From 09f3ea4cfbb233ad1449b0701b16f5c6e69e7f14 Mon Sep 17 00:00:00 2001 From: Nicolas Le Goff Date: Fri, 27 Jan 2012 17:17:52 +0100 Subject: [PATCH] #fix 279 check params for controllers --- lib/Alchemy/Phrasea/Application/OAuth2.php | 846 +++++++++--------- .../Phrasea/Controller/Prod/Basket.php | 16 +- .../Phrasea/Controller/Prod/Bridge.php | 2 +- lib/Alchemy/Phrasea/Controller/Prod/Edit.php | 94 +- lib/Alchemy/Phrasea/Controller/Prod/Feed.php | 10 +- .../Controller/Prod/MoveCollection.php | 4 +- .../Controller/Prod/MustacheLoader.php | 26 +- .../Phrasea/Controller/Prod/Printer.php | 2 +- lib/Alchemy/Phrasea/Controller/Prod/Push.php | 620 ++++++------- lib/Alchemy/Phrasea/Controller/Prod/Story.php | 55 +- .../Phrasea/Controller/Prod/Tooltip.php | 2 +- .../Phrasea/Controller/Prod/UsrLists.php | 665 +++++++------- .../Phrasea/Controller/Prod/WorkZone.php | 15 +- .../Phrasea/Controller/Root/RSSFeeds.php | 2 +- .../Phrasea/Controller/Setup/Installer.php | 2 +- .../Phrasea/Controller/Setup/Upgrader.php | 78 +- .../Controller/Utils/ConnectionTest.php | 126 +-- .../Phrasea/Controller/Utils/PathFileTest.php | 66 +- 18 files changed, 1318 insertions(+), 1313 deletions(-) diff --git a/lib/Alchemy/Phrasea/Application/OAuth2.php b/lib/Alchemy/Phrasea/Application/OAuth2.php index f6a0a65948..01fcc88400 100644 --- a/lib/Alchemy/Phrasea/Application/OAuth2.php +++ b/lib/Alchemy/Phrasea/Application/OAuth2.php @@ -32,427 +32,427 @@ use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; * @link www.phraseanet.com */ return call_user_func(function() - { - $app = new \Silex\Application(); + { + $app = new \Silex\Application(); - $app['Core'] = \bootstrap::getCore(); - - $app->register(new \Silex\Provider\ValidatorServiceProvider(), array( - 'validator.class_path' => __DIR__ . '/../../../../lib/vendor/symfony/src', - )); - - - $app['appbox'] = function() - { - return \appbox::get_instance(); - }; - - - $app['oauth'] = function($app) - { - return new \API_OAuth2_Adapter($app['appbox']); - }; - - - $app['user'] = function($app) - { - if ($app['appbox']->get_session()->is_authenticated()) - { - $user = \user_adapter::getInstance( - $app['appbox']->get_session()->get_usr_id() - , $app['appbox'] - ); - - return $user; - } - else - { - return null; - } - }; - - - /** - * Protected Closure - * @var Closure - * @return Symfony\Component\HttpFoundation\Response - */ - $app['response'] = $app->protect(function ($template, $variable) use ($app) - { - /* @var $twig \Twig_Environment */ - $twig = $app['Core']->getTwig(); - - $response = new Response( - $twig->render($template, $variable) - , 200 - , array('Content-Type' => 'text/html') - ); - $response->setCharset('UTF-8'); - - return $response; - }); - - - /* * ******************************************************************* - * AUTHENTIFICATION API - */ - - - /** - * AUTHORIZE ENDPOINT - * - * Authorization endpoint - used to obtain authorization from the - * resource owner via user-agent redirection. - */ - $authorize_func = function() use ($app) - { - $request = $app['request']; - $oauth2_adapter = $app['oauth']; - /* @var $twig \Twig_Environment */ - $twig = $app['Core']->getTwig(); - $session = $app['appbox']->get_session(); - - //Check for auth params, send error or redirect if not valid - $params = $oauth2_adapter->getAuthorizationRequestParameters($request); - - $authenticated = $session->is_authenticated(); - $app_authorized = false; - $errorMessage = false; - - $client = \API_OAuth2_Application::load_from_client_id($app['appbox'], $params['client_id']); - - $oauth2_adapter->setClient($client); - - $action_accept = $request->get("action_accept", null); - $action_login = $request->get("action_login", null); - - - $template = "api/auth/end_user_authorization.twig"; - $custom_template = $app['appbox']->get_registry()->get('GV_RootPath') . 'config/templates/web/api/auth/end_user_authorization/' . $client->get_id() . '.twig'; - if (file_exists($custom_template)) - { - $template = 'api/auth/end_user_authorization/' . $client->get_id() . '.twig'; - } - - if (!$authenticated) - { - if ($action_login !== null) - { - try - { - $login = $request->get("login"); - $password = $request->get("password"); - $auth = new \Session_Authentication_Native($app['appbox'], $login, $password); - $session->authenticate($auth); - } - catch (Exception $e) - { - $params = array( - "auth" => $oauth2_adapter - , "session" => $session - , "errorMessage" => true - , "user" => $app['user'] - ); - $html = $twig->render($template, $params); - - return new Response($html, 200, array("content-type" => "text/html")); - } - } - else - { - $params = array( - "auth" => $oauth2_adapter - , "session" => $session - , "errorMessage" => $errorMessage - , "user" => $app['user'] - ); - $html = $twig->render($template, $params); - - return new Response($html, 200, array("content-type" => "text/html")); - } - } - - //check if current client is alreadu authorized by current user - $user_auth_clients = \API_OAuth2_Application::load_authorized_app_by_user($app['appbox'], $app['user']); - - foreach ($user_auth_clients as $auth_client) - { - if ($client->get_client_id() == $auth_client->get_client_id()) - $app_authorized = true; - } - - $account = $oauth2_adapter->updateAccount($session->get_usr_id()); - $params['account_id'] = $account->get_id(); - - if (!$app_authorized && $action_accept === null) - { - $params = array( - "auth" => $oauth2_adapter - , "session" => $session - , "errorMessage" => $errorMessage - , "user" => $app['user'] - ); - - $html = $twig->render($template, $params); - - return new Response($html, 200, array("content-type" => "text/html")); - } - elseif (!$app_authorized && $action_accept !== null) - { - $app_authorized = !!$action_accept; - $account->set_revoked(!$app_authorized); - } - - //if native app show template - if ($oauth2_adapter->isNativeApp($params['redirect_uri'])) - { - $params = $oauth2_adapter->finishNativeClientAuthorization($app_authorized, $params); - $html = $twig->render("api/auth/native_app_access_token.twig", $params); - - return new Response($html, 200, array("content-type" => "text/html")); - } - else - { - $oauth2_adapter->finishClientAuthorization($app_authorized, $params); - } - }; - - $route = '/authorize'; - $app->get($route, $authorize_func); - $app->post($route, $authorize_func); - - - - /** - * TOKEN ENDPOINT - * Token endpoint - used to exchange an authorization grant for an access token. - */ - $route = '/token'; - $app->post($route, function() use ($app) - { - $app['oauth']->grantAccessToken(); - ob_flush(); - flush(); - - return; - }); - - - /** - * MANAGEMENT APPS - * - * - */ - /** - * list of all authorized apps by logged user - */ - $route = '/applications'; - $app->get($route, function() use ($app) - { - $apps = \API_OAuth2_Application::load_app_by_user($app['appbox'], $app['user']); - - return $app['response']('api/auth/applications.twig', array("apps" => $apps, 'user' => $app['user'])); - }); - - /** - * list of apps created by user - */ - $route = "/applications/dev"; - $app->get($route, function() use ($app) - { - $rs = \API_OAuth2_Application::load_dev_app_by_user($app['appbox'], $app['user']); - - return $app['response']('api/auth/application_dev.twig', array("apps" => $rs)); - }); - - /** - * display a new app form - */ - $route = "/applications/dev/new"; - $app->get($route, function() use ($app) - { - $var = array("violations" => null); - - return $app['response']('api/auth/application_dev_new.twig', $var); - }); - - - - $route = "/applications/dev/create"; - $app->post($route, function() use ($app) - { - $submit = false; - $post = new \API_OAuth2_Form_DevApp($app['request']); - $violations = $app['validator']->validate($post); - - if ($violations->count() == 0) - $submit = true; - - $request = $app['request']; - - if ($submit) - { - $application = \API_OAuth2_Application::create($app['appbox'], $app['user'], $request->get('name')); - $application->set_description($request->get('description')) - ->set_redirect_uri($request->get('callback')) - ->set_type($request->get('type')) - ->set_website($request->get('website')); - - return $app->redirect("/api/oauthv2/applications/dev/" . $application->get_id() . "/show"); - } - - $var = array( - "violations" => $violations, - "form" => $post - ); - - return $app['response']('api/auth/application_dev_new.twig', $var); - }); - - - /** - * show details of app identified by its id - */ - $route = "/applications/dev/{id}/show"; - $app->get($route, function($id) use ($app) - { - $client = new \API_OAuth2_Application($app['appbox'], $id); - $token = $client->get_user_account($app['user'])->get_token()->get_value(); - $var = array("app" => $client, "user" => $app['user'], "token" => $token); - - return $app['response']('api/auth/application_dev_show.twig', $var); - }); - - /** - * revoke access from a user to the app - * identified by account id - */ - $route = "/applications/revoke_access/"; - $app->post($route, function() use ($app) - { - $result = array("ok" => false); - try - { - $account = new \API_OAuth2_Account($app['appbox'], $app['request']->get('account_id')); - $account->set_revoked((bool) $app['request']->get('revoke')); - $result['ok'] = true; - } - catch (Exception $e) - { - - } - - $Serializer = $app['Core']['Serializer']; - - return new Response( - $Serializer->serialize($result, 'json') - , 200 - , array("content-type" => "application/json") - ); - }); - - $route = "/applications/{id}/generate_access_token/"; - $app->post($route, function($id) use ($app) - { - $result = array("ok" => false); - try - { - $client = new \API_OAuth2_Application($app['appbox'], $id); - $account = $client->get_user_account($app['user']); - - $token = $account->get_token(); - - if ($token instanceof API_OAuth2_Token) - $token->renew(); - else - $token = \API_OAuth2_Token::create($app['appbox'], $account); - - $result = array( - "ok" => true - , 'token' => $token->get_value() - ); - } - catch (Exception $e) - { - - } - - $Serializer = $app['Core']['Serializer']; - - return new Response( - $Serializer->serialize($result, 'json') - , 200 - , array("content-type" => "application/json") - ); - }); - - $route = "/applications/oauth_callback"; - $app->post($route, function() use ($app) - { - $app_id = $app['request']->request->get("app_id"); - $app_callback = $app["request"]->request->get("callback"); - $result = array("success" => false); - try - { - $client = new \API_OAuth2_Application($app['appbox'], $app_id); - $client->set_redirect_uri($app_callback); - $result['success'] = true; - } - catch (Exception $e) - { - - } - - $Serializer = $app['Core']['Serializer']; - - return new Response( - $Serializer->serialize($result, 'json') - , 200 - , array("content-type" => "application/json") - ); - }); - - $route = "/applications/{id}"; - $app->delete($route, function($id) use ($app) - { - $result = array("success" => false); - try - { - $client = new \API_OAuth2_Application($app['appbox'], $id); - $client->delete(); - $result['success'] = true; - } - catch (\Exception $e) - { - - } - - $Serializer = $app['Core']['Serializer']; - - return new Response( - $Serializer->serialize($result, 'json') - , 200 - , array("content-type" => "application/json") - ); - }); - /** - * ******************************************************************* - * - * Route Errors - * - */ - $app->error(function (\Exception $e) use ($app) - { - if ($e instanceof NotFoundHttpException || $e instanceof \Exception_NotFound) - { - return new Response('The requested page could not be found.', 404); - } - - $code = $e instanceof HttpExceptionInterface ? $e->getStatusCode() : 500; - - return new Response('We are sorry, but something went terribly wrong.
' . $e->getMessage(), $code); - }); - - - return $app; - }); + $app['Core'] = \bootstrap::getCore(); + + $app->register(new \Silex\Provider\ValidatorServiceProvider(), array( + 'validator.class_path' => __DIR__ . '/../../../../lib/vendor/symfony/src', + )); + + + $app['appbox'] = function() + { + return \appbox::get_instance(); + }; + + + $app['oauth'] = function($app) + { + return new \API_OAuth2_Adapter($app['appbox']); + }; + + + $app['user'] = function($app) + { + if ($app['appbox']->get_session()->is_authenticated()) + { + $user = \user_adapter::getInstance( + $app['appbox']->get_session()->get_usr_id() + , $app['appbox'] + ); + + return $user; + } + else + { + return null; + } + }; + + + /** + * Protected Closure + * @var Closure + * @return Symfony\Component\HttpFoundation\Response + */ + $app['response'] = $app->protect(function ($template, $variable) use ($app) + { + /* @var $twig \Twig_Environment */ + $twig = $app['Core']->getTwig(); + + $response = new Response( + $twig->render($template, $variable) + , 200 + , array('Content-Type' => 'text/html') + ); + $response->setCharset('UTF-8'); + + return $response; + }); + + + /* * ******************************************************************* + * AUTHENTIFICATION API + */ + + + /** + * AUTHORIZE ENDPOINT + * + * Authorization endpoint - used to obtain authorization from the + * resource owner via user-agent redirection. + */ + $authorize_func = function() use ($app) + { + $request = $app['request']; + $oauth2_adapter = $app['oauth']; + /* @var $twig \Twig_Environment */ + $twig = $app['Core']->getTwig(); + $session = $app['appbox']->get_session(); + + //Check for auth params, send error or redirect if not valid + $params = $oauth2_adapter->getAuthorizationRequestParameters($request); + + $authenticated = $session->is_authenticated(); + $app_authorized = false; + $errorMessage = false; + + $client = \API_OAuth2_Application::load_from_client_id($app['appbox'], $params['client_id']); + + $oauth2_adapter->setClient($client); + + $action_accept = $request->get("action_accept", null); + $action_login = $request->get("action_login", null); + + + $template = "api/auth/end_user_authorization.twig"; + $custom_template = $app['appbox']->get_registry()->get('GV_RootPath') . 'config/templates/web/api/auth/end_user_authorization/' . $client->get_id() . '.twig'; + if (file_exists($custom_template)) + { + $template = 'api/auth/end_user_authorization/' . $client->get_id() . '.twig'; + } + + if (!$authenticated) + { + if ($action_login !== null) + { + try + { + $login = $request->get("login"); + $password = $request->get("password"); + $auth = new \Session_Authentication_Native($app['appbox'], $login, $password); + $session->authenticate($auth); + } + catch (Exception $e) + { + $params = array( + "auth" => $oauth2_adapter + , "session" => $session + , "errorMessage" => true + , "user" => $app['user'] + ); + $html = $twig->render($template, $params); + + return new Response($html, 200, array("content-type" => "text/html")); + } + } + else + { + $params = array( + "auth" => $oauth2_adapter + , "session" => $session + , "errorMessage" => $errorMessage + , "user" => $app['user'] + ); + $html = $twig->render($template, $params); + + return new Response($html, 200, array("content-type" => "text/html")); + } + } + + //check if current client is alreadu authorized by current user + $user_auth_clients = \API_OAuth2_Application::load_authorized_app_by_user($app['appbox'], $app['user']); + + foreach ($user_auth_clients as $auth_client) + { + if ($client->get_client_id() == $auth_client->get_client_id()) + $app_authorized = true; + } + + $account = $oauth2_adapter->updateAccount($session->get_usr_id()); + $params['account_id'] = $account->get_id(); + + if (!$app_authorized && $action_accept === null) + { + $params = array( + "auth" => $oauth2_adapter + , "session" => $session + , "errorMessage" => $errorMessage + , "user" => $app['user'] + ); + + $html = $twig->render($template, $params); + + return new Response($html, 200, array("content-type" => "text/html")); + } + elseif (!$app_authorized && $action_accept !== null) + { + $app_authorized = !!$action_accept; + $account->set_revoked(!$app_authorized); + } + + //if native app show template + if ($oauth2_adapter->isNativeApp($params['redirect_uri'])) + { + $params = $oauth2_adapter->finishNativeClientAuthorization($app_authorized, $params); + $html = $twig->render("api/auth/native_app_access_token.twig", $params); + + return new Response($html, 200, array("content-type" => "text/html")); + } + else + { + $oauth2_adapter->finishClientAuthorization($app_authorized, $params); + } + }; + + $route = '/authorize'; + $app->get($route, $authorize_func); + $app->post($route, $authorize_func); + + + + /** + * TOKEN ENDPOINT + * Token endpoint - used to exchange an authorization grant for an access token. + */ + $route = '/token'; + $app->post($route, function() use ($app) + { + $app['oauth']->grantAccessToken(); + ob_flush(); + flush(); + + return; + }); + + + /** + * MANAGEMENT APPS + * + * + */ + /** + * list of all authorized apps by logged user + */ + $route = '/applications'; + $app->get($route, function() use ($app) + { + $apps = \API_OAuth2_Application::load_app_by_user($app['appbox'], $app['user']); + + return $app['response']('api/auth/applications.twig', array("apps" => $apps, 'user' => $app['user'])); + }); + + /** + * list of apps created by user + */ + $route = "/applications/dev"; + $app->get($route, function() use ($app) + { + $rs = \API_OAuth2_Application::load_dev_app_by_user($app['appbox'], $app['user']); + + return $app['response']('api/auth/application_dev.twig', array("apps" => $rs)); + }); + + /** + * display a new app form + */ + $route = "/applications/dev/new"; + $app->get($route, function() use ($app) + { + $var = array("violations" => null); + + return $app['response']('api/auth/application_dev_new.twig', $var); + }); + + + + $route = "/applications/dev/create"; + $app->post($route, function() use ($app) + { + $submit = false; + $post = new \API_OAuth2_Form_DevApp($app['request']); + $violations = $app['validator']->validate($post); + + if ($violations->count() == 0) + $submit = true; + + $request = $app['request']; + + if ($submit) + { + $application = \API_OAuth2_Application::create($app['appbox'], $app['user'], $request->get('name')); + $application->set_description($request->get('description')) + ->set_redirect_uri($request->get('callback')) + ->set_type($request->get('type')) + ->set_website($request->get('website')); + + return $app->redirect("/api/oauthv2/applications/dev/" . $application->get_id() . "/show"); + } + + $var = array( + "violations" => $violations, + "form" => $post + ); + + return $app['response']('api/auth/application_dev_new.twig', $var); + }); + + + /** + * show details of app identified by its id + */ + $route = "/applications/dev/{id}/show"; + $app->get($route, function($id) use ($app) + { + $client = new \API_OAuth2_Application($app['appbox'], $id); + $token = $client->get_user_account($app['user'])->get_token()->get_value(); + $var = array("app" => $client, "user" => $app['user'], "token" => $token); + + return $app['response']('api/auth/application_dev_show.twig', $var); + })->assert('id', '\d+'); + + /** + * revoke access from a user to the app + * identified by account id + */ + $route = "/applications/revoke_access/"; + $app->post($route, function() use ($app) + { + $result = array("ok" => false); + try + { + $account = new \API_OAuth2_Account($app['appbox'], $app['request']->get('account_id')); + $account->set_revoked((bool) $app['request']->get('revoke')); + $result['ok'] = true; + } + catch (Exception $e) + { + + } + + $Serializer = $app['Core']['Serializer']; + + return new Response( + $Serializer->serialize($result, 'json') + , 200 + , array("content-type" => "application/json") + ); + }); + + $route = "/applications/{id}/generate_access_token/"; + $app->post($route, function($id) use ($app) + { + $result = array("ok" => false); + try + { + $client = new \API_OAuth2_Application($app['appbox'], $id); + $account = $client->get_user_account($app['user']); + + $token = $account->get_token(); + + if ($token instanceof API_OAuth2_Token) + $token->renew(); + else + $token = \API_OAuth2_Token::create($app['appbox'], $account); + + $result = array( + "ok" => true + , 'token' => $token->get_value() + ); + } + catch (Exception $e) + { + + } + + $Serializer = $app['Core']['Serializer']; + + return new Response( + $Serializer->serialize($result, 'json') + , 200 + , array("content-type" => "application/json") + ); + })->assert('id', '\d+'); + + $route = "/applications/oauth_callback"; + $app->post($route, function() use ($app) + { + $app_id = $app['request']->request->get("app_id"); + $app_callback = $app["request"]->request->get("callback"); + $result = array("success" => false); + try + { + $client = new \API_OAuth2_Application($app['appbox'], $app_id); + $client->set_redirect_uri($app_callback); + $result['success'] = true; + } + catch (Exception $e) + { + + } + + $Serializer = $app['Core']['Serializer']; + + return new Response( + $Serializer->serialize($result, 'json') + , 200 + , array("content-type" => "application/json") + ); + }); + + $route = "/applications/{id}"; + $app->delete($route, function($id) use ($app) + { + $result = array("success" => false); + try + { + $client = new \API_OAuth2_Application($app['appbox'], $id); + $client->delete(); + $result['success'] = true; + } + catch (\Exception $e) + { + + } + + $Serializer = $app['Core']['Serializer']; + + return new Response( + $Serializer->serialize($result, 'json') + , 200 + , array("content-type" => "application/json") + ); + })->assert('id', '\d+'); + /** + * ******************************************************************* + * + * Route Errors + * + */ + $app->error(function (\Exception $e) use ($app) + { + if ($e instanceof NotFoundHttpException || $e instanceof \Exception_NotFound) + { + return new Response('The requested page could not be found.', 404); + } + + $code = $e instanceof HttpExceptionInterface ? $e->getStatusCode() : 500; + + return new Response('We are sorry, but something went terribly wrong.
' . $e->getMessage(), $code); + }); + + + return $app; + }); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Basket.php b/lib/Alchemy/Phrasea/Controller/Prod/Basket.php index 3bb0d816da..d7aba893be 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Basket.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Basket.php @@ -149,7 +149,7 @@ class Basket implements ControllerProviderInterface { return new RedirectResponse('/'); } - }); + })->assert('basket_id', '\d+'); /** * Removes a BasketElement @@ -190,7 +190,7 @@ class Basket implements ControllerProviderInterface { return new RedirectResponse('/'); } - }); + })->assert('basket_id', '\d+')->assert('basket_element_id', '\d+'); /** * Update name and description of a basket @@ -229,7 +229,7 @@ class Basket implements ControllerProviderInterface { return new RedirectResponse('/'); } - }); + })->assert('basket_id', '\d+'); /** * Get the form to update the Basket attributes (name and description) @@ -251,7 +251,7 @@ class Basket implements ControllerProviderInterface , array('basket' => $basket) ) ); - }); + })->assert('basket_id', '\d+'); /** @@ -276,7 +276,7 @@ class Basket implements ControllerProviderInterface , array('basket' => $basket) ) ); - }); + })->assert('basket_id', '\d+'); /** * Toggle the status of a Basket @@ -325,7 +325,7 @@ class Basket implements ControllerProviderInterface { return new RedirectResponse('/'); } - }); + })->assert('basket_id', '\d+'); /** * Add a BasketElement to a basket @@ -393,7 +393,7 @@ class Basket implements ControllerProviderInterface { return new RedirectResponse('/'); } - }); + })->assert('basket_id', '\d+'); @@ -456,7 +456,7 @@ class Basket implements ControllerProviderInterface { return new RedirectResponse('/'); } - }); + })->assert('basket_id', '\d+'); /** * Get basket creation form diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Bridge.php b/lib/Alchemy/Phrasea/Controller/Prod/Bridge.php index ec25065f22..cbad4d011b 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Bridge.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Bridge.php @@ -130,7 +130,7 @@ class Bridge implements ControllerProviderInterface $account->get_api()->get_connector()->disconnect(); return $app->redirect('/prod/bridge/adapter/' . $account_id . '/load-elements/' . $account->get_api()->get_connector()->get_default_element_type() . '/'); - }); + })->assert('account_id', '\d+'); $controllers->get('/adapter/{account_id}/load-records/' diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Edit.php b/lib/Alchemy/Phrasea/Controller/Prod/Edit.php index 10845b9335..fe0baf60e8 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Edit.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Edit.php @@ -32,77 +32,77 @@ class Edit implements ControllerProviderInterface $controllers = new ControllerCollection(); $controllers->post('/', function(Application $app, Request $request) - { - $handler = new RecordHelper\Edit($app['Core'], $request); + { + $handler = new RecordHelper\Edit($app['Core'], $request); - $handler->propose_editing(); + $handler->propose_editing(); - $template = 'prod/actions/edit_default.twig'; + $template = 'prod/actions/edit_default.twig'; - /* @var $twig \Twig_Environment */ - $twig = $app['Core']->getTwig(); + /* @var $twig \Twig_Environment */ + $twig = $app['Core']->getTwig(); - return $twig->render($template, array('edit' => $handler, 'message' => '')); - } + return $twig->render($template, array('edit' => $handler, 'message' => '')); + } ); $controllers->get('/vocabulary/{vocabulary}/', function(Application $app, Request $request, $vocabulary) - { - $datas = array('success' => false, 'message' => '', 'results' => array()); + { + $datas = array('success' => false, 'message' => '', 'results' => array()); - $Serializer = $app['Core']['Serializer']; + $Serializer = $app['Core']['Serializer']; - $sbas_id = (int) $request->get('sbas_id'); + $sbas_id = (int) $request->get('sbas_id'); - try - { - $VC = \Alchemy\Phrasea\Vocabulary\Controller::get($vocabulary); - $databox = \databox::get_instance($sbas_id); - } - catch (\Exception $e) - { - $datas['message'] = _('Vocabulary not found'); + try + { + $VC = \Alchemy\Phrasea\Vocabulary\Controller::get($vocabulary); + $databox = \databox::get_instance($sbas_id); + } + catch (\Exception $e) + { + $datas['message'] = _('Vocabulary not found'); - $datas = $Serializer->serialize($datas, 'json'); + $datas = $Serializer->serialize($datas, 'json'); - return new response($datas, 200, array('Content-Type' => 'application/json')); - } + return new response($datas, 200, array('Content-Type' => 'application/json')); + } - $query = $request->get('query'); + $query = $request->get('query'); - $results = $VC->find($query, $app['Core']->getAuthenticatedUser(), $databox); + $results = $VC->find($query, $app['Core']->getAuthenticatedUser(), $databox); - $list = array(); + $list = array(); - foreach ($results as $Term) - { - /* @var $Term \Alchemy\Phrasea\Vocabulary\Term */ - $list = array( - 'Id' => $Term->getId(), - 'Context' => $Term->getContext(), - 'Value' => $Term->getValue(), - ); - } + foreach ($results as $Term) + { + /* @var $Term \Alchemy\Phrasea\Vocabulary\Term */ + $list = array( + 'Id' => $Term->getId(), + 'Context' => $Term->getContext(), + 'Value' => $Term->getValue(), + ); + } - $datas['success'] = true; - $datas['results'] = $list; + $datas['success'] = true; + $datas['results'] = $list; - return new response($Serializer->serialize($datas, 'json'), 200, array('Content-Type' => 'application/json')); - } + return new response($Serializer->serialize($datas, 'json'), 200, array('Content-Type' => 'application/json')); + } ); $controllers->post('/apply/', function(Application $app, Request $request) - { - $editing = new RecordHelper\Edit($app['Core'], $app['request']); - $editing->execute($request); + { + $editing = new RecordHelper\Edit($app['Core'], $app['request']); + $editing->execute($request); - $template = 'prod/actions/edit_default.twig'; + $template = 'prod/actions/edit_default.twig'; - /* @var $twig \Twig_Environment */ - $twig = $app['Core']->getTwig(); + /* @var $twig \Twig_Environment */ + $twig = $app['Core']->getTwig(); - return $twig->render($template, array('edit' => $editing, 'message' => '')); - } + return $twig->render($template, array('edit' => $editing, 'message' => '')); + } ); return $controllers; diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Feed.php b/lib/Alchemy/Phrasea/Controller/Prod/Feed.php index 92a5a51334..91e551f3da 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Feed.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Feed.php @@ -109,7 +109,7 @@ class Feed implements ControllerProviderInterface $datas = $twig->render('prod/actions/publish/publish_edit.html', array('entry' => $entry, 'feeds' => $feeds)); return new Response($datas); - }); + })->assert('id', '\d+'); $controllers->post('/entry/{id}/update/', function(Application $app, Request $request, $id) use ($appbox, $twig) @@ -176,7 +176,7 @@ class Feed implements ControllerProviderInterface , 200 , array('Content-Type' => 'application/json') ); - }); + })->assert('id', '\d+'); $controllers->post('/entry/{id}/delete/', function(Application $app, Request $request, $id) use ($appbox, $twig) @@ -219,7 +219,7 @@ class Feed implements ControllerProviderInterface , 200 , array('Content-Type' => 'application/json') ); - }); + })->assert('id', '\d+'); //$app->post('/entry/{id}/addelement/', function($id) use ($app, $appbox, $twig) // { @@ -275,7 +275,7 @@ class Feed implements ControllerProviderInterface $datas = $twig->render('prod/feeds/feeds.html', array('feed' => $feed, 'feeds' => $feeds, 'page' => $page)); return new Response($datas); - }); + })->assert('id', '\d+'); $controllers->get('/subscribe/aggregated/', function(Application $app, Request $request) use ( $appbox, $twig) @@ -326,7 +326,7 @@ class Feed implements ControllerProviderInterface , 200 , array('Content-Type' => 'application/json') ); - }); + })->assert('id', '\d+'); return $controllers; } diff --git a/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php b/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php index 24fcde8a4d..0a057eac5c 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php @@ -38,7 +38,7 @@ class MoveCollection implements ControllerProviderInterface $move->propose(); $template = 'prod/actions/collection_default.twig'; - /* @var $twig \Twig_Environment */ + /* @var $twig \Twig_Environment */ $twig = $app['Core']->getTwig(); return $twig->render($template, array('action' => $move, 'message' => '')); @@ -53,7 +53,7 @@ class MoveCollection implements ControllerProviderInterface $move->execute($request); $template = 'prod/actions/collection_submit.twig'; - /* @var $twig \Twig_Environment */ + /* @var $twig \Twig_Environment */ $twig = $app['Core']->getTwig(); return $twig->render($template, array('action' => $move, 'message' => '')); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/MustacheLoader.php b/lib/Alchemy/Phrasea/Controller/Prod/MustacheLoader.php index f727aa6bf7..184cfa20da 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/MustacheLoader.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/MustacheLoader.php @@ -30,23 +30,23 @@ class MustacheLoader implements ControllerProviderInterface $controllers = new ControllerCollection(); $controllers->get('/', function(Application $app, Request $request) - { - $template_name = $request->get('template'); + { + $template_name = $request->get('template'); - if (!preg_match('/^[a-zA-Z0-9-_]+$/', $template_name)) - { - throw new \Exception_BadRequest('Wrong template name : ' . $template_name); - } + if (!preg_match('/^[a-zA-Z0-9-_]+$/', $template_name)) + { + throw new \Exception_BadRequest('Wrong template name : ' . $template_name); + } - $template_path = realpath(__DIR__ . '/../../../../../templates/web/Mustache/Prod/' . $template_name . '.Mustache.html'); + $template_path = realpath(__DIR__ . '/../../../../../templates/web/Mustache/Prod/' . $template_name . '.Mustache.html'); - if (!file_exists($template_path)) - { - throw new \Exception_NotFound('Template does not exists : ' . $template_path); - } + if (!file_exists($template_path)) + { + throw new \Exception_NotFound('Template does not exists : ' . $template_path); + } - return new \Symfony\Component\HttpFoundation\Response(file_get_contents($template_path)); - }); + return new \Symfony\Component\HttpFoundation\Response(file_get_contents($template_path)); + }); return $controllers; } diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Printer.php b/lib/Alchemy/Phrasea/Controller/Prod/Printer.php index d4579575c5..db6f89e71a 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Printer.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Printer.php @@ -37,7 +37,7 @@ class Printer implements ControllerProviderInterface $template = 'prod/actions/printer_default.html.twig'; - /* @var $twig \Twig_Environment */ + /* @var $twig \Twig_Environment */ $twig = $app['Core']->getTwig(); return $twig->render($template, array('printer' => $printer, 'message' => '')); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Push.php b/lib/Alchemy/Phrasea/Controller/Prod/Push.php index 30361b926e..05712edd82 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Push.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Push.php @@ -32,359 +32,359 @@ class Push implements ControllerProviderInterface $controllers = new ControllerCollection(); $controllers->post('/', function(Application $app) - { - $push = new RecordHelper\Push($app['Core'], $app['request']); + { + $push = new RecordHelper\Push($app['Core'], $app['request']); - $template = 'prod/actions/Push.html.twig'; + $template = 'prod/actions/Push.html.twig'; - /* @var $twig \Twig_Environment */ - $twig = $app['Core']->getTwig(); + /* @var $twig \Twig_Environment */ + $twig = $app['Core']->getTwig(); - return new Response($twig->render($template, array('push' => $push, 'message' => ''))); - } + return new Response($twig->render($template, array('push' => $push, 'message' => ''))); + } ); $controllers->post('/send/', function(Application $app) - { - $request = $app['request']; - - $ret = array( - 'success' => false, - 'message' => _('Unable to send the documents') - ); - - try - { - $em = $app['Core']->getEntityManager(); - - $pusher = new RecordHelper\Push($app['Core'], $app['request']); - - $user = $app['Core']->getAuthenticatedUser(); - - $appbox = \appbox::get_instance(); - - $push_name = $request->get( - 'push_name' - , sprintf(_('Push from %s'), $user->get_display_name()) - ); - - $push_description = $request->get('push_description'); - - $receivers = $request->get('receivers'); - - if (!is_array($receivers) || count($receivers) === 0) - { - throw new ControllerException(_('No receivers specified')); - } - - if (!is_array($pusher->get_elements()) || count($pusher->get_elements()) === 0) - { - throw new ControllerException(_('No elements to push')); - } - - foreach ($receivers as $receiver) - { - try { - $user_receiver = \User_Adapter::getInstance($receiver['usr_id'], $appbox); - } - catch (\Exception $e) - { - throw new ControllerException(sprintf(_('Unknown user %d'), $receiver['usr_id'])); - } + $request = $app['request']; - $Basket = new \Entities\Basket(); - $Basket->setName($push_name); - $Basket->setDescription($push_description); - $Basket->setOwner($user_receiver); - $Basket->setPusher($user); + $ret = array( + 'success' => false, + 'message' => _('Unable to send the documents') + ); - $em->persist($Basket); - - foreach ($pusher->get_elements() as $element) - { - $BasketElement = new \Entities\BasketELement(); - $BasketElement->setRecord($element); - $BasketElement->setBasket($Basket); - - - if ($receiver['HD']) + try { - $user_receiver->ACL()->grant_hd_on( - $BasketElement->getRecord() - , $user - , \ACL::GRANT_ACTION_PUSH + $em = $app['Core']->getEntityManager(); + + $pusher = new RecordHelper\Push($app['Core'], $app['request']); + + $user = $app['Core']->getAuthenticatedUser(); + + $appbox = \appbox::get_instance(); + + $push_name = $request->get( + 'push_name' + , sprintf(_('Push from %s'), $user->get_display_name()) + ); + + $push_description = $request->get('push_description'); + + $receivers = $request->get('receivers'); + + if (!is_array($receivers) || count($receivers) === 0) + { + throw new ControllerException(_('No receivers specified')); + } + + if (!is_array($pusher->get_elements()) || count($pusher->get_elements()) === 0) + { + throw new ControllerException(_('No elements to push')); + } + + foreach ($receivers as $receiver) + { + try + { + $user_receiver = \User_Adapter::getInstance($receiver['usr_id'], $appbox); + } + catch (\Exception $e) + { + throw new ControllerException(sprintf(_('Unknown user %d'), $receiver['usr_id'])); + } + + $Basket = new \Entities\Basket(); + $Basket->setName($push_name); + $Basket->setDescription($push_description); + $Basket->setOwner($user_receiver); + $Basket->setPusher($user); + + $em->persist($Basket); + + foreach ($pusher->get_elements() as $element) + { + $BasketElement = new \Entities\BasketELement(); + $BasketElement->setRecord($element); + $BasketElement->setBasket($Basket); + + + if ($receiver['HD']) + { + $user_receiver->ACL()->grant_hd_on( + $BasketElement->getRecord() + , $user + , \ACL::GRANT_ACTION_PUSH + ); + } + else + { + $user_receiver->ACL()->grant_preview_on( + $BasketElement->getRecord() + , $user + , \ACL::GRANT_ACTION_PUSH + ); + } + + $em->persist($BasketElement); + } + } + + $em->flush(); + + $message = sprintf( + _('%1$d records have been sent to %2$d users') + , count($pusher->get_elements()) + , count($request->get('receivers')) + ); + + $ret = array( + 'success' => true, + 'message' => $message ); } - else + catch (ControllerException $e) { - $user_receiver->ACL()->grant_preview_on( - $BasketElement->getRecord() - , $user - , \ACL::GRANT_ACTION_PUSH - ); + $ret['message'] = $e->getMessage(); } - $em->persist($BasketElement); + $Json = $app['Core']['Serializer']->serialize($ret, 'json'); + + return new Response($Json, 200, array('Content-Type' => 'application/json')); } - } - - $em->flush(); - - $message = sprintf( - _('%1$d records have been sent to %2$d users') - , count($pusher->get_elements()) - , count($request->get('receivers')) - ); - - $ret = array( - 'success' => true, - 'message' => $message - ); - } - catch (ControllerException $e) - { - $ret['message'] = $e->getMessage(); - } - - $Json = $app['Core']['Serializer']->serialize($ret, 'json'); - - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } ); $controllers->post('/validate/', function(Application $app) - { - $request = $app['request']; - - $ret = array( - 'success' => false, - 'message' => _('Unable to send the documents') - ); - - try - { - $pusher = new RecordHelper\Push($app['Core'], $app['request']); - $user = $app['Core']->getAuthenticatedUser(); - - $em = $app['Core']->getEntityManager(); - - $repository = $em->getRepository('\Entities\Basket'); - - $validation_name = $request->get( - 'validation_name' - , sprintf(_('Validation from %s'), $user->get_display_name()) - ); - - $validation_description = $request->get('validation_description'); - - $participants = $request->get('participants'); - - if (!is_array($participants) || count($participants) === 0) - { - throw new ControllerException(_('No participants specified')); - } - - if (!is_array($pusher->get_elements()) || count($pusher->get_elements()) === 0) - { - throw new ControllerException(_('No elements to validate')); - } - - if ($pusher->is_basket()) - { - $Basket = $pusher->get_original_basket(); - } - else - { - $Basket = new \Entities\Basket(); - $Basket->setName($validation_name); - $Basket->setDescription($validation_description); - $Basket->setOwner($user); - - $em->persist($Basket); - - foreach ($pusher->get_elements() as $element) { - $BasketElement = new \Entities\BasketElement(); - $BasketElement->setRecord($element); - $BasketElement->setBasket($Basket); + $request = $app['request']; - $em->persist($BasketElement); - } + $ret = array( + 'success' => false, + 'message' => _('Unable to send the documents') + ); - $em->flush(); - } - - $em->refresh($Basket); - - if (!$Basket->getValidation()) - { - $Validation = new \Entities\ValidationSession(); - $Validation->setInitiator($app['Core']->getAuthenticatedUser()); - $Validation->setBasket($Basket); - - $Basket->setValidation($Validation); - $em->persist($Validation); - } - else - { - $Validation = $Basket->getValidation(); - } - - - $appbox = \appbox::get_instance(); - - foreach ($participants as $participant) - { - foreach (array('see_others', 'usr_id', 'agree', 'HD') as $mandatoryparam) - { - if (!array_key_exists($mandatoryparam, $participant)) - throw new ControllerException(sprintf(_('Missing mandatory participant parameter %s'), $mandatoryparam)); - } - - try - { - $participant_user = \User_Adapter::getInstance($participant['usr_id'], $appbox); - } - catch (\Exception $e) - { - throw new ControllerException(sprintf(_('Unknown user %d'), $receiver['usr_id'])); - } - - try - { - $Participant = $Validation->getParticipant($participant_user); - continue; - } - catch (\Exception_NotFound $e) - { - - } - - $Participant = new \Entities\ValidationParticipant(); - $Participant->setUser($participant_user); - $Participant->setSession($Validation); - - $Participant->setCanAgree($participant['agree']); - $Participant->setCanSeeOthers($participant['see_others']); - - $em->persist($Participant); - - foreach ($Basket->getElements() as $BasketElement) - { - $ValidationData = new \Entities\ValidationData(); - $ValidationData->setParticipant($Participant); - $ValidationData->setBasketElement($BasketElement); - $BasketElement->addValidationData($ValidationData); - - if ($participant['HD']) + try { - $participant_user->ACL()->grant_hd_on( - $BasketElement->getRecord() - , $user - , \ACL::GRANT_ACTION_VALIDATE + $pusher = new RecordHelper\Push($app['Core'], $app['request']); + $user = $app['Core']->getAuthenticatedUser(); + + $em = $app['Core']->getEntityManager(); + + $repository = $em->getRepository('\Entities\Basket'); + + $validation_name = $request->get( + 'validation_name' + , sprintf(_('Validation from %s'), $user->get_display_name()) + ); + + $validation_description = $request->get('validation_description'); + + $participants = $request->get('participants'); + + if (!is_array($participants) || count($participants) === 0) + { + throw new ControllerException(_('No participants specified')); + } + + if (!is_array($pusher->get_elements()) || count($pusher->get_elements()) === 0) + { + throw new ControllerException(_('No elements to validate')); + } + + if ($pusher->is_basket()) + { + $Basket = $pusher->get_original_basket(); + } + else + { + $Basket = new \Entities\Basket(); + $Basket->setName($validation_name); + $Basket->setDescription($validation_description); + $Basket->setOwner($user); + + $em->persist($Basket); + + foreach ($pusher->get_elements() as $element) + { + $BasketElement = new \Entities\BasketElement(); + $BasketElement->setRecord($element); + $BasketElement->setBasket($Basket); + + $em->persist($BasketElement); + } + + $em->flush(); + } + + $em->refresh($Basket); + + if (!$Basket->getValidation()) + { + $Validation = new \Entities\ValidationSession(); + $Validation->setInitiator($app['Core']->getAuthenticatedUser()); + $Validation->setBasket($Basket); + + $Basket->setValidation($Validation); + $em->persist($Validation); + } + else + { + $Validation = $Basket->getValidation(); + } + + + $appbox = \appbox::get_instance(); + + foreach ($participants as $participant) + { + foreach (array('see_others', 'usr_id', 'agree', 'HD') as $mandatoryparam) + { + if (!array_key_exists($mandatoryparam, $participant)) + throw new ControllerException(sprintf(_('Missing mandatory participant parameter %s'), $mandatoryparam)); + } + + try + { + $participant_user = \User_Adapter::getInstance($participant['usr_id'], $appbox); + } + catch (\Exception $e) + { + throw new ControllerException(sprintf(_('Unknown user %d'), $receiver['usr_id'])); + } + + try + { + $Participant = $Validation->getParticipant($participant_user); + continue; + } + catch (\Exception_NotFound $e) + { + + } + + $Participant = new \Entities\ValidationParticipant(); + $Participant->setUser($participant_user); + $Participant->setSession($Validation); + + $Participant->setCanAgree($participant['agree']); + $Participant->setCanSeeOthers($participant['see_others']); + + $em->persist($Participant); + + foreach ($Basket->getElements() as $BasketElement) + { + $ValidationData = new \Entities\ValidationData(); + $ValidationData->setParticipant($Participant); + $ValidationData->setBasketElement($BasketElement); + $BasketElement->addValidationData($ValidationData); + + if ($participant['HD']) + { + $participant_user->ACL()->grant_hd_on( + $BasketElement->getRecord() + , $user + , \ACL::GRANT_ACTION_VALIDATE + ); + } + else + { + $participant_user->ACL()->grant_preview_on( + $BasketElement->getRecord() + , $user + , \ACL::GRANT_ACTION_VALIDATE + ); + } + + $em->merge($BasketElement); + $em->persist($ValidationData); + + $Participant->addValidationData($ValidationData); + } + + $em->merge($Participant); + } + + $em->merge($Basket); + $em->merge($Validation); + + $em->flush(); + + $message = sprintf( + _('%1$d records have been sent for validation to %2$d users') + , count($pusher->get_elements()) + , count($request->get('$participants')) + ); + + $ret = array( + 'success' => true, + 'message' => $message ); } - else + catch (ControllerException $e) { - $participant_user->ACL()->grant_preview_on( - $BasketElement->getRecord() - , $user - , \ACL::GRANT_ACTION_VALIDATE - ); + $ret['message'] = $e->getMessage(); } - $em->merge($BasketElement); - $em->persist($ValidationData); + $Json = $app['Core']['Serializer']->serialize($ret, 'json'); - $Participant->addValidationData($ValidationData); + return new Response($Json, 200, array('Content-Type' => 'application/json')); } - - $em->merge($Participant); - } - - $em->merge($Basket); - $em->merge($Validation); - - $em->flush(); - - $message = sprintf( - _('%1$d records have been sent for validation to %2$d users') - , count($pusher->get_elements()) - , count($request->get('$participants')) - ); - - $ret = array( - 'success' => true, - 'message' => $message - ); - } - catch (ControllerException $e) - { - $ret['message'] = $e->getMessage(); - } - - $Json = $app['Core']['Serializer']->serialize($ret, 'json'); - - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } ); $controllers->get('/search-user/', function(Application $app) - { - $request = $app['request']; - $em = $app['Core']->getEntityManager(); - $user = $app['Core']->getAuthenticatedUser(); + { + $request = $app['request']; + $em = $app['Core']->getEntityManager(); + $user = $app['Core']->getAuthenticatedUser(); - $query = new \User_Query(\appbox::get_instance()); + $query = new \User_Query(\appbox::get_instance()); - $query->on_bases_where_i_am($user->ACL(), array('canpush')); + $query->on_bases_where_i_am($user->ACL(), array('canpush')); - $query->like(\User_Query::LIKE_FIRSTNAME, $request->get('query')) - ->like(\User_Query::LIKE_LASTNAME, $request->get('query')) - ->like(\User_Query::LIKE_LOGIN, $request->get('query')) - ->like_match(\User_Query::LIKE_MATCH_OR); + $query->like(\User_Query::LIKE_FIRSTNAME, $request->get('query')) + ->like(\User_Query::LIKE_LASTNAME, $request->get('query')) + ->like(\User_Query::LIKE_LOGIN, $request->get('query')) + ->like_match(\User_Query::LIKE_MATCH_OR); - $result = $query->include_phantoms() - ->limit(0, 50) - ->execute()->get_results(); + $result = $query->include_phantoms() + ->limit(0, 50) + ->execute()->get_results(); - $repository = $em->getRepository('\Entities\UsrList'); + $repository = $em->getRepository('\Entities\UsrList'); - $lists = $repository->findUserListLike($user, $request->get('query')); + $lists = $repository->findUserListLike($user, $request->get('query')); - $datas = array(); + $datas = array(); - if ($lists) - { - foreach ($lists as $list) - { - $datas[] = array( - 'type' => 'LIST' - , 'name' => $list->getName() - , 'quantity' => $list->getUsers()->count() - ); - } - } + if ($lists) + { + foreach ($lists as $list) + { + $datas[] = array( + 'type' => 'LIST' + , 'name' => $list->getName() + , 'quantity' => $list->getUsers()->count() + ); + } + } - if ($result) - { - foreach ($result as $user) - { - $datas[] = array( - 'type' => 'USER' - , 'usr_id' => $user->get_id() - , 'firstname' => $user->get_firstname() - , 'lastname' => $user->get_lastname() - , 'email' => $user->get_email() - , 'display_name' => $user->get_display_name() - ); - } - } + if ($result) + { + foreach ($result as $user) + { + $datas[] = array( + 'type' => 'USER' + , 'usr_id' => $user->get_id() + , 'firstname' => $user->get_firstname() + , 'lastname' => $user->get_lastname() + , 'email' => $user->get_email() + , 'display_name' => $user->get_display_name() + ); + } + } - $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + $Json = $app['Core']['Serializer']->serialize($datas, 'json'); - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } + return new Response($Json, 200, array('Content-Type' => 'application/json')); + } ); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Story.php b/lib/Alchemy/Phrasea/Controller/Prod/Story.php index 5caf227b2f..f358f313bd 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Story.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Story.php @@ -186,41 +186,46 @@ class Story implements ControllerProviderInterface { return new RedirectResponse('/'); } - }); + })->assert('sbas_id', '\d+')->assert('record_id', '\d+'); $controllers->post( - '/{sbas_id}/{record_id}/delete/{child_sbas_id}/{child_record_id}/' - , function(Application $app, Request $request, $sbas_id, $record_id, $child_sbas_id, $child_record_id) - { - $Story = new \record_adapter($sbas_id, $record_id); + '/{sbas_id}/{record_id}/delete/{child_sbas_id}/{child_record_id}/' + , function(Application $app, Request $request, $sbas_id, $record_id, $child_sbas_id, $child_record_id) + { + $Story = new \record_adapter($sbas_id, $record_id); - $record = new \record_adapter($child_sbas_id, $child_record_id); + $record = new \record_adapter($child_sbas_id, $child_record_id); - $user = $app['Core']->getAuthenticatedUser(); + $user = $app['Core']->getAuthenticatedUser(); - if (!$user->ACL()->has_right_on_base($Story->get_base_id(), 'canmodifrecord')) - throw new \Exception_Forbidden('You can not add document to this Story'); + if (!$user->ACL()->has_right_on_base($Story->get_base_id(), 'canmodifrecord')) + throw new \Exception_Forbidden('You can not add document to this Story'); - /* @var $user \User_Adapter */ + /* @var $user \User_Adapter */ - $Story->removeChild($record); + $Story->removeChild($record); - $data = array( - 'success' => true - , 'message' => _('Record removed from story') - ); + $data = array( + 'success' => true + , 'message' => _('Record removed from story') + ); - if ($request->getRequestFormat() == 'json') - { - $datas = $app['Core']['Serializer']->serialize($data, 'json'); + if ($request->getRequestFormat() == 'json') + { + $datas = $app['Core']['Serializer']->serialize($data, 'json'); - return new Response($datas, 200, array('Content-type' => 'application/json')); - } - else - { - return new RedirectResponse('/'); - } - }); + return new Response($datas, 200, array('Content-type' => 'application/json')); + } + else + { + return new RedirectResponse('/'); + } + }) + ->assert('sbas_id', '\d+') + ->assert('record_id', '\d+') + ->assert('child_sbas_id', '\d+') + ->assert('child_record_id', '\d+'); + // $controllers->post('/{basket_id}/delete/', function(Application $app, Request $request, $basket_id) // { // $em = $app['Core']->getEntityManager(); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Tooltip.php b/lib/Alchemy/Phrasea/Controller/Prod/Tooltip.php index 1cbcd7faeb..721a0a2a4c 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Tooltip.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Tooltip.php @@ -73,7 +73,7 @@ class Tooltip implements ControllerProviderInterface , array('user' => $user) ) ); - })->assert('sbas_id', '\d+')->assert('record_id', '\d+'); + })->assert('usr_id', '\d+'); $controllers->post('/preview/{sbas_id}/{record_id}/' diff --git a/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php b/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php index 23c7abb4ba..20c4281382 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php @@ -37,474 +37,475 @@ class UsrLists implements ControllerProviderInterface * Get all lists */ $controllers->get('/list/all/', function(Application $app) - { - $em = $app['Core']->getEntityManager(); + { + $em = $app['Core']->getEntityManager(); - $repository = $em->getRepository('\Entities\UsrList'); + $repository = $em->getRepository('\Entities\UsrList'); - $lists = $repository->findUserLists($app['Core']->getAuthenticatedUser()); + $lists = $repository->findUserLists($app['Core']->getAuthenticatedUser()); - $datas = array('lists' => array()); + $datas = array('lists' => array()); - foreach ($lists as $list) - { - $owners = $entries = array(); + foreach ($lists as $list) + { + $owners = $entries = array(); - foreach ($list->getOwners() as $owner) - { - $owners[] = array( - 'usr_id' => $owner->getUser()->get_id(), - 'display_name' => $owner->getUser()->get_display_name(), - 'position' => $owner->getUser()->get_position(), - 'job' => $owner->getUser()->get_job(), - 'company' => $owner->getUser()->get_company(), - 'email' => $owner->getUser()->get_email(), - 'role' => $owner->getRole() - ); - } + foreach ($list->getOwners() as $owner) + { + $owners[] = array( + 'usr_id' => $owner->getUser()->get_id(), + 'display_name' => $owner->getUser()->get_display_name(), + 'position' => $owner->getUser()->get_position(), + 'job' => $owner->getUser()->get_job(), + 'company' => $owner->getUser()->get_company(), + 'email' => $owner->getUser()->get_email(), + 'role' => $owner->getRole() + ); + } - foreach ($list->getEntries() as $entry) - { - $entries[] = array( - 'usr_id' => $owner->getUser()->get_id(), - 'display_name' => $owner->getUser()->get_display_name(), - 'position' => $owner->getUser()->get_position(), - 'job' => $owner->getUser()->get_job(), - 'company' => $owner->getUser()->get_company(), - 'email' => $owner->getUser()->get_email(), - ); - } + foreach ($list->getEntries() as $entry) + { + $entries[] = array( + 'usr_id' => $owner->getUser()->get_id(), + 'display_name' => $owner->getUser()->get_display_name(), + 'position' => $owner->getUser()->get_position(), + 'job' => $owner->getUser()->get_job(), + 'company' => $owner->getUser()->get_company(), + 'email' => $owner->getUser()->get_email(), + ); + } - /* @var $list \Entities\UsrList */ - $datas['lists'][] = array( - 'name' => $list->getName(), - 'created' => $list->getCreated()->format(DATE_ATOM), - 'updated' => $list->getUpdated()->format(DATE_ATOM), - 'owners' => $owners, - 'users' => $entries - ); - } + /* @var $list \Entities\UsrList */ + $datas['lists'][] = array( + 'name' => $list->getName(), + 'created' => $list->getCreated()->format(DATE_ATOM), + 'updated' => $list->getUpdated()->format(DATE_ATOM), + 'owners' => $owners, + 'users' => $entries + ); + } - $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + $Json = $app['Core']['Serializer']->serialize($datas, 'json'); - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } + return new Response($Json, 200, array('Content-Type' => 'application/json')); + } ); /** * Creates a list */ $controllers->post('/list/', function(Application $app) - { - $request = $app['request']; + { + $request = $app['request']; - $list_name = $request->get('name'); + $list_name = $request->get('name'); - $datas = array( - 'success' => false - , 'message' => sprintf(_('Unable to create list %s'), $list_name) - ); + $datas = array( + 'success' => false + , 'message' => sprintf(_('Unable to create list %s'), $list_name) + ); - try - { - if (!$list_name) - { - throw new ControllerException(_('List name is required')); - } + try + { + if (!$list_name) + { + throw new ControllerException(_('List name is required')); + } - $em = $app['Core']->getEntityManager(); + $em = $app['Core']->getEntityManager(); - $List = new \Entities\UsrList(); + $List = new \Entities\UsrList(); - $Owner = new \Entities\UsrListOwner(); - $Owner->setRole(\Entities\UsrListOwner::ROLE_ADMIN); - $Owner->setUser($app['Core']->getAuthenticatedUser()); - $Owner->setList($List); + $Owner = new \Entities\UsrListOwner(); + $Owner->setRole(\Entities\UsrListOwner::ROLE_ADMIN); + $Owner->setUser($app['Core']->getAuthenticatedUser()); + $Owner->setList($List); - $List->setName($list_name); - $List->addUsrListOwner($Owner); + $List->setName($list_name); + $List->addUsrListOwner($Owner); - $em->persist($Owner); - $em->persist($List); - $em->flush(); + $em->persist($Owner); + $em->persist($List); + $em->flush(); - $datas = array( - 'success' => true - , 'message' => sprintf(_('List %s has been created'), $list_name) - ); - } - catch (ControllerException $e) - { - $datas = array( - 'success' => false - , 'message' => $e->getMessage() - ); - } + $datas = array( + 'success' => true + , 'message' => sprintf(_('List %s has been created'), $list_name) + ); + } + catch (ControllerException $e) + { + $datas = array( + 'success' => false + , 'message' => $e->getMessage() + ); + } - $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + $Json = $app['Core']['Serializer']->serialize($datas, 'json'); - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } + return new Response($Json, 200, array('Content-Type' => 'application/json')); + } ); /** * Gets a list */ $controllers->get('/list/{list_id}/', function(Application $app, $list_id) - { - $user = $app['Core']->getAuthenticatedUser(); - $em = $app['Core']->getEntityManager(); + { + $user = $app['Core']->getAuthenticatedUser(); + $em = $app['Core']->getEntityManager(); - $repository = $em->getRepository('\Entities\UsrList'); + $repository = $em->getRepository('\Entities\UsrList'); - $list = $repository->findUserListByUserAndId($user, $list_id); + $list = $repository->findUserListByUserAndId($user, $list_id); - $owners = $entries = $lists = array(); + $owners = $entries = $lists = array(); - foreach ($list->getOwners() as $owner) - { - $owners[] = array( - 'usr_id' => $owner->getUser()->get_id(), - 'display_name' => $owner->getUser()->get_display_name(), - 'position' => $owner->getUser()->get_position(), - 'job' => $owner->getUser()->get_job(), - 'company' => $owner->getUser()->get_company(), - 'email' => $owner->getUser()->get_email(), - 'role' => $owner->getRole() - ); - } + foreach ($list->getOwners() as $owner) + { + $owners[] = array( + 'usr_id' => $owner->getUser()->get_id(), + 'display_name' => $owner->getUser()->get_display_name(), + 'position' => $owner->getUser()->get_position(), + 'job' => $owner->getUser()->get_job(), + 'company' => $owner->getUser()->get_company(), + 'email' => $owner->getUser()->get_email(), + 'role' => $owner->getRole() + ); + } - foreach ($list->getEntries() as $entry) - { - $entries[] = array( - 'usr_id' => $owner->getUser()->get_id(), - 'display_name' => $owner->getUser()->get_display_name(), - 'position' => $owner->getUser()->get_position(), - 'job' => $owner->getUser()->get_job(), - 'company' => $owner->getUser()->get_company(), - 'email' => $owner->getUser()->get_email(), - ); - } + foreach ($list->getEntries() as $entry) + { + $entries[] = array( + 'usr_id' => $owner->getUser()->get_id(), + 'display_name' => $owner->getUser()->get_display_name(), + 'position' => $owner->getUser()->get_position(), + 'job' => $owner->getUser()->get_job(), + 'company' => $owner->getUser()->get_company(), + 'email' => $owner->getUser()->get_email(), + ); + } - /* @var $list \Entities\UsrList */ - $datas = array('list' => array( - 'name' => $list->getName(), - 'created' => $list->getCreated()->format(DATE_ATOM), - 'updated' => $list->getUpdated()->format(DATE_ATOM), - 'owners' => $owners, - 'users' => $entries - ) - ); + /* @var $list \Entities\UsrList */ + $datas = array('list' => array( + 'name' => $list->getName(), + 'created' => $list->getCreated()->format(DATE_ATOM), + 'updated' => $list->getUpdated()->format(DATE_ATOM), + 'owners' => $owners, + 'users' => $entries + ) + ); - $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + $Json = $app['Core']['Serializer']->serialize($datas, 'json'); - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } - ); + return new Response($Json, 200, array('Content-Type' => 'application/json')); + } + )->assert('list_id', '\d+'); /** * Update a list */ $controllers->post('/list/{list_id}/update/', function(Application $app, $list_id) - { - $request = $app['request']; + { + $request = $app['request']; - $datas = array( - 'success' => false - , 'message' => _('Unable to update list') - ); + $datas = array( + 'success' => false + , 'message' => _('Unable to update list') + ); - try - { - $list_name = $request->get('name'); + try + { + $list_name = $request->get('name'); - if (!$list_name) - { - throw new ControllerException(_('List name is required')); - } + if (!$list_name) + { + throw new ControllerException(_('List name is required')); + } - $user = $app['Core']->getAuthenticatedUser(); - $em = $app['Core']->getEntityManager(); + $user = $app['Core']->getAuthenticatedUser(); + $em = $app['Core']->getEntityManager(); - $repository = $em->getRepository('\Entities\UsrList'); + $repository = $em->getRepository('\Entities\UsrList'); - $list = $repository->findUserListByUserAndId($user, $list_id); + $list = $repository->findUserListByUserAndId($user, $list_id); - $list->setName($list_name); + $list->setName($list_name); - $em->merge($list); - $em->flush(); + $em->merge($list); + $em->flush(); - $datas = array( - 'success' => true - , 'message' => _('List has been updated') - ); - } - catch (ControllerException $e) - { - $datas = array( - 'success' => false - , 'message' => $e->getMessage() - ); - } + $datas = array( + 'success' => true + , 'message' => _('List has been updated') + ); + } + catch (ControllerException $e) + { + $datas = array( + 'success' => false + , 'message' => $e->getMessage() + ); + } - $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + $Json = $app['Core']['Serializer']->serialize($datas, 'json'); - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } - ); + return new Response($Json, 200, array('Content-Type' => 'application/json')); + } + )->assert('list_id', '\d+'); /** * Delete a list */ $controllers->post('/list/{list_id}/delete/', function(Application $app, $list_id) - { - $em = $app['Core']->getEntityManager(); + { + $em = $app['Core']->getEntityManager(); - try - { - $repository = $em->getRepository('\Entities\UsrList'); + try + { + $repository = $em->getRepository('\Entities\UsrList'); - $user = $app['Core']->getAuthenticatedUser(); + $user = $app['Core']->getAuthenticatedUser(); - $list = $repository->findUserListByUserAndId($user, $list_id); + $list = $repository->findUserListByUserAndId($user, $list_id); - $em->remove($list); - $em->flush(); + $em->remove($list); + $em->flush(); - $datas = array( - 'success' => true - , 'message' => sprintf(_('List has been deleted')) - ); - } - catch (\Exception $e) - { + $datas = array( + 'success' => true + , 'message' => sprintf(_('List has been deleted')) + ); + } + catch (\Exception $e) + { - $datas = array( - 'success' => false - , 'message' => sprintf(_('Unable to delete list')) - ); - } + $datas = array( + 'success' => false + , 'message' => sprintf(_('Unable to delete list')) + ); + } - $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + $Json = $app['Core']['Serializer']->serialize($datas, 'json'); - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } - ); + return new Response($Json, 200, array('Content-Type' => 'application/json')); + } + )->assert('list_id', '\d+'); /** * Remove a usr_id from a list */ $controllers->post('/list/{list_id}/remove/{entry_id}/', function(Application $app, $list_id, $entry_id) - { - $em = $app['Core']->getEntityManager(); + { + $em = $app['Core']->getEntityManager(); - try - { - $repository = $em->getRepository('\Entities\UsrList'); + try + { + $repository = $em->getRepository('\Entities\UsrList'); - $user = $app['Core']->getAuthenticatedUser(); + $user = $app['Core']->getAuthenticatedUser(); - $list = $repository->findUserListByUserAndId($user, $list_id); - /* @var $list \Entities\UsrList */ + $list = $repository->findUserListByUserAndId($user, $list_id); + /* @var $list \Entities\UsrList */ - $entry_repository = $em->getRepository('\Entities\UsrListEntry'); + $entry_repository = $em->getRepository('\Entities\UsrListEntry'); - $user_entry = $entry_repository->findEntryByListAndEntryId($list, $entry_id); + $user_entry = $entry_repository->findEntryByListAndEntryId($list, $entry_id); - $em->remove($user_entry); - $em->flush(); + $em->remove($user_entry); + $em->flush(); - $datas = array( - 'success' => true - , 'message' => _('Entry removed from list') - ); - } - catch (\Exception $e) - { + $datas = array( + 'success' => true + , 'message' => _('Entry removed from list') + ); + } + catch (\Exception $e) + { - $datas = array( - 'success' => false - , 'message' => _('Unable to remove entry from list') - ); - } + $datas = array( + 'success' => false + , 'message' => _('Unable to remove entry from list') + ); + } - $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + $Json = $app['Core']['Serializer']->serialize($datas, 'json'); - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } - ); + return new Response($Json, 200, array('Content-Type' => 'application/json')); + } + )->assert('list_id', '\d+')->assert('entry_id', '\d+'); /** * Adds a usr_id to a list */ $controllers->post('/list/{list_id}/add/{usr_id}/', function(Application $app, $list_id, $usr_id) - { - $em = $app['Core']->getEntityManager(); - $user = $app['Core']->getAuthenticatedUser(); + { + $em = $app['Core']->getEntityManager(); + $user = $app['Core']->getAuthenticatedUser(); - try - { - $repository = $em->getRepository('\Entities\UsrList'); + try + { + $repository = $em->getRepository('\Entities\UsrList'); - $list = $repository->findUserListByUserAndId($user, $list_id); - /* @var $list \Entities\UsrList */ - $user_entry = \User_Adapter::getInstance($usr_id, \appbox::get_instance()); + $list = $repository->findUserListByUserAndId($user, $list_id); + /* @var $list \Entities\UsrList */ + $user_entry = \User_Adapter::getInstance($usr_id, \appbox::get_instance()); - $entry = new \Entities\UsrListEntry(); - $entry->setUser($user_entry); - $entry->setList($list); + $entry = new \Entities\UsrListEntry(); + $entry->setUser($user_entry); + $entry->setList($list); - $list->addUsrListEntry($entry); + $list->addUsrListEntry($entry); - $em->persist($entry); - $em->merge($list); + $em->persist($entry); + $em->merge($list); - $em->flush(); + $em->flush(); - $datas = array( - 'success' => true - , 'message' => _('Usr added to list') - ); - } - catch (\Exception $e) - { + $datas = array( + 'success' => true + , 'message' => _('Usr added to list') + ); + } + catch (\Exception $e) + { - $datas = array( - 'success' => false - , 'message' => _('Unable to add usr to list') - ); - } + $datas = array( + 'success' => false + , 'message' => _('Unable to add usr to list') + ); + } - $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + $Json = $app['Core']['Serializer']->serialize($datas, 'json'); - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } - ); + return new Response($Json, 200, array('Content-Type' => 'application/json')); + } + )->assert('list_id', '\d+')->assert('usr_id', '\d+'); /** * Share a list to a user with an optionnal role */ $controllers->post('/list/{list_id}/share/{usr_id}/', function(Application $app, $list_id, $usr_id) - { - $em = $app['Core']->getEntityManager(); - $user = $app['Core']->getAuthenticatedUser(); + { + $em = $app['Core']->getEntityManager(); + $user = $app['Core']->getAuthenticatedUser(); - $availableRoles = array( - \Entities\UsrListOwner::ROLE_USER, - \Entities\UsrListOwner::ROLE_EDITOR, - \Entities\UsrListOwner::ROLE_ADMIN, - ); + $availableRoles = array( + \Entities\UsrListOwner::ROLE_USER, + \Entities\UsrListOwner::ROLE_EDITOR, + \Entities\UsrListOwner::ROLE_ADMIN, + ); - if (!$app['request']->get('role')) - throw new \Exception_BadRequest('Missing role parameter'); - elseif (!in_array($app['request']->get('role'), $availableRoles)) - throw new \Exception_BadRequest('Role is invalid'); + if (!$app['request']->get('role')) + throw new \Exception_BadRequest('Missing role parameter'); + elseif (!in_array($app['request']->get('role'), $availableRoles)) + throw new \Exception_BadRequest('Role is invalid'); - try - { - $repository = $em->getRepository('\Entities\UsrList'); + try + { + $repository = $em->getRepository('\Entities\UsrList'); - $list = $repository->findUserListByUserAndId($user, $list_id); - /* @var $list \Entities\UsrList */ + $list = $repository->findUserListByUserAndId($user, $list_id); + /* @var $list \Entities\UsrList */ - if ($list->getOwner($user)->getRole() < \Entities\UsrListOwner::ROLE_EDITOR) - { - throw new \Exception('You are not authorized to do this'); - } + if ($list->getOwner($user)->getRole() < \Entities\UsrListOwner::ROLE_EDITOR) + { + throw new \Exception('You are not authorized to do this'); + } - $new_owner = \User_Adapter::getInstance($usr_id, \appbox::get_instance()); + $new_owner = \User_Adapter::getInstance($usr_id, \appbox::get_instance()); - if ($list->hasAccess($new_owner)) - { - $owner = $list->getOwner($new_owner); - } - else - { - $owner = new \Entities\UsrListOwner(); - $owner->setList($list); - $owner->setUser($new_owner); + if ($list->hasAccess($new_owner)) + { + $owner = $list->getOwner($new_owner); + } + else + { + $owner = new \Entities\UsrListOwner(); + $owner->setList($list); + $owner->setUser($new_owner); - $list->addUsrListOwner($owner); + $list->addUsrListOwner($owner); - $em->persist($owner); - $em->merge($list); - } + $em->persist($owner); + $em->merge($list); + } - $role = $app['request']->get('role'); + $role = $app['request']->get('role'); - $owner->setRole($role); + $owner->setRole($role); - $em->merge($owner); - $em->flush(); + $em->merge($owner); + $em->flush(); - $datas = array( - 'success' => true - , 'message' => _('List shared to user') - ); - } - catch (\Exception $e) - { + $datas = array( + 'success' => true + , 'message' => _('List shared to user') + ); + } + catch (\Exception $e) + { - $datas = array( - 'success' => false - , 'message' => _('Unable to share the list with the usr') - ); - } + $datas = array( + 'success' => false + , 'message' => _('Unable to share the list with the usr') + ); + } - $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + + return new Response($Json, 200, array('Content-Type' => 'application/json')); + } + )->assert('list_id', '\d+')->assert('usr_id', '\d+'); - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } - ); /** * UnShare a list to a user */ $controllers->post('/list/{list_id}/unshare/{usr_id}/', function(Application $app, $list_id, $usr_id) - { - $em = $app['Core']->getEntityManager(); - $user = $app['Core']->getAuthenticatedUser(); + { + $em = $app['Core']->getEntityManager(); + $user = $app['Core']->getAuthenticatedUser(); - try - { - $repository = $em->getRepository('\Entities\UsrList'); + try + { + $repository = $em->getRepository('\Entities\UsrList'); - $list = $repository->findUserListByUserAndId($user, $list_id); - /* @var $list \Entities\UsrList */ + $list = $repository->findUserListByUserAndId($user, $list_id); + /* @var $list \Entities\UsrList */ - if ($list->getOwner($user)->getRole() < \Entities\UsrListOwner::ROLE_ADMIN) - { - throw new \Exception('You are not authorized to do this'); - } + if ($list->getOwner($user)->getRole() < \Entities\UsrListOwner::ROLE_ADMIN) + { + throw new \Exception('You are not authorized to do this'); + } - $owners_repository = $em->getRepository('\Entities\UsrListOwner'); + $owners_repository = $em->getRepository('\Entities\UsrListOwner'); - $owner = $owners_repository->findByListAndUsrId($list, $usr_id); + $owner = $owners_repository->findByListAndUsrId($list, $usr_id); - $em->remove($owner); - $em->flush(); + $em->remove($owner); + $em->flush(); - $datas = array( - 'success' => true - , 'message' => _('Owner removed from list') - ); - } - catch (\Exception $e) - { - $datas = array( - 'success' => false - , 'message' => _('Unable to remove usr from list') - ); - } + $datas = array( + 'success' => true + , 'message' => _('Owner removed from list') + ); + } + catch (\Exception $e) + { + $datas = array( + 'success' => false + , 'message' => _('Unable to remove usr from list') + ); + } - $Json = $app['Core']['Serializer']->serialize($datas, 'json'); + $Json = $app['Core']['Serializer']->serialize($datas, 'json'); - return new Response($Json, 200, array('Content-Type' => 'application/json')); - } - ); + return new Response($Json, 200, array('Content-Type' => 'application/json')); + } + )->assert('list_id', '\d+')->assert('usr_id', '\d+'); return $controllers; diff --git a/lib/Alchemy/Phrasea/Controller/Prod/WorkZone.php b/lib/Alchemy/Phrasea/Controller/Prod/WorkZone.php index 4ab3b1400b..96302c67d9 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/WorkZone.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/WorkZone.php @@ -65,7 +65,6 @@ class WorkZone implements ControllerProviderInterface $controllers->get('/Browse/Search/', function(Application $app) { - $user = $app['Core']->getAuthenticatedUser(); $request = $app['request']; @@ -99,9 +98,9 @@ class WorkZone implements ControllerProviderInterface , 'Page' => $page , 'MaxPage' => $maxPage , 'Total' => $Baskets['count'] - , 'Query' =>$request->get('Query') - , 'Year' =>$request->get('Year') - , 'Type' =>$request->get('Type') + , 'Query' => $request->get('Query') + , 'Year' => $request->get('Year') + , 'Type' => $request->get('Type') ); return new Response($app['Core']->getTwig()->render('prod/WorkZone/Browser/Results.html.twig', $params)); @@ -116,18 +115,18 @@ class WorkZone implements ControllerProviderInterface ->findUserBasket($basket_id, $app['Core']->getAuthenticatedUser()); $params = array( - 'Basket'=>$basket + 'Basket' => $basket ); return new Response($app['Core']->getTwig()->render('prod/WorkZone/Browser/Basket.html.twig', $params)); - }); + })->assert('basket_id', '\d+'); $controllers->post( '/attachStories/' , function(Application $app, Request $request) { - if(!$request->get('stories')) + if (!$request->get('stories')) throw new \Exception_BadRequest(); $user = $app['Core']->getAuthenticatedUser(); @@ -261,7 +260,7 @@ class WorkZone implements ControllerProviderInterface { return new RedirectResponse('/'); } - }); + })->assert('sbas_id', '\d+')->assert('record_id', '\d+'); return $controllers; diff --git a/lib/Alchemy/Phrasea/Controller/Root/RSSFeeds.php b/lib/Alchemy/Phrasea/Controller/Root/RSSFeeds.php index 6b951bb243..576b4dc3c4 100644 --- a/lib/Alchemy/Phrasea/Controller/Root/RSSFeeds.php +++ b/lib/Alchemy/Phrasea/Controller/Root/RSSFeeds.php @@ -154,7 +154,7 @@ class RSSFeeds implements ControllerProviderInterface $page = $page < 1 ? 1 : $page; return $display_feed($feed, $format, $page, $token->get_user()); - })->assert('id', '\d+')->assert('format', '(rss|atom)'); + })->assert('format', '(rss|atom)'); diff --git a/lib/Alchemy/Phrasea/Controller/Setup/Installer.php b/lib/Alchemy/Phrasea/Controller/Setup/Installer.php index 3202510f16..e2b6b965ae 100644 --- a/lib/Alchemy/Phrasea/Controller/Setup/Installer.php +++ b/lib/Alchemy/Phrasea/Controller/Setup/Installer.php @@ -133,7 +133,7 @@ class Installer implements ControllerProviderInterface \phrasea::use_i18n(\Session_Handler::get_locale()); $request = $app['request']; - $servername = $request->getScheme() . '://' . $request->getHttpHost() . '/'; + $servername = $request->getScheme() . '://' . $request->getHttpHost() . '/'; $setupRegistry = new \Setup_Registry(); $setupRegistry->set('GV_ServerName', $servername); diff --git a/lib/Alchemy/Phrasea/Controller/Setup/Upgrader.php b/lib/Alchemy/Phrasea/Controller/Setup/Upgrader.php index e652d62825..91645d6730 100644 --- a/lib/Alchemy/Phrasea/Controller/Setup/Upgrader.php +++ b/lib/Alchemy/Phrasea/Controller/Setup/Upgrader.php @@ -33,57 +33,57 @@ class Upgrader implements ControllerProviderInterface $controllers = new ControllerCollection(); $controllers->get('/', function() use ($app) - { - require_once __DIR__ . '/../../../../bootstrap.php'; - $upgrade_status = \Setup_Upgrade::get_status(); + { + require_once __DIR__ . '/../../../../bootstrap.php'; + $upgrade_status = \Setup_Upgrade::get_status(); - /* @var $twig \Twig_Environment */ - $twig = $app['Core']->getTwig(); + /* @var $twig \Twig_Environment */ + $twig = $app['Core']->getTwig(); - $html = $twig->render( - '/setup/upgrader.html.twig' - , array( - 'locale' => \Session_Handler::get_locale() - , 'upgrade_status' => $upgrade_status - , 'available_locales' => $app['Core']::getAvailableLanguages() - , 'bad_users' => \User_Adapter::get_wrong_email_users(\appbox::get_instance()) - , 'version_number' => $app['Core']['Version']->getNumber() - , 'version_name' => $app['Core']['Version']->getName() - ) - ); - ini_set('display_errors', 'on'); + $html = $twig->render( + '/setup/upgrader.html.twig' + , array( + 'locale' => \Session_Handler::get_locale() + , 'upgrade_status' => $upgrade_status + , 'available_locales' => $app['Core']::getAvailableLanguages() + , 'bad_users' => \User_Adapter::get_wrong_email_users(\appbox::get_instance()) + , 'version_number' => $app['Core']['Version']->getNumber() + , 'version_name' => $app['Core']['Version']->getName() + ) + ); + ini_set('display_errors', 'on'); - return new Response($html); - }); + return new Response($html); + }); $controllers->get('/status/', function() use ($app) - { - require_once __DIR__ . '/../../../../bootstrap.php'; + { + require_once __DIR__ . '/../../../../bootstrap.php'; - $datas = \Setup_Upgrade::get_status(); + $datas = \Setup_Upgrade::get_status(); - $Serializer = $app['Core']['Serializer']; + $Serializer = $app['Core']['Serializer']; - return new Response( - $Serializer->serialize($datas, 'json') - , 200 - , array('Content-Type: application/json') - ); - }); + return new Response( + $Serializer->serialize($datas, 'json') + , 200 + , array('Content-Type: application/json') + ); + }); $controllers->post('/execute/', function() use ($app) - { - require_once __DIR__ . '/../../../../bootstrap.php'; - set_time_limit(0); - session_write_close(); - ignore_user_abort(true); + { + require_once __DIR__ . '/../../../../bootstrap.php'; + set_time_limit(0); + session_write_close(); + ignore_user_abort(true); - $appbox = \appbox::get_instance(); - $upgrader = new \Setup_Upgrade($appbox); - $appbox->forceUpgrade($upgrader); + $appbox = \appbox::get_instance(); + $upgrader = new \Setup_Upgrade($appbox); + $appbox->forceUpgrade($upgrader); - return new \Symfony\Component\HttpFoundation\RedirectResponse('/'); - }); + return new \Symfony\Component\HttpFoundation\RedirectResponse('/'); + }); return $controllers; } diff --git a/lib/Alchemy/Phrasea/Controller/Utils/ConnectionTest.php b/lib/Alchemy/Phrasea/Controller/Utils/ConnectionTest.php index 6522aadf13..d77ea41f13 100644 --- a/lib/Alchemy/Phrasea/Controller/Utils/ConnectionTest.php +++ b/lib/Alchemy/Phrasea/Controller/Utils/ConnectionTest.php @@ -33,78 +33,78 @@ class ConnectionTest implements ControllerProviderInterface $controllers = new ControllerCollection(); $controllers->get('/mysql/', function() use ($app) - { - require_once __DIR__ . '/../../../../classes/connection/pdo.class.php'; - - $request = $app['request']; - $hostname = $request->get('hostname', '127.0.0.1'); - $port = (int) $request->get('port', 3306); - $user = $request->get('user'); - $password = $request->get('password'); - $dbname = $request->get('dbname'); - - $connection_ok = $db_ok = $is_databox = $is_appbox = $empty = false; - - try - { - $conn = new \connection_pdo('test', $hostname, $port, $user, $password); - $connection_ok = true; - } - catch (\Exception $e) - { - - } - - if ($dbname && $connection_ok === true) - { - try - { - $conn = new \connection_pdo('test', $hostname, $port, $user, $password, $dbname); - $db_ok = true; - - $sql = "SHOW TABLE STATUS"; - $stmt = $conn->prepare($sql); - $stmt->execute(); - - $empty = $stmt->rowCount() === 0; - - $rs = $stmt->fetchAll(\PDO::FETCH_ASSOC); - $stmt->closeCursor(); - - foreach ($rs as $row) { - if ($row["Name"] === 'sitepreff') + require_once __DIR__ . '/../../../../classes/connection/pdo.class.php'; + + $request = $app['request']; + $hostname = $request->get('hostname', '127.0.0.1'); + $port = (int) $request->get('port', 3306); + $user = $request->get('user'); + $password = $request->get('password'); + $dbname = $request->get('dbname'); + + $connection_ok = $db_ok = $is_databox = $is_appbox = $empty = false; + + try { - $is_appbox = true; + $conn = new \connection_pdo('test', $hostname, $port, $user, $password); + $connection_ok = true; } - if ($row["Name"] === 'pref') + catch (\Exception $e) { - $is_databox = true; + } - } - } - catch (\Exception $e) - { - } - } + if ($dbname && $connection_ok === true) + { + try + { + $conn = new \connection_pdo('test', $hostname, $port, $user, $password, $dbname); + $db_ok = true; - $Serializer = $app['Core']['Serializer']; + $sql = "SHOW TABLE STATUS"; + $stmt = $conn->prepare($sql); + $stmt->execute(); - $datas = array( - 'connection' => $connection_ok - , 'database' => $db_ok - , 'is_empty' => $empty - , 'is_appbox' => $is_appbox - , 'is_databox' => $is_databox - ); + $empty = $stmt->rowCount() === 0; - return new Response( - $Serializer->serialize($datas, 'json') - , 200 - , array('content-type' => 'application/json') - ); - }); + $rs = $stmt->fetchAll(\PDO::FETCH_ASSOC); + $stmt->closeCursor(); + + foreach ($rs as $row) + { + if ($row["Name"] === 'sitepreff') + { + $is_appbox = true; + } + if ($row["Name"] === 'pref') + { + $is_databox = true; + } + } + } + catch (\Exception $e) + { + + } + } + + $Serializer = $app['Core']['Serializer']; + + $datas = array( + 'connection' => $connection_ok + , 'database' => $db_ok + , 'is_empty' => $empty + , 'is_appbox' => $is_appbox + , 'is_databox' => $is_databox + ); + + return new Response( + $Serializer->serialize($datas, 'json') + , 200 + , array('content-type' => 'application/json') + ); + }); return $controllers; } diff --git a/lib/Alchemy/Phrasea/Controller/Utils/PathFileTest.php b/lib/Alchemy/Phrasea/Controller/Utils/PathFileTest.php index fbe9919661..f0a5fd6896 100644 --- a/lib/Alchemy/Phrasea/Controller/Utils/PathFileTest.php +++ b/lib/Alchemy/Phrasea/Controller/Utils/PathFileTest.php @@ -33,45 +33,45 @@ class PathFileTest implements ControllerProviderInterface $controllers = new ControllerCollection(); $controllers->get('/path/', function() use ($app) - { - $path = $app['request']->get('path'); + { + $path = $app['request']->get('path'); - $Serializer = $app['Core']['Serializer']; + $Serializer = $app['Core']['Serializer']; - return new Response( - $Serializer->serialize( - array( - 'exists' => file_exists($path) - , 'file' => is_file($path) - , 'dir' => is_dir($path) - , 'readable' => is_readable($path) - , 'writeable' => is_writable($path) - , 'executable' => is_executable($path) - ) - , 'json' - ) - , 200 - , array('content-type' => 'application/json') - ); - }); + return new Response( + $Serializer->serialize( + array( + 'exists' => file_exists($path) + , 'file' => is_file($path) + , 'dir' => is_dir($path) + , 'readable' => is_readable($path) + , 'writeable' => is_writable($path) + , 'executable' => is_executable($path) + ) + , 'json' + ) + , 200 + , array('content-type' => 'application/json') + ); + }); $controllers->get('/url/', function() use ($app) - { - $url = $app['request']->get('url'); + { + $url = $app['request']->get('url'); - $Serializer = $app['Core']['Serializer']; + $Serializer = $app['Core']['Serializer']; - return new Response( - $Serializer->serialize( - array( - 'code' => \http_query::getHttpCodeFromUrl($url) - ) - , 'json' - ) - , 200 - , array('content-type' => 'application/json') - ); - }); + return new Response( + $Serializer->serialize( + array( + 'code' => \http_query::getHttpCodeFromUrl($url) + ) + , 'json' + ) + , 200 + , array('content-type' => 'application/json') + ); + }); return $controllers;