/**
  * Resets rights for a user.
  *
  * @param User $user
  */
 private function doResetAdminRights(User $user)
 {
     $acl = $this->ACLProvider->get($user);
     $databoxes = $this->appbox->get_databoxes();
     $acl->give_access_to_sbas(array_map(function (\databox $databox) {
         return $databox->get_sbas_id();
     }, $databoxes));
     foreach ($databoxes as $databox) {
         $this->doResetAdminRightsOnDatabox($acl, $databox);
     }
 }
 public function getAction(Request $request, $sbas_id, $record_id, $subdef)
 {
     $databox = $this->appbox->get_databox((int) $sbas_id);
     $record = new \record_adapter($this->app, $sbas_id, $record_id);
     $stamp = $watermark = false;
     if ($subdef != 'thumbnail') {
         $all_access = false;
         $subdefStruct = $databox->get_subdef_structure();
         if ($subdefStruct->getSubdefGroup($record->get_type())) {
             foreach ($subdefStruct->getSubdefGroup($record->get_type()) as $subdefObj) {
                 /** @var \databox_subdef $subdefObj */
                 if ($subdefObj->get_name() == $subdef) {
                     if ($subdefObj->get_class() == 'thumbnail') {
                         $all_access = true;
                     }
                     break;
                 }
             }
         }
         if (!$record->has_subdef($subdef) || !$record->get_subdef($subdef)->is_physically_present()) {
             throw new NotFoundHttpException();
         }
         if (!$this->acl->get($this->authentication->getUser())->has_access_to_subdef($record, $subdef)) {
             throw new AccessDeniedHttpException(sprintf('User has not access to subdef %s', $subdef));
         }
         $stamp = false;
         $watermark = !$this->acl->get($this->authentication->getUser())->has_right_on_base($record->get_base_id(), 'nowatermark');
         if ($watermark && !$all_access) {
             $subdef_class = null;
             try {
                 $subdef_class = $databox->get_subdef_structure()->get_subdef($record->get_type(), $subdef)->get_class();
             } catch (\Exception_Databox_SubdefNotFound $e) {
             }
             if ($subdef_class == \databox_subdef::CLASS_PREVIEW && $this->acl->get($this->authentication->getUser())->has_preview_grant($record)) {
                 $watermark = false;
             } elseif ($subdef_class == \databox_subdef::CLASS_DOCUMENT && $this->acl->get($this->authentication->getUser())->has_hd_grant($record)) {
                 $watermark = false;
             }
         }
         if ($watermark && !$all_access) {
             $repository = $this->app['repo.basket-elements'];
             $ValidationByRecord = $repository->findReceivedValidationElementsByRecord($record, $this->authentication->getUser());
             $ReceptionByRecord = $repository->findReceivedElementsByRecord($record, $this->authentication->getUser());
             if ($ValidationByRecord && count($ValidationByRecord) > 0) {
                 $watermark = false;
             } elseif ($ReceptionByRecord && count($ReceptionByRecord) > 0) {
                 $watermark = false;
             }
         }
     }
     return $this->deliverContent($request, $record, $subdef, $watermark, $stamp);
 }
 private function doDeliverPermalink(Request $request, $sbas_id, $record_id, $token, $subdef)
 {
     $databox = $this->getDatabox($sbas_id);
     $record = $this->retrieveRecord($databox, $token, $record_id, $subdef);
     $watermark = $stamp = false;
     if ($this->authentication->isAuthenticated()) {
         $watermark = !$this->acl->get($this->authentication->getUser())->has_right_on_base($record->get_base_id(), 'nowatermark');
         if ($watermark) {
             /** @var BasketElementRepository $repository */
             $repository = $this->app['repo.basket-elements'];
             if (count($repository->findReceivedValidationElementsByRecord($record, $this->authentication->getUser())) > 0) {
                 $watermark = false;
             } elseif (count($repository->findReceivedElementsByRecord($record, $this->authentication->getUser())) > 0) {
                 $watermark = false;
             }
         }
         return $this->deliverContentWithCaptionLink($request, $record, $subdef, $watermark, $stamp, $token);
     }
     $collection = \collection::get_from_base_id($this->app, $record->get_base_id());
     switch ($collection->get_pub_wm()) {
         default:
         case 'none':
             $watermark = false;
             break;
         case 'stamp':
             $stamp = true;
             break;
         case 'wm':
             $watermark = true;
             break;
     }
     return $this->deliverContentWithCaptionLink($request, $record, $subdef, $watermark, $stamp, $token);
 }
示例#4
0
 public function testItCanCreateAclForCurrentlyLoggedUser()
 {
     $user = new User();
     $acl = $this->getMockBuilder(\ACL::class)->disableOriginalConstructor()->getMock();
     $this->authenticator->expects($this->once())->method('getUser')->willReturn($user);
     $this->aclProvider->expects($this->once())->method('get')->with($user)->willReturn($acl);
     $this->assertSame($acl, $this->sut->getAclForUser());
 }
 /**
  * @param User $user
  * @param array $authorizedCollections
  */
 private function createCollectionAccessDemands(User $user, $authorizedCollections)
 {
     $successfulRegistrations = [];
     $acl = $this->aclProvider->get($user);
     $autoReg = $acl->get_granted_base();
     $registrationManipulator = $this->registrationManipulator;
     array_walk($authorizedCollections, function ($authorization, $baseId) use($registrationManipulator, $user, &$successfulRegistrations, $acl) {
         if (false === $authorization || $acl->has_access_to_base($baseId)) {
             return;
         }
         $collection = \collection::get_from_base_id($this->app, $baseId);
         $registrationManipulator->createRegistration($user, $collection);
         $successfulRegistrations[$baseId] = $collection;
     });
     $this->eventDispatcher->dispatch(PhraseaEvents::REGISTRATION_AUTOREGISTER, new RegistrationEvent($user, $autoReg));
     $this->eventDispatcher->dispatch(PhraseaEvents::REGISTRATION_CREATE, new RegistrationEvent($user, $successfulRegistrations));
 }
 public function tearDown()
 {
     ACLProvider::purge();
     \collection::purge();
     \databox::purge();
     \caption_field::purge();
     \caption_Field_Value::purge();
     \databox_field::purge();
     \databox_status::purge();
     \thesaurus_xpath::purge();
     /**
      * Kris Wallsmith pro-tip
      * @see http://kriswallsmith.net/post/18029585104/faster-phpunit
      */
     $refl = new ReflectionObject($this);
     foreach ($refl->getProperties() as $prop) {
         if (!$prop->isStatic() && 0 !== strpos($prop->getDeclaringClass()->getName(), 'PHPUnit_') && 0 !== strpos($prop->getDeclaringClass()->getName(), 'Phraseanet')) {
             $prop->setAccessible(true);
             $prop->setValue($this, null);
         }
     }
     $refl = null;
     parent::tearDown();
     //In case some executed script modify 'max_execution_time' ini var
     //Initialize set_time_limit(0) which is the default value for PHP CLI
     set_time_limit(0);
 }