; $where['uid'] = $table . '.uid IN (' . implode(',', $uidList) . ')'; $rows = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows('uid', $table, implode(' AND ', $where), '', '', '', 'uid'); if ($rows) { $this->record[$table] = array_keys($rows); } else { $this->accessDenied['record'][$table] = $uidList; unset($this->record[$table]); } } if ($this->record) { $access = true; } } } // // Main // if ($access) { // // Output page header // $this->actionTarget = $this->actionTarget ? $this->actionTarget : t3lib_div::linkThisScript(array('returnUrl' => $this->returnUrl, 'redirect' => $this->redirect)); if ($this->CMD == 'tx_dam_cmd_foldernew') { $this->actionTarget = $BACK_PATH . 'tce_file.php'; } $this->doc->form = '<form action="' . htmlspecialchars($this->actionTarget) . '" method="post" name="editform" enctype="' . $TYPO3_CONF_VARS['SYS']['form_enctype'] . '">'; // JavaScript $this->doc->JScodeArray['jumpToUrl'] = ' var script_ended = 0; var changed = 0; function jumpToUrl(URL) { document.location.href = URL; } function jumpBack() { document.location.href = "' . htmlspecialchars($this->redirect) . '"; } function navFrameReload() { if (top.content && top.content.nav_frame && top.content.nav_frame.refresh_nav) { // top.content.nav_frame.refresh_nav(); } } '; $this->doc->postCode .= $this->doc->wrapScriptTags(' script_ended = 1;'); $this->makePageHeader(); // // Call submodule function // $this->extObjContent(); $this->markers['CONTENT'] = $this->content; } else { // If no access $this->makePageHeader(); $accessDeniedInfo = array(); if ($this->actionAccess) { foreach ($this->accessDenied as $type => $items) { if ($items) { $accessDeniedInfo[] = '<h4>' . $LANG->getLL($type, 1) . '</h4>'; foreach ($items as $item) { $accessDeniedInfo[] = '<p>' . htmlspecialchars($item) . '</p>'; } } } } else { $accessDeniedInfo[] = '<p>' . sprintf($LANG->getLL('messageCmdDenied', 1), $this->pageTitle) . '</p>'; } // file do not exist ... $this->content .= $this->accessDeniedMessageBox(implode('', $accessDeniedInfo)); } }