hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-10 19:43:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

#fix 279 check params for controllers

Browse Source
This commit is contained in:
Nicolas Le Goff
2012-01-27 17:17:52 +01:00
parent 694f943d23
commit 09f3ea4cfb
18 changed files with 1318 additions and 1313 deletions
Download Patch File Download Diff File Expand all files Collapse all files

846
lib/Alchemy/Phrasea/Application/OAuth2.php
View File

@@ -32,427 +32,427 @@ use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
* @link www.phraseanet.com * @link www.phraseanet.com
*/ */
return call_user_func(function() return call_user_func(function()
{ {
$app = new \Silex\Application(); $app = new \Silex\Application();
$app['Core'] = \bootstrap::getCore(); $app['Core'] = \bootstrap::getCore();
$app->register(new \Silex\Provider\ValidatorServiceProvider(), array( $app->register(new \Silex\Provider\ValidatorServiceProvider(), array(
'validator.class_path' => __DIR__ . '/../../../../lib/vendor/symfony/src', 'validator.class_path' => __DIR__ . '/../../../../lib/vendor/symfony/src',
)); ));
$app['appbox'] = function() $app['appbox'] = function()
{ {
return \appbox::get_instance(); return \appbox::get_instance();
}; };
$app['oauth'] = function($app) $app['oauth'] = function($app)
{ {
return new \API_OAuth2_Adapter($app['appbox']); return new \API_OAuth2_Adapter($app['appbox']);
}; };
$app['user'] = function($app) $app['user'] = function($app)
{ {
if ($app['appbox']->get_session()->is_authenticated()) if ($app['appbox']->get_session()->is_authenticated())
{ {
$user = \user_adapter::getInstance( $user = \user_adapter::getInstance(
$app['appbox']->get_session()->get_usr_id() $app['appbox']->get_session()->get_usr_id()
, $app['appbox'] , $app['appbox']
); );
return $user; return $user;
} }
else else
{ {
return null; return null;
} }
}; };
/** /**
* Protected Closure * Protected Closure
* @var Closure * @var Closure
* @return Symfony\Component\HttpFoundation\Response * @return Symfony\Component\HttpFoundation\Response
*/ */
$app['response'] = $app->protect(function ($template, $variable) use ($app) $app['response'] = $app->protect(function ($template, $variable) use ($app)
{ {
/* @var $twig \Twig_Environment */ /* @var $twig \Twig_Environment */
$twig = $app['Core']->getTwig(); $twig = $app['Core']->getTwig();
$response = new Response( $response = new Response(
$twig->render($template, $variable) $twig->render($template, $variable)
, 200 , 200
, array('Content-Type' => 'text/html') , array('Content-Type' => 'text/html')
); );
$response->setCharset('UTF-8'); $response->setCharset('UTF-8');
return $response; return $response;
}); });
/* * ******************************************************************* /* * *******************************************************************
* AUTHENTIFICATION API * AUTHENTIFICATION API
*/ */
/** /**
* AUTHORIZE ENDPOINT * AUTHORIZE ENDPOINT
* *
* Authorization endpoint - used to obtain authorization from the * Authorization endpoint - used to obtain authorization from the
* resource owner via user-agent redirection. * resource owner via user-agent redirection.
*/ */
$authorize_func = function() use ($app) $authorize_func = function() use ($app)
{ {
$request = $app['request']; $request = $app['request'];
$oauth2_adapter = $app['oauth']; $oauth2_adapter = $app['oauth'];
/* @var $twig \Twig_Environment */ /* @var $twig \Twig_Environment */
$twig = $app['Core']->getTwig(); $twig = $app['Core']->getTwig();
$session = $app['appbox']->get_session(); $session = $app['appbox']->get_session();
//Check for auth params, send error or redirect if not valid //Check for auth params, send error or redirect if not valid
$params = $oauth2_adapter->getAuthorizationRequestParameters($request); $params = $oauth2_adapter->getAuthorizationRequestParameters($request);
$authenticated = $session->is_authenticated(); $authenticated = $session->is_authenticated();
$app_authorized = false; $app_authorized = false;
$errorMessage = false; $errorMessage = false;
$client = \API_OAuth2_Application::load_from_client_id($app['appbox'], $params['client_id']); $client = \API_OAuth2_Application::load_from_client_id($app['appbox'], $params['client_id']);
$oauth2_adapter->setClient($client); $oauth2_adapter->setClient($client);
$action_accept = $request->get("action_accept", null); $action_accept = $request->get("action_accept", null);
$action_login = $request->get("action_login", null); $action_login = $request->get("action_login", null);
$template = "api/auth/end_user_authorization.twig"; $template = "api/auth/end_user_authorization.twig";
$custom_template = $app['appbox']->get_registry()->get('GV_RootPath') . 'config/templates/web/api/auth/end_user_authorization/' . $client->get_id() . '.twig'; $custom_template = $app['appbox']->get_registry()->get('GV_RootPath') . 'config/templates/web/api/auth/end_user_authorization/' . $client->get_id() . '.twig';
if (file_exists($custom_template)) if (file_exists($custom_template))
{ {
$template = 'api/auth/end_user_authorization/' . $client->get_id() . '.twig'; $template = 'api/auth/end_user_authorization/' . $client->get_id() . '.twig';
} }
if (!$authenticated) if (!$authenticated)
{ {
if ($action_login !== null) if ($action_login !== null)
{ {
try try
{ {
$login = $request->get("login"); $login = $request->get("login");
$password = $request->get("password"); $password = $request->get("password");
$auth = new \Session_Authentication_Native($app['appbox'], $login, $password); $auth = new \Session_Authentication_Native($app['appbox'], $login, $password);
$session->authenticate($auth); $session->authenticate($auth);
} }
catch (Exception $e) catch (Exception $e)
{ {
$params = array( $params = array(
"auth" => $oauth2_adapter "auth" => $oauth2_adapter
, "session" => $session , "session" => $session
, "errorMessage" => true , "errorMessage" => true
, "user" => $app['user'] , "user" => $app['user']
); );
$html = $twig->render($template, $params); $html = $twig->render($template, $params);
return new Response($html, 200, array("content-type" => "text/html")); return new Response($html, 200, array("content-type" => "text/html"));
} }
} }
else else
{ {
$params = array( $params = array(
"auth" => $oauth2_adapter "auth" => $oauth2_adapter
, "session" => $session , "session" => $session
, "errorMessage" => $errorMessage , "errorMessage" => $errorMessage
, "user" => $app['user'] , "user" => $app['user']
); );
$html = $twig->render($template, $params); $html = $twig->render($template, $params);
return new Response($html, 200, array("content-type" => "text/html")); return new Response($html, 200, array("content-type" => "text/html"));
} }
} }
//check if current client is alreadu authorized by current user //check if current client is alreadu authorized by current user
$user_auth_clients = \API_OAuth2_Application::load_authorized_app_by_user($app['appbox'], $app['user']); $user_auth_clients = \API_OAuth2_Application::load_authorized_app_by_user($app['appbox'], $app['user']);
foreach ($user_auth_clients as $auth_client) foreach ($user_auth_clients as $auth_client)
{ {
if ($client->get_client_id() == $auth_client->get_client_id()) if ($client->get_client_id() == $auth_client->get_client_id())
$app_authorized = true; $app_authorized = true;
} }
$account = $oauth2_adapter->updateAccount($session->get_usr_id()); $account = $oauth2_adapter->updateAccount($session->get_usr_id());
$params['account_id'] = $account->get_id(); $params['account_id'] = $account->get_id();
if (!$app_authorized && $action_accept === null) if (!$app_authorized && $action_accept === null)
{ {
$params = array( $params = array(
"auth" => $oauth2_adapter "auth" => $oauth2_adapter
, "session" => $session , "session" => $session
, "errorMessage" => $errorMessage , "errorMessage" => $errorMessage
, "user" => $app['user'] , "user" => $app['user']
); );
$html = $twig->render($template, $params); $html = $twig->render($template, $params);
return new Response($html, 200, array("content-type" => "text/html")); return new Response($html, 200, array("content-type" => "text/html"));
} }
elseif (!$app_authorized && $action_accept !== null) elseif (!$app_authorized && $action_accept !== null)
{ {
$app_authorized = !!$action_accept; $app_authorized = !!$action_accept;
$account->set_revoked(!$app_authorized); $account->set_revoked(!$app_authorized);
} }
//if native app show template //if native app show template
if ($oauth2_adapter->isNativeApp($params['redirect_uri'])) if ($oauth2_adapter->isNativeApp($params['redirect_uri']))
{ {
$params = $oauth2_adapter->finishNativeClientAuthorization($app_authorized, $params); $params = $oauth2_adapter->finishNativeClientAuthorization($app_authorized, $params);
$html = $twig->render("api/auth/native_app_access_token.twig", $params); $html = $twig->render("api/auth/native_app_access_token.twig", $params);
return new Response($html, 200, array("content-type" => "text/html")); return new Response($html, 200, array("content-type" => "text/html"));
} }
else else
{ {
$oauth2_adapter->finishClientAuthorization($app_authorized, $params); $oauth2_adapter->finishClientAuthorization($app_authorized, $params);
} }
}; };
$route = '/authorize'; $route = '/authorize';
$app->get($route, $authorize_func); $app->get($route, $authorize_func);
$app->post($route, $authorize_func); $app->post($route, $authorize_func);
/** /**
* TOKEN ENDPOINT * TOKEN ENDPOINT
* Token endpoint - used to exchange an authorization grant for an access token. * Token endpoint - used to exchange an authorization grant for an access token.
*/ */
$route = '/token'; $route = '/token';
$app->post($route, function() use ($app) $app->post($route, function() use ($app)
{ {
$app['oauth']->grantAccessToken(); $app['oauth']->grantAccessToken();
ob_flush(); ob_flush();
flush(); flush();
return; return;
}); });
/** /**
* MANAGEMENT APPS * MANAGEMENT APPS
* *
* *
*/ */
/** /**
* list of all authorized apps by logged user * list of all authorized apps by logged user
*/ */
$route = '/applications'; $route = '/applications';
$app->get($route, function() use ($app) $app->get($route, function() use ($app)
{ {
$apps = \API_OAuth2_Application::load_app_by_user($app['appbox'], $app['user']); $apps = \API_OAuth2_Application::load_app_by_user($app['appbox'], $app['user']);
return $app['response']('api/auth/applications.twig', array("apps" => $apps, 'user' => $app['user'])); return $app['response']('api/auth/applications.twig', array("apps" => $apps, 'user' => $app['user']));
}); });
/** /**
* list of apps created by user * list of apps created by user
*/ */
$route = "/applications/dev"; $route = "/applications/dev";
$app->get($route, function() use ($app) $app->get($route, function() use ($app)
{ {
$rs = \API_OAuth2_Application::load_dev_app_by_user($app['appbox'], $app['user']); $rs = \API_OAuth2_Application::load_dev_app_by_user($app['appbox'], $app['user']);
return $app['response']('api/auth/application_dev.twig', array("apps" => $rs)); return $app['response']('api/auth/application_dev.twig', array("apps" => $rs));
}); });
/** /**
* display a new app form * display a new app form
*/ */
$route = "/applications/dev/new"; $route = "/applications/dev/new";
$app->get($route, function() use ($app) $app->get($route, function() use ($app)
{ {
$var = array("violations" => null); $var = array("violations" => null);
return $app['response']('api/auth/application_dev_new.twig', $var); return $app['response']('api/auth/application_dev_new.twig', $var);
}); });
$route = "/applications/dev/create"; $route = "/applications/dev/create";
$app->post($route, function() use ($app) $app->post($route, function() use ($app)
{ {
$submit = false; $submit = false;
$post = new \API_OAuth2_Form_DevApp($app['request']); $post = new \API_OAuth2_Form_DevApp($app['request']);
$violations = $app['validator']->validate($post); $violations = $app['validator']->validate($post);
if ($violations->count() == 0) if ($violations->count() == 0)
$submit = true; $submit = true;
$request = $app['request']; $request = $app['request'];
if ($submit) if ($submit)
{ {
$application = \API_OAuth2_Application::create($app['appbox'], $app['user'], $request->get('name')); $application = \API_OAuth2_Application::create($app['appbox'], $app['user'], $request->get('name'));
$application->set_description($request->get('description')) $application->set_description($request->get('description'))
->set_redirect_uri($request->get('callback')) ->set_redirect_uri($request->get('callback'))
->set_type($request->get('type')) ->set_type($request->get('type'))
->set_website($request->get('website')); ->set_website($request->get('website'));
return $app->redirect("/api/oauthv2/applications/dev/" . $application->get_id() . "/show"); return $app->redirect("/api/oauthv2/applications/dev/" . $application->get_id() . "/show");
} }
$var = array( $var = array(
"violations" => $violations, "violations" => $violations,
"form" => $post "form" => $post
); );
return $app['response']('api/auth/application_dev_new.twig', $var); return $app['response']('api/auth/application_dev_new.twig', $var);
}); });
/** /**
* show details of app identified by its id * show details of app identified by its id
*/ */
$route = "/applications/dev/{id}/show"; $route = "/applications/dev/{id}/show";
$app->get($route, function($id) use ($app) $app->get($route, function($id) use ($app)
{ {
$client = new \API_OAuth2_Application($app['appbox'], $id); $client = new \API_OAuth2_Application($app['appbox'], $id);
$token = $client->get_user_account($app['user'])->get_token()->get_value(); $token = $client->get_user_account($app['user'])->get_token()->get_value();
$var = array("app" => $client, "user" => $app['user'], "token" => $token); $var = array("app" => $client, "user" => $app['user'], "token" => $token);
return $app['response']('api/auth/application_dev_show.twig', $var); return $app['response']('api/auth/application_dev_show.twig', $var);
}); })->assert('id', '\d+');
/** /**
* revoke access from a user to the app * revoke access from a user to the app
* identified by account id * identified by account id
*/ */
$route = "/applications/revoke_access/"; $route = "/applications/revoke_access/";
$app->post($route, function() use ($app) $app->post($route, function() use ($app)
{ {
$result = array("ok" => false); $result = array("ok" => false);
try try
{ {
$account = new \API_OAuth2_Account($app['appbox'], $app['request']->get('account_id')); $account = new \API_OAuth2_Account($app['appbox'], $app['request']->get('account_id'));
$account->set_revoked((bool) $app['request']->get('revoke')); $account->set_revoked((bool) $app['request']->get('revoke'));
$result['ok'] = true; $result['ok'] = true;
} }
catch (Exception $e) catch (Exception $e)
{ {
} }
$Serializer = $app['Core']['Serializer']; $Serializer = $app['Core']['Serializer'];
return new Response( return new Response(
$Serializer->serialize($result, 'json') $Serializer->serialize($result, 'json')
, 200 , 200
, array("content-type" => "application/json") , array("content-type" => "application/json")
); );
}); });
$route = "/applications/{id}/generate_access_token/"; $route = "/applications/{id}/generate_access_token/";
$app->post($route, function($id) use ($app) $app->post($route, function($id) use ($app)
{ {
$result = array("ok" => false); $result = array("ok" => false);
try try
{ {
$client = new \API_OAuth2_Application($app['appbox'], $id); $client = new \API_OAuth2_Application($app['appbox'], $id);
$account = $client->get_user_account($app['user']); $account = $client->get_user_account($app['user']);
$token = $account->get_token(); $token = $account->get_token();
if ($token instanceof API_OAuth2_Token) if ($token instanceof API_OAuth2_Token)
$token->renew(); $token->renew();
else else
$token = \API_OAuth2_Token::create($app['appbox'], $account); $token = \API_OAuth2_Token::create($app['appbox'], $account);
$result = array( $result = array(
"ok" => true "ok" => true
, 'token' => $token->get_value() , 'token' => $token->get_value()
); );
} }
catch (Exception $e) catch (Exception $e)
{ {
} }
$Serializer = $app['Core']['Serializer']; $Serializer = $app['Core']['Serializer'];
return new Response( return new Response(
$Serializer->serialize($result, 'json') $Serializer->serialize($result, 'json')
, 200 , 200
, array("content-type" => "application/json") , array("content-type" => "application/json")
); );
}); })->assert('id', '\d+');
$route = "/applications/oauth_callback"; $route = "/applications/oauth_callback";
$app->post($route, function() use ($app) $app->post($route, function() use ($app)
{ {
$app_id = $app['request']->request->get("app_id"); $app_id = $app['request']->request->get("app_id");
$app_callback = $app["request"]->request->get("callback"); $app_callback = $app["request"]->request->get("callback");
$result = array("success" => false); $result = array("success" => false);
try try
{ {
$client = new \API_OAuth2_Application($app['appbox'], $app_id); $client = new \API_OAuth2_Application($app['appbox'], $app_id);
$client->set_redirect_uri($app_callback); $client->set_redirect_uri($app_callback);
$result['success'] = true; $result['success'] = true;
} }
catch (Exception $e) catch (Exception $e)
{ {
} }
$Serializer = $app['Core']['Serializer']; $Serializer = $app['Core']['Serializer'];
return new Response( return new Response(
$Serializer->serialize($result, 'json') $Serializer->serialize($result, 'json')
, 200 , 200
, array("content-type" => "application/json") , array("content-type" => "application/json")
); );
}); });
$route = "/applications/{id}"; $route = "/applications/{id}";
$app->delete($route, function($id) use ($app) $app->delete($route, function($id) use ($app)
{ {
$result = array("success" => false); $result = array("success" => false);
try try
{ {
$client = new \API_OAuth2_Application($app['appbox'], $id); $client = new \API_OAuth2_Application($app['appbox'], $id);
$client->delete(); $client->delete();
$result['success'] = true; $result['success'] = true;
} }
catch (\Exception $e) catch (\Exception $e)
{ {
} }
$Serializer = $app['Core']['Serializer']; $Serializer = $app['Core']['Serializer'];
return new Response( return new Response(
$Serializer->serialize($result, 'json') $Serializer->serialize($result, 'json')
, 200 , 200
, array("content-type" => "application/json") , array("content-type" => "application/json")
); );
}); })->assert('id', '\d+');
/** /**
* ******************************************************************* * *******************************************************************
* *
* Route Errors * Route Errors
* *
*/ */
$app->error(function (\Exception $e) use ($app) $app->error(function (\Exception $e) use ($app)
{ {
if ($e instanceof NotFoundHttpException || $e instanceof \Exception_NotFound) if ($e instanceof NotFoundHttpException || $e instanceof \Exception_NotFound)
{ {
return new Response('The requested page could not be found.', 404); return new Response('The requested page could not be found.', 404);
} }
$code = $e instanceof HttpExceptionInterface ? $e->getStatusCode() : 500; $code = $e instanceof HttpExceptionInterface ? $e->getStatusCode() : 500;
return new Response('We are sorry, but something went terribly wrong.<br />' . $e->getMessage(), $code); return new Response('We are sorry, but something went terribly wrong.<br />' . $e->getMessage(), $code);
}); });
return $app; return $app;
}); });

16
lib/Alchemy/Phrasea/Controller/Prod/Basket.php
View File

@@ -149,7 +149,7 @@ class Basket implements ControllerProviderInterface
{ {
return new RedirectResponse('/'); return new RedirectResponse('/');
} }
}); })->assert('basket_id', '\d+');
/** /**
* Removes a BasketElement * Removes a BasketElement
@@ -190,7 +190,7 @@ class Basket implements ControllerProviderInterface
{ {
return new RedirectResponse('/'); return new RedirectResponse('/');
} }
}); })->assert('basket_id', '\d+')->assert('basket_element_id', '\d+');
/** /**
* Update name and description of a basket * Update name and description of a basket
@@ -229,7 +229,7 @@ class Basket implements ControllerProviderInterface
{ {
return new RedirectResponse('/'); return new RedirectResponse('/');
} }
}); })->assert('basket_id', '\d+');
/** /**
* Get the form to update the Basket attributes (name and description) * Get the form to update the Basket attributes (name and description)
@@ -251,7 +251,7 @@ class Basket implements ControllerProviderInterface
, array('basket' => $basket) , array('basket' => $basket)
) )
); );
}); })->assert('basket_id', '\d+');
/** /**
@@ -276,7 +276,7 @@ class Basket implements ControllerProviderInterface
, array('basket' => $basket) , array('basket' => $basket)
) )
); );
}); })->assert('basket_id', '\d+');
/** /**
* Toggle the status of a Basket * Toggle the status of a Basket
@@ -325,7 +325,7 @@ class Basket implements ControllerProviderInterface
{ {
return new RedirectResponse('/'); return new RedirectResponse('/');
} }
}); })->assert('basket_id', '\d+');
/** /**
* Add a BasketElement to a basket * Add a BasketElement to a basket
@@ -393,7 +393,7 @@ class Basket implements ControllerProviderInterface
{ {
return new RedirectResponse('/'); return new RedirectResponse('/');
} }
}); })->assert('basket_id', '\d+');
@@ -456,7 +456,7 @@ class Basket implements ControllerProviderInterface
{ {
return new RedirectResponse('/'); return new RedirectResponse('/');
} }
}); })->assert('basket_id', '\d+');
/** /**
* Get basket creation form * Get basket creation form

2
lib/Alchemy/Phrasea/Controller/Prod/Bridge.php
View File

@@ -130,7 +130,7 @@ class Bridge implements ControllerProviderInterface
$account->get_api()->get_connector()->disconnect(); $account->get_api()->get_connector()->disconnect();
return $app->redirect('/prod/bridge/adapter/' . $account_id . '/load-elements/' . $account->get_api()->get_connector()->get_default_element_type() . '/'); return $app->redirect('/prod/bridge/adapter/' . $account_id . '/load-elements/' . $account->get_api()->get_connector()->get_default_element_type() . '/');
}); })->assert('account_id', '\d+');
$controllers->get('/adapter/{account_id}/load-records/' $controllers->get('/adapter/{account_id}/load-records/'

94
lib/Alchemy/Phrasea/Controller/Prod/Edit.php
View File

@@ -32,77 +32,77 @@ class Edit implements ControllerProviderInterface
$controllers = new ControllerCollection(); $controllers = new ControllerCollection();
$controllers->post('/', function(Application $app, Request $request) $controllers->post('/', function(Application $app, Request $request)
{ {
$handler = new RecordHelper\Edit($app['Core'], $request); $handler = new RecordHelper\Edit($app['Core'], $request);
$handler->propose_editing(); $handler->propose_editing();
$template = 'prod/actions/edit_default.twig'; $template = 'prod/actions/edit_default.twig';
/* @var $twig \Twig_Environment */ /* @var $twig \Twig_Environment */
$twig = $app['Core']->getTwig(); $twig = $app['Core']->getTwig();
return $twig->render($template, array('edit' => $handler, 'message' => '')); return $twig->render($template, array('edit' => $handler, 'message' => ''));
} }
); );
$controllers->get('/vocabulary/{vocabulary}/', function(Application $app, Request $request, $vocabulary) $controllers->get('/vocabulary/{vocabulary}/', function(Application $app, Request $request, $vocabulary)
{ {
$datas = array('success' => false, 'message' => '', 'results' => array()); $datas = array('success' => false, 'message' => '', 'results' => array());
$Serializer = $app['Core']['Serializer']; $Serializer = $app['Core']['Serializer'];
$sbas_id = (int) $request->get('sbas_id'); $sbas_id = (int) $request->get('sbas_id');
try try
{ {
$VC = \Alchemy\Phrasea\Vocabulary\Controller::get($vocabulary); $VC = \Alchemy\Phrasea\Vocabulary\Controller::get($vocabulary);
$databox = \databox::get_instance($sbas_id); $databox = \databox::get_instance($sbas_id);
} }
catch (\Exception $e) catch (\Exception $e)
{ {
$datas['message'] = _('Vocabulary not found'); $datas['message'] = _('Vocabulary not found');
$datas = $Serializer->serialize($datas, 'json'); $datas = $Serializer->serialize($datas, 'json');
return new response($datas, 200, array('Content-Type' => 'application/json')); return new response($datas, 200, array('Content-Type' => 'application/json'));
} }
$query = $request->get('query'); $query = $request->get('query');
$results = $VC->find($query, $app['Core']->getAuthenticatedUser(), $databox); $results = $VC->find($query, $app['Core']->getAuthenticatedUser(), $databox);
$list = array(); $list = array();
foreach ($results as $Term) foreach ($results as $Term)
{ {
/* @var $Term \Alchemy\Phrasea\Vocabulary\Term */ /* @var $Term \Alchemy\Phrasea\Vocabulary\Term */
$list = array( $list = array(
'Id' => $Term->getId(), 'Id' => $Term->getId(),
'Context' => $Term->getContext(), 'Context' => $Term->getContext(),
'Value' => $Term->getValue(), 'Value' => $Term->getValue(),
); );
} }
$datas['success'] = true; $datas['success'] = true;
$datas['results'] = $list; $datas['results'] = $list;
return new response($Serializer->serialize($datas, 'json'), 200, array('Content-Type' => 'application/json')); return new response($Serializer->serialize($datas, 'json'), 200, array('Content-Type' => 'application/json'));
} }
); );
$controllers->post('/apply/', function(Application $app, Request $request) $controllers->post('/apply/', function(Application $app, Request $request)
{ {
$editing = new RecordHelper\Edit($app['Core'], $app['request']); $editing = new RecordHelper\Edit($app['Core'], $app['request']);
$editing->execute($request); $editing->execute($request);
$template = 'prod/actions/edit_default.twig'; $template = 'prod/actions/edit_default.twig';
/* @var $twig \Twig_Environment */ /* @var $twig \Twig_Environment */
$twig = $app['Core']->getTwig(); $twig = $app['Core']->getTwig();
return $twig->render($template, array('edit' => $editing, 'message' => '')); return $twig->render($template, array('edit' => $editing, 'message' => ''));
} }
); );
return $controllers; return $controllers;

10
lib/Alchemy/Phrasea/Controller/Prod/Feed.php
View File

@@ -109,7 +109,7 @@ class Feed implements ControllerProviderInterface
$datas = $twig->render('prod/actions/publish/publish_edit.html', array('entry' => $entry, 'feeds' => $feeds)); $datas = $twig->render('prod/actions/publish/publish_edit.html', array('entry' => $entry, 'feeds' => $feeds));
return new Response($datas); return new Response($datas);
}); })->assert('id', '\d+');
$controllers->post('/entry/{id}/update/', function(Application $app, Request $request, $id) use ($appbox, $twig) $controllers->post('/entry/{id}/update/', function(Application $app, Request $request, $id) use ($appbox, $twig)
@@ -176,7 +176,7 @@ class Feed implements ControllerProviderInterface
, 200 , 200
, array('Content-Type' => 'application/json') , array('Content-Type' => 'application/json')
); );
}); })->assert('id', '\d+');
$controllers->post('/entry/{id}/delete/', function(Application $app, Request $request, $id) use ($appbox, $twig) $controllers->post('/entry/{id}/delete/', function(Application $app, Request $request, $id) use ($appbox, $twig)
@@ -219,7 +219,7 @@ class Feed implements ControllerProviderInterface
, 200 , 200
, array('Content-Type' => 'application/json') , array('Content-Type' => 'application/json')
); );
}); })->assert('id', '\d+');
//$app->post('/entry/{id}/addelement/', function($id) use ($app, $appbox, $twig) //$app->post('/entry/{id}/addelement/', function($id) use ($app, $appbox, $twig)
// { // {
@@ -275,7 +275,7 @@ class Feed implements ControllerProviderInterface
$datas = $twig->render('prod/feeds/feeds.html', array('feed' => $feed, 'feeds' => $feeds, 'page' => $page)); $datas = $twig->render('prod/feeds/feeds.html', array('feed' => $feed, 'feeds' => $feeds, 'page' => $page));
return new Response($datas); return new Response($datas);
}); })->assert('id', '\d+');
$controllers->get('/subscribe/aggregated/', function(Application $app, Request $request) use ( $appbox, $twig) $controllers->get('/subscribe/aggregated/', function(Application $app, Request $request) use ( $appbox, $twig)
@@ -326,7 +326,7 @@ class Feed implements ControllerProviderInterface
, 200 , 200
, array('Content-Type' => 'application/json') , array('Content-Type' => 'application/json')
); );
}); })->assert('id', '\d+');
return $controllers; return $controllers;
} }

4
lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php
View File

@@ -38,7 +38,7 @@ class MoveCollection implements ControllerProviderInterface
$move->propose(); $move->propose();
$template = 'prod/actions/collection_default.twig'; $template = 'prod/actions/collection_default.twig';
/* @var $twig \Twig_Environment */ /* @var $twig \Twig_Environment */
$twig = $app['Core']->getTwig(); $twig = $app['Core']->getTwig();
return $twig->render($template, array('action' => $move, 'message' => '')); return $twig->render($template, array('action' => $move, 'message' => ''));
@@ -53,7 +53,7 @@ class MoveCollection implements ControllerProviderInterface
$move->execute($request); $move->execute($request);
$template = 'prod/actions/collection_submit.twig'; $template = 'prod/actions/collection_submit.twig';
/* @var $twig \Twig_Environment */ /* @var $twig \Twig_Environment */
$twig = $app['Core']->getTwig(); $twig = $app['Core']->getTwig();
return $twig->render($template, array('action' => $move, 'message' => '')); return $twig->render($template, array('action' => $move, 'message' => ''));

26
lib/Alchemy/Phrasea/Controller/Prod/MustacheLoader.php
View File

@@ -30,23 +30,23 @@ class MustacheLoader implements ControllerProviderInterface
$controllers = new ControllerCollection(); $controllers = new ControllerCollection();
$controllers->get('/', function(Application $app, Request $request) $controllers->get('/', function(Application $app, Request $request)
{ {
$template_name = $request->get('template'); $template_name = $request->get('template');
if (!preg_match('/^[a-zA-Z0-9-_]+$/', $template_name)) if (!preg_match('/^[a-zA-Z0-9-_]+$/', $template_name))
{ {
throw new \Exception_BadRequest('Wrong template name : ' . $template_name); throw new \Exception_BadRequest('Wrong template name : ' . $template_name);
} }
$template_path = realpath(__DIR__ . '/../../../../../templates/web/Mustache/Prod/' . $template_name . '.Mustache.html'); $template_path = realpath(__DIR__ . '/../../../../../templates/web/Mustache/Prod/' . $template_name . '.Mustache.html');
if (!file_exists($template_path)) if (!file_exists($template_path))
{ {
throw new \Exception_NotFound('Template does not exists : ' . $template_path); throw new \Exception_NotFound('Template does not exists : ' . $template_path);
} }
return new \Symfony\Component\HttpFoundation\Response(file_get_contents($template_path)); return new \Symfony\Component\HttpFoundation\Response(file_get_contents($template_path));
}); });
return $controllers; return $controllers;
} }

2
lib/Alchemy/Phrasea/Controller/Prod/Printer.php
View File

@@ -37,7 +37,7 @@ class Printer implements ControllerProviderInterface
$template = 'prod/actions/printer_default.html.twig'; $template = 'prod/actions/printer_default.html.twig';
/* @var $twig \Twig_Environment */ /* @var $twig \Twig_Environment */
$twig = $app['Core']->getTwig(); $twig = $app['Core']->getTwig();
return $twig->render($template, array('printer' => $printer, 'message' => '')); return $twig->render($template, array('printer' => $printer, 'message' => ''));

620
lib/Alchemy/Phrasea/Controller/Prod/Push.php
View File

@@ -32,359 +32,359 @@ class Push implements ControllerProviderInterface
$controllers = new ControllerCollection(); $controllers = new ControllerCollection();
$controllers->post('/', function(Application $app) $controllers->post('/', function(Application $app)
{ {
$push = new RecordHelper\Push($app['Core'], $app['request']); $push = new RecordHelper\Push($app['Core'], $app['request']);
$template = 'prod/actions/Push.html.twig'; $template = 'prod/actions/Push.html.twig';
/* @var $twig \Twig_Environment */ /* @var $twig \Twig_Environment */
$twig = $app['Core']->getTwig(); $twig = $app['Core']->getTwig();
return new Response($twig->render($template, array('push' => $push, 'message' => ''))); return new Response($twig->render($template, array('push' => $push, 'message' => '')));
} }
); );
$controllers->post('/send/', function(Application $app) $controllers->post('/send/', function(Application $app)
{
$request = $app['request'];
$ret = array(
'success' => false,
'message' => _('Unable to send the documents')
);
try
{
$em = $app['Core']->getEntityManager();
$pusher = new RecordHelper\Push($app['Core'], $app['request']);
$user = $app['Core']->getAuthenticatedUser();
$appbox = \appbox::get_instance();
$push_name = $request->get(
'push_name'
, sprintf(_('Push from %s'), $user->get_display_name())
);
$push_description = $request->get('push_description');
$receivers = $request->get('receivers');
if (!is_array($receivers) || count($receivers) === 0)
{
throw new ControllerException(_('No receivers specified'));
}
if (!is_array($pusher->get_elements()) || count($pusher->get_elements()) === 0)
{
throw new ControllerException(_('No elements to push'));
}
foreach ($receivers as $receiver)
{
try
{ {
$user_receiver = \User_Adapter::getInstance($receiver['usr_id'], $appbox); $request = $app['request'];
}
catch (\Exception $e)
{
throw new ControllerException(sprintf(_('Unknown user %d'), $receiver['usr_id']));
}
$Basket = new \Entities\Basket(); $ret = array(
$Basket->setName($push_name); 'success' => false,
$Basket->setDescription($push_description); 'message' => _('Unable to send the documents')
$Basket->setOwner($user_receiver); );
$Basket->setPusher($user);
$em->persist($Basket); try
foreach ($pusher->get_elements() as $element)
{
$BasketElement = new \Entities\BasketELement();
$BasketElement->setRecord($element);
$BasketElement->setBasket($Basket);
if ($receiver['HD'])
{ {
$user_receiver->ACL()->grant_hd_on( $em = $app['Core']->getEntityManager();
$BasketElement->getRecord()
, $user $pusher = new RecordHelper\Push($app['Core'], $app['request']);
, \ACL::GRANT_ACTION_PUSH
$user = $app['Core']->getAuthenticatedUser();
$appbox = \appbox::get_instance();
$push_name = $request->get(
'push_name'
, sprintf(_('Push from %s'), $user->get_display_name())
);
$push_description = $request->get('push_description');
$receivers = $request->get('receivers');
if (!is_array($receivers) || count($receivers) === 0)
{
throw new ControllerException(_('No receivers specified'));
}
if (!is_array($pusher->get_elements()) || count($pusher->get_elements()) === 0)
{
throw new ControllerException(_('No elements to push'));
}
foreach ($receivers as $receiver)
{
try
{
$user_receiver = \User_Adapter::getInstance($receiver['usr_id'], $appbox);
}
catch (\Exception $e)
{
throw new ControllerException(sprintf(_('Unknown user %d'), $receiver['usr_id']));
}
$Basket = new \Entities\Basket();
$Basket->setName($push_name);
$Basket->setDescription($push_description);
$Basket->setOwner($user_receiver);
$Basket->setPusher($user);
$em->persist($Basket);
foreach ($pusher->get_elements() as $element)
{
$BasketElement = new \Entities\BasketELement();
$BasketElement->setRecord($element);
$BasketElement->setBasket($Basket);
if ($receiver['HD'])
{
$user_receiver->ACL()->grant_hd_on(
$BasketElement->getRecord()
, $user
, \ACL::GRANT_ACTION_PUSH
);
}
else
{
$user_receiver->ACL()->grant_preview_on(
$BasketElement->getRecord()
, $user
, \ACL::GRANT_ACTION_PUSH
);
}
$em->persist($BasketElement);
}
}
$em->flush();
$message = sprintf(
_('%1$d records have been sent to %2$d users')
, count($pusher->get_elements())
, count($request->get('receivers'))
);
$ret = array(
'success' => true,
'message' => $message
); );
} }
else catch (ControllerException $e)
{ {
$user_receiver->ACL()->grant_preview_on( $ret['message'] = $e->getMessage();
$BasketElement->getRecord()
, $user
, \ACL::GRANT_ACTION_PUSH
);
} }
$em->persist($BasketElement); $Json = $app['Core']['Serializer']->serialize($ret, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
}
$em->flush();
$message = sprintf(
_('%1$d records have been sent to %2$d users')
, count($pusher->get_elements())
, count($request->get('receivers'))
);
$ret = array(
'success' => true,
'message' => $message
);
}
catch (ControllerException $e)
{
$ret['message'] = $e->getMessage();
}
$Json = $app['Core']['Serializer']->serialize($ret, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json'));
}
); );
$controllers->post('/validate/', function(Application $app) $controllers->post('/validate/', function(Application $app)
{
$request = $app['request'];
$ret = array(
'success' => false,
'message' => _('Unable to send the documents')
);
try
{
$pusher = new RecordHelper\Push($app['Core'], $app['request']);
$user = $app['Core']->getAuthenticatedUser();
$em = $app['Core']->getEntityManager();
$repository = $em->getRepository('\Entities\Basket');
$validation_name = $request->get(
'validation_name'
, sprintf(_('Validation from %s'), $user->get_display_name())
);
$validation_description = $request->get('validation_description');
$participants = $request->get('participants');
if (!is_array($participants) || count($participants) === 0)
{
throw new ControllerException(_('No participants specified'));
}
if (!is_array($pusher->get_elements()) || count($pusher->get_elements()) === 0)
{
throw new ControllerException(_('No elements to validate'));
}
if ($pusher->is_basket())
{
$Basket = $pusher->get_original_basket();
}
else
{
$Basket = new \Entities\Basket();
$Basket->setName($validation_name);
$Basket->setDescription($validation_description);
$Basket->setOwner($user);
$em->persist($Basket);
foreach ($pusher->get_elements() as $element)
{ {
$BasketElement = new \Entities\BasketElement(); $request = $app['request'];
$BasketElement->setRecord($element);
$BasketElement->setBasket($Basket);
$em->persist($BasketElement); $ret = array(
} 'success' => false,
'message' => _('Unable to send the documents')
);
$em->flush(); try
}
$em->refresh($Basket);
if (!$Basket->getValidation())
{
$Validation = new \Entities\ValidationSession();
$Validation->setInitiator($app['Core']->getAuthenticatedUser());
$Validation->setBasket($Basket);
$Basket->setValidation($Validation);
$em->persist($Validation);
}
else
{
$Validation = $Basket->getValidation();
}
$appbox = \appbox::get_instance();
foreach ($participants as $participant)
{
foreach (array('see_others', 'usr_id', 'agree', 'HD') as $mandatoryparam)
{
if (!array_key_exists($mandatoryparam, $participant))
throw new ControllerException(sprintf(_('Missing mandatory participant parameter %s'), $mandatoryparam));
}
try
{
$participant_user = \User_Adapter::getInstance($participant['usr_id'], $appbox);
}
catch (\Exception $e)
{
throw new ControllerException(sprintf(_('Unknown user %d'), $receiver['usr_id']));
}
try
{
$Participant = $Validation->getParticipant($participant_user);
continue;
}
catch (\Exception_NotFound $e)
{
}
$Participant = new \Entities\ValidationParticipant();
$Participant->setUser($participant_user);
$Participant->setSession($Validation);
$Participant->setCanAgree($participant['agree']);
$Participant->setCanSeeOthers($participant['see_others']);
$em->persist($Participant);
foreach ($Basket->getElements() as $BasketElement)
{
$ValidationData = new \Entities\ValidationData();
$ValidationData->setParticipant($Participant);
$ValidationData->setBasketElement($BasketElement);
$BasketElement->addValidationData($ValidationData);
if ($participant['HD'])
{ {
$participant_user->ACL()->grant_hd_on( $pusher = new RecordHelper\Push($app['Core'], $app['request']);
$BasketElement->getRecord() $user = $app['Core']->getAuthenticatedUser();
, $user
, \ACL::GRANT_ACTION_VALIDATE $em = $app['Core']->getEntityManager();
$repository = $em->getRepository('\Entities\Basket');
$validation_name = $request->get(
'validation_name'
, sprintf(_('Validation from %s'), $user->get_display_name())
);
$validation_description = $request->get('validation_description');
$participants = $request->get('participants');
if (!is_array($participants) || count($participants) === 0)
{
throw new ControllerException(_('No participants specified'));
}
if (!is_array($pusher->get_elements()) || count($pusher->get_elements()) === 0)
{
throw new ControllerException(_('No elements to validate'));
}
if ($pusher->is_basket())
{
$Basket = $pusher->get_original_basket();
}
else
{
$Basket = new \Entities\Basket();
$Basket->setName($validation_name);
$Basket->setDescription($validation_description);
$Basket->setOwner($user);
$em->persist($Basket);
foreach ($pusher->get_elements() as $element)
{
$BasketElement = new \Entities\BasketElement();
$BasketElement->setRecord($element);
$BasketElement->setBasket($Basket);
$em->persist($BasketElement);
}
$em->flush();
}
$em->refresh($Basket);
if (!$Basket->getValidation())
{
$Validation = new \Entities\ValidationSession();
$Validation->setInitiator($app['Core']->getAuthenticatedUser());
$Validation->setBasket($Basket);
$Basket->setValidation($Validation);
$em->persist($Validation);
}
else
{
$Validation = $Basket->getValidation();
}
$appbox = \appbox::get_instance();
foreach ($participants as $participant)
{
foreach (array('see_others', 'usr_id', 'agree', 'HD') as $mandatoryparam)
{
if (!array_key_exists($mandatoryparam, $participant))
throw new ControllerException(sprintf(_('Missing mandatory participant parameter %s'), $mandatoryparam));
}
try
{
$participant_user = \User_Adapter::getInstance($participant['usr_id'], $appbox);
}
catch (\Exception $e)
{
throw new ControllerException(sprintf(_('Unknown user %d'), $receiver['usr_id']));
}
try
{
$Participant = $Validation->getParticipant($participant_user);
continue;
}
catch (\Exception_NotFound $e)
{
}
$Participant = new \Entities\ValidationParticipant();
$Participant->setUser($participant_user);
$Participant->setSession($Validation);
$Participant->setCanAgree($participant['agree']);
$Participant->setCanSeeOthers($participant['see_others']);
$em->persist($Participant);
foreach ($Basket->getElements() as $BasketElement)
{
$ValidationData = new \Entities\ValidationData();
$ValidationData->setParticipant($Participant);
$ValidationData->setBasketElement($BasketElement);
$BasketElement->addValidationData($ValidationData);
if ($participant['HD'])
{
$participant_user->ACL()->grant_hd_on(
$BasketElement->getRecord()
, $user
, \ACL::GRANT_ACTION_VALIDATE
);
}
else
{
$participant_user->ACL()->grant_preview_on(
$BasketElement->getRecord()
, $user
, \ACL::GRANT_ACTION_VALIDATE
);
}
$em->merge($BasketElement);
$em->persist($ValidationData);
$Participant->addValidationData($ValidationData);
}
$em->merge($Participant);
}
$em->merge($Basket);
$em->merge($Validation);
$em->flush();
$message = sprintf(
_('%1$d records have been sent for validation to %2$d users')
, count($pusher->get_elements())
, count($request->get('$participants'))
);
$ret = array(
'success' => true,
'message' => $message
); );
} }
else catch (ControllerException $e)
{ {
$participant_user->ACL()->grant_preview_on( $ret['message'] = $e->getMessage();
$BasketElement->getRecord()
, $user
, \ACL::GRANT_ACTION_VALIDATE
);
} }
$em->merge($BasketElement); $Json = $app['Core']['Serializer']->serialize($ret, 'json');
$em->persist($ValidationData);
$Participant->addValidationData($ValidationData); return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
$em->merge($Participant);
}
$em->merge($Basket);
$em->merge($Validation);
$em->flush();
$message = sprintf(
_('%1$d records have been sent for validation to %2$d users')
, count($pusher->get_elements())
, count($request->get('$participants'))
);
$ret = array(
'success' => true,
'message' => $message
);
}
catch (ControllerException $e)
{
$ret['message'] = $e->getMessage();
}
$Json = $app['Core']['Serializer']->serialize($ret, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json'));
}
); );
$controllers->get('/search-user/', function(Application $app) $controllers->get('/search-user/', function(Application $app)
{ {
$request = $app['request']; $request = $app['request'];
$em = $app['Core']->getEntityManager(); $em = $app['Core']->getEntityManager();
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
$query = new \User_Query(\appbox::get_instance()); $query = new \User_Query(\appbox::get_instance());
$query->on_bases_where_i_am($user->ACL(), array('canpush')); $query->on_bases_where_i_am($user->ACL(), array('canpush'));
$query->like(\User_Query::LIKE_FIRSTNAME, $request->get('query')) $query->like(\User_Query::LIKE_FIRSTNAME, $request->get('query'))
->like(\User_Query::LIKE_LASTNAME, $request->get('query')) ->like(\User_Query::LIKE_LASTNAME, $request->get('query'))
->like(\User_Query::LIKE_LOGIN, $request->get('query')) ->like(\User_Query::LIKE_LOGIN, $request->get('query'))
->like_match(\User_Query::LIKE_MATCH_OR); ->like_match(\User_Query::LIKE_MATCH_OR);
$result = $query->include_phantoms() $result = $query->include_phantoms()
->limit(0, 50) ->limit(0, 50)
->execute()->get_results(); ->execute()->get_results();
$repository = $em->getRepository('\Entities\UsrList'); $repository = $em->getRepository('\Entities\UsrList');
$lists = $repository->findUserListLike($user, $request->get('query')); $lists = $repository->findUserListLike($user, $request->get('query'));
$datas = array(); $datas = array();
if ($lists) if ($lists)
{ {
foreach ($lists as $list) foreach ($lists as $list)
{ {
$datas[] = array( $datas[] = array(
'type' => 'LIST' 'type' => 'LIST'
, 'name' => $list->getName() , 'name' => $list->getName()
, 'quantity' => $list->getUsers()->count() , 'quantity' => $list->getUsers()->count()
); );
} }
} }
if ($result) if ($result)
{ {
foreach ($result as $user) foreach ($result as $user)
{ {
$datas[] = array( $datas[] = array(
'type' => 'USER' 'type' => 'USER'
, 'usr_id' => $user->get_id() , 'usr_id' => $user->get_id()
, 'firstname' => $user->get_firstname() , 'firstname' => $user->get_firstname()
, 'lastname' => $user->get_lastname() , 'lastname' => $user->get_lastname()
, 'email' => $user->get_email() , 'email' => $user->get_email()
, 'display_name' => $user->get_display_name() , 'display_name' => $user->get_display_name()
); );
} }
} }
$Json = $app['Core']['Serializer']->serialize($datas, 'json'); $Json = $app['Core']['Serializer']->serialize($datas, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json')); return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
); );

55
lib/Alchemy/Phrasea/Controller/Prod/Story.php
View File

@@ -186,41 +186,46 @@ class Story implements ControllerProviderInterface
{ {
return new RedirectResponse('/'); return new RedirectResponse('/');
} }
}); })->assert('sbas_id', '\d+')->assert('record_id', '\d+');
$controllers->post( $controllers->post(
'/{sbas_id}/{record_id}/delete/{child_sbas_id}/{child_record_id}/' '/{sbas_id}/{record_id}/delete/{child_sbas_id}/{child_record_id}/'
, function(Application $app, Request $request, $sbas_id, $record_id, $child_sbas_id, $child_record_id) , function(Application $app, Request $request, $sbas_id, $record_id, $child_sbas_id, $child_record_id)
{ {
$Story = new \record_adapter($sbas_id, $record_id); $Story = new \record_adapter($sbas_id, $record_id);
$record = new \record_adapter($child_sbas_id, $child_record_id); $record = new \record_adapter($child_sbas_id, $child_record_id);
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
if (!$user->ACL()->has_right_on_base($Story->get_base_id(), 'canmodifrecord')) if (!$user->ACL()->has_right_on_base($Story->get_base_id(), 'canmodifrecord'))
throw new \Exception_Forbidden('You can not add document to this Story'); throw new \Exception_Forbidden('You can not add document to this Story');
/* @var $user \User_Adapter */ /* @var $user \User_Adapter */
$Story->removeChild($record); $Story->removeChild($record);
$data = array( $data = array(
'success' => true 'success' => true
, 'message' => _('Record removed from story') , 'message' => _('Record removed from story')
); );
if ($request->getRequestFormat() == 'json') if ($request->getRequestFormat() == 'json')
{ {
$datas = $app['Core']['Serializer']->serialize($data, 'json'); $datas = $app['Core']['Serializer']->serialize($data, 'json');
return new Response($datas, 200, array('Content-type' => 'application/json'));
}
else
{
return new RedirectResponse('/');
}
})
->assert('sbas_id', '\d+')
->assert('record_id', '\d+')
->assert('child_sbas_id', '\d+')
->assert('child_record_id', '\d+');
return new Response($datas, 200, array('Content-type' => 'application/json'));
}
else
{
return new RedirectResponse('/');
}
});
// $controllers->post('/{basket_id}/delete/', function(Application $app, Request $request, $basket_id) // $controllers->post('/{basket_id}/delete/', function(Application $app, Request $request, $basket_id)
// { // {
// $em = $app['Core']->getEntityManager(); // $em = $app['Core']->getEntityManager();

2
lib/Alchemy/Phrasea/Controller/Prod/Tooltip.php
View File

@@ -73,7 +73,7 @@ class Tooltip implements ControllerProviderInterface
, array('user' => $user) , array('user' => $user)
) )
); );
})->assert('sbas_id', '\d+')->assert('record_id', '\d+'); })->assert('usr_id', '\d+');
$controllers->post('/preview/{sbas_id}/{record_id}/' $controllers->post('/preview/{sbas_id}/{record_id}/'

665
lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php
View File

@@ -37,474 +37,475 @@ class UsrLists implements ControllerProviderInterface
* Get all lists * Get all lists
*/ */
$controllers->get('/list/all/', function(Application $app) $controllers->get('/list/all/', function(Application $app)
{ {
$em = $app['Core']->getEntityManager(); $em = $app['Core']->getEntityManager();
$repository = $em->getRepository('\Entities\UsrList'); $repository = $em->getRepository('\Entities\UsrList');
$lists = $repository->findUserLists($app['Core']->getAuthenticatedUser()); $lists = $repository->findUserLists($app['Core']->getAuthenticatedUser());
$datas = array('lists' => array()); $datas = array('lists' => array());
foreach ($lists as $list) foreach ($lists as $list)
{ {
$owners = $entries = array(); $owners = $entries = array();
foreach ($list->getOwners() as $owner) foreach ($list->getOwners() as $owner)
{ {
$owners[] = array( $owners[] = array(
'usr_id' => $owner->getUser()->get_id(), 'usr_id' => $owner->getUser()->get_id(),
'display_name' => $owner->getUser()->get_display_name(), 'display_name' => $owner->getUser()->get_display_name(),
'position' => $owner->getUser()->get_position(), 'position' => $owner->getUser()->get_position(),
'job' => $owner->getUser()->get_job(), 'job' => $owner->getUser()->get_job(),
'company' => $owner->getUser()->get_company(), 'company' => $owner->getUser()->get_company(),
'email' => $owner->getUser()->get_email(), 'email' => $owner->getUser()->get_email(),
'role' => $owner->getRole() 'role' => $owner->getRole()
); );
} }
foreach ($list->getEntries() as $entry) foreach ($list->getEntries() as $entry)
{ {
$entries[] = array( $entries[] = array(
'usr_id' => $owner->getUser()->get_id(), 'usr_id' => $owner->getUser()->get_id(),
'display_name' => $owner->getUser()->get_display_name(), 'display_name' => $owner->getUser()->get_display_name(),
'position' => $owner->getUser()->get_position(), 'position' => $owner->getUser()->get_position(),
'job' => $owner->getUser()->get_job(), 'job' => $owner->getUser()->get_job(),
'company' => $owner->getUser()->get_company(), 'company' => $owner->getUser()->get_company(),
'email' => $owner->getUser()->get_email(), 'email' => $owner->getUser()->get_email(),
); );
} }
/* @var $list \Entities\UsrList */ /* @var $list \Entities\UsrList */
$datas['lists'][] = array( $datas['lists'][] = array(
'name' => $list->getName(), 'name' => $list->getName(),
'created' => $list->getCreated()->format(DATE_ATOM), 'created' => $list->getCreated()->format(DATE_ATOM),
'updated' => $list->getUpdated()->format(DATE_ATOM), 'updated' => $list->getUpdated()->format(DATE_ATOM),
'owners' => $owners, 'owners' => $owners,
'users' => $entries 'users' => $entries
); );
} }
$Json = $app['Core']['Serializer']->serialize($datas, 'json'); $Json = $app['Core']['Serializer']->serialize($datas, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json')); return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
); );
/** /**
* Creates a list * Creates a list
*/ */
$controllers->post('/list/', function(Application $app) $controllers->post('/list/', function(Application $app)
{ {
$request = $app['request']; $request = $app['request'];
$list_name = $request->get('name'); $list_name = $request->get('name');
$datas = array( $datas = array(
'success' => false 'success' => false
, 'message' => sprintf(_('Unable to create list %s'), $list_name) , 'message' => sprintf(_('Unable to create list %s'), $list_name)
); );
try try
{ {
if (!$list_name) if (!$list_name)
{ {
throw new ControllerException(_('List name is required')); throw new ControllerException(_('List name is required'));
} }
$em = $app['Core']->getEntityManager(); $em = $app['Core']->getEntityManager();
$List = new \Entities\UsrList(); $List = new \Entities\UsrList();
$Owner = new \Entities\UsrListOwner(); $Owner = new \Entities\UsrListOwner();
$Owner->setRole(\Entities\UsrListOwner::ROLE_ADMIN); $Owner->setRole(\Entities\UsrListOwner::ROLE_ADMIN);
$Owner->setUser($app['Core']->getAuthenticatedUser()); $Owner->setUser($app['Core']->getAuthenticatedUser());
$Owner->setList($List); $Owner->setList($List);
$List->setName($list_name); $List->setName($list_name);
$List->addUsrListOwner($Owner); $List->addUsrListOwner($Owner);
$em->persist($Owner); $em->persist($Owner);
$em->persist($List); $em->persist($List);
$em->flush(); $em->flush();
$datas = array( $datas = array(
'success' => true 'success' => true
, 'message' => sprintf(_('List %s has been created'), $list_name) , 'message' => sprintf(_('List %s has been created'), $list_name)
); );
} }
catch (ControllerException $e) catch (ControllerException $e)
{ {
$datas = array( $datas = array(
'success' => false 'success' => false
, 'message' => $e->getMessage() , 'message' => $e->getMessage()
); );
} }
$Json = $app['Core']['Serializer']->serialize($datas, 'json'); $Json = $app['Core']['Serializer']->serialize($datas, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json')); return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
); );
/** /**
* Gets a list * Gets a list
*/ */
$controllers->get('/list/{list_id}/', function(Application $app, $list_id) $controllers->get('/list/{list_id}/', function(Application $app, $list_id)
{ {
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
$em = $app['Core']->getEntityManager(); $em = $app['Core']->getEntityManager();
$repository = $em->getRepository('\Entities\UsrList'); $repository = $em->getRepository('\Entities\UsrList');
$list = $repository->findUserListByUserAndId($user, $list_id); $list = $repository->findUserListByUserAndId($user, $list_id);
$owners = $entries = $lists = array(); $owners = $entries = $lists = array();
foreach ($list->getOwners() as $owner) foreach ($list->getOwners() as $owner)
{ {
$owners[] = array( $owners[] = array(
'usr_id' => $owner->getUser()->get_id(), 'usr_id' => $owner->getUser()->get_id(),
'display_name' => $owner->getUser()->get_display_name(), 'display_name' => $owner->getUser()->get_display_name(),
'position' => $owner->getUser()->get_position(), 'position' => $owner->getUser()->get_position(),
'job' => $owner->getUser()->get_job(), 'job' => $owner->getUser()->get_job(),
'company' => $owner->getUser()->get_company(), 'company' => $owner->getUser()->get_company(),
'email' => $owner->getUser()->get_email(), 'email' => $owner->getUser()->get_email(),
'role' => $owner->getRole() 'role' => $owner->getRole()
); );
} }
foreach ($list->getEntries() as $entry) foreach ($list->getEntries() as $entry)
{ {
$entries[] = array( $entries[] = array(
'usr_id' => $owner->getUser()->get_id(), 'usr_id' => $owner->getUser()->get_id(),
'display_name' => $owner->getUser()->get_display_name(), 'display_name' => $owner->getUser()->get_display_name(),
'position' => $owner->getUser()->get_position(), 'position' => $owner->getUser()->get_position(),
'job' => $owner->getUser()->get_job(), 'job' => $owner->getUser()->get_job(),
'company' => $owner->getUser()->get_company(), 'company' => $owner->getUser()->get_company(),
'email' => $owner->getUser()->get_email(), 'email' => $owner->getUser()->get_email(),
); );
} }
/* @var $list \Entities\UsrList */ /* @var $list \Entities\UsrList */
$datas = array('list' => array( $datas = array('list' => array(
'name' => $list->getName(), 'name' => $list->getName(),
'created' => $list->getCreated()->format(DATE_ATOM), 'created' => $list->getCreated()->format(DATE_ATOM),
'updated' => $list->getUpdated()->format(DATE_ATOM), 'updated' => $list->getUpdated()->format(DATE_ATOM),
'owners' => $owners, 'owners' => $owners,
'users' => $entries 'users' => $entries
) )
); );
$Json = $app['Core']['Serializer']->serialize($datas, 'json'); $Json = $app['Core']['Serializer']->serialize($datas, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json')); return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
); )->assert('list_id', '\d+');
/** /**
* Update a list * Update a list
*/ */
$controllers->post('/list/{list_id}/update/', function(Application $app, $list_id) $controllers->post('/list/{list_id}/update/', function(Application $app, $list_id)
{ {
$request = $app['request']; $request = $app['request'];
$datas = array( $datas = array(
'success' => false 'success' => false
, 'message' => _('Unable to update list') , 'message' => _('Unable to update list')
); );
try try
{ {
$list_name = $request->get('name'); $list_name = $request->get('name');
if (!$list_name) if (!$list_name)
{ {
throw new ControllerException(_('List name is required')); throw new ControllerException(_('List name is required'));
} }
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
$em = $app['Core']->getEntityManager(); $em = $app['Core']->getEntityManager();
$repository = $em->getRepository('\Entities\UsrList'); $repository = $em->getRepository('\Entities\UsrList');
$list = $repository->findUserListByUserAndId($user, $list_id); $list = $repository->findUserListByUserAndId($user, $list_id);
$list->setName($list_name); $list->setName($list_name);
$em->merge($list); $em->merge($list);
$em->flush(); $em->flush();
$datas = array( $datas = array(
'success' => true 'success' => true
, 'message' => _('List has been updated') , 'message' => _('List has been updated')
); );
} }
catch (ControllerException $e) catch (ControllerException $e)
{ {
$datas = array( $datas = array(
'success' => false 'success' => false
, 'message' => $e->getMessage() , 'message' => $e->getMessage()
); );
} }
$Json = $app['Core']['Serializer']->serialize($datas, 'json'); $Json = $app['Core']['Serializer']->serialize($datas, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json')); return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
); )->assert('list_id', '\d+');
/** /**
* Delete a list * Delete a list
*/ */
$controllers->post('/list/{list_id}/delete/', function(Application $app, $list_id) $controllers->post('/list/{list_id}/delete/', function(Application $app, $list_id)
{ {
$em = $app['Core']->getEntityManager(); $em = $app['Core']->getEntityManager();
try try
{ {
$repository = $em->getRepository('\Entities\UsrList'); $repository = $em->getRepository('\Entities\UsrList');
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
$list = $repository->findUserListByUserAndId($user, $list_id); $list = $repository->findUserListByUserAndId($user, $list_id);
$em->remove($list); $em->remove($list);
$em->flush(); $em->flush();
$datas = array( $datas = array(
'success' => true 'success' => true
, 'message' => sprintf(_('List has been deleted')) , 'message' => sprintf(_('List has been deleted'))
); );
} }
catch (\Exception $e) catch (\Exception $e)
{ {
$datas = array( $datas = array(
'success' => false 'success' => false
, 'message' => sprintf(_('Unable to delete list')) , 'message' => sprintf(_('Unable to delete list'))
); );
} }
$Json = $app['Core']['Serializer']->serialize($datas, 'json'); $Json = $app['Core']['Serializer']->serialize($datas, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json')); return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
); )->assert('list_id', '\d+');
/** /**
* Remove a usr_id from a list * Remove a usr_id from a list
*/ */
$controllers->post('/list/{list_id}/remove/{entry_id}/', function(Application $app, $list_id, $entry_id) $controllers->post('/list/{list_id}/remove/{entry_id}/', function(Application $app, $list_id, $entry_id)
{ {
$em = $app['Core']->getEntityManager(); $em = $app['Core']->getEntityManager();
try try
{ {
$repository = $em->getRepository('\Entities\UsrList'); $repository = $em->getRepository('\Entities\UsrList');
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
$list = $repository->findUserListByUserAndId($user, $list_id); $list = $repository->findUserListByUserAndId($user, $list_id);
/* @var $list \Entities\UsrList */ /* @var $list \Entities\UsrList */
$entry_repository = $em->getRepository('\Entities\UsrListEntry'); $entry_repository = $em->getRepository('\Entities\UsrListEntry');
$user_entry = $entry_repository->findEntryByListAndEntryId($list, $entry_id); $user_entry = $entry_repository->findEntryByListAndEntryId($list, $entry_id);
$em->remove($user_entry); $em->remove($user_entry);
$em->flush(); $em->flush();
$datas = array( $datas = array(
'success' => true 'success' => true
, 'message' => _('Entry removed from list') , 'message' => _('Entry removed from list')
); );
} }
catch (\Exception $e) catch (\Exception $e)
{ {
$datas = array( $datas = array(
'success' => false 'success' => false
, 'message' => _('Unable to remove entry from list') , 'message' => _('Unable to remove entry from list')
); );
} }
$Json = $app['Core']['Serializer']->serialize($datas, 'json'); $Json = $app['Core']['Serializer']->serialize($datas, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json')); return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
); )->assert('list_id', '\d+')->assert('entry_id', '\d+');
/** /**
* Adds a usr_id to a list * Adds a usr_id to a list
*/ */
$controllers->post('/list/{list_id}/add/{usr_id}/', function(Application $app, $list_id, $usr_id) $controllers->post('/list/{list_id}/add/{usr_id}/', function(Application $app, $list_id, $usr_id)
{ {
$em = $app['Core']->getEntityManager(); $em = $app['Core']->getEntityManager();
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
try try
{ {
$repository = $em->getRepository('\Entities\UsrList'); $repository = $em->getRepository('\Entities\UsrList');
$list = $repository->findUserListByUserAndId($user, $list_id); $list = $repository->findUserListByUserAndId($user, $list_id);
/* @var $list \Entities\UsrList */ /* @var $list \Entities\UsrList */
$user_entry = \User_Adapter::getInstance($usr_id, \appbox::get_instance()); $user_entry = \User_Adapter::getInstance($usr_id, \appbox::get_instance());
$entry = new \Entities\UsrListEntry(); $entry = new \Entities\UsrListEntry();
$entry->setUser($user_entry); $entry->setUser($user_entry);
$entry->setList($list); $entry->setList($list);
$list->addUsrListEntry($entry); $list->addUsrListEntry($entry);
$em->persist($entry); $em->persist($entry);
$em->merge($list); $em->merge($list);
$em->flush(); $em->flush();
$datas = array( $datas = array(
'success' => true 'success' => true
, 'message' => _('Usr added to list') , 'message' => _('Usr added to list')
); );
} }
catch (\Exception $e) catch (\Exception $e)
{ {
$datas = array( $datas = array(
'success' => false 'success' => false
, 'message' => _('Unable to add usr to list') , 'message' => _('Unable to add usr to list')
); );
} }
$Json = $app['Core']['Serializer']->serialize($datas, 'json'); $Json = $app['Core']['Serializer']->serialize($datas, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json')); return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
); )->assert('list_id', '\d+')->assert('usr_id', '\d+');
/** /**
* Share a list to a user with an optionnal role * Share a list to a user with an optionnal role
*/ */
$controllers->post('/list/{list_id}/share/{usr_id}/', function(Application $app, $list_id, $usr_id) $controllers->post('/list/{list_id}/share/{usr_id}/', function(Application $app, $list_id, $usr_id)
{ {
$em = $app['Core']->getEntityManager(); $em = $app['Core']->getEntityManager();
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
$availableRoles = array( $availableRoles = array(
\Entities\UsrListOwner::ROLE_USER, \Entities\UsrListOwner::ROLE_USER,
\Entities\UsrListOwner::ROLE_EDITOR, \Entities\UsrListOwner::ROLE_EDITOR,
\Entities\UsrListOwner::ROLE_ADMIN, \Entities\UsrListOwner::ROLE_ADMIN,
); );
if (!$app['request']->get('role')) if (!$app['request']->get('role'))
throw new \Exception_BadRequest('Missing role parameter'); throw new \Exception_BadRequest('Missing role parameter');
elseif (!in_array($app['request']->get('role'), $availableRoles)) elseif (!in_array($app['request']->get('role'), $availableRoles))
throw new \Exception_BadRequest('Role is invalid'); throw new \Exception_BadRequest('Role is invalid');
try try
{ {
$repository = $em->getRepository('\Entities\UsrList'); $repository = $em->getRepository('\Entities\UsrList');
$list = $repository->findUserListByUserAndId($user, $list_id); $list = $repository->findUserListByUserAndId($user, $list_id);
/* @var $list \Entities\UsrList */ /* @var $list \Entities\UsrList */
if ($list->getOwner($user)->getRole() < \Entities\UsrListOwner::ROLE_EDITOR) if ($list->getOwner($user)->getRole() < \Entities\UsrListOwner::ROLE_EDITOR)
{ {
throw new \Exception('You are not authorized to do this'); throw new \Exception('You are not authorized to do this');
} }
$new_owner = \User_Adapter::getInstance($usr_id, \appbox::get_instance()); $new_owner = \User_Adapter::getInstance($usr_id, \appbox::get_instance());
if ($list->hasAccess($new_owner)) if ($list->hasAccess($new_owner))
{ {
$owner = $list->getOwner($new_owner); $owner = $list->getOwner($new_owner);
} }
else else
{ {
$owner = new \Entities\UsrListOwner(); $owner = new \Entities\UsrListOwner();
$owner->setList($list); $owner->setList($list);
$owner->setUser($new_owner); $owner->setUser($new_owner);
$list->addUsrListOwner($owner); $list->addUsrListOwner($owner);
$em->persist($owner); $em->persist($owner);
$em->merge($list); $em->merge($list);
} }
$role = $app['request']->get('role'); $role = $app['request']->get('role');
$owner->setRole($role); $owner->setRole($role);
$em->merge($owner); $em->merge($owner);
$em->flush(); $em->flush();
$datas = array( $datas = array(
'success' => true 'success' => true
, 'message' => _('List shared to user') , 'message' => _('List shared to user')
); );
} }
catch (\Exception $e) catch (\Exception $e)
{ {
$datas = array( $datas = array(
'success' => false 'success' => false
, 'message' => _('Unable to share the list with the usr') , 'message' => _('Unable to share the list with the usr')
); );
} }
$Json = $app['Core']['Serializer']->serialize($datas, 'json'); $Json = $app['Core']['Serializer']->serialize($datas, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json'));
}
)->assert('list_id', '\d+')->assert('usr_id', '\d+');
return new Response($Json, 200, array('Content-Type' => 'application/json'));
}
);
/** /**
* UnShare a list to a user * UnShare a list to a user
*/ */
$controllers->post('/list/{list_id}/unshare/{usr_id}/', function(Application $app, $list_id, $usr_id) $controllers->post('/list/{list_id}/unshare/{usr_id}/', function(Application $app, $list_id, $usr_id)
{ {
$em = $app['Core']->getEntityManager(); $em = $app['Core']->getEntityManager();
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
try try
{ {
$repository = $em->getRepository('\Entities\UsrList'); $repository = $em->getRepository('\Entities\UsrList');
$list = $repository->findUserListByUserAndId($user, $list_id); $list = $repository->findUserListByUserAndId($user, $list_id);
/* @var $list \Entities\UsrList */ /* @var $list \Entities\UsrList */
if ($list->getOwner($user)->getRole() < \Entities\UsrListOwner::ROLE_ADMIN) if ($list->getOwner($user)->getRole() < \Entities\UsrListOwner::ROLE_ADMIN)
{ {
throw new \Exception('You are not authorized to do this'); throw new \Exception('You are not authorized to do this');
} }
$owners_repository = $em->getRepository('\Entities\UsrListOwner'); $owners_repository = $em->getRepository('\Entities\UsrListOwner');
$owner = $owners_repository->findByListAndUsrId($list, $usr_id); $owner = $owners_repository->findByListAndUsrId($list, $usr_id);
$em->remove($owner); $em->remove($owner);
$em->flush(); $em->flush();
$datas = array( $datas = array(
'success' => true 'success' => true
, 'message' => _('Owner removed from list') , 'message' => _('Owner removed from list')
); );
} }
catch (\Exception $e) catch (\Exception $e)
{ {
$datas = array( $datas = array(
'success' => false 'success' => false
, 'message' => _('Unable to remove usr from list') , 'message' => _('Unable to remove usr from list')
); );
} }
$Json = $app['Core']['Serializer']->serialize($datas, 'json'); $Json = $app['Core']['Serializer']->serialize($datas, 'json');
return new Response($Json, 200, array('Content-Type' => 'application/json')); return new Response($Json, 200, array('Content-Type' => 'application/json'));
} }
); )->assert('list_id', '\d+')->assert('usr_id', '\d+');
return $controllers; return $controllers;

15
lib/Alchemy/Phrasea/Controller/Prod/WorkZone.php
View File

@@ -65,7 +65,6 @@ class WorkZone implements ControllerProviderInterface
$controllers->get('/Browse/Search/', function(Application $app) $controllers->get('/Browse/Search/', function(Application $app)
{ {
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
$request = $app['request']; $request = $app['request'];
@@ -99,9 +98,9 @@ class WorkZone implements ControllerProviderInterface
, 'Page' => $page , 'Page' => $page
, 'MaxPage' => $maxPage , 'MaxPage' => $maxPage
, 'Total' => $Baskets['count'] , 'Total' => $Baskets['count']
, 'Query' =>$request->get('Query') , 'Query' => $request->get('Query')
, 'Year' =>$request->get('Year') , 'Year' => $request->get('Year')
, 'Type' =>$request->get('Type') , 'Type' => $request->get('Type')
); );
return new Response($app['Core']->getTwig()->render('prod/WorkZone/Browser/Results.html.twig', $params)); return new Response($app['Core']->getTwig()->render('prod/WorkZone/Browser/Results.html.twig', $params));
@@ -116,18 +115,18 @@ class WorkZone implements ControllerProviderInterface
->findUserBasket($basket_id, $app['Core']->getAuthenticatedUser()); ->findUserBasket($basket_id, $app['Core']->getAuthenticatedUser());
$params = array( $params = array(
'Basket'=>$basket 'Basket' => $basket
); );
return new Response($app['Core']->getTwig()->render('prod/WorkZone/Browser/Basket.html.twig', $params)); return new Response($app['Core']->getTwig()->render('prod/WorkZone/Browser/Basket.html.twig', $params));
}); })->assert('basket_id', '\d+');
$controllers->post( $controllers->post(
'/attachStories/' '/attachStories/'
, function(Application $app, Request $request) , function(Application $app, Request $request)
{ {
if(!$request->get('stories')) if (!$request->get('stories'))
throw new \Exception_BadRequest(); throw new \Exception_BadRequest();
$user = $app['Core']->getAuthenticatedUser(); $user = $app['Core']->getAuthenticatedUser();
@@ -261,7 +260,7 @@ class WorkZone implements ControllerProviderInterface
{ {
return new RedirectResponse('/'); return new RedirectResponse('/');
} }
}); })->assert('sbas_id', '\d+')->assert('record_id', '\d+');
return $controllers; return $controllers;

2
lib/Alchemy/Phrasea/Controller/Root/RSSFeeds.php
View File

@@ -154,7 +154,7 @@ class RSSFeeds implements ControllerProviderInterface
$page = $page < 1 ? 1 : $page; $page = $page < 1 ? 1 : $page;
return $display_feed($feed, $format, $page, $token->get_user()); return $display_feed($feed, $format, $page, $token->get_user());
})->assert('id', '\d+')->assert('format', '(rss|atom)'); })->assert('format', '(rss|atom)');

2
lib/Alchemy/Phrasea/Controller/Setup/Installer.php
View File

@@ -133,7 +133,7 @@ class Installer implements ControllerProviderInterface
\phrasea::use_i18n(\Session_Handler::get_locale()); \phrasea::use_i18n(\Session_Handler::get_locale());
$request = $app['request']; $request = $app['request'];
$servername = $request->getScheme() . '://' . $request->getHttpHost() . '/'; $servername = $request->getScheme() . '://' . $request->getHttpHost() . '/';
$setupRegistry = new \Setup_Registry(); $setupRegistry = new \Setup_Registry();
$setupRegistry->set('GV_ServerName', $servername); $setupRegistry->set('GV_ServerName', $servername);

78
lib/Alchemy/Phrasea/Controller/Setup/Upgrader.php
View File

@@ -33,57 +33,57 @@ class Upgrader implements ControllerProviderInterface
$controllers = new ControllerCollection(); $controllers = new ControllerCollection();
$controllers->get('/', function() use ($app) $controllers->get('/', function() use ($app)
{ {
require_once __DIR__ . '/../../../../bootstrap.php'; require_once __DIR__ . '/../../../../bootstrap.php';
$upgrade_status = \Setup_Upgrade::get_status(); $upgrade_status = \Setup_Upgrade::get_status();
/* @var $twig \Twig_Environment */ /* @var $twig \Twig_Environment */
$twig = $app['Core']->getTwig(); $twig = $app['Core']->getTwig();
$html = $twig->render( $html = $twig->render(
'/setup/upgrader.html.twig' '/setup/upgrader.html.twig'
, array( , array(
'locale' => \Session_Handler::get_locale() 'locale' => \Session_Handler::get_locale()
, 'upgrade_status' => $upgrade_status , 'upgrade_status' => $upgrade_status
, 'available_locales' => $app['Core']::getAvailableLanguages() , 'available_locales' => $app['Core']::getAvailableLanguages()
, 'bad_users' => \User_Adapter::get_wrong_email_users(\appbox::get_instance()) , 'bad_users' => \User_Adapter::get_wrong_email_users(\appbox::get_instance())
, 'version_number' => $app['Core']['Version']->getNumber() , 'version_number' => $app['Core']['Version']->getNumber()
, 'version_name' => $app['Core']['Version']->getName() , 'version_name' => $app['Core']['Version']->getName()
) )
); );
ini_set('display_errors', 'on'); ini_set('display_errors', 'on');
return new Response($html); return new Response($html);
}); });
$controllers->get('/status/', function() use ($app) $controllers->get('/status/', function() use ($app)
{ {
require_once __DIR__ . '/../../../../bootstrap.php'; require_once __DIR__ . '/../../../../bootstrap.php';
$datas = \Setup_Upgrade::get_status(); $datas = \Setup_Upgrade::get_status();
$Serializer = $app['Core']['Serializer']; $Serializer = $app['Core']['Serializer'];
return new Response( return new Response(
$Serializer->serialize($datas, 'json') $Serializer->serialize($datas, 'json')
, 200 , 200
, array('Content-Type: application/json') , array('Content-Type: application/json')
); );
}); });
$controllers->post('/execute/', function() use ($app) $controllers->post('/execute/', function() use ($app)
{ {
require_once __DIR__ . '/../../../../bootstrap.php'; require_once __DIR__ . '/../../../../bootstrap.php';
set_time_limit(0); set_time_limit(0);
session_write_close(); session_write_close();
ignore_user_abort(true); ignore_user_abort(true);
$appbox = \appbox::get_instance(); $appbox = \appbox::get_instance();
$upgrader = new \Setup_Upgrade($appbox); $upgrader = new \Setup_Upgrade($appbox);
$appbox->forceUpgrade($upgrader); $appbox->forceUpgrade($upgrader);
return new \Symfony\Component\HttpFoundation\RedirectResponse('/'); return new \Symfony\Component\HttpFoundation\RedirectResponse('/');
}); });
return $controllers; return $controllers;
} }

126
lib/Alchemy/Phrasea/Controller/Utils/ConnectionTest.php
View File

@@ -33,78 +33,78 @@ class ConnectionTest implements ControllerProviderInterface
$controllers = new ControllerCollection(); $controllers = new ControllerCollection();
$controllers->get('/mysql/', function() use ($app) $controllers->get('/mysql/', function() use ($app)
{
require_once __DIR__ . '/../../../../classes/connection/pdo.class.php';
$request = $app['request'];
$hostname = $request->get('hostname', '127.0.0.1');
$port = (int) $request->get('port', 3306);
$user = $request->get('user');
$password = $request->get('password');
$dbname = $request->get('dbname');
$connection_ok = $db_ok = $is_databox = $is_appbox = $empty = false;
try
{
$conn = new \connection_pdo('test', $hostname, $port, $user, $password);
$connection_ok = true;
}
catch (\Exception $e)
{
}
if ($dbname && $connection_ok === true)
{
try
{
$conn = new \connection_pdo('test', $hostname, $port, $user, $password, $dbname);
$db_ok = true;
$sql = "SHOW TABLE STATUS";
$stmt = $conn->prepare($sql);
$stmt->execute();
$empty = $stmt->rowCount() === 0;
$rs = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$stmt->closeCursor();
foreach ($rs as $row)
{ {
if ($row["Name"] === 'sitepreff') require_once __DIR__ . '/../../../../classes/connection/pdo.class.php';
$request = $app['request'];
$hostname = $request->get('hostname', '127.0.0.1');
$port = (int) $request->get('port', 3306);
$user = $request->get('user');
$password = $request->get('password');
$dbname = $request->get('dbname');
$connection_ok = $db_ok = $is_databox = $is_appbox = $empty = false;
try
{ {
$is_appbox = true; $conn = new \connection_pdo('test', $hostname, $port, $user, $password);
$connection_ok = true;
} }
if ($row["Name"] === 'pref') catch (\Exception $e)
{ {
$is_databox = true;
} }
}
}
catch (\Exception $e)
{
} if ($dbname && $connection_ok === true)
} {
try
{
$conn = new \connection_pdo('test', $hostname, $port, $user, $password, $dbname);
$db_ok = true;
$Serializer = $app['Core']['Serializer']; $sql = "SHOW TABLE STATUS";
$stmt = $conn->prepare($sql);
$stmt->execute();
$datas = array( $empty = $stmt->rowCount() === 0;
'connection' => $connection_ok
, 'database' => $db_ok
, 'is_empty' => $empty
, 'is_appbox' => $is_appbox
, 'is_databox' => $is_databox
);
return new Response( $rs = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$Serializer->serialize($datas, 'json') $stmt->closeCursor();
, 200
, array('content-type' => 'application/json') foreach ($rs as $row)
); {
}); if ($row["Name"] === 'sitepreff')
{
$is_appbox = true;
}
if ($row["Name"] === 'pref')
{
$is_databox = true;
}
}
}
catch (\Exception $e)
{
}
}
$Serializer = $app['Core']['Serializer'];
$datas = array(
'connection' => $connection_ok
, 'database' => $db_ok
, 'is_empty' => $empty
, 'is_appbox' => $is_appbox
, 'is_databox' => $is_databox
);
return new Response(
$Serializer->serialize($datas, 'json')
, 200
, array('content-type' => 'application/json')
);
});
return $controllers; return $controllers;
} }

66
lib/Alchemy/Phrasea/Controller/Utils/PathFileTest.php
View File

@@ -33,45 +33,45 @@ class PathFileTest implements ControllerProviderInterface
$controllers = new ControllerCollection(); $controllers = new ControllerCollection();
$controllers->get('/path/', function() use ($app) $controllers->get('/path/', function() use ($app)
{ {
$path = $app['request']->get('path'); $path = $app['request']->get('path');
$Serializer = $app['Core']['Serializer']; $Serializer = $app['Core']['Serializer'];
return new Response( return new Response(
$Serializer->serialize( $Serializer->serialize(
array( array(
'exists' => file_exists($path) 'exists' => file_exists($path)
, 'file' => is_file($path) , 'file' => is_file($path)
, 'dir' => is_dir($path) , 'dir' => is_dir($path)
, 'readable' => is_readable($path) , 'readable' => is_readable($path)
, 'writeable' => is_writable($path) , 'writeable' => is_writable($path)
, 'executable' => is_executable($path) , 'executable' => is_executable($path)
) )
, 'json' , 'json'
) )
, 200 , 200
, array('content-type' => 'application/json') , array('content-type' => 'application/json')
); );
}); });
$controllers->get('/url/', function() use ($app) $controllers->get('/url/', function() use ($app)
{ {
$url = $app['request']->get('url'); $url = $app['request']->get('url');
$Serializer = $app['Core']['Serializer']; $Serializer = $app['Core']['Serializer'];
return new Response( return new Response(
$Serializer->serialize( $Serializer->serialize(
array( array(
'code' => \http_query::getHttpCodeFromUrl($url) 'code' => \http_query::getHttpCodeFromUrl($url)
) )
, 'json' , 'json'
) )
, 200 , 200
, array('content-type' => 'application/json') , array('content-type' => 'application/json')
); );
}); });
return $controllers; return $controllers;