forked from modxcms/revolution
-
Notifications
You must be signed in to change notification settings - Fork 0
/
create.class.php
115 lines (108 loc) · 3.71 KB
/
create.class.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
<?php
/**
* Creates a context
*
* @param string $key The key of the context
*
* @var modX $this->modx
* @var array $scriptProperties
*
* @package modx
* @subpackage processors.context
*/
class modContextCreateProcessor extends modObjectCreateProcessor {
public $classKey = 'modContext';
public $languageTopics = array('context');
public $permission = 'new_context';
public $objectType = 'context';
public $primaryKeyField = 'key';
public function beforeSave() {
$key = $this->getProperty('key');
if (empty($key)) {
$this->addFieldError('key',$this->modx->lexicon('context_err_ns_key'));
}
if ($this->alreadyExists($key)) {
$this->addFieldError('key',$this->modx->lexicon('context_err_ae'));
}
$this->object->set('key',$key);
return !$this->hasErrors();
}
/**
* {inheritDoc}
*
* @return mixed
*/
public function afterSave() {
$this->ensureAdministratorAccess();
if ($this->getProperty('enableAnonymous', true)) {
$this->enableAnonymousAccess();
}
$this->refreshUserACLs();
return true;
}
/**
* Check to see if the context already exists
*
* @param string $key
* @return boolean
*/
public function alreadyExists($key) {
return $this->modx->getCount('modContext',$key) > 0;
}
/**
* Ensure that Admin User Group always has access to this context, so that it never loses the ability
* to remove or edit it.
*
* @return void
*/
public function ensureAdministratorAccess() {
/** @var modUserGroup $adminGroup */
$adminGroup = $this->modx->getObject('modUserGroup',array('name' => 'Administrator'));
/** @var modAccessPolicy $adminContextPolicy */
$adminContextPolicy = $this->modx->getObject('modAccessPolicy',array('name' => 'Context'));
if ($adminGroup) {
if ($adminContextPolicy) {
/** @var modAccessContext $adminAdminAccess */
$adminAdminAccess = $this->modx->newObject('modAccessContext');
$adminAdminAccess->set('principal',$adminGroup->get('id'));
$adminAdminAccess->set('principal_class','modUserGroup');
$adminAdminAccess->set('target',$this->object->get('key'));
$adminAdminAccess->set('policy',$adminContextPolicy->get('id'));
$adminAdminAccess->save();
}
}
}
/**
* Enable anonymous Load Only access to a context.
*
* @return void
*/
public function enableAnonymousAccess() {
$anonContextPolicy = $this->modx->getObject('modAccessPolicy', array('name' => 'Load Only'));
$anonACL = $this->modx->getObject('modAccessContext', array(
'principal' => 0,
'principal_class' => 'modUserGroup',
'target' => $this->object->get('key'),
'authority' => 9999
));
if ($anonContextPolicy && !$anonACL) {
$anonACL = $this->modx->newObject('modAccessContext');
$anonACL->set('principal', 0);
$anonACL->set('principal_class', 'modUserGroup');
$anonACL->set('target', $this->object->get('key'));
$anonACL->set('policy', $anonContextPolicy->get('id'));
$anonACL->set('authority', 9999);
$anonACL->save();
}
}
/**
* Refresh the mgr user ACLs to accurately update the context's permissions
* @return void
*/
public function refreshUserACLs() {
if ($this->modx->getUser()) {
$this->modx->user->getAttributes(array(), '', true);
}
}
}
return 'modContextCreateProcessor';