public static function addFilesForProduct(array $files, StoreProduct $product)
{
self::removeFilesForProduct($product);
//add new ones.
if (!empty($files['dffID'])) {
foreach ($files['dffID'] as $fileID) {
if (!empty($fileID) && $fileID > 0) {
self::add($product->getProductID(), $fileID);
$fileObj = \File::getByID($fileID);
$fs = \FileSet::getByName("Digital Downloads");
$fs->addFileToSet($fileObj);
$fileObj->resetPermissions(1);
$pk = \Concrete\Core\Permission\Key\FileKey::getByHandle('view_file');
$pk->setPermissionObject($fileObj);
$pao = $pk->getPermissionAssignmentObject();
$groupEntity = \Concrete\Core\Permission\Access\Entity\GroupEntity::getOrCreate(\Group::getByID(GUEST_GROUP_ID));
$pa = $pk->getPermissionAccessObject();
if ($pa) {
$pa->removeListItem($groupEntity);
$pao->assignPermissionAccess($pa);
}
}
}
}
}
public function assignPermissions($userOrGroup, $permissions = [], $accessType = Key::ACCESS_TYPE_INCLUDE, $cascadeToChildren = true)
{
if (!$cascadeToChildren) {
$this->setChildPermissionsToOverride();
}
$this->setPermissionsToOverride();
if (is_array($userOrGroup)) {
$pe = GroupCombinationEntity::getOrCreate($userOrGroup);
// group combination
} elseif ($userOrGroup instanceof User || $userOrGroup instanceof \Concrete\Core\User\UserInfo || $userOrGroup instanceof \Concrete\Core\User\User) {
$pe = UserEntity::getOrCreate($userOrGroup);
} elseif ($userOrGroup instanceof Entity) {
$pe = $userOrGroup;
} else {
// group;
$pe = GroupEntity::getOrCreate($userOrGroup);
}
foreach ($permissions as $pkHandle) {
$pk = Key::getByHandle($pkHandle);
$pk->setPermissionObject($this);
$pa = $pk->getPermissionAccessObject();
if (!is_object($pa)) {
$pa = Access::create($pk);
} elseif ($pa->isPermissionAccessInUse()) {
$pa = $pa->duplicate();
}
$pa->addListItem($pe, false, $accessType);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
}
/** Executes the job.
* @throws \Exception Throws an exception in case of errors.
*
* @return string Returns a string describing the job result in case of success.
*/
public function run()
{
Cache::disableAll();
try {
$instances = array('navigation' => Core::make('helper/navigation'), 'dashboard' => Core::make('helper/concrete/dashboard'), 'view_page' => PermissionKey::getByHandle('view_page'), 'guestGroup' => Group::getByID(GUEST_GROUP_ID), 'now' => new DateTime('now'), 'ak_exclude_sitemapxml' => CollectionAttributeKey::getByHandle('exclude_sitemapxml'), 'ak_sitemap_changefreq' => CollectionAttributeKey::getByHandle('sitemap_changefreq'), 'ak_sitemap_priority' => CollectionAttributeKey::getByHandle('sitemap_priority'));
$instances['guestGroupAE'] = array(GroupPermissionAccessEntity::getOrCreate($instances['guestGroup']));
if (\Core::make('multilingual/detector')->isEnabled()) {
$instances['multilingualSections'] = MultilingualSection::getList();
} else {
$instances['multilingualSections'] = array();
}
$xml = '<?xml version="1.0" encoding="' . APP_CHARSET . '"?>';
$xml .= '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"';
if ($instances['multilingualSections']) {
$xml .= ' xmlns:x="http://www.w3.org/1999/xhtml"';
}
$xml .= ' />';
$xmlDoc = new SimpleXMLElement($xml);
$rs = Database::get()->query('SELECT cID FROM Pages');
while ($row = $rs->FetchRow()) {
self::addPage($xmlDoc, intval($row['cID']), $instances);
}
$rs->Close();
$event = new \Symfony\Component\EventDispatcher\GenericEvent();
$event->setArgument('xmlDoc', $xmlDoc);
Events::dispatch('on_sitemap_xml_ready', $event);
$dom = dom_import_simplexml($xmlDoc)->ownerDocument;
$dom->formatOutput = true;
$addedPages = count($xmlDoc->url);
$relName = ltrim(Config::get('concrete.sitemap_xml.file'), '\\/');
$osName = rtrim(DIR_BASE, '\\/') . '/' . $relName;
$urlName = rtrim(\Core::getApplicationURL(), '\\/') . '/' . $relName;
if (!file_exists($osName)) {
@touch($osName);
}
if (!is_writable($osName)) {
throw new \Exception(t('The file %s is not writable', $osName));
}
if (!($hFile = @fopen($osName, 'w'))) {
throw new \Exception(t('Cannot open file %s', $osName));
}
if (!@fwrite($hFile, $dom->saveXML())) {
throw new \Exception(t('Error writing to file %s', $osName));
}
@fflush($hFile);
@fclose($hFile);
unset($hFile);
return t('%1$s file saved (%2$d pages).', sprintf('<a href="%s" target="_blank">%s</a>', $urlName, preg_replace('/^https?:\\/\\//i', '', $urlName)), $addedPages);
} catch (\Exception $x) {
if (isset($hFile) && $hFile) {
@fflush($hFile);
@ftruncate($hFile, 0);
@fclose($hFile);
$hFile = null;
}
throw $x;
}
}
public function setDefaultPermissions(FileManager $tree)
{
$rootNode = $tree->getRootTreeNodeObject();
$adminGroupEntity = GroupEntity::getOrCreate(Group::getByID(ADMIN_GROUP_ID));
$pk = CategoryTreeNodeKey::getByHandle('view_category_tree_node');
$pk->setPermissionObject($rootNode);
$pa = Access::create($pk);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
public function getAccessEntity()
{
$group = $this->group;
if (!is_object($group)) {
$group = Group::getByName($this->group);
if (!is_object($group)) {
$group = Group::getByPath($this->group);
}
}
if (is_object($group)) {
$entity = GroupAccessEntity::getOrCreate($group);
return $entity;
}
}
public static function add($name)
{
// copy permissions from the other node.
$rootNode = TopicCategoryTreeNode::add();
$treeID = parent::add($rootNode);
$tree = self::getByID($treeID);
$tree->setTopicTreeName($name);
// by default, topic trees are viewable by all
$guestGroupEntity = GroupPermissionAccessEntity::getOrCreate(UserGroup::getByID(GUEST_GROUP_ID));
$pk = TopicCategoryTreeNodePermissionKey::getByHandle('view_topic_category_tree_node');
$pk->setPermissionObject($rootNode);
$pa = PermissionAccess::create($pk);
$pa->addListItem($guestGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
return $tree;
}
public function import(\SimpleXMLElement $sx)
{
if (isset($sx->permissionkeys)) {
foreach ($sx->permissionkeys->permissionkey as $pk) {
if (is_object(Key::getByHandle((string) $pk['handle']))) {
continue;
}
$pkc = Category::getByHandle((string) $pk['category']);
$c1 = $pkc->getPermissionKeyClass();
$pkx = call_user_func(array($c1, 'import'), $pk);
$assignments = array();
if (isset($pk->access)) {
foreach ($pk->access->children() as $ch) {
if ($ch->getName() == 'group') {
/*
* Legacy
*/
$g = Group::getByName($ch['name']);
if (!is_object($g)) {
$g = Group::add($g['name'], $g['description']);
}
$pae = GroupEntity::getOrCreate($g);
$assignments[] = $pae;
}
if ($ch->getName() == 'entity') {
$type = Type::getByHandle((string) $ch['type']);
$class = $type->getAccessEntityTypeClass();
if (method_exists($class, 'configureFromImport')) {
$pae = $class::configureFromImport($ch);
$assignments[] = $pae;
}
}
}
}
if (count($assignments)) {
$pa = Access::create($pkx);
foreach ($assignments as $pae) {
$pa->addListItem($pae);
}
$pt = $pkx->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
}
}
}
public function canGuestsViewThisBlock()
{
$pk = PermissionKey::getByHandle('view_block');
$pk->setPermissionObject($this->getPermissionObject());
$gg = GroupPermissionAccessEntity::getOrCreate(Group::getByID(GUEST_GROUP_ID));
$accessEntities = array($gg);
$valid = false;
$list = $pk->getAccessListItems(PermissionKey::ACCESS_TYPE_ALL, $accessEntities);
foreach ($list as $l) {
if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_INCLUDE) {
$valid = true;
}
if ($l->getAccessType() == PermissionKey::ACCESS_TYPE_EXCLUDE) {
$valid = false;
}
}
return $valid;
}
public static function add()
{
// copy permissions from the other node.
$rootNode = ExpressEntryCategory::add();
$treeID = parent::create($rootNode);
$tree = self::getByID($treeID);
$adminGroupEntity = GroupEntity::getOrCreate(ConcreteGroup::getByID(ADMIN_GROUP_ID));
$permissions = ['view_express_entries', 'add_express_entries', 'edit_express_entries', 'delete_express_entries'];
foreach ($permissions as $handle) {
$pk = ExpressTreeNodeKey::getByHandle($handle);
$pk->setPermissionObject($rootNode);
$pa = Access::create($pk);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
return $tree;
}
public function save_simple()
{
if ($this->validateAction()) {
$c = $this->page;
$c->setPermissionsToManualOverride();
$pk = PermissionKey::getByHandle('view_page');
$pk->setPermissionObject($c);
$pt = $pk->getPermissionAssignmentObject();
$pt->clearPermissionAssignment();
$pa = Access::create($pk);
if (is_array($_POST['readGID'])) {
foreach ($_POST['readGID'] as $gID) {
$pa->addListItem(GroupPermissionAccessEntity::getOrCreate(Group::getByID($gID)));
}
}
$pt->assignPermissionAccess($pa);
$editAccessEntities = array();
if (is_array($_POST['editGID'])) {
foreach ($_POST['editGID'] as $gID) {
$editAccessEntities[] = GroupPermissionAccessEntity::getOrCreate(Group::getByID($gID));
}
}
$editPermissions = array('view_page_versions', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_multilingual_settings', 'edit_page_theme', 'edit_page_page_type', 'edit_page_template', 'edit_page_permissions', 'preview_page_as_user', 'schedule_page_contents_guest_access', 'delete_page', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page');
foreach ($editPermissions as $pkHandle) {
$pk = PermissionKey::getByHandle($pkHandle);
$pk->setPermissionObject($c);
$pt = $pk->getPermissionAssignmentObject();
$pt->clearPermissionAssignment();
$pa = Access::create($pk);
foreach ($editAccessEntities as $editObj) {
$pa->addListItem($editObj);
}
$pt->assignPermissionAccess($pa);
}
$r = new PageEditResponse();
$r->setPage($this->page);
$r->setTitle(t('Page Updated'));
$r->setMessage(t('Page permissions have been saved.'));
$r->outputJSON();
}
}
public function set_site_permissions()
{
$fs = FileSet::getGlobal();
$g1 = Group::getByID(GUEST_GROUP_ID);
$g2 = Group::getByID(REGISTERED_GROUP_ID);
$g3 = Group::getByID(ADMIN_GROUP_ID);
$fs->assignPermissions($g1, array('view_file_set_file'));
$fs->assignPermissions($g3, array('view_file_set_file', 'search_file_set', 'edit_file_set_file_properties', 'edit_file_set_file_contents', 'copy_file_set_files', 'edit_file_set_permissions', 'delete_file_set_files', 'delete_file_set', 'add_file'));
if (defined('SITE_INSTALL_LOCALE') && SITE_INSTALL_LOCALE != '' && SITE_INSTALL_LOCALE != 'en_US') {
Config::save('concrete.locale', SITE_INSTALL_LOCALE);
}
Config::save('concrete.site', SITE);
Config::save('concrete.version_installed', APP_VERSION);
$u = new User();
$u->saveConfig('NEWSFLOW_LAST_VIEWED', 'FIRSTRUN');
$home = Page::getByID(1, "RECENT");
$home->assignPermissions($g1, array('view_page'));
$home->assignPermissions($g3, array('view_page_versions', 'view_page_in_sitemap', 'preview_page_as_user', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_multilingual_settings', 'edit_page_theme', 'edit_page_template', 'edit_page_permissions', 'delete_page', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page', 'schedule_page_contents_guest_access'));
// login
$login = Page::getByPath('/login', "RECENT");
$login->assignPermissions($g1, array('view_page'));
// register
$register = Page::getByPath('/register', "RECENT");
$register->assignPermissions($g1, array('view_page'));
// dashboard
$dashboard = Page::getByPath('/dashboard', "RECENT");
$dashboard->assignPermissions($g3, array('view_page'));
// drafts
$drafts = Page::getByPath('/!drafts', "RECENT");
$drafts->assignPermissions($g1, array('view_page'));
$drafts->assignPermissions($g3, array('view_page_versions', 'view_page_in_sitemap', 'preview_page_as_user', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_theme', 'edit_page_template', 'edit_page_permissions', 'delete_page', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page', 'schedule_page_contents_guest_access'));
$drafts->assignPermissions(PageOwnerPermissionAccessEntity::getOrCreate(), array('view_page_versions', 'edit_page_properties', 'edit_page_contents', 'edit_page_template', 'delete_page', 'delete_page_versions', 'approve_page_versions'));
$config = \Core::make('config/database');
$config->save('concrete.security.token.jobs', Core::make('helper/validation/identifier')->getString(64));
$config->save('concrete.security.token.encryption', Core::make('helper/validation/identifier')->getString(64));
$config->save('concrete.security.token.validation', Core::make('helper/validation/identifier')->getString(64));
// group permissions
$tree = GroupTree::get();
$node = $tree->getRootTreeNodeObject();
$permissions = array('search_users_in_group', 'edit_group', 'assign_group', 'add_sub_group', 'edit_group_permissions');
$adminGroupEntity = GroupPermissionAccessEntity::getOrCreate($g3);
foreach ($permissions as $pkHandle) {
$pk = PermissionKey::getByHandle($pkHandle);
$pk->setPermissionObject($node);
$pa = PermissionAccess::create($pk);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
// conversation permissions
$messageAuthorEntity = ConversationMessageAuthorEntity::getOrCreate();
$guestEntity = GroupPermissionAccessEntity::getOrCreate($g1);
$registeredEntity = GroupPermissionAccessEntity::getOrCreate($g2);
$pk = PermissionKey::getByHandle('add_conversation_message');
$pa = PermissionAccess::create($pk);
$pa->addListItem($guestEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
$pk = PermissionKey::getByHandle('add_conversation_message_attachments');
$pa = PermissionAccess::create($pk);
$pa->addListItem($guestEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
$pk = PermissionKey::getByHandle('edit_conversation_message');
$pa = PermissionAccess::create($pk);
$pa->addListItem($messageAuthorEntity);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
$pk = PermissionKey::getByHandle('delete_conversation_message');
$pa = PermissionAccess::create($pk);
$pa->addListItem($messageAuthorEntity);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
$pk = PermissionKey::getByHandle('rate_conversation_message');
$pa = PermissionAccess::create($pk);
$pa->addListItem($registeredEntity);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
$permissions = array('edit_conversation_permissions', 'flag_conversation_message', 'approve_conversation_message');
foreach ($permissions as $pkHandle) {
$pk = PermissionKey::getByHandle($pkHandle);
$pa = PermissionAccess::create($pk);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
}
public function save($data)
{
$db = Database::get();
if ($data['pID']) {
//if we know the pID, we're updating.
$pID = $data['pID'];
//update product details
$vals = array($data['gID'], $data['pName'], $data['pDesc'], $data['pDetail'], $data['pPrice'], $data['pFeatured'], $data['pQty'], $data['pTaxable'], $data['pfID'], $data['pActive'], $data['pShippable'], $data['pWidth'], $data['pHeight'], $data['pLength'], $data['pWeight'], $data['pID']);
$db->Execute('UPDATE VividStoreProducts SET gID=?,pName=?,pDesc=?,pDetail=?,pPrice=?,pFeatured=?,pQty=?,pTaxable=?,pfID=?,pActive=?,pShippable=?,pWidth=?,pHeight=?,pLength=?,pWeight=? WHERE pID = ?', $vals);
//update additional images
$db->Execute('DELETE FROM VividStoreProductImages WHERE pID = ?', $data['pID']);
$count = count($data['pifID']);
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$vals = array($data['pID'], $data['pifID'][$i], $data['piSort'][$i]);
$db->Execute("INSERT INTO VividStoreProductImages (pID,pifID,piSort) VALUES (?,?,?)", $vals);
}
}
//update user groups
$db->Execute('DELETE FROM VividStoreProductUserGroups WHERE pID = ?', $data['pID']);
if (!empty($data['pUserGroups'])) {
foreach ($data['pUserGroups'] as $gID) {
$vals = array($data['pID'], $gID);
$db->Execute("INSERT INTO VividStoreProductUserGroups (pID,gID) VALUES (?,?)", $vals);
}
}
//update product groups
$db->Execute('DELETE FROM VividStoreProductGroups WHERE pID = ?', $data['pID']);
if (!empty($data['pProductGroups'])) {
foreach ($data['pProductGroups'] as $gID) {
$vals = array($pID, $gID);
$db->Execute("INSERT INTO VividStoreProductGroups (pID,gID) VALUES (?,?)", $vals);
}
}
//update option groups
$db->Execute('DELETE FROM VividStoreProductOptionGroups WHERE pID = ?', $data['pID']);
$db->Execute('DELETE FROM VividStoreProductOptionItems WHERE pID = ?', $data['pID']);
$count = count($data['pogSort']);
$ii = 0;
//set counter for items
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$vals = array($data['pID'], $data['pogName'][$i], $data['pogSort'][$i]);
$db->Execute("INSERT INTO VividStoreProductOptionGroups (pID,pogName,pogSort) VALUES (?,?,?)", $vals);
//add option items
$pogID = $db->lastInsertId();
$itemsInGroup = count($data['optGroup' . $i]);
if ($itemsInGroup > 0) {
for ($gi = 0; $gi < $itemsInGroup; $gi++, $ii++) {
$vals = array($data['pID'], $pogID, $data['poiName'][$ii], $data['poiSort'][$ii]);
$db->Execute("INSERT INTO VividStoreProductOptionItems (pID,pogID,poiName,poiSort) VALUES (?,?,?,?)", $vals);
}
}
}
}
} else {
//else, we don't know it, so we're adding
$dt = Core::make('helper/date');
$now = $dt->getLocalDateTime();
//add product details
$vals = array($data['gID'], $data['pName'], $data['pDesc'], $data['pDetail'], $data['pPrice'], $data['pFeatured'], $data['pQty'], $data['pTaxable'], $data['pfID'], $data['pActive'], $data['pShippable'], $data['pWidth'], $data['pHeight'], $data['pLength'], $data['pWeight'], $now);
$db->Execute("INSERT INTO VividStoreProducts (gID,pName,pDesc,pDetail,pPrice,pFeatured,pQty,pTaxable,pfID,pActive,pShippable,pWidth,pHeight,pLength,pWeight,pDateAdded) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)", $vals);
//add additional images
$pID = $db->lastInsertId();
$count = count($data['pifID']);
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$vals = array($pID, $data['pifID'][$i], $data['piSort'][$i]);
$db->Execute("INSERT INTO VividStoreProductImages (pID,pifID,piSort) VALUES (?,?,?)", $vals);
}
}
//insert user groups
if (!empty($data['pUserGroups'])) {
foreach ($data['pUserGroups'] as $gID) {
$vals = array($pID, $gID);
$db->Execute("INSERT INTO VividStoreProductUserGroups (pID,gID) VALUES (?,?)", $vals);
}
}
//insert product groups
if (!empty($data['pProductGroups'])) {
foreach ($data['pProductGroups'] as $gID) {
$vals = array($pID, $gID);
$db->Execute("INSERT INTO VividStoreProductGroups (pID,gID) VALUES (?,?)", $vals);
}
}
//add option groups
$count = count($data['pogSort']);
$ii = 0;
//set counter for items
if ($count > 0) {
for ($i = 0; $i < $count; $i++) {
$vals = array($pID, $data['pogName'][$i], $data['pogSort'][$i]);
$db->Execute("INSERT INTO VividStoreProductOptionGroups (pID,pogName,pogSort) VALUES (?,?,?)", $vals);
//add option items
$pogID = $db->lastInsertId();
$itemsInGroup = count($data['optGroup' . $i]);
if ($itemsInGroup > 0) {
for ($gi = 0; $gi < $itemsInGroup; $gi++, $ii++) {
$vals = array($pID, $pogID, $data['poiName'][$ii], $data['poiSort'][$ii]);
$db->Execute("INSERT INTO VividStoreProductOptionItems (pID,pogID,poiName,poiSort) VALUES (?,?,?,?)", $vals);
}
}
}
}
$product = Product::getByID($pID);
$product->generatePage($data['selectPageTemplate']);
}
//save files
$db->Execute("DELETE FROM VividStoreDigitalFiles WHERE pID=?", $pID);
$u = User::getByUserID(1);
$ui = \UserInfo::getByID($u->getUserID());
if ($data['dffID']) {
foreach ($data['dffID'] as $dffID) {
if ($dffID) {
$db->Execute("INSERT INTO VividStoreDigitalFiles(dffID,pID) VALUES (?,?)", array($dffID, $pID));
$fileObj = File::getByID($dffID);
$fs = \FileSet::getByName("Digital Downloads");
$fs->addFileToSet($fileObj);
$fileObj->resetPermissions(1);
$pk = \Concrete\Core\Permission\Key\FileKey::getByHandle('view_file');
$pk->setPermissionObject($fileObj);
$pao = $pk->getPermissionAssignmentObject();
$groupEntity = \Concrete\Core\Permission\Access\Entity\GroupEntity::getOrCreate(\Group::getByID(GUEST_GROUP_ID));
$pa = $pk->getPermissionAccessObject();
if ($pa) {
$pa->removeListItem($groupEntity);
$pao->assignPermissionAccess($pa);
}
}
}
}
$db->Execute("DELETE FROM VividStoreProductLocations where pID = ?", array($pID));
foreach ($data['cID'] as $cID) {
if ($cID > 0) {
$db->Execute("REPLACE INTO VividStoreProductLocations(pID,cID) VALUES (?,?)", array($pID, (int) $cID));
}
}
$product = Product::getByID($pID);
return $product;
}
public function view()
{
$editAccess = array();
if (Config::get('concrete.permissions_model') != 'simple') {
return;
}
$home = Page::getByID(1, "RECENT");
$pk = PermissionKey::getByHandle('view_page');
$pk->setPermissionObject($home);
$assignments = $pk->getAccessListItems();
foreach ($assignments as $asi) {
$ae = $asi->getAccessEntityObject();
if ($ae->getAccessEntityTypeHandle() == 'group' && $ae->getGroupObject()->getGroupID() == GUEST_GROUP_ID) {
$this->set('guestCanRead', true);
} else {
if ($ae->getAccessEntityTypeHandle() == 'group' && $ae->getGroupObject()->getGroupID() == REGISTERED_GROUP_ID) {
$this->set('registeredCanRead', true);
}
}
}
$gl = new GroupList();
$gl->filter('gID', REGISTERED_GROUP_ID, '>');
$gIDs = $gl->getResults();
$gArray = array();
foreach ($gIDs as $g) {
$gArray[] = $g;
}
$pk = PermissionKey::getByHandle('edit_page_contents');
$pk->setPermissionObject($home);
$assignments = $pk->getAccessListItems();
foreach ($assignments as $asi) {
$ae = $asi->getAccessEntityObject();
if ($ae->getAccessEntityTypeHandle() == 'group') {
$groupObject = $ae->getGroupObject();
if ($groupObject) {
$editAccess[] = $ae->getGroupObject()->getGroupID();
}
}
}
$this->set('home', $home);
$this->set('gArray', $gArray);
$this->set('editAccess', $editAccess);
if ($this->isPost()) {
if ($this->token->validate('site_permissions_code')) {
switch ($_POST['view']) {
case "ANYONE":
$viewObj = GroupPermissionAccessEntity::getOrCreate(Group::getByID(GUEST_GROUP_ID));
break;
case "USERS":
$viewObj = GroupPermissionAccessEntity::getOrCreate(Group::getByID(REGISTERED_GROUP_ID));
break;
case "PRIVATE":
$viewObj = GroupPermissionAccessEntity::getOrCreate(Group::getByID(ADMIN_GROUP_ID));
break;
}
$pk = PermissionKey::getByHandle('view_page');
$pk->setPermissionObject($home);
$pt = $pk->getPermissionAssignmentObject();
$pt->clearPermissionAssignment();
$pa = PermissionAccess::create($pk);
$pa->addListItem($viewObj);
$pt->assignPermissionAccess($pa);
$editAccessEntities = array();
if (is_array($_POST['gID'])) {
foreach ($_POST['gID'] as $gID) {
$editAccessEntities[] = GroupPermissionAccessEntity::getOrCreate(Group::getByID($gID));
}
}
$editPermissions = array('view_page_versions', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_theme', 'edit_page_template', 'edit_page_permissions', 'delete_page', 'preview_page_as_user', 'schedule_page_contents_guest_access', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page');
foreach ($editPermissions as $pkHandle) {
$pk = PermissionKey::getByHandle($pkHandle);
$pk->setPermissionObject($home);
$pt = $pk->getPermissionAssignmentObject();
$pt->clearPermissionAssignment();
$pa = PermissionAccess::create($pk);
foreach ($editAccessEntities as $editObj) {
$pa->addListItem($editObj);
}
$pt->assignPermissionAccess($pa);
}
$pkx = PermissionKey::getbyHandle('add_block');
$pt = $pkx->getPermissionAssignmentObject();
$pt->clearPermissionAssignment();
$pa = PermissionAccess::create($pkx);
foreach ($editAccessEntities as $editObj) {
$pa->addListItem($editObj);
}
$pt->assignPermissionAccess($pa);
$pkx = PermissionKey::getbyHandle('add_stack');
$pt = $pkx->getPermissionAssignmentObject();
$pt->clearPermissionAssignment();
$pa = PermissionAccess::create($pkx);
foreach ($editAccessEntities as $editObj) {
$pa->addListItem($editObj);
}
$pt->assignPermissionAccess($pa);
Core::make('cache')->flush();
$this->redirect('/dashboard/system/permissions/site/', 'saved');
} else {
$this->error->add($this->token->getErrorMessage());
}
}
}
public function installMaintenanceModePermission()
{
$pk = Key::getByHandle('view_in_maintenance_mode');
if (!$pk instanceof Key) {
$pk = Key::add('admin', 'view_in_maintenance_mode', 'View Site in Maintenance Mode', 'Controls whether a user can access the website when its under maintenance.', false, false);
$pa = $pk->getPermissionAccessObject();
if (!is_object($pa)) {
$pa = Access::create($pk);
}
$adminGroup = Group::getByID(ADMIN_GROUP_ID);
if ($adminGroup) {
$adminGroupEntity = GroupEntity::getOrCreate($adminGroup);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
}
}
public function assignPermissions($userOrGroup, $permissions = array(), $accessType = FileSetPermissionKey::ACCESS_TYPE_INCLUDE)
{
$db = Loader::db();
if ($this->fsID > 0) {
$db->Execute("UPDATE FileSets SET fsOverrideGlobalPermissions = 1 WHERE fsID = ?", array($this->fsID));
$this->fsOverrideGlobalPermissions = true;
}
if (is_array($userOrGroup)) {
$pe = GroupCombinationPermissionAccessEntity::getOrCreate($userOrGroup);
// group combination
} else {
if ($userOrGroup instanceof User || $userOrGroup instanceof \UserInfo) {
$pe = UserPermissionAccessEntity::getOrCreate($userOrGroup);
} else {
// group;
$pe = GroupPermissionAccessEntity::getOrCreate($userOrGroup);
}
}
foreach ($permissions as $pkHandle) {
$pk = PermissionKey::getByHandle($pkHandle);
$pk->setPermissionObject($this);
$pa = $pk->getPermissionAccessObject();
if (!is_object($pa)) {
$pa = PermissionAccess::create($pk);
} else {
if ($pa->isPermissionAccessInUse()) {
$pa = $pa->duplicate();
}
}
$pa->addListItem($pe, false, $accessType);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
}
public function addNotifications()
{
$this->output(t('Adding notifications...'));
$adminGroupEntity = GroupEntity::getOrCreate(\Group::getByID(ADMIN_GROUP_ID));
$adminUserEntity = UserEntity::getOrCreate(\UserInfo::getByID(USER_SUPER_ID));
$pk = Key::getByHandle('notify_in_notification_center');
$pa = Access::create($pk);
$pa->addListItem($adminUserEntity);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
<?php
defined('C5_EXECUTE') or die("Access Denied.");
use Concrete\Core\Permission\Access\Entity\GroupEntity as GroupPermissionAccessEntity;
if (Loader::helper('validation/token')->validate('process')) {
$js = Loader::helper('json');
$obj = new stdClass();
$g = Group::getByID($_REQUEST['gID']);
if (is_object($g)) {
$pae = GroupPermissionAccessEntity::getOrCreate($g);
$obj->peID = $pae->getAccessEntityID();
$obj->label = $pae->getAccessEntityLabel();
}
echo $js->encode($obj);
}
/**
* @return \Concrete\Core\Page\PageList
*/
public function getPageListObject()
{
$pl = new PageList();
$pl->setItemsPerPage($this->itemsPerFeed);
$pl->sortByPublicDateDescending();
if (!$this->checkPagePermissions) {
$pl->ignorePermissions();
} else {
$vp = \Concrete\Core\Permission\Key\Key::getByHandle('view_page');
$guest = \Group::getByID(GUEST_GROUP_ID);
$access = GroupEntity::getOrCreate($guest);
// we set page permissions to be Guest group only, because
// authentication won't work with RSS feeds
$pl->setPermissionsChecker(function ($page) use($vp, $access) {
$vp->setPermissionObject($page);
$pa = $vp->getPermissionAccessObject($page);
if (!is_object($pa)) {
return false;
}
return $pa->validateAccessEntities(array($access));
});
}
if ($this->cParentID) {
if ($this->pfIncludeAllDescendents) {
$parent = \Page::getByID($this->cParentID);
if (is_object($parent) && !$parent->isError()) {
$pl->filterByPath($parent->getCollectionPath());
}
} else {
$pl->filterByParentID($this->cParentID);
}
}
if ($this->pfDisplayAliases) {
$pl->includeAliases();
}
if ($this->ptID) {
$pl->filterByPageTypeID($this->ptID);
}
if ($this->pfDisplayFeaturedOnly) {
$pl->filterByAttribute('is_featured', true);
}
return $pl;
}
public function install_site_permissions()
{
$g1 = Group::getByID(GUEST_GROUP_ID);
$g2 = Group::getByID(REGISTERED_GROUP_ID);
$g3 = Group::getByID(ADMIN_GROUP_ID);
$filesystem = new Filesystem();
$folder = $filesystem->getRootFolder();
$folder->assignPermissions($g1, ['view_file_folder_file']);
$folder->assignPermissions($g3, ['view_file_folder_file', 'search_file_folder', 'edit_file_folder', 'edit_file_folder_file_properties', 'edit_file_folder_file_contents', 'copy_file_folder_files', 'edit_file_folder_permissions', 'delete_file_folder_files', 'delete_file_folder', 'add_file']);
$u = new User();
$u->saveConfig('NEWSFLOW_LAST_VIEWED', 'FIRSTRUN');
// login
$login = Page::getByPath('/login', "RECENT");
$login->assignPermissions($g1, ['view_page']);
// register
$register = Page::getByPath('/register', "RECENT");
$register->assignPermissions($g1, ['view_page']);
// dashboard
$dashboard = Page::getByPath('/dashboard', "RECENT");
$dashboard->assignPermissions($g3, ['view_page']);
// drafts
$drafts = Page::getByPath('/!drafts', "RECENT");
$drafts->assignPermissions($g3, ['view_page', 'view_page_versions', 'view_page_in_sitemap', 'preview_page_as_user', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_multilingual_settings', 'edit_page_theme', 'edit_page_template', 'edit_page_page_type', 'edit_page_permissions', 'delete_page', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page', 'schedule_page_contents_guest_access']);
$home = Page::getByID(1, "RECENT");
$home->assignPermissions($g1, ['view_page']);
$home->assignPermissions($g3, ['view_page_versions', 'view_page_in_sitemap', 'preview_page_as_user', 'edit_page_properties', 'edit_page_contents', 'edit_page_speed_settings', 'edit_page_multilingual_settings', 'edit_page_theme', 'edit_page_template', 'edit_page_page_type', 'edit_page_permissions', 'delete_page', 'delete_page_versions', 'approve_page_versions', 'add_subpage', 'move_or_copy_page', 'schedule_page_contents_guest_access']);
$config = \Core::make('config/database');
$config->save('concrete.security.token.jobs', Core::make('helper/validation/identifier')->getString(64));
$config->save('concrete.security.token.encryption', Core::make('helper/validation/identifier')->getString(64));
$config->save('concrete.security.token.validation', Core::make('helper/validation/identifier')->getString(64));
// group permissions
$tree = GroupTree::get();
$node = $tree->getRootTreeNodeObject();
$permissions = ['search_users_in_group', 'edit_group', 'assign_group', 'add_sub_group', 'edit_group_permissions'];
$adminGroupEntity = GroupPermissionAccessEntity::getOrCreate($g3);
foreach ($permissions as $pkHandle) {
$pk = PermissionKey::getByHandle($pkHandle);
$pk->setPermissionObject($node);
$pa = PermissionAccess::create($pk);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
// conversation permissions
$messageAuthorEntity = ConversationMessageAuthorEntity::getOrCreate();
$guestEntity = GroupPermissionAccessEntity::getOrCreate($g1);
$registeredEntity = GroupPermissionAccessEntity::getOrCreate($g2);
$pk = PermissionKey::getByHandle('add_conversation_message');
$pa = PermissionAccess::create($pk);
$pa->addListItem($guestEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
$pk = PermissionKey::getByHandle('add_conversation_message_attachments');
$pa = PermissionAccess::create($pk);
$pa->addListItem($guestEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
$pk = PermissionKey::getByHandle('edit_conversation_message');
$pa = PermissionAccess::create($pk);
$pa->addListItem($messageAuthorEntity);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
$pk = PermissionKey::getByHandle('delete_conversation_message');
$pa = PermissionAccess::create($pk);
$pa->addListItem($messageAuthorEntity);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
$pk = PermissionKey::getByHandle('rate_conversation_message');
$pa = PermissionAccess::create($pk);
$pa->addListItem($registeredEntity);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
$permissions = ['edit_conversation_permissions', 'flag_conversation_message', 'approve_conversation_message'];
foreach ($permissions as $pkHandle) {
$pk = PermissionKey::getByHandle($pkHandle);
$pa = PermissionAccess::create($pk);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
// notification
$adminUserEntity = UserEntity::getOrCreate(\UserInfo::getByID(USER_SUPER_ID));
$pk = PermissionKey::getByHandle('notify_in_notification_center');
$pa = PermissionAccess::create($pk);
$pa->addListItem($adminUserEntity);
$pa->addListItem($adminGroupEntity);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
try {
Core::make('helper/file')->makeExecutable(DIR_BASE_CORE . '/bin/concrete5', 'all');
} catch (\Exception $x) {
}
}
protected function importPermissions(\SimpleXMLElement $sx)
{
if (isset($sx->permissionkeys)) {
foreach ($sx->permissionkeys->permissionkey as $pk) {
if (is_object(PermissionKey::getByHandle((string) $pk['handle']))) {
continue;
}
$pkc = PermissionKeyCategory::getByHandle((string) $pk['category']);
$pkg = static::getPackageObject($pk['package']);
$txt = Core::make('helper/text');
$c1 = '\\Concrete\\Core\\Permission\\Key\\' . $txt->camelcase($pkc->getPermissionKeyCategoryHandle()) . 'Key';
$pkx = call_user_func(array($c1, 'import'), $pk);
if (isset($pk->access)) {
foreach ($pk->access->children() as $ch) {
if ($ch->getName() == 'group') {
$g = Group::getByName($ch['name']);
if (!is_object($g)) {
$g = Group::add($g['name'], $g['description']);
}
$pae = GroupPermissionAccessEntity::getOrCreate($g);
$pa = PermissionAccess::create($pkx);
$pa->addListItem($pae);
$pt = $pkx->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
}
}
}
}
}
public function assignPermissions($userOrGroup, $permissions = array(), $accessType = PagePermissionKey::ACCESS_TYPE_INCLUDE)
{
if ($this->cInheritPermissionsFrom != 'OVERRIDE') {
$this->setPermissionsToManualOverride();
$this->clearPagePermissions();
}
if (is_array($userOrGroup)) {
$pe = GroupCombinationPermissionAccessEntity::getOrCreate($userOrGroup);
// group combination
} else {
if ($userOrGroup instanceof User || $userOrGroup instanceof UserInfo) {
$pe = UserPermissionAccessEntity::getOrCreate($userOrGroup);
} else {
// group;
$pe = GroupPermissionAccessEntity::getOrCreate($userOrGroup);
}
}
foreach ($permissions as $pkHandle) {
$pk = PagePermissionKey::getByHandle($pkHandle);
$pk->setPermissionObject($this);
$pa = $pk->getPermissionAccessObject();
if (!is_object($pa)) {
$pa = PermissionAccess::create($pk);
} else {
if ($pa->isPermissionAccessInUse()) {
$pa = $pa->duplicate();
}
}
$pa->addListItem($pe, false, $accessType);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
}
public function removePermissions($userOrGroup, $permissions = array())
{
if ($this->cInheritPermissionsFrom != 'OVERRIDE') {
return;
}
if (is_array($userOrGroup)) {
$pe = GroupCombinationPermissionAccessEntity::getOrCreate($userOrGroup);
// group combination
} elseif ($userOrGroup instanceof User || $userOrGroup instanceof UserInfo) {
$pe = UserPermissionAccessEntity::getOrCreate($userOrGroup);
} else {
// group;
$pe = GroupPermissionAccessEntity::getOrCreate($userOrGroup);
}
foreach ($permissions as $pkHandle) {
$pk = PagePermissionKey::getByHandle($pkHandle);
$pk->setPermissionObject($this);
$pa = $pk->getPermissionAccessObject();
if (is_object($pa)) {
if ($pa->isPermissionAccessInUse()) {
$pa = $pa->duplicate();
}
$pa->removeListItem($pe);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
}
}
$pa = PermissionAccess::getByID($paID, $pk);
if (is_object($pa)) {
$pt->assignPermissionAccess($pa);
}
}
}
}
}
if ($p->canScheduleGuestAccess()) {
if ($_REQUEST['task'] == 'set_timed_guest_access' && Loader::helper("validation/token")->validate('set_timed_guest_access')) {
if (!$b->overrideAreaPermissions()) {
$b->doOverrideAreaPermissions();
}
$pk = PermissionKey::getByHandle('view_block');
$pk->setPermissionObject($b);
$pa = $pk->getPermissionAccessObject();
if (!is_object($pa)) {
$pa = PermissionAccess::create($pk);
} else {
if ($pa->isPermissionAccessInUse()) {
$pa = $pa->duplicate();
}
}
$pe = GroupPermissionAccessEntity::getOrCreate(Group::getByID(GUEST_GROUP_ID));
$pd = PermissionDuration::createFromRequest();
$pa->addListItem($pe, $pd, PermissionKey::ACCESS_TYPE_INCLUDE);
$pt = $pk->getPermissionAssignmentObject();
$pt->assignPermissionAccess($pa);
}
}
}