/** * Display a list of authors * * @param integer $id Resource ID * @return void */ public function displayTask($id = null) { $this->view->setLayout('display'); // Incoming if (!$id) { $id = Request::getInt('id', 0); } // Ensure we have an ID to work with if (!$id) { throw new Exception(Lang::txt('CONTRIBUTE_NO_ID'), 500); } // Get all contributors of this resource $helper = new Helper($id, $this->database); $helper->getCons(); // Get a list of all existing contributors include_once PATH_CORE . DS . 'components' . DS . 'com_members' . DS . 'tables' . DS . 'profile.php'; include_once PATH_CORE . DS . 'components' . DS . 'com_members' . DS . 'tables' . DS . 'association.php'; include_once dirname(dirname(__DIR__)) . DS . 'tables' . DS . 'contributor' . DS . 'roletype.php'; $resource = new Resource($this->database); $resource->load($id); $rt = new RoleType($this->database); // Output HTML $this->view->config = $this->config; $this->view->contributors = $helper->_contributors; $this->view->id = $id; $this->view->roles = $rt->getRolesForType($resource->type); foreach ($this->getErrors() as $error) { $this->view->setError($error); } $this->view->display(); }
/** * Sends a message to all contributors on a resource * * @param object $row Resource * @param object $database JDatabase * @return void */ private function _emailContributors($row, $database) { include_once dirname(dirname(__DIR__)) . DS . 'helpers' . DS . 'helper.php'; $helper = new Helper($row->id, $database); $helper->getContributorIDs(); $contributors = $helper->contributorIDs; if ($contributors && count($contributors) > 0) { // E-mail "from" info $from = array(); $from['email'] = Config::get('mailfrom'); $from['name'] = Config::get('sitename') . ' ' . Lang::txt('COM_RESOURCES_SUBMISSIONS'); // Message subject $subject = Lang::txt('COM_RESOURCES_EMAIL_SUBJECT'); $base = Request::base(); $base = trim($base, '/'); if (substr($base, -13) == 'administrator') { $base = substr($base, 0, strlen($base) - 13); } $base = trim($base, '/'); // Build message $message = Lang::txt('COM_RESOURCES_EMAIL_MESSAGE', Config::get('sitename')) . "\r\n"; $message .= $base . DS . 'resources' . DS . $row->id; // Send message if (!Event::trigger('xmessage.onSendMessage', array('resources_submission_approved', $subject, $message, $from, $contributors, $this->_option))) { $this->setError(Lang::txt('COM_RESOURCES_ERROR_FAILED_TO_MESSAGE_USERS')); } } }
/** * Check if a user has access to a group-owned resource * Uses current user session if no user object is supplied * * @param object $resource Resource * @param object $user User (optional) * @return boolean True if user has access to a group-owned resource */ private function checkGroupAccess($resource, $user = null) { if (!$user) { $user = User::getRoot(); } if (!$user->get('guest')) { // Check if they're a site admin $this->config->set('access-admin-component', $user->authorise('core.admin', null)); $this->config->set('access-manage-component', $user->authorise('core.manage', null)); if ($this->config->get('access-admin-component') || $this->config->get('access-manage-component')) { return false; } $xgroups = \Hubzero\User\Helper::getGroups($user->get('id'), 'all'); // Get the groups the user has access to $usersgroups = self::getUsersGroups($xgroups); } else { $usersgroups = array(); } // Get the list of groups that can access this resource $allowedgroups = $resource->getGroups(); if ($resource->standalone != 1) { $helper = new Helper($resource->id, $this->database); $helper->getParents(); $parents = $helper->parents; if (count($parents) == 1) { $p = new Resource($this->database); $p->load($parents[0]->id); $allowedgroups = $p->getGroups(); } } $this->allowedgroups = $allowedgroups; // Find what groups the user has in common with the resource, if any $common = array_intersect($usersgroups, $allowedgroups); // Make sure they have the proper group access $restricted = false; if ($resource->access == 4 || $resource->access == 3) { // Are they logged in? if ($user->get('guest')) { // Not logged in $restricted = true; } else { // Logged in // Check if the user is apart of the group that owns the resource // or if they have any groups in common if (!in_array($resource->group_owner, $usersgroups) && count($common) < 1) { $restricted = true; } } } if (!$resource->standalone) { if (!isset($p) && isset($parents) && count($parents) == 1) { $p = new Resource($this->database); $p->load($parents[0]->id); } if (isset($p) && ($p->access == 4 || $p->access == 3) && count($common) < 1) { $restricted = true; } } return $restricted; }
/** * Delete a contribution and associated content * * @param integer $id Resource ID * @return boolean False if errors, True on success */ private function _deleteContribution($id) { // Make sure we have a record to pull if (!$id) { $this->setError(Lang::txt('COM_CONTRIBUTE_NO_ID')); return false; } // Load resource info $row = new Resource($this->database); $row->load($id); // Get the resource's children $helper = new Helper($id, $this->database); $helper->getChildren(); $children = $helper->children; // Were there any children? if ($children) { // Loop through each child and delete its files and associations foreach ($children as $child) { // Skip standalone children if ($child->standalone == 1) { continue; } // Get path and delete directories if ($child->path != '') { $listdir = $child->path; } else { // No stored path, derive from created date $listdir = $this->_buildPathFromDate($child->created, $child->id, ''); } // Build the path $path = $this->_buildUploadPath($listdir, ''); $base = PATH_APP . '/' . trim($this->config->get('webpath', '/site/resources'), '/'); $baseY = $base . '/' . Date::of($child->created)->format("Y"); $baseM = $baseY . '/' . Date::of($child->created)->format("m"); // Check if the folder even exists if (!is_dir($path) or !$path) { $this->setError(Lang::txt('COM_CONTRIBUTE_DIRECTORY_NOT_FOUND')); } else { if ($path == $base || $path == $baseY || $path == $baseM) { $this->setError(Lang::txt('Invalid directory.')); } else { // Attempt to delete the folder if (!\Filesystem::deleteDirectory($path)) { $this->setError(Lang::txt('COM_CONTRIBUTE_UNABLE_TO_DELETE_DIRECTORY')); } } } // Delete associations to the resource $row->deleteExistence($child->id); // Delete the resource $row->delete($child->id); } } // Get path and delete directories if ($row->path != '') { $listdir = $row->path; } else { // No stored path, derive from created date $listdir = $this->_buildPathFromDate($row->created, $id, ''); } // Build the path $path = $this->_buildUploadPath($listdir, ''); // Check if the folder even exists if (!is_dir($path) or !$path) { $this->setError(Lang::txt('COM_CONTRIBUTE_DIRECTORY_NOT_FOUND')); } else { // Attempt to delete the folder if (!\Filesystem::deleteDirectory($path)) { $this->setError(Lang::txt('COM_CONTRIBUTE_UNABLE_TO_DELETE_DIRECTORY')); } } $row->id = $id; // Delete associations to the resource $row->deleteExistence(); // Delete the resource $row->delete(); // Return success (null) return true; }
/** * Display a list of attachments * * @param integer $id Resource ID * @return void */ public function displayTask($id = null) { // Incoming if (!$id) { $id = Request::getInt('id', 0); } // Ensure we have an ID to work with if (!$id) { throw new Exception(Lang::txt('CONTRIBUTE_NO_ID'), 500); } // Initiate a resource helper class $helper = new Helper($id, $this->database); $helper->getChildren(); // get config $this->view->config = $this->config; $this->view->children = $helper->children; $this->view->path = ''; $this->view->id = $id; // Set errors to view foreach ($this->getErrors() as $error) { $this->view->setError($error); } // Output HTML $this->view->setLayout('display')->display(); }
/** * Sets the state of a resource * Redirects to main listing * * @return void */ public function stateTask($publish = 1) { // Check for request forgeries Request::checkToken(['get', 'post']); // Incoming $pid = Request::getInt('pid', 0); $ids = Request::getVar('id', array()); $ids = !is_array($ids) ? array($ids) : $ids; // Check for a resource if (count($ids) < 1) { App::redirect(Route::url('index.php?option=' . $this->_option . '&controller=' . $this->_controller, false), Lang::txt('COM_RESOURCES_ERROR_SELECT_TO', $this->_task), 'error'); return; } $i = 0; // Loop through all the IDs foreach ($ids as $id) { // Load the resource $resource = new Resource($this->database); $resource->load($id); // Only allow changes if the resource isn't checked out or // is checked out by the user requesting changes if (!$resource->checked_out || $resource->checked_out == Config::get('id')) { $old = $resource->published; $resource->published = $publish; // If we're publishing, set the UP date if ($publish) { $resource->publish_up = Date::toSql(); } // Is this a standalone resource and we need to email approved submissions? if ($resource->standalone == 1 && $this->config->get('email_when_approved')) { // If the state went from pending to published if ($resource->published == 1 && $old == 3) { $this->_emailContributors($resource, $this->database); // Log activity $recipients = array(['resource', $resource->id], ['user', $resource->created_by]); $helper = new Helper($resource->id, $this->database); $helper->getContributorIDs(); $contributors = $helper->contributorIDs; foreach ($contributors as $author) { if ($author > 0) { $recipients[] = ['user', $author]; } } Event::trigger('system.logActivity', ['activity' => ['action' => 'published', 'scope' => 'resource', 'scope_id' => $resource->title, 'description' => Lang::txt('COM_RESOURCES_ACTIVITY_ENTRY_PUBLISHED', '<a href="' . Route::url('index.php?option=com_resources&id=' . $resource->id) . '">' . $resource->title . '</a>'), 'details' => array('title' => $resource->title, 'url' => Route::url('index.php?option=com_resources&id=' . $resource->id))], 'recipients' => $recipients]); } } // Store and checkin the resource $resource->store(); $resource->checkin(); $i++; } } if ($i) { if ($publish == -1) { $this->setMessage(Lang::txt('COM_RESOURCES_ITEMS_ARCHIVED', $i)); } elseif ($publish == 1) { $this->setMessage(Lang::txt('COM_RESOURCES_ITEMS_PUBLISHED', $i)); } elseif ($publish == 0) { $this->setMessage(Lang::txt('COM_RESOURCES_ITEMS_UNPUBLISHED', $i)); } } // Redirect App::redirect($this->buildRedirectURL($pid)); }