hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-15 05:53:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #734 from nlegoff/acl_service

Browse Source 
[3.9] Add ACL as a service
This commit is contained in:
Romain Neutron
2013-11-05 08:08:09 -08:00
parent f27fa53d4c 43a2e75c0f
commit 3fbd4a7daa
124 changed files with 792 additions and 658 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/Alchemy/Phrasea/Application.php
View File

@@ -736,7 +736,7 @@ class Application extends SilexApplication
return false;
}
return count(\User_Adapter::getInstance($usrId, $this)->ACL()->get_granted_base()) > 0;
return count($this['acl']->get(\User_Adapter::getInstance($usrId, $this))->get_granted_base()) > 0;
}
/**

92
lib/Alchemy/Phrasea/Authentication/ACLProvider.php Normal file
View File

@@ -0,0 +1,92 @@
<?php
/*
* This file is part of Phraseanet
*
* (c) 2005-2013 Alchemy
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Alchemy\Phrasea\Authentication;
use Alchemy\Phrasea\Model\Entities\User;
use Silex\Application;
class ACLProvider
{
/**
* An array cache for ACL's.
*
* @var array
*/
private static $cache = array();
private $app;
public function __construct(Application $app)
{
$this->app = $app;
}
/**
* Gets ACL for user.
*
* @param User $user
*
* @return \ACL
*/
public function get(\User_Adapter $user)
{
if (null !== $acl = $this->fetchFromCache($user)) {
return $acl;
}
return $this->fetch($user);
}
/**
* Purges ACL cache
*/
public function purge()
{
self::$cache = array();
}
/**
* Fetchs ACL from cache for users.
*
* @param User $user
*
* @return null || \ACL
*/
private function fetchFromCache(\User_Adapter $user)
{
return $this->hasCache($user) ? self::$cache[$user->get_id()] : null;
}
/**
* Tells whether ACL for user is already cached.
*
* @param User $user
*
* @return boolean
*/
private function hasCache(\User_Adapter $user)
{
return isset(self::$cache[$user->get_id()]);
}
/**
* Saves user's ACL in cache and returns it.
*
* @param User $user
*
* @return \ACL
*/
private function fetch(\User_Adapter $user)
{
return self::$cache[$user->get_id()] = new \ACL($user, $this->app);
}
}

2
lib/Alchemy/Phrasea/Authentication/AccountCreator.php
View File

@@ -89,7 +89,7 @@ class AccountCreator
}
foreach (array_merge($this->templates, $templates) as $template) {
$user->ACL()->apply_model($template, $base_ids);
$app['acl']->get($user)->apply_model($template, $base_ids);
}
return $user;

4
lib/Alchemy/Phrasea/Authentication/Authenticator.php
View File

@@ -78,7 +78,7 @@ class Authenticator
$this->session->set('session_id', $session->getId());
foreach ($user->ACL()->get_granted_sbas() as $databox) {
foreach ($this->app['acl']->get($user)->get_granted_sbas() as $databox) {
\cache_databox::insertClient($this->app, $databox);
}
$this->reinitUser();
@@ -102,7 +102,7 @@ class Authenticator
$this->session->set('usr_id', $session->getUsrId());
$this->session->set('session_id', $session->getId());
foreach ($user->ACL()->get_granted_sbas() as $databox) {
foreach ($this->app['acl']->get($user)->get_granted_sbas() as $databox) {
\cache_databox::insertClient($this->app, $databox);
}

4
lib/Alchemy/Phrasea/Command/CreateCollection.php
View File

@@ -47,7 +47,7 @@ class CreateCollection extends Command
$databox = $this->container['phraseanet.appbox']
->get_databox((int) $input->getArgument('databox_id'));
$new_collection = \collection::create($app, $databox, $this->container['phraseanet.appbox'], $input->getArgument('collname'));
$new_collection = \collection::create($this->container, $databox, $this->container['phraseanet.appbox'], $input->getArgument('collname'));
if ($new_collection && $input->getOption('base_id_rights')) {
@@ -58,7 +58,7 @@ class CreateCollection extends Command
while ($n < $total) {
$results = $query->limit($n, 40)->execute()->get_results();
foreach ($results as $user) {
$user->ACL()->duplicate_right_from_bas($input->getOption('base_id_rights'), $new_collection->get_base_id());
$this->container['acl']->get($user)->duplicate_right_from_bas($input->getOption('base_id_rights'), $new_collection->get_base_id());
}
$n+=40;
}

6
lib/Alchemy/Phrasea/Controller/Admin/Collection.php
View File

@@ -132,7 +132,7 @@ class Collection implements ControllerProviderInterface
$admins = array();
if ($app['authentication']->getUser()->ACL()->has_right_on_base($bas_id, 'manage')) {
if ($app['acl']->get($app['authentication']->getUser())->has_right_on_base($bas_id, 'manage')) {
$query = new \User_Query($app);
$admins = $query->on_base_ids(array($bas_id))
->who_have_right(array('order_master'))
@@ -194,12 +194,12 @@ class Collection implements ControllerProviderInterface
->execute()->get_results();
foreach ($result as $user) {
$user->ACL()->update_rights_to_base($bas_id, array('order_master' => false));
$app['acl']->get($user)->update_rights_to_base($bas_id, array('order_master' => false));
}
foreach (array_filter($newAdmins) as $admin) {
$user = \User_Adapter::getInstance($admin, $app);
$user->ACL()->update_rights_to_base($bas_id, array('order_master' => true));
$app['acl']->get($user)->update_rights_to_base($bas_id, array('order_master' => true));
}
$conn->commit();

6
lib/Alchemy/Phrasea/Controller/Admin/Databox.php
View File

@@ -409,7 +409,7 @@ class Databox implements ControllerProviderInterface
$results = $query->limit($n, 50)->execute()->get_results();
foreach ($results as $user) {
$user->ACL()->duplicate_right_from_bas($othCollSel, $baseId);
$app['acl']->get($user)->duplicate_right_from_bas($othCollSel, $baseId);
}
$n += 50;
@@ -725,7 +725,7 @@ class Databox implements ControllerProviderInterface
public function getReorder(Application $app, Request $request, $databox_id)
{
return $app['twig']->render('admin/collection/reorder.html.twig', array(
'collections' => $app['authentication']->getUser()->ACL()->get_granted_base(array(), array($databox_id)),
'collections' => $app['acl']->get($app['authentication']->getUser())->get_granted_base(array(), array($databox_id)),
));
}
@@ -805,7 +805,7 @@ class Databox implements ControllerProviderInterface
while ($n < $total) {
$results = $query->limit($n, 20)->execute()->get_results();
foreach ($results as $user) {
$user->ACL()->duplicate_right_from_bas($othcollsel, $collection->get_base_id());
$app['acl']->get($user)->duplicate_right_from_bas($othcollsel, $collection->get_base_id());
}
$n += 20;
}

6
lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php
View File

@@ -69,8 +69,8 @@ class Databoxes implements ControllerProviderInterface
public function getDatabases(Application $app, Request $request)
{
$sbasIds = array_merge(
array_keys($app['authentication']->getUser()->ACL()->get_granted_sbas(array('bas_manage')))
, array_keys($app['authentication']->getUser()->ACL()->get_granted_sbas(array('bas_modify_struct')))
array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_sbas(array('bas_manage')))
, array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_sbas(array('bas_modify_struct')))
);
$sbas = array();
@@ -177,7 +177,7 @@ class Databoxes implements ControllerProviderInterface
try {
$base = \databox::create($app, $connbas, $dataTemplate, $app['phraseanet.registry']);
$base->registerAdmin($app['authentication']->getUser());
$app['authentication']->getUser()->ACL()->delete_data_from_cache();
$app['acl']->get($app['authentication']->getUser())->delete_data_from_cache();
return $app->redirectPath('admin_database', array('databox_id' => $base->get_sbas_id(), 'success' => 1, 'reload-tree' => 1));
} catch (\Exception $e) {

2
lib/Alchemy/Phrasea/Controller/Admin/Publications.php
View File

@@ -38,7 +38,7 @@ class Publications implements ControllerProviderInterface
$controllers->get('/list/', function (PhraseaApplication $app) {
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser(
$app['authentication']->getUser()
$app['acl']->get($app['authentication']->getUser())
);
return $app['twig']

16
lib/Alchemy/Phrasea/Controller/Admin/Root.php
View File

@@ -70,7 +70,7 @@ class Root implements ControllerProviderInterface
$databoxes = $off_databoxes = array();
foreach ($app['phraseanet.appbox']->get_databoxes() as $databox) {
try {
if (!$app['authentication']->getUser()->ACL()->has_access_to_sbas($databox->get_sbas_id())) {
if (!$app['acl']->get($app['authentication']->getUser())->has_access_to_sbas($databox->get_sbas_id())) {
continue;
}
$databox->get_connection();
@@ -139,7 +139,7 @@ class Root implements ControllerProviderInterface
$databoxes = $off_databoxes = array();
foreach ($app['phraseanet.appbox']->get_databoxes() as $databox) {
try {
if (!$app['authentication']->getUser()->ACL()->has_access_to_sbas($databox->get_sbas_id())) {
if (!$app['acl']->get($app['authentication']->getUser())->has_access_to_sbas($databox->get_sbas_id())) {
continue;
}
@@ -197,7 +197,7 @@ class Root implements ControllerProviderInterface
->bind('admin_test_paths');
$controllers->get('/structure/{databox_id}/', function (Application $app, Request $request, $databox_id) {
if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
@@ -224,7 +224,7 @@ class Root implements ControllerProviderInterface
->bind('database_display_stucture');
$controllers->post('/structure/{databox_id}/', function (Application $app, Request $request, $databox_id) {
if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
@@ -250,7 +250,7 @@ class Root implements ControllerProviderInterface
->bind('database_submit_stucture');
$controllers->get('/statusbit/{databox_id}/', function (Application $app, Request $request, $databox_id) {
if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
@@ -261,7 +261,7 @@ class Root implements ControllerProviderInterface
->bind('database_display_statusbit');
$controllers->get('/statusbit/{databox_id}/status/{bit}/', function (Application $app, Request $request, $databox_id, $bit) {
if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
@@ -320,7 +320,7 @@ class Root implements ControllerProviderInterface
$app->abort(400, _('Bad request format, only JSON is allowed'));
}
if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
@@ -339,7 +339,7 @@ class Root implements ControllerProviderInterface
->assert('bit', '\d+');
$controllers->post('/statusbit/{databox_id}/status/{bit}/', function(Application $app, Request $request, $databox_id, $bit) {
if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}

26
lib/Alchemy/Phrasea/Controller/Admin/Users.php
View File

@@ -217,7 +217,7 @@ class Users implements ControllerProviderInterface
$on_base = $request->query->get('on_base') ? : array();
$elligible_users = $user_query
->on_sbas_where_i_am($app['authentication']->getUser()->ACL(), $rights)
->on_sbas_where_i_am($app['acl']->get($app['authentication']->getUser()), $rights)
->like(\User_Query::LIKE_EMAIL, $like_value)
->like(\User_Query::LIKE_FIRSTNAME, $like_value)
->like(\User_Query::LIKE_LASTNAME, $like_value)
@@ -275,7 +275,7 @@ class Users implements ControllerProviderInterface
$on_base = $request->request->get('base_id') ? : null;
$on_sbas = $request->request->get('sbas_id') ? : null;
$elligible_users = $user_query->on_bases_where_i_am($app['authentication']->getUser()->ACL(), array('canadmin'))
$elligible_users = $user_query->on_bases_where_i_am($app['acl']->get($app['authentication']->getUser()), array('canadmin'))
->like($like_field, $like_value)
->on_base_ids($on_base)
->on_sbas_ids($on_sbas);
@@ -349,7 +349,7 @@ class Users implements ControllerProviderInterface
$stmt->execute(array(':date' => date('Y-m-d', $lastMonth)));
$stmt->closeCursor();
$baslist = array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin')));
$baslist = array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(array('canadmin')));
$sql = 'SELECT usr_id, usr_login FROM usr WHERE model_of = :usr_id';
@@ -450,9 +450,9 @@ class Users implements ControllerProviderInterface
$cache_to_update[$usr] = true;
$user_template = \User_Adapter::getInstance($template_id, $app);
$base_ids = array_keys($user_template->ACL()->get_granted_base());
$base_ids = array_keys($app['acl']->get($user_template)->get_granted_base());
$user->ACL()->apply_model($user_template, $base_ids);
$app['acl']->get($user)->apply_model($user_template, $base_ids);
if (!isset($done[$usr])) {
$done[$usr] = array();
@@ -499,7 +499,7 @@ class Users implements ControllerProviderInterface
$cache_to_update[$usr] = true;
foreach ($bases as $bas) {
$user->ACL()->give_access_to_sbas(array(\phrasea::sbasFromBas($app, $bas)));
$app['acl']->get($user)->give_access_to_sbas(array(\phrasea::sbasFromBas($app, $bas)));
$rights = array(
'canputinalbum' => '1'
@@ -509,8 +509,8 @@ class Users implements ControllerProviderInterface
, 'actif' => '1'
);
$user->ACL()->give_access_to_base(array($bas));
$user->ACL()->update_rights_to_base($bas, $rights);
$app['acl']->get($user)->give_access_to_base(array($bas));
$app['acl']->get($user)->update_rights_to_base($bas, $rights);
if (!isset($done[$usr])) {
$done[$usr] = array();
@@ -527,7 +527,7 @@ class Users implements ControllerProviderInterface
foreach (array_keys($cache_to_update) as $usr_id) {
$user = \User_Adapter::getInstance($usr_id, $app);
$user->ACL()->delete_data_from_cache();
$app['acl']->get($user)->delete_data_from_cache();
unset($user);
}
@@ -654,7 +654,7 @@ class Users implements ControllerProviderInterface
if ($loginToAdd === "") {
$out['errors'][] = sprintf(_("Login line %d is empty"), $nbLine + 1);
} elseif (in_array($loginToAdd, $loginNew)) {
$out['errors'][] = sprintf(_("Login %s is already defined in the file at line %d"), $loginToAdd, $i);
$out['errors'][] = sprintf(_("Login %s is already defined in the file at line %d"), $loginToAdd, $nbLine);
} else {
if (\User_Adapter::get_usr_id_from_login($app, $loginToAdd)) {
$out['errors'][] = sprintf(_("Login %s already exists in database"), $loginToAdd);
@@ -711,7 +711,7 @@ class Users implements ControllerProviderInterface
INNER JOIN basusr
ON (basusr.usr_id=usr.usr_id)
WHERE usr.model_of = :usr_id
AND base_id in(" . implode(', ', array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('manage')))) . ")
AND base_id in(" . implode(', ', array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(array('manage')))) . ")
AND usr_login not like '(#deleted_%)'
GROUP BY usr_id";
@@ -849,8 +849,8 @@ class Users implements ControllerProviderInterface
$NewUser->set_company($curUser['societe']);
}
$NewUser->ACL()->apply_model(
\User_Adapter::getInstance($model, $app), array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('manage')))
$app['acl']->get($NewUser)->apply_model(
\User_Adapter::getInstance($model, $app), array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(array('manage')))
);
$nbCreation++;

2
lib/Alchemy/Phrasea/Controller/Api/V1.php
View File

@@ -180,7 +180,7 @@ class V1 implements ControllerProviderInterface
*/
$mustBeAdmin = function (Request $request) use ($app) {
$user = $app['token']->get_account()->get_user();
if (!$user->ACL()->is_admin()) {
if (!$app['acl']->get($user)->is_admin()) {
throw new \API_V1_exception_unauthorized('You are not authorized');
}
};

16
lib/Alchemy/Phrasea/Controller/Client/Root.php
View File

@@ -138,9 +138,9 @@ class Root implements ControllerProviderInterface
$isImage = true;
}
$canDownload = $app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'candwnldpreview') ||
$app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'candwnldhd') ||
$app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'cancmd');
$canDownload = $app['acl']->get($app['authentication']->getUser())->has_right_on_base($record->get_base_id(), 'candwnldpreview') ||
$app['acl']->get($app['authentication']->getUser())->has_right_on_base($record->get_base_id(), 'candwnldhd') ||
$app['acl']->get($app['authentication']->getUser())->has_right_on_base($record->get_base_id(), 'cancmd');
try {
$previewExists = $record->get_preview()->is_physically_present();
@@ -159,7 +159,7 @@ class Root implements ControllerProviderInterface
'is_image' => $isImage,
'is_document' => $isDocument,
'can_download' => $canDownload,
'can_add_to_basket' => $app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'canputinalbum')
'can_add_to_basket' => $app['acl']->get($app['authentication']->getUser())->has_right_on_base($record->get_base_id(), 'canputinalbum')
);
}
@@ -297,13 +297,13 @@ class Root implements ControllerProviderInterface
{
$allDataboxes = $allCollections = array();
foreach ($app['authentication']->getUser()->ACL()->get_granted_sbas() as $databox) {
foreach ($app['acl']->get($app['authentication']->getUser())->get_granted_sbas() as $databox) {
if (count($app['phraseanet.appbox']->get_databoxes()) > 0) {
$allDataboxes[$databox->get_sbas_id()] = array('databox' => $databox, 'collections' => array());
}
if (count($databox->get_collections()) > 0) {
foreach ($app['authentication']->getUser()->ACL()->get_granted_base(array(), array($databox->get_sbas_id())) as $coll) {
foreach ($app['acl']->get($app['authentication']->getUser())->get_granted_base(array(), array($databox->get_sbas_id())) as $coll) {
$allDataboxes[$databox->get_sbas_id()]['collections'][$coll->get_base_id()] = $coll;
$allCollections[$coll->get_base_id()] = $coll;
}
@@ -447,7 +447,7 @@ class Root implements ControllerProviderInterface
$collections = array_merge($collections, $bases);
}
} else {
$collections = array_keys($app['authentication']->getUser()->ACL()->get_granted_base());
$collections = array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base());
}
$queryParameters["mod"] = $app['authentication']->getUser()->getPrefs('client_view') ?: '3X6';
@@ -477,7 +477,7 @@ class Root implements ControllerProviderInterface
private function getPublicationStartPage(Application $app)
{
return $app['twig']->render('client/home_inter_pub_basket.html.twig', array(
'feeds' => Aggregate::createFromUser($app['EM'], $app['authentication']->getUser()),
'feeds' => Aggregate::createFromUser($app, $app['authentication']->getUser()),
'image_size' => (int) $app['authentication']->getUser()->getPrefs('images_size')
));
}

10
lib/Alchemy/Phrasea/Controller/Datafiles.php
View File

@@ -64,12 +64,12 @@ class Datafiles extends AbstractDelivery
throw new NotFoundHttpException;
}
if (!$app['authentication']->getUser()->ACL()->has_access_to_subdef($record, $subdef)) {
if (!$app['acl']->get($app['authentication']->getUser())->has_access_to_subdef($record, $subdef)) {
throw new AccessDeniedHttpException(sprintf('User has not access to subdef %s', $subdef));
}
$stamp = false;
$watermark = !$app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'nowatermark');
$watermark = !$app['acl']->get($app['authentication']->getUser())->has_right_on_base($record->get_base_id(), 'nowatermark');
if ($watermark && !$all_access) {
$subdef_class = $databox
@@ -77,9 +77,9 @@ class Datafiles extends AbstractDelivery
->get_subdef($record->get_type(), $subdef)
->get_class();
if ($subdef_class == \databox_subdef::CLASS_PREVIEW && $app['authentication']->getUser()->ACL()->has_preview_grant($record)) {
if ($subdef_class == \databox_subdef::CLASS_PREVIEW && $app['acl']->get($app['authentication']->getUser())->has_preview_grant($record)) {
$watermark = false;
} elseif ($subdef_class == \databox_subdef::CLASS_DOCUMENT && $app['authentication']->getUser()->ACL()->has_hd_grant($record)) {
} elseif ($subdef_class == \databox_subdef::CLASS_DOCUMENT && $app['acl']->get($app['authentication']->getUser())->has_hd_grant($record)) {
$watermark = false;
}
}
@@ -88,7 +88,7 @@ class Datafiles extends AbstractDelivery
$repository = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\BasketElement');
/* @var $repository Alchemy\Phrasea\Model\Repositories\BasketElementRepository */
/* @var $repository BasketElementRepository */
$ValidationByRecord = $repository->findReceivedValidationElementsByRecord($record, $app['authentication']->getUser());
$ReceptionByRecord = $repository->findReceivedElementsByRecord($record, $app['authentication']->getUser());

2
lib/Alchemy/Phrasea/Controller/Permalink.php
View File

@@ -72,7 +72,7 @@ class Permalink extends AbstractDelivery
if ($app['authentication']->isAuthenticated()) {
$user = \User_Adapter::getInstance($app['authentication']->getUser()->get_id(), $app);
$watermark = !$user->ACL()->has_right_on_base($record->get_base_id(), 'nowatermark');
$watermark = !$app['acl']->get($user)->has_right_on_base($record->get_base_id(), 'nowatermark');
if ($watermark) {

4
lib/Alchemy/Phrasea/Controller/Prod/Edit.php
View File

@@ -120,7 +120,7 @@ class Edit implements ControllerProviderInterface
/**
* generate javascript status
*/
if ($app['authentication']->getUser()->ACL()->has_right('changestatus')) {
if ($app['acl']->get($app['authentication']->getUser())->has_right('changestatus')) {
$dbstatus = \databox_status::getDisplayStatus($app);
if (isset($dbstatus[$databox->get_sbas_id()])) {
foreach ($dbstatus[$databox->get_sbas_id()] as $n => $statbit) {
@@ -156,7 +156,7 @@ class Edit implements ControllerProviderInterface
);
$elements[$indice]['statbits'] = array();
if ($app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'chgstatus')) {
if ($app['acl']->get($app['authentication']->getUser())->has_right_on_base($record->get_base_id(), 'chgstatus')) {
foreach ($status as $n => $s) {
$tmp_val = substr(strrev($record->get_status()), $n, 1);
$elements[$indice]['statbits'][$n]['value'] = ($tmp_val == '1') ? '1' : '0';

12
lib/Alchemy/Phrasea/Controller/Prod/Feed.php
View File

@@ -41,7 +41,9 @@ class Feed implements ControllerProviderInterface
});
$controllers->post('/requestavailable/', function (Application $app, Request $request) {
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['authentication']->getUser());
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser(
$app['acl']->get($app['authentication']->getUser())
);
$publishing = RecordsRequest::fromRequest($app, $request, true, array(), array('bas_chupub'));
return $app['twig']->render('prod/actions/publish/publish.html.twig', array('publishing' => $publishing, 'feeds' => $feeds));
@@ -106,7 +108,7 @@ class Feed implements ControllerProviderInterface
throw new AccessDeniedHttpException();
}
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['authentication']->getUser());
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['acl']->get($app['authentication']->getUser()));
$datas = $app['twig']->render('prod/actions/publish/publish_edit.html.twig', array('entry' => $entry, 'feeds' => $feeds));
@@ -208,7 +210,7 @@ class Feed implements ControllerProviderInterface
$page = (int) $request->query->get('page');
$page = $page > 0 ? $page : 1;
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['authentication']->getUser());
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['acl']->get($app['authentication']->getUser()));
$datas = $app['twig']->render('prod/feeds/feeds.html.twig', array(
'feeds' => $feeds,
@@ -227,7 +229,7 @@ class Feed implements ControllerProviderInterface
if (!$feed->isAccessible($app['authentication']->getUser(), $app)) {
$app->abort(404, 'Feed not found');
}
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['authentication']->getUser());
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['acl']->get($app['authentication']->getUser()));
$datas = $app['twig']->render('prod/feeds/feeds.html.twig', array('feed' => $feed, 'feeds' => $feeds, 'page' => $page));
@@ -239,7 +241,7 @@ class Feed implements ControllerProviderInterface
$controllers->get('/subscribe/aggregated/', function (Application $app, Request $request) {
$renew = ($request->query->get('renew') === 'true');
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['authentication']->getUser());
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['acl']->get($app['authentication']->getUser()));
$link = $app['feed.aggregate-link-generator']->generate(new Aggregate($app['EM'], $feeds),
$app['authentication']->getUser(),

2
lib/Alchemy/Phrasea/Controller/Prod/Lazaret.php
View File

@@ -87,7 +87,7 @@ class Lazaret implements ControllerProviderInterface
*/
public function listElement(Application $app, Request $request)
{
$baseIds = array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('canaddrecord')));
$baseIds = array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(array('canaddrecord')));
$lazaretFiles = null;

6
lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php
View File

@@ -52,7 +52,7 @@ class MoveCollection implements ControllerProviderInterface
return $databox->get_sbas_id();
}, $records->databoxes());
$collections = $app['authentication']->getUser()->ACL()
$collections = $app['acl']->get($app['authentication']->getUser())
->get_granted_base(array('canaddrecord'), $sbas_ids);
$parameters = array(
@@ -80,7 +80,7 @@ class MoveCollection implements ControllerProviderInterface
return $app->json($datas);
}
if (!$app['authentication']->getUser()->ACL()->has_right_on_base($request->request->get('base_id'), 'canaddrecord')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_base($request->request->get('base_id'), 'canaddrecord')) {
$datas['message'] = sprintf(_("You do not have the permission to move records to %s"), \phrasea::bas_labels($move->getBaseIdDestination(), $app));
return $app->json($datas);
@@ -99,7 +99,7 @@ class MoveCollection implements ControllerProviderInterface
if ($request->request->get("chg_coll_son") == "1") {
foreach ($record->get_children() as $child) {
if ($app['authentication']->getUser()->ACL()->has_right_on_base($child->get_base_id(), 'candeleterecord')) {
if ($app['acl']->get($app['authentication']->getUser())->has_right_on_base($child->get_base_id(), 'candeleterecord')) {
$child->move_to_collection($collection, $app['phraseanet.appbox']);
}
}

4
lib/Alchemy/Phrasea/Controller/Prod/Order.php
View File

@@ -195,7 +195,7 @@ class Order implements ControllerProviderInterface
$perPage = (int) $request->query->get('per-page', 10);
$sort = $request->query->get('sort');
$baseIds = array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('order_master')));
$baseIds = array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(array('order_master')));
$ordersList = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Order')->listOrders($baseIds, $offsetStart, $perPage, $sort);
$total = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Order')->countTotalOrders($baseIds);
@@ -278,7 +278,7 @@ class Order implements ControllerProviderInterface
$basket->addElement($basketElement);
$n++;
$dest_user->ACL()->grant_hd_on($record, $app['authentication']->getUser(), 'order');
$app['acl']->get($dest_user)->grant_hd_on($record, $app['authentication']->getUser(), 'order');
}
}

16
lib/Alchemy/Phrasea/Controller/Prod/Push.php
View File

@@ -204,13 +204,13 @@ class Push implements ControllerProviderInterface
$Basket->addElement($BasketElement);
if ($receiver['HD']) {
$user_receiver->ACL()->grant_hd_on(
$app['acl']->get($user_receiver)->grant_hd_on(
$BasketElement->getRecord($app)
, $app['authentication']->getUser()
, \ACL::GRANT_ACTION_PUSH
);
} else {
$user_receiver->ACL()->grant_preview_on(
$app['acl']->get($user_receiver)->grant_preview_on(
$BasketElement->getRecord($app)
, $app['authentication']->getUser()
, \ACL::GRANT_ACTION_PUSH
@@ -392,13 +392,13 @@ class Push implements ControllerProviderInterface
$BasketElement->addValidationData($ValidationData);
if ($participant['HD']) {
$participant_user->ACL()->grant_hd_on(
$app['acl']->get($participant_user)->grant_hd_on(
$BasketElement->getRecord($app)
, $app['authentication']->getUser()
, \ACL::GRANT_ACTION_VALIDATE
);
} else {
$participant_user->ACL()->grant_preview_on(
$app['acl']->get($participant_user)->grant_preview_on(
$BasketElement->getRecord($app)
, $app['authentication']->getUser()
, \ACL::GRANT_ACTION_VALIDATE
@@ -478,7 +478,7 @@ class Push implements ControllerProviderInterface
$query = new \User_Query($app);
$query->on_bases_where_i_am($app['authentication']->getUser()->ACL(), array('canpush'));
$query->on_bases_where_i_am($app['acl']->get($app['authentication']->getUser()), array('canpush'));
$query->in(array($usr_id));
@@ -515,7 +515,7 @@ class Push implements ControllerProviderInterface
$result = array('success' => false, 'message' => '', 'user' => null);
try {
if (!$app['authentication']->getUser()->ACL()->has_right('manageusers'))
if (!$app['acl']->get($app['authentication']->getUser())->has_right('manageusers'))
throw new ControllerException(_('You are not allowed to add users'));
if (!$request->request->get('firstname'))
@@ -587,7 +587,7 @@ class Push implements ControllerProviderInterface
$query = new \User_Query($app);
$query->on_bases_where_i_am($app['authentication']->getUser()->ACL(), array('canpush'));
$query->on_bases_where_i_am($app['acl']->get($app['authentication']->getUser()), array('canpush'));
$query->like(\User_Query::LIKE_FIRSTNAME, $request->query->get('query'))
->like(\User_Query::LIKE_LASTNAME, $request->query->get('query'))
@@ -627,7 +627,7 @@ class Push implements ControllerProviderInterface
$query = new \User_Query($app);
$query->on_bases_where_i_am($app['authentication']->getUser()->ACL(), array('canpush'));
$query->on_bases_where_i_am($app['acl']->get($app['authentication']->getUser()), array('canpush'));
if ($request->get('query')) {
$query->like($request->get('like_field'), $request->get('query'))

4
lib/Alchemy/Phrasea/Controller/Prod/Root.php
View File

@@ -74,8 +74,8 @@ class Root implements ControllerProviderInterface
$cssfile = '000000';
}
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['authentication']->getUser());
$aggregate = Aggregate::createFromUser($app['EM'], $app['authentication']->getUser());
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['acl']->get($app['authentication']->getUser()));
$aggregate = Aggregate::createFromUser($app, $app['authentication']->getUser());
$thjslist = "";

2
lib/Alchemy/Phrasea/Controller/Prod/Share.php
View File

@@ -53,7 +53,7 @@ class Share implements ControllerProviderInterface
{
$record = new \record_adapter($app, \phrasea::sbasFromBas($app, $base_id), $record_id);
if (!$app['authentication']->getUser()->ACL()->has_access_to_subdef($record, 'preview')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_access_to_subdef($record, 'preview')) {
$app->abort(403);
}

8
lib/Alchemy/Phrasea/Controller/Prod/Story.php
View File

@@ -45,7 +45,7 @@ class Story implements ControllerProviderInterface
/* @var $request \Symfony\Component\HttpFoundation\Request */
$collection = \collection::get_from_base_id($app, $request->request->get('base_id'));
if (!$app['authentication']->getUser()->ACL()->has_right_on_base($collection->get_base_id(), 'canaddrecord')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_base($collection->get_base_id(), 'canaddrecord')) {
throw new AccessDeniedHttpException('You can not create a story on this collection');
}
@@ -123,7 +123,7 @@ class Story implements ControllerProviderInterface
$controllers->post('/{sbas_id}/{record_id}/addElements/', function (Application $app, Request $request, $sbas_id, $record_id) {
$Story = new \record_adapter($app, $sbas_id, $record_id);
if (!$app['authentication']->getUser()->ACL()->has_right_on_base($Story->get_base_id(), 'canmodifrecord'))
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_base($Story->get_base_id(), 'canmodifrecord'))
throw new AccessDeniedHttpException('You can not add document to this Story');
$n = 0;
@@ -156,7 +156,7 @@ class Story implements ControllerProviderInterface
$record = new \record_adapter($app, $child_sbas_id, $child_record_id);
if (!$app['authentication']->getUser()->ACL()->has_right_on_base($Story->get_base_id(), 'canmodifrecord'))
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_base($Story->get_base_id(), 'canmodifrecord'))
throw new AccessDeniedHttpException('You can not add document to this Story');
$Story->removeChild($record);
@@ -209,7 +209,7 @@ class Story implements ControllerProviderInterface
throw new \Exception('This is not a story');
}
if (!$app['authentication']->getUser()->ACL()->has_right_on_base($story->get_base_id(), 'canmodifrecord')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_base($story->get_base_id(), 'canmodifrecord')) {
throw new ControllerException(_('You can not edit this story'));
}

6
lib/Alchemy/Phrasea/Controller/Prod/TOU.php
View File

@@ -57,10 +57,10 @@ class TOU implements ControllerProviderInterface
try {
$databox = $app['phraseanet.appbox']->get_databox((int) $sbas_id);
$app['authentication']->getUser()->ACL()->revoke_access_from_bases(
array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array(), array($databox->get_sbas_id())))
$app['acl']->get($app['authentication']->getUser())->revoke_access_from_bases(
array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(array(), array($databox->get_sbas_id())))
);
$app['authentication']->getUser()->ACL()->revoke_unused_sbas_rights();
$app['acl']->get($app['authentication']->getUser())->revoke_unused_sbas_rights();
$app['authentication']->closeAccount();

13
lib/Alchemy/Phrasea/Controller/Prod/Upload.php
View File

@@ -78,7 +78,7 @@ class Upload implements ControllerProviderInterface
return $app['twig']->render(
'prod/upload/upload-flash.html.twig', array(
'sessionId' => session_id(),
'collections' => $this->getGrantedCollections($app['authentication']->getUser()),
'collections' => $this->getGrantedCollections($app['acl']->get($app['authentication']->getUser())),
'maxFileSize' => $maxFileSize,
'maxFileSizeReadable' => \p4string::format_octets($maxFileSize)
));
@@ -98,7 +98,7 @@ class Upload implements ControllerProviderInterface
return $app['twig']->render(
'prod/upload/upload.html.twig', array(
'collections' => $this->getGrantedCollections($app['authentication']->getUser()),
'collections' => $this->getGrantedCollections($app['acl']->get($app['authentication']->getUser())),
'maxFileSize' => $maxFileSize,
'maxFileSizeReadable' => \p4string::format_octets($maxFileSize)
));
@@ -144,7 +144,7 @@ class Upload implements ControllerProviderInterface
throw new BadRequestHttpException('Missing base_id parameter');
}
if (!$app['authentication']->getUser()->ACL()->has_right_on_base($base_id, 'canaddrecord')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_base($base_id, 'canaddrecord')) {
throw new AccessDeniedHttpException('User is not allowed to add record on this collection');
}
@@ -269,14 +269,15 @@ class Upload implements ControllerProviderInterface
/**
* Get current user's granted collections where he can upload
*
* @param \User_Adapter $user
* @param \ACL $acl The user's ACL.
*
* @return array
*/
private function getGrantedCollections(\User_Adapter $user)
private function getGrantedCollections(\ACL $acl)
{
$collections = array();
foreach ($user->ACL()->get_granted_base(array('canaddrecord')) as $collection) {
foreach ($acl->get_granted_base(array('canaddrecord')) as $collection) {
$databox = $collection->get_databox();
if ( ! isset($collections[$databox->get_sbas_id()])) {

2
lib/Alchemy/Phrasea/Controller/Prod/WorkZone.php
View File

@@ -142,7 +142,7 @@ class WorkZone implements ControllerProviderInterface
throw new \Exception('You can only attach stories');
}
if (!$app['authentication']->getUser()->ACL()->has_access_to_base($Story->get_base_id())) {
if (!$app['acl']->get($app['authentication']->getUser())->has_access_to_base($Story->get_base_id())) {
throw new AccessDeniedHttpException('You do not have access to this Story');
}

6
lib/Alchemy/Phrasea/Controller/RecordsRequest.php
View File

@@ -244,20 +244,20 @@ class RecordsRequest extends ArrayCollection
foreach ($elements as $id => $record) {
if (!$app['authentication']->getUser()->ACL()->has_access_to_record($record)) {
if (!$app['acl']->get($app['authentication']->getUser())->has_access_to_record($record)) {
$to_remove[] = $id;
continue;
}
foreach ($rightsColl as $right) {
if (!$app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), $right)) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_base($record->get_base_id(), $right)) {
$to_remove[] = $id;
continue;
}
}
foreach ($rightsDatabox as $right) {
if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($record->get_sbas_id(), $right)) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_sbas($record->get_sbas_id(), $right)) {
$to_remove[] = $id;
continue;
}

18
lib/Alchemy/Phrasea/Controller/Root/Login.php
View File

@@ -378,15 +378,15 @@ class Login implements ControllerProviderInterface
foreach (array_keys($inscOK) as $base_id) {
$base_ids[] = $base_id;
}
$user->ACL()->apply_model($template_user, $base_ids);
$app['acl']->get($user)->apply_model($template_user, $base_ids);
}
$autoReg = $user->ACL()->get_granted_base();
$autoReg = $app['acl']->get($user)->get_granted_base();
$appbox_register = new \appbox_register($app['phraseanet.appbox']);
foreach ($inscOK as $base_id => $autorisation) {
if (false === $autorisation || $user->ACL()->has_access_to_base($base_id)) {
if (false === $autorisation || $app['acl']->get($user)->has_access_to_base($base_id)) {
continue;
}
@@ -561,7 +561,7 @@ class Login implements ControllerProviderInterface
$app['tokens']->removeToken($code);
if (count($user->ACL()->get_granted_base()) > 0) {
if (count($app['acl']->get($user)->get_granted_base()) > 0) {
$mail = MailSuccessEmailConfirmationRegistered::create($app, $receiver);
$app['notification.deliverer']->deliver($mail);
@@ -791,11 +791,11 @@ class Login implements ControllerProviderInterface
$inviteUsrid = \User_Adapter::get_usr_id_from_login($app, 'invite');
$invite_user = \User_Adapter::getInstance($inviteUsrid, $app);
$usr_base_ids = array_keys($user->ACL()->get_granted_base());
$user->ACL()->revoke_access_from_bases($usr_base_ids);
$usr_base_ids = array_keys($app['acl']->get($user)->get_granted_base());
$app['acl']->get($user)->revoke_access_from_bases($usr_base_ids);
$invite_base_ids = array_keys($invite_user->ACL()->get_granted_base());
$user->ACL()->apply_model($invite_user, $invite_base_ids);
$invite_base_ids = array_keys($app['acl']->get($invite_user)->get_granted_base());
$app['acl']->get($user)->apply_model($invite_user, $invite_base_ids);
$this->postAuthProcess($app, $user);
@@ -1032,7 +1032,7 @@ class Login implements ControllerProviderInterface
$response = $this->generateAuthResponse($app, $app['browser'], $request->request->get('redirect'));
$response->headers->clearCookie('invite-usr-id');
$user->ACL()->inject_rights();
$app['acl']->get($user)->inject_rights();
if ($request->cookies->has('postlog') && $request->cookies->get('postlog') == '1') {
if (!$user->is_guest() && $request->cookies->has('invite-usr_id')) {

2
lib/Alchemy/Phrasea/Controller/Root/RSSFeeds.php
View File

@@ -71,7 +71,7 @@ class RSSFeeds implements ControllerProviderInterface
$user = \User_Adapter::getInstance($token->getUsrId(), $app);
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($user);
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['acl']->get($user));
$aggregate = new Aggregate($app['EM'], $feeds, $token);

5
lib/Alchemy/Phrasea/Core/Provider/PhraseanetServiceProvider.php
View File

@@ -11,6 +11,7 @@
namespace Alchemy\Phrasea\Core\Provider;
use Alchemy\Phrasea\Authentication\ACLProvider;
use Alchemy\Phrasea\Security\Firewall;
use Silex\Application as SilexApplication;
use Silex\ServiceProviderInterface;
@@ -37,6 +38,10 @@ class PhraseanetServiceProvider implements ServiceProviderInterface
return $events;
});
$app['acl'] = $app->share(function(SilexApplication $app) {
return new ACLProvider($app);
});
}
public function boot(SilexApplication $app)

11
lib/Alchemy/Phrasea/Feed/Aggregate.php
View File

@@ -12,6 +12,7 @@
namespace Alchemy\Phrasea\Feed;
use Alchemy\Phrasea\Application;
use Alchemy\Phrasea\Authentication\ACLProvider;
use Alchemy\Phrasea\Exception\LogicException;
use Doctrine\ORM\EntityManager;
use Alchemy\Phrasea\Model\Entities\AggregateToken;
@@ -74,12 +75,12 @@ class Aggregate implements FeedInterface
*
* @return Aggregate
*/
public static function createFromUser(EntityManager $em, \User_Adapter $user)
public static function createFromUser(Application $app, \User_Adapter $user)
{
$feeds = $em->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($user);
$token = $em->getRepository('Alchemy\Phrasea\Model\Entities\AggregateToken')->findOneBy(array('usrId' => $user->get_id()));
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($app['acl']->get($user));
$token = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\AggregateToken')->findOneBy(array('usrId' => $user->get_id()));
return new static($em, $feeds, $token);
return new static($app['EM'], $feeds, $token);
}
/**
@@ -92,7 +93,7 @@ class Aggregate implements FeedInterface
*/
public static function create(Application $app, array $feed_ids)
{
$feeds = $this->em->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->findByIds($feed_ids);
$feeds = $app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->findByIds($feed_ids);
return new static($app, $feeds);
}

6
lib/Alchemy/Phrasea/Helper/Prod.php
View File

@@ -35,7 +35,7 @@ class Prod extends Helper
$searchSet = json_decode($this->app['authentication']->getUser()->getPrefs('search'), true);
foreach ($this->app['authentication']->getUser()->ACL()->get_granted_sbas() as $databox) {
foreach ($this->app['acl']->get($this->app['authentication']->getUser())->get_granted_sbas() as $databox) {
$sbas_id = $databox->get_sbas_id();
$bases[$sbas_id] = array(
@@ -45,7 +45,7 @@ class Prod extends Helper
'sbas_id' => $sbas_id
);
foreach ($this->app['authentication']->getUser()->ACL()->get_granted_base(array(), array($databox->get_sbas_id())) as $coll) {
foreach ($this->app['acl']->get($this->app['authentication']->getUser())->get_granted_base(array(), array($databox->get_sbas_id())) as $coll) {
$selected = (isset($searchSet['bases']) &&
isset($searchSet['bases'][$sbas_id])) ? (in_array($coll->get_base_id(), $searchSet['bases'][$sbas_id])) : true;
$bases[$sbas_id]['collections'][] =
@@ -83,7 +83,7 @@ class Prod extends Helper
if (! $bases[$sbas_id]['thesaurus']) {
continue;
}
if ( ! $this->app['authentication']->getUser()->ACL()->has_right_on_sbas($sbas_id, 'bas_modif_th')) {
if ( ! $this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_sbas($sbas_id, 'bas_modif_th')) {
continue;
}

38
lib/Alchemy/Phrasea/Helper/User/Edit.php
View File

@@ -74,11 +74,11 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
protected function delete_user(\User_Adapter $user)
{
$list = array_keys($this->app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin')));
$list = array_keys($this->app['acl']->get($this->app['authentication']->getUser())->get_granted_base(array('canadmin')));
$user->ACL()->revoke_access_from_bases($list);
$this->app['acl']->get($user)->revoke_access_from_bases($list);
if ($user->ACL()->is_phantom()) {
if ($this->app['acl']->get($user)->is_phantom()) {
$user->delete();
}
@@ -87,7 +87,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
public function get_users_rights()
{
$list = array_keys($this->app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin')));
$list = array_keys($this->app['acl']->get($this->app['authentication']->getUser())->get_granted_base(array('canadmin')));
$sql = "SELECT
b.sbas_id,
@@ -441,7 +441,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
public function apply_rights()
{
$request = \http_request::getInstance();
$ACL = $this->app['authentication']->getUser()->ACL();
$ACL = $this->app['acl']->get($this->app['authentication']->getUser());
$base_ids = array_keys($ACL->get_granted_base(array('canadmin')));
$update = $create = $delete = $create_sbas = $update_sbas = array();
@@ -535,21 +535,21 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
$this->app['phraseanet.appbox']->get_connection()->beginTransaction();
$user = \User_Adapter::getInstance($usr_id, $this->app);
$user->ACL()->revoke_access_from_bases($delete)
$this->app['acl']->get($user)->revoke_access_from_bases($delete)
->give_access_to_base($create)
->give_access_to_sbas($create_sbas);
foreach ($update as $base_id => $rights) {
$user->ACL()->update_rights_to_base($base_id, $rights);
$this->app['acl']->get($user)->update_rights_to_base($base_id, $rights);
}
foreach ($update_sbas as $sbas_id => $rights) {
$user->ACL()->update_rights_to_sbas($sbas_id, $rights);
$this->app['acl']->get($user)->update_rights_to_sbas($sbas_id, $rights);
}
$this->app['phraseanet.appbox']->get_connection()->commit();
$user->ACL()->revoke_unused_sbas_rights();
$this->app['acl']->get($user)->revoke_unused_sbas_rights();
unset($user);
} catch (\Exception $e) {
@@ -649,7 +649,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
throw new AccessDeniedHttpException('You are not the owner of the template');
}
$base_ids = array_keys($this->app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin')));
$base_ids = array_keys($this->app['acl']->get($this->app['authentication']->getUser())->get_granted_base(array('canadmin')));
foreach ($this->users as $usr_id) {
$user = \User_adapter::getInstance($usr_id, $this->app);
@@ -658,7 +658,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
continue;
}
$user->ACL()->apply_model($template, $base_ids);
$this->app['acl']->get($user)->apply_model($template, $base_ids);
}
return $this;
@@ -671,9 +671,9 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
foreach ($this->users as $usr_id) {
$user = \User_Adapter::getInstance($usr_id, $this->app);
if ($this->request->get('quota'))
$user->ACL()->set_quotas_on_base($this->base_id, $this->request->get('droits'), $this->request->get('restes'));
$this->app['acl']->get($user)->set_quotas_on_base($this->base_id, $this->request->get('droits'), $this->request->get('restes'));
else
$user->ACL()->remove_quotas_on_base($this->base_id);
$this->app['acl']->get($user)->remove_quotas_on_base($this->base_id);
}
return $this;
@@ -692,7 +692,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
foreach ($this->users as $usr_id) {
$user = \User_Adapter::getInstance($usr_id, $this->app);
$user->ACL()->set_masks_on_base($this->base_id, $vand_and, $vand_or, $vxor_and, $vxor_or);
$this->app['acl']->get($user)->set_masks_on_base($this->base_id, $vand_and, $vand_or, $vxor_and, $vxor_or);
}
}
@@ -709,16 +709,16 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
$activate = !!$this->request->get('limit');
$base_ids = array_keys($this->app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin')));
$base_ids = array_keys($this->app['acl']->get($this->app['authentication']->getUser())->get_granted_base(array('canadmin')));
foreach ($this->users as $usr_id) {
$user = \User_Adapter::getInstance($usr_id, $this->app);
if ($this->base_id > 0) {
$user->ACL()->set_limits($this->base_id, $activate, $dmin, $dmax);
$this->app['acl']->get($user)->set_limits($this->base_id, $activate, $dmin, $dmax);
} elseif ($sbas_id > 0) {
foreach ($base_ids as $base_id) {
$user->ACL()->set_limits($base_id, $activate, $dmin, $dmax);
$this->app['acl']->get($user)->set_limits($base_id, $activate, $dmin, $dmax);
}
} else {
$this->app->abort(400, 'No collection or databox id available');
@@ -728,11 +728,11 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
public function resetRights()
{
$base_ids = array_keys($this->app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin')));
$base_ids = array_keys($this->app['acl']->get($this->app['authentication']->getUser())->get_granted_base(array('canadmin')));
foreach ($this->users as $usr_id) {
$user = \User_Adapter::getInstance($usr_id, $this->app);
$ACL = $user->ACL();
$ACL = $this->app['acl']->get($user);
if ($user->is_template()) {
$template = $user;

4
lib/Alchemy/Phrasea/Helper/User/Manage.php
View File

@@ -73,7 +73,7 @@ class Manage extends Helper
->last_model_is($this->query_parms['last_model'])
->get_inactives($this->query_parms['inactives'])
->include_templates(false)
->on_bases_where_i_am($this->app['authentication']->getUser()->ACL(), array('canadmin'))
->on_bases_where_i_am($this->app['acl']->get($this->app['authentication']->getUser()), array('canadmin'))
->execute();
return $this->results->get_results();
@@ -111,7 +111,7 @@ class Manage extends Helper
->last_model_is($this->query_parms['last_model'])
->get_inactives($this->query_parms['inactives'])
->include_templates(true)
->on_bases_where_i_am($this->app['authentication']->getUser()->ACL(), array('canadmin'))
->on_bases_where_i_am($this->app['acl']->get($this->app['authentication']->getUser()), array('canadmin'))
->limit($offset_start, $results_quantity)
->execute();

4
lib/Alchemy/Phrasea/Model/Entities/Feed.php
View File

@@ -461,7 +461,7 @@ class Feed implements FeedInterface
public function hasAccess(\User_Adapter $user, Application $app)
{
if ($this->getCollection($app) instanceof collection) {
return $user->ACL()->has_access_to_base($this->collection->get_base_id());
return $app['acl']->get($user)->has_access_to_base($this->collection->get_base_id());
}
return true;
@@ -558,7 +558,7 @@ class Feed implements FeedInterface
$coll = $this->getCollection($app);
if ($this->isPublic()
|| $coll === null
|| in_array($coll->get_base_id(), array_keys($user->ACL()->get_granted_base()))) {
|| in_array($coll->get_base_id(), array_keys($app['acl']->get($user)->get_granted_base()))) {
return true;
}

19
lib/Alchemy/Phrasea/Model/Entities/User.php
View File

@@ -287,11 +287,6 @@ class User
**/
private $notificationSettings;
/**
* @var \ACL
*/
private $acl;
/**
* @var ArrayCollection
*/
@@ -1010,20 +1005,6 @@ class User
return $this;
}
/**
* @param Application $app
*
* @return \ACL
*/
public function ACL(Application $app)
{
if (!$this->acl instanceof \ACL) {
$this->acl = new \ACL($this, $app);
}
return $this->acl;
}
/**
* @return boolean
*/

4
lib/Alchemy/Phrasea/Model/Repositories/FeedRepository.php
View File

@@ -18,9 +18,9 @@ class FeedRepository extends EntityRepository
* @param User_Adapter $user
* @return \Doctrine\Common\Collections\Collection
*/
public function getAllForUser(\User_Adapter $user)
public function getAllForUser(\ACL $userACL)
{
$base_ids = array_keys($user->ACL()->get_granted_base());
$base_ids = array_keys($userACL->get_granted_base());
$qb = $this
->createQueryBuilder('f');

4
lib/Alchemy/Phrasea/Out/Module/PDF.php
View File

@@ -166,7 +166,7 @@ class PDF
$fimg = $subdef->get_pathfile();
if (!$this->app['authentication']->getUser()->ACL()->has_right_on_base($rec->get_base_id(), "nowatermark")
if (!$this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($rec->get_base_id(), "nowatermark")
&& $subdef->get_type() == \media_subdef::TYPE_IMAGE) {
$fimg = \recordutils_image::watermark($this->app, $subdef);
}
@@ -425,7 +425,7 @@ class PDF
$f = $subdef->get_pathfile();
if (!$this->app['authentication']->getUser()->ACL()->has_right_on_base($rec->get_base_id(), "nowatermark")
if (!$this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($rec->get_base_id(), "nowatermark")
&& $subdef->get_type() == \media_subdef::TYPE_IMAGE)
$f = \recordutils_image::watermark($this->app, $subdef);

8
lib/Alchemy/Phrasea/SearchEngine/SearchEngineOptions.php
View File

@@ -626,12 +626,12 @@ class SearchEngineOptions
} elseif (!$app['authentication']->isAuthenticated()) {
$bas = $app->getOpenCollections();
} else {
$bas = $app['authentication']->getUser()->ACL()->get_granted_base();
$bas = $app['acl']->get($app['authentication']->getUser())->get_granted_base();
}
$bas = array_filter($bas, function ($collection) use ($app) {
if ($app['authentication']->isAuthenticated()) {
return $app['authentication']->getUser()->ACL()->has_access_to_base($collection->get_base_id());
return $app['acl']->get($app['authentication']->getUser())->has_access_to_base($collection->get_base_id());
} else {
return in_array($collection, $app->getOpenCollections());
}
@@ -645,9 +645,9 @@ class SearchEngineOptions
}
}
if ($app['authentication']->isAuthenticated() && $app['authentication']->getUser()->ACL()->has_right('modifyrecord')) {
if ($app['authentication']->isAuthenticated() && $app['acl']->get($app['authentication']->getUser())->has_right('modifyrecord')) {
$BF = array_filter($bas, function( $collection) use ($app) {
return $app['authentication']->getUser()->ACL()->has_right_on_base($collection->get_base_id(), 'canmodifrecord');
return $app['acl']->get($app['authentication']->getUser())->has_right_on_base($collection->get_base_id(), 'canmodifrecord');
});
$options->allowBusinessFieldsOn($BF);

16
lib/Alchemy/Phrasea/Security/Firewall.php
View File

@@ -28,7 +28,7 @@ class Firewall
{
$this->requireNotGuest();
if (!$this->app['authentication']->getUser()->ACL()->is_admin()) {
if (!$this->app['acl']->get($this->app['authentication']->getUser())->is_admin()) {
$this->app->abort(403, 'Admin role is required');
}
@@ -39,7 +39,7 @@ class Firewall
{
$this->requireAuthentication();
if (!$this->app['authentication']->getUser()->ACL()->has_access_to_module($module)) {
if (!$this->app['acl']->get($this->app['authentication']->getUser())->has_access_to_module($module)) {
$this->app->abort(403, 'You do not have required rights');
}
@@ -50,7 +50,7 @@ class Firewall
{
$this->requireAuthentication();
if (!$this->app['authentication']->getUser()->ACL()->has_access_to_sbas($sbas_id)) {
if (!$this->app['acl']->get($this->app['authentication']->getUser())->has_access_to_sbas($sbas_id)) {
$this->app->abort(403, 'You do not have required rights');
}
@@ -61,7 +61,7 @@ class Firewall
{
$this->requireAuthentication();
if (!$this->app['authentication']->getUser()->ACL()->has_access_to_base($base_id)) {
if (!$this->app['acl']->get($this->app['authentication']->getUser())->has_access_to_base($base_id)) {
$this->app->abort(403, 'You do not have required rights');
}
@@ -72,7 +72,7 @@ class Firewall
{
$this->requireAuthentication();
if (!$this->app['authentication']->getUser()->ACL()->has_right($right)) {
if (!$this->app['acl']->get($this->app['authentication']->getUser())->has_right($right)) {
$this->app->abort(403, 'You do not have required rights');
}
@@ -83,7 +83,7 @@ class Firewall
{
$this->requireAuthentication();
if (!$this->app['authentication']->getUser()->ACL()->has_right_on_base($base_id, $right)) {
if (!$this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($base_id, $right)) {
$this->app->abort(403, 'You do not have required rights');
}
@@ -94,7 +94,7 @@ class Firewall
{
$this->requireAuthentication();
if (!$this->app['authentication']->getUser()->ACL()->has_right_on_sbas($sbas_id, $right)) {
if (!$this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_sbas($sbas_id, $right)) {
$this->app->abort(403, 'You do not have required rights');
}
@@ -136,7 +136,7 @@ class Firewall
public function requireOrdersAdmin()
{
if (false === !!count($this->app['authentication']->getUser()->ACL()->get_granted_base(array('order_master')))) {
if (false === !!count($this->app['acl']->get($this->app['authentication']->getUser())->get_granted_base(array('order_master')))) {
$this->app->abort(403, 'You are not an order admin');
}

6
lib/Alchemy/Phrasea/Setup/Installer.php
View File

@@ -78,7 +78,7 @@ class Installer
{
$template = new \SplFileInfo(__DIR__ . '/../../../conf.d/data_templates/' . $template . '-simple.xml');
$databox = \databox::create($this->app, $dbConn, $template, $this->app['phraseanet.registry']);
$this->app['authentication']->getUser()->ACL()
$this->app['acl']->get($this->app['authentication']->getUser())
->give_access_to_sbas(array($databox->get_sbas_id()))
->update_rights_to_sbas(
$databox->get_sbas_id(), array(
@@ -89,8 +89,8 @@ class Installer
$collection = \collection::create($this->app, $databox, $this->app['phraseanet.appbox'], 'test', $this->app['authentication']->getUser());
$this->app['authentication']->getUser()->ACL()->give_access_to_base(array($collection->get_base_id()));
$this->app['authentication']->getUser()->ACL()->update_rights_to_base($collection->get_base_id(), array(
$this->app['acl']->get($this->app['authentication']->getUser())->give_access_to_base(array($collection->get_base_id()));
$this->app['acl']->get($this->app['authentication']->getUser())->update_rights_to_base($collection->get_base_id(), array(
'canpush' => 1, 'cancmd' => 1
, 'canputinalbum' => 1, 'candwnldhd' => 1, 'candwnldpreview' => 1, 'canadmin' => 1
, 'actif' => 1, 'canreport' => 1, 'canaddrecord' => 1, 'canmodifrecord' => 1

2
lib/Alchemy/Phrasea/Vocabulary/ControlProvider/UserProvider.php
View File

@@ -65,7 +65,7 @@ class UserProvider implements ControlProviderInterface
->like(\User_Query::LIKE_LOGIN, $query)
->like_match(\User_Query::LIKE_MATCH_OR)
->include_phantoms(true)
->on_bases_where_i_am($for_user->ACL(), array('canadmin'))
->on_bases_where_i_am($this->app['acl']->get($for_user), array('canadmin'))
->limit(0, 50)
->execute()->get_results();

14
lib/classes/ACL.php
View File

@@ -291,7 +291,7 @@ class ACL implements cache_cacheableInterface
$sbas_to_acces = array();
$rights_to_give = array();
foreach ($template_user->ACL()->get_granted_sbas() as $databox) {
foreach ($this->app['acl']->get($template_user)->get_granted_sbas() as $databox) {
$sbas_id = $databox->get_sbas_id();
if (!in_array($sbas_id, $sbas_ids))
@@ -302,7 +302,7 @@ class ACL implements cache_cacheableInterface
}
foreach ($sbas_rights as $right) {
if ($template_user->ACL()->has_right_on_sbas($sbas_id, $right)) {
if ($this->app['acl']->get($template_user)->has_right_on_sbas($sbas_id, $right)) {
$rights_to_give[$sbas_id][$right] = '1';
}
}
@@ -336,7 +336,7 @@ class ACL implements cache_cacheableInterface
'11' => array('aa' => '1', 'ao' => '1', 'xa' => '1', 'xo' => '1')
);
foreach ($template_user->ACL()->get_granted_base() as $collection) {
foreach ($this->app['acl']->get($template_user)->get_granted_base() as $collection) {
$base_id = $collection->get_base_id();
if (!in_array($base_id, $base_ids))
@@ -347,13 +347,13 @@ class ACL implements cache_cacheableInterface
}
foreach ($bas_rights as $right) {
if ($template_user->ACL()->has_right_on_base($base_id, $right)) {
if ($this->app['acl']->get($template_user)->has_right_on_base($base_id, $right)) {
$rights_to_give[$base_id][$right] = '1';
}
}
$mask_and = $template_user->ACL()->get_mask_and($base_id);
$mask_xor = $template_user->ACL()->get_mask_xor($base_id);
$mask_and = $this->app['acl']->get($template_user)->get_mask_and($base_id);
$mask_xor = $this->app['acl']->get($template_user)->get_mask_xor($base_id);
$mask_and = ctype_digit($mask_and) ? $mask_and : '0';
$mask_xor = ctype_digit($mask_xor) ? $mask_xor : '0';
@@ -408,7 +408,7 @@ class ACL implements cache_cacheableInterface
private function apply_template_time_limits(User_Interface $template_user, Array $base_ids)
{
foreach ($base_ids as $base_id) {
$limited = $template_user->ACL()->get_limits($base_id);
$limited = $this->app['acl']->get($template_user)->get_limits($base_id);
if (null !== $limited) {
$this->set_limits($base_id, '1', $limited['dmin'], $limited['dmax']);
} else {

1
lib/classes/API/V1/Interface.php
View File

@@ -10,6 +10,7 @@
*/
use Symfony\Component\HttpFoundation\Request;
use Silex\Application;
/**
*

14
lib/classes/API/V1/adapter.php
View File

@@ -13,7 +13,6 @@ use Alchemy\Phrasea\Feed\Aggregate;
use Alchemy\Phrasea\Feed\FeedInterface;
use Alchemy\Phrasea\SearchEngine\SearchEngineOptions;
use Alchemy\Phrasea\SearchEngine\SearchEngineSuggestion;
use Alchemy\Phrasea\Application;
use Alchemy\Phrasea\Border\File;
use Alchemy\Phrasea\Border\Attribute\Status;
use Alchemy\Phrasea\Border\Manager as BorderManager;
@@ -26,6 +25,7 @@ use Alchemy\Phrasea\Model\Entities\LazaretFile;
use Alchemy\Phrasea\Model\Entities\Task;
use Alchemy\Phrasea\Model\Entities\UserQuery;
use Alchemy\Phrasea\Model\Entities\ValidationParticipant;
use Silex\Application;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
@@ -660,7 +660,7 @@ class API_V1_adapter extends API_V1_Abstract
$collection = \collection::get_from_base_id($this->app, $request->get('base_id'));
if (!$app['authentication']->getUser()->ACL()->has_right_on_base($request->get('base_id'), 'canaddrecord')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_base($request->get('base_id'), 'canaddrecord')) {
throw new API_V1_exception_forbidden(sprintf('You do not have access to collection %s', $collection->get_label($this->app['locale.I18n'])));
}
@@ -735,7 +735,7 @@ class API_V1_adapter extends API_V1_Abstract
$offset_start = max($request->get('offset_start', 0), 0);
$per_page = min(max($request->get('per_page', 10), 1), 20);
$baseIds = array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('canaddrecord')));
$baseIds = array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(array('canaddrecord')));
$lazaretFiles = array();
@@ -773,7 +773,7 @@ class API_V1_adapter extends API_V1_Abstract
throw new \API_V1_exception_notfound(sprintf('Lazaret file id %d not found', $lazaret_id));
}
if (!$app['authentication']->getUser()->ACL()->has_right_on_base($lazaretFile->getBaseId(), 'canaddrecord')) {
if (!$app['acl']->get($app['authentication']->getUser())->has_right_on_base($lazaretFile->getBaseId(), 'canaddrecord')) {
throw new \API_V1_exception_forbidden('You do not have access to this quarantine item');
}
@@ -1477,7 +1477,7 @@ class API_V1_adapter extends API_V1_Abstract
{
$result = new API_V1_result($this->app, $request, $this);
$coll = $this->app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($user);
$coll = $this->app['EM']->getRepository('Alchemy\Phrasea\Model\Entities\Feed')->getAllForUser($this->app['acl']->get($user));
$datas = array();
foreach ($coll as $feed) {
@@ -1535,7 +1535,7 @@ class API_V1_adapter extends API_V1_Abstract
{
$result = new API_V1_result($this->app, $request, $this);
$feed = Aggregate::createFromUser($this->app['EM'], $user);
$feed = Aggregate::createFromUser($this->app, $user);
$offset_start = (int) ($request->get('offset_start') ? : 0);
$per_page = (int) ($request->get('per_page') ? : 5);
@@ -1562,7 +1562,7 @@ class API_V1_adapter extends API_V1_Abstract
$collection = $entry->getFeed()->getCollection($this->app);
if (null !== $collection && !$user->ACL()->has_access_to_base($collection->get_base_id())) {
if (null !== $collection && !$this->app['acl']->get($user)->has_access_to_base($collection->get_base_id())) {
throw new \API_V1_exception_forbidden('You have not access to the parent feed');
}

4
lib/classes/Session/Logger.php
View File

@@ -101,7 +101,7 @@ class Session_Logger
$colls = array();
if ($app['authentication']->getUser()) {
$bases = $app['authentication']->getUser()->ACL()->get_granted_base(array(), array($databox->get_sbas_id()));
$bases = $app['acl']->get($app['authentication']->getUser())->get_granted_base(array(), array($databox->get_sbas_id()));
foreach ($bases as $collection) {
$colls[] = $collection->get_coll_id();
}
@@ -224,7 +224,7 @@ class Session_Logger
);
if (isset($appName[$appId])) {
$sbas_ids = array_keys($user->ACL()->get_granted_sbas());
$sbas_ids = array_keys($app['acl']->get($user)->get_granted_sbas());
foreach ($sbas_ids as $sbas_id) {
try {

38
lib/classes/User/Adapter.php
View File

@@ -334,16 +334,6 @@ class User_Adapter implements User_Interface, cache_cacheableInterface
return array_key_exists($id, self::$_instance) ? self::$_instance[$id] : false;
}
/**
* Return Access Control List object for the user
*
* @return ACL
*/
public function ACL()
{
return $this->get_ACL();
}
/**
*
* @param Application $app
@@ -351,8 +341,8 @@ class User_Adapter implements User_Interface, cache_cacheableInterface
protected function set_app(Application $app)
{
$this->app = $app;
if (null !== $this->ACL) {
$this->ACL->set_app($app);
if (null !== $app['acl']->get($this)) {
$app['acl']->get($this)->set_app($app);
}
}
@@ -404,20 +394,6 @@ class User_Adapter implements User_Interface, cache_cacheableInterface
return $this;
}
/**
* Load if needed of the ACL for the current user
*
* @return ACL
*/
protected function get_ACL()
{
if (!$this->ACL instanceof ACL) {
$this->ACL = new ACL($this, $this->app);
}
return $this->ACL;
}
/**
*
* @return string
@@ -1255,7 +1231,7 @@ class User_Adapter implements User_Interface, cache_cacheableInterface
foreach ($app['phraseanet.appbox']->get_databoxes() as $databox) {
foreach (array_keys($users) as $usr_id) {
$user = User_Adapter::getInstance($usr_id, $app);
$user->ACL()->give_access_to_sbas(array($databox->get_sbas_id()));
$app['acl']->get($user)->give_access_to_sbas(array($databox->get_sbas_id()));
$rights = array(
'bas_manage' => '1'
@@ -1264,10 +1240,10 @@ class User_Adapter implements User_Interface, cache_cacheableInterface
, 'bas_chupub' => '1'
);
$user->ACL()->update_rights_to_sbas($databox->get_sbas_id(), $rights);
$app['acl']->get($user)->update_rights_to_sbas($databox->get_sbas_id(), $rights);
foreach ($databox->get_collections() as $collection) {
$user->ACL()->give_access_to_base(array($collection->get_base_id()));
$app['acl']->get($user)->give_access_to_base(array($collection->get_base_id()));
$rights = array(
'canputinalbum' => '1'
@@ -1290,8 +1266,8 @@ class User_Adapter implements User_Interface, cache_cacheableInterface
, 'bas_modify_struct' => '1'
);
$user->ACL()->update_rights_to_base($collection->get_base_id(), $rights);
$user->ACL()->set_limits($collection->get_base_id(), false);
$app['acl']->get($user)->update_rights_to_base($collection->get_base_id(), $rights);
$app['acl']->get($user)->set_limits($collection->get_base_id(), false);
}
}
}

2
lib/classes/User/Interface.php
View File

@@ -24,8 +24,6 @@ interface User_Interface
public function __construct($id, Application $app);
public function ACL();
public function set_password($pasword);
public function set_email($email);

6
lib/classes/collection.php
View File

@@ -525,8 +525,8 @@ class collection implements cache_cacheableInterface
while ($n < $total) {
$results = $query->limit($n, 50)->execute()->get_results();
foreach ($results as $user) {
$user->ACL()->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS);
$user->ACL()->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS);
$app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS);
$app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS);
}
$n+=50;
}
@@ -626,7 +626,7 @@ class collection implements cache_cacheableInterface
"modify_struct" => "1"
);
$user->ACL()->update_rights_to_base($base_id, $rights);
$this->app['acl']->get($user)->update_rights_to_base($base_id, $rights);
return true;
}

12
lib/classes/databox.php
View File

@@ -445,9 +445,9 @@ class databox extends base
while ($n < $total) {
$results = $query->limit($n, 50)->execute()->get_results();
foreach ($results as $user) {
$user->ACL()->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS);
$user->ACL()->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS);
$user->ACL()->delete_injected_rights_sbas($this);
$this->app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_SBAS);
$this->app['acl']->get($user)->delete_data_from_cache(ACL::CACHE_RIGHTS_BAS);
$this->app['acl']->get($user)->delete_injected_rights_sbas($this);
}
$n+=50;
}
@@ -972,7 +972,7 @@ class databox extends base
{
$conn = connection::getPDOConnection($this->app);
$user->ACL()
$this->app['acl']->get($user)
->give_access_to_sbas(array($this->id))
->update_rights_to_sbas(
$this->id, array(
@@ -1006,9 +1006,9 @@ class databox extends base
}
}
$user->ACL()->give_access_to_base($base_ids);
$this->app['acl']->get($user)->give_access_to_base($base_ids);
foreach ($base_ids as $base_id) {
$user->ACL()->update_rights_to_base($base_id, array(
$this->app['acl']->get($user)->update_rights_to_base($base_id, array(
'canpush' => 1, 'cancmd' => 1
, 'canputinalbum' => 1, 'candwnldhd' => 1, 'candwnldpreview' => 1, 'canadmin' => 1
, 'actif' => 1, 'canreport' => 1, 'canaddrecord' => 1, 'canmodifrecord' => 1

2
lib/classes/databox/cgu.php
View File

@@ -64,7 +64,7 @@ class databox_cgu
$userValidation = true;
if (! $home) {
if ( ! $app['authentication']->getUser()->ACL()->has_access_to_sbas($databox->get_sbas_id())) {
if ( ! $app['acl']->get($app['authentication']->getUser())->has_access_to_sbas($databox->get_sbas_id())) {
continue;
}
$userValidation = ($app['authentication']->getUser()->getPrefs('terms_of_use_' . $databox->get_sbas_id()) !== $update && trim($value) !== '');

8
lib/classes/databox/status.php
View File

@@ -136,7 +136,7 @@ class databox_status
return self::$_statuses;
}
$sbas_ids = $app['authentication']->getUser()->ACL()->get_granted_sbas();
$sbas_ids = $app['acl']->get($app['authentication']->getUser())->get_granted_sbas();
$statuses = array();
@@ -157,7 +157,7 @@ class databox_status
{
$statuses = array();
$sbas_ids = $app['authentication']->getUser()->ACL()->get_granted_sbas();
$sbas_ids = $app['acl']->get($app['authentication']->getUser())->get_granted_sbas();
$see_all = array();
@@ -165,7 +165,7 @@ class databox_status
$see_all[$databox->get_sbas_id()] = false;
foreach ($databox->get_collections() as $collection) {
if ($app['authentication']->getUser()->ACL()->has_right_on_base($collection->get_base_id(), 'chgstatus')) {
if ($app['acl']->get($app['authentication']->getUser())->has_right_on_base($collection->get_base_id(), 'chgstatus')) {
$see_all[$databox->get_sbas_id()] = true;
break;
}
@@ -183,7 +183,7 @@ class databox_status
$see_this = isset($see_all[$sbas_id]) ? $see_all[$sbas_id] : false;
if ($app['authentication']->getUser()->ACL()->has_right_on_sbas($sbas_id, 'bas_modify_struct')) {
if ($app['acl']->get($app['authentication']->getUser())->has_right_on_sbas($sbas_id, 'bas_modify_struct')) {
$see_this = true;
}

2
lib/classes/eventsmanager/notify/autoregister.php
View File

@@ -225,7 +225,7 @@ class eventsmanager_notify_autoregister extends eventsmanager_notifyAbstract
return false;
}
if ($this->app['authentication']->getUser()->ACL()->has_right('manageusers') === true) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->has_right('manageusers') === true) {
$bool = true;
}

2
lib/classes/eventsmanager/notify/order.php
View File

@@ -192,7 +192,7 @@ class eventsmanager_notify_order extends eventsmanager_notifyAbstract
return false;
}
if ($this->app['authentication']->getUser()->ACL()->has_right('order_master')) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->has_right('order_master')) {
$bool = true;
}

2
lib/classes/eventsmanager/notify/register.php
View File

@@ -204,7 +204,7 @@ class eventsmanager_notify_register extends eventsmanager_notifyAbstract
return false;
}
if ($this->app['authentication']->getUser()->ACL()->has_right('manageusers')) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->has_right('manageusers')) {
$bool = true;
}

2
lib/classes/eventsmanager/notify/uploadquarantine.php
View File

@@ -188,7 +188,7 @@ class eventsmanager_notify_uploadquarantine extends eventsmanager_notifyAbstract
public function is_available()
{
if (null !== $this->app['authentication']->getUser()) {
return $this->app['authentication']->getUser()->ACL()->has_right('addrecord');
return $this->app['acl']->get($this->app['authentication']->getUser())->has_right('addrecord');
}
return false;

2
lib/classes/eventsmanager/notify/validationdone.php
View File

@@ -189,7 +189,7 @@ class eventsmanager_notify_validationdone extends eventsmanager_notifyAbstract
return false;
}
if ($this->app['authentication']->getUser()->ACL()->has_right('push')) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->has_right('push')) {
$bool = true;
}

2
lib/classes/module/report/dashboard.php
View File

@@ -241,7 +241,7 @@ class module_report_dashboard implements module_report_dashboard_componentInterf
{
$all_coll = array();
$base_ids = $this->usr->ACL()->get_granted_base(array('canreport'));
$base_ids = $this->app['acl']->get($this->usr)->get_granted_base(array('canreport'));
foreach ($base_ids as $base_id => $collection) {
$databox = $collection->get_databox();

2
lib/classes/patch/320f.php
View File

@@ -207,7 +207,7 @@ class patch_320f implements patchInterface
$app['EM']->flush();
} elseif ($pub_restrict == 1) {
$collections = $user->ACL()->get_granted_base();
$collections = $app['acl']->get($user)->get_granted_base();
$collection = array_shift($collections);
if ( ! ($collection instanceof collection)) {
foreach ($appbox->get_databoxes() as $databox) {

2
lib/classes/record/adapter.php
View File

@@ -400,7 +400,7 @@ class record_adapter implements record_Interface, cache_cacheableInterface
if (isset($dstatus[$sbas_id])) {
foreach ($dstatus[$sbas_id] as $n => $statbit) {
if ($statbit['printable'] == '0' &&
!$this->app['authentication']->getUser()->ACL()->has_right_on_base($this->base_id, 'chgstatus')) {
!$this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($this->base_id, 'chgstatus')) {
continue;
}

14
lib/classes/record/exportElement.php
View File

@@ -107,17 +107,17 @@ class record_exportElement extends record_adapter
'thumbnail' => true
);
if ($this->app['authentication']->getUser()->ACL()->has_right_on_base($this->get_base_id(), 'candwnldhd')) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($this->get_base_id(), 'candwnldhd')) {
$go_dl['document'] = true;
}
if ($this->app['authentication']->getUser()->ACL()->has_right_on_base($this->get_base_id(), 'candwnldpreview')) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($this->get_base_id(), 'candwnldpreview')) {
$go_dl['preview'] = true;
}
if ($this->app['authentication']->getUser()->ACL()->has_hd_grant($this)) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->has_hd_grant($this)) {
$go_dl['document'] = true;
$go_dl['preview'] = true;
}
if ($this->app['authentication']->getUser()->ACL()->has_preview_grant($this)) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->has_preview_grant($this)) {
$go_dl['preview'] = true;
}
@@ -127,14 +127,14 @@ class record_exportElement extends record_adapter
->who_have_right(array('order_master'))
->execute()->get_results();
$go_cmd = (count($masters) > 0 && $this->app['authentication']->getUser()->ACL()->has_right_on_base($this->base_id, 'cancmd'));
$go_cmd = (count($masters) > 0 && $this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($this->base_id, 'cancmd'));
$orderable['document'] = false;
$downloadable['document'] = false;
if (isset($sd['document']) && is_file($sd['document']->get_pathfile())) {
if ($go_dl['document'] === true) {
if ($this->app['authentication']->getUser()->ACL()->is_restricted_download($this->base_id)) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->is_restricted_download($this->base_id)) {
$this->remain_hd --;
if ($this->remain_hd >= 0)
$downloadable['document'] = array(
@@ -182,7 +182,7 @@ class record_exportElement extends record_adapter
if (isset($sd[$name]) && $sd[$name]->is_physically_present()) {
if ($class == 'document') {
if ($this->app['authentication']->getUser()->ACL()->is_restricted_download($this->base_id)) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->is_restricted_download($this->base_id)) {
$this->remain_hd --;
if ($this->remain_hd >= 0)
$downloadable[$name] = array(

8
lib/classes/record/preview.php
View File

@@ -337,7 +337,7 @@ class record_preview extends record_adapter
$tab = array();
$report = $this->app['authentication']->getUser()->ACL()->has_right_on_base($this->get_base_id(), 'canreport');
$report = $this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($this->get_base_id(), 'canreport');
$connsbas = connection::getPDOConnection($this->app, $this->get_sbas_id());
@@ -420,7 +420,7 @@ class record_preview extends record_adapter
return $this->view_popularity;
}
$report = $this->app['authentication']->getUser()->ACL()->has_right_on_base(
$report = $this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base(
$this->get_base_id(), 'canreport');
if ( ! $report && ! $this->app['phraseanet.registry']->get('GV_google_api')) {
@@ -509,7 +509,7 @@ class record_preview extends record_adapter
return $this->refferer_popularity;
}
$report = $this->app['authentication']->getUser()->ACL()->has_right_on_base(
$report = $this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base(
$this->get_base_id(), 'canreport');
if ( ! $report && ! $this->app['phraseanet.registry']->get('GV_google_api')) {
@@ -581,7 +581,7 @@ class record_preview extends record_adapter
return $this->download_popularity;
}
$report = $this->app['authentication']->getUser()->ACL()->has_right_on_base($this->get_base_id(), 'canreport');
$report = $this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($this->get_base_id(), 'canreport');
$ret = false;
if ( ! $report && ! $this->app['phraseanet.registry']->get('GV_google_api')) {

40
lib/classes/set/export.php
View File

@@ -69,8 +69,8 @@ class set_export extends set_abstract
$record_id = $basket_element->getRecord($this->app)->get_record_id();
if (!isset($remain_hd[$base_id])) {
if ($app['authentication']->getUser()->ACL()->is_restricted_download($base_id)) {
$remain_hd[$base_id] = $app['authentication']->getUser()->ACL()->remaining_download($base_id);
if ($app['acl']->get($app['authentication']->getUser())->is_restricted_download($base_id)) {
$remain_hd[$base_id] = $app['acl']->get($app['authentication']->getUser())->remaining_download($base_id);
} else {
$remain_hd[$base_id] = false;
}
@@ -109,8 +109,8 @@ class set_export extends set_abstract
$record_id = $child_basrec->get_record_id();
if (!isset($remain_hd[$base_id])) {
if ($app['authentication']->getUser()->ACL()->is_restricted_download($base_id)) {
$remain_hd[$base_id] = $app['authentication']->getUser()->ACL()->remaining_download($base_id);
if ($app['acl']->get($app['authentication']->getUser())->is_restricted_download($base_id)) {
$remain_hd[$base_id] = $app['acl']->get($app['authentication']->getUser())->remaining_download($base_id);
} else {
$remain_hd[$base_id] = false;
}
@@ -132,8 +132,8 @@ class set_export extends set_abstract
$record_id = $record->get_record_id();
if (!isset($remain_hd[$base_id])) {
if ($app['authentication']->getUser()->ACL()->is_restricted_download($base_id)) {
$remain_hd[$base_id] = $app['authentication']->getUser()->ACL()->remaining_download($base_id);
if ($app['acl']->get($app['authentication']->getUser())->is_restricted_download($base_id)) {
$remain_hd[$base_id] = $app['acl']->get($app['authentication']->getUser())->remaining_download($base_id);
} else {
$remain_hd[$base_id] = false;
}
@@ -167,7 +167,7 @@ class set_export extends set_abstract
$this->businessFieldsAccess = false;
foreach ($this->elements as $download_element) {
if ($app['authentication']->getUser()->ACL()->has_right_on_base($download_element->get_base_id(), 'canmodifrecord')) {
if ($app['acl']->get($app['authentication']->getUser())->has_right_on_base($download_element->get_base_id(), 'canmodifrecord')) {
$this->businessFieldsAccess = true;
}
@@ -219,11 +219,11 @@ class set_export extends set_abstract
$display_ftp = array();
$hasadminright = $app['authentication']->getUser()->ACL()->has_right('addrecord')
|| $app['authentication']->getUser()->ACL()->has_right('deleterecord')
|| $app['authentication']->getUser()->ACL()->has_right('modifyrecord')
|| $app['authentication']->getUser()->ACL()->has_right('coll_manage')
|| $app['authentication']->getUser()->ACL()->has_right('coll_modify_struct');
$hasadminright = $app['acl']->get($app['authentication']->getUser())->has_right('addrecord')
|| $app['acl']->get($app['authentication']->getUser())->has_right('deleterecord')
|| $app['acl']->get($app['authentication']->getUser())->has_right('modifyrecord')
|| $app['acl']->get($app['authentication']->getUser())->has_right('coll_manage')
|| $app['acl']->get($app['authentication']->getUser())->has_right('coll_modify_struct');
$this->ftp_datas = array();
@@ -231,7 +231,7 @@ class set_export extends set_abstract
$display_ftp = $display_download;
$this->total_ftp = $this->total_download;
$lst_base_id = array_keys($app['authentication']->getUser()->ACL()->get_granted_base());
$lst_base_id = array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base());
if ($hasadminright) {
$sql = "SELECT usr.usr_id,usr_login,usr.usr_mail, FtpCredential.*
@@ -432,7 +432,7 @@ class set_export extends set_abstract
$BF = false;
if ($includeBusinessFields && $user->ACL()->has_right_on_base($download_element->get_base_id(), 'canmodifrecord')) {
if ($includeBusinessFields && $this->app['acl']->get($user)->has_right_on_base($download_element->get_base_id(), 'canmodifrecord')) {
$BF = true;
}
@@ -515,8 +515,8 @@ class set_export extends set_abstract
'path' => $sd[$name]->get_path()
, 'file' => $sd[$name]->get_file()
);
if (!$user->ACL()->has_right_on_base($download_element->get_base_id(), "nowatermark")
&& !$user->ACL()->has_preview_grant($download_element)
if (!$this->app['acl']->get($user)->has_right_on_base($download_element->get_base_id(), "nowatermark")
&& !$this->app['acl']->get($user)->has_preview_grant($download_element)
&& $sd[$name]->get_type() == media_subdef::TYPE_IMAGE) {
$path = recordutils_image::watermark($this->app, $sd[$name]);
if (file_exists($path)) {
@@ -792,7 +792,7 @@ class set_export extends set_abstract
$log["shortXml"] = $record_object->get_caption()->serialize(caption_record::SERIALIZE_XML);
$tmplog[$record_object->get_base_id()][] = $log;
if (!$anonymous && $o == 'document') {
$app['authentication']->getUser()->ACL()->remove_remaining($record_object->get_base_id());
$app['acl']->get($app['authentication']->getUser())->remove_remaining($record_object->get_base_id());
}
}
@@ -810,11 +810,11 @@ class set_export extends set_abstract
$stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql);
foreach ($list_base as $base_id) {
if ($app['authentication']->getUser()->ACL()->is_restricted_download($base_id)) {
if ($app['acl']->get($app['authentication']->getUser())->is_restricted_download($base_id)) {
$params = array(
':remain_dl' => $app['authentication']->getUser()->ACL()->remaining_download($base_id)
':remain_dl' => $app['acl']->get($app['authentication']->getUser())->remaining_download($base_id)
, ':base_id' => $base_id
, ':usr_id' => $app['authentication']->getUser()->get_id()
, ':usr_id' => $app['acl']->get($app['authentication']->getUser())->get_id()
);
$stmt->execute($params);

14
lib/classes/set/selection.php
View File

@@ -63,26 +63,26 @@ class set_selection extends set_abstract
$sbas_id = $record->get_sbas_id();
$record_id = $record->get_record_id();
if (! $rights) {
if ($this->app['authentication']->getUser()->ACL()->has_hd_grant($record)) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->has_hd_grant($record)) {
continue;
}
if ($this->app['authentication']->getUser()->ACL()->has_preview_grant($record)) {
if ($this->app['acl']->get($this->app['authentication']->getUser())->has_preview_grant($record)) {
continue;
}
if ( ! $this->app['authentication']->getUser()->ACL()->has_access_to_base($base_id)) {
if ( ! $this->app['acl']->get($this->app['authentication']->getUser())->has_access_to_base($base_id)) {
$to_remove[] = $id;
continue;
}
} else {
foreach ($rights as $right) {
if ( ! $this->app['authentication']->getUser()->ACL()->has_right_on_base($base_id, $right)) {
if ( ! $this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_base($base_id, $right)) {
$to_remove[] = $id;
continue;
}
}
foreach ($sbas_rights as $right) {
if ( ! $this->app['authentication']->getUser()->ACL()->has_right_on_sbas($sbas_id, $right)) {
if ( ! $this->app['acl']->get($this->app['authentication']->getUser())->has_right_on_sbas($sbas_id, $right)) {
$to_remove[] = $id;
continue;
}
@@ -94,8 +94,8 @@ class set_selection extends set_abstract
$sql = 'SELECT record_id
FROM record
WHERE ((status ^ ' . $this->app['authentication']->getUser()->ACL()->get_mask_xor($base_id) . ')
& ' . $this->app['authentication']->getUser()->ACL()->get_mask_and($base_id) . ')=0
WHERE ((status ^ ' . $this->app['acl']->get($this->app['authentication']->getUser())->get_mask_xor($base_id) . ')
& ' . $this->app['acl']->get($this->app['authentication']->getUser())->get_mask_and($base_id) . ')=0
AND record_id = :record_id';
$stmt = $connsbas->prepare($sql);

18
templates/web/admin/collection/collection.html.twig
View File

@@ -34,7 +34,7 @@
<li>{{ collection.get_record_amount() }} records <a class="ajax" target="rights" href="{{ path('admin_collection_display_document_details', { 'bas_id' : collection.get_base_id() }) }}">{% trans 'phraseanet:: details' %}</a></li>
</ul>
{% if app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(bas_id, 'manage') %}
<div class="well well-small">
<h5>{% trans 'admin::collection:: Gestionnaires des commandes' %}</h5>
<form id="admin_adder" action="{{ path('admin_collection_submit_order_admins', { 'bas_id' : bas_id }) }}" method="post" style="margin:0;">
@@ -143,7 +143,7 @@
<h5>{% trans 'admin::base:collection: minilogo actuel' %}</h5>
{% if collection.getLogo(bas_id, app) is not empty %}
<div class="thumbnail" style="width:120px;height:24px;margin-top:5px;margin-bottom:5px">{{ collection.getLogo(bas_id, app) | raw }}</div>
{% if app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(bas_id, 'manage') %}
<form method="post" action="{{ path('admin_collection_delete_logo', { 'bas_id' : bas_id }) }}" style="margin:0;">
<button class="btn btn-danger btn-mini" >
<i class="icon-trash icon-white"></i>
@@ -151,7 +151,7 @@
</button>
</form>
{% endif%}
{% elseif app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
{% elseif app['acl'].get(app['authentication'].getUser()).has_right_on_base(bas_id, 'manage') %}
<span>{% trans 'admin::base:collection: aucun fichier (minilogo, watermark ...)' %}</span>
<form class="fileupload no-ajax" enctype="multipart/form-data" method="post" action="{{ path('admin_collection_submit_logo', { 'bas_id' : bas_id }) }}" style="margin:0;">
<span class="btn btn-success fileinput-button">
@@ -168,7 +168,7 @@
<h5>{% trans "Watermark" %}</h5>
{% if collection.getWatermark(bas_id) is not empty %}
<div class="thumbnail">{{ collection.getWatermark(bas_id)| raw }}</div>
{% if app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(bas_id, 'manage') %}
<form method="post" action="{{ path('admin_collection_delete_watermark', { 'bas_id' : bas_id }) }}" style="margin:0;">
<button class="btn btn-danger btn-mini">
<i class="icon-trash icon-white"></i>
@@ -176,7 +176,7 @@
</button>
</form>
{% endif%}
{% elseif app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
{% elseif app['acl'].get(app['authentication'].getUser()).has_right_on_base(bas_id, 'manage') %}
<span>{% trans 'admin::base:collection: aucun fichier (minilogo, watermark ...)' %}</span>
<form class="fileupload no-ajax" enctype="multipart/form-data" method="post" action="{{ path('admin_collection_submit_watermark', { 'bas_id' : bas_id }) }}" style="margin:0;">
<span class="btn btn-success fileinput-button">
@@ -193,7 +193,7 @@
<h5>{% trans "Stamp logo" %}</h5>
{% if collection.getStamp(bas_id) is not empty %}
<div class="thumbnail" style="max-height:120px;max-width:260px">{{ collection.getStamp(bas_id)| raw }}</div>
{% if app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(bas_id, 'manage') %}
<form method="post" action="{{ path('admin_collection_delete_stamp', { 'bas_id' : bas_id }) }}" style="margin:0;">
<button class="btn btn-danger btn-mini">
<i class="icon-trash icon-white"></i>
@@ -201,7 +201,7 @@
</button>
</form>
{% endif%}
{% elseif app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
{% elseif app['acl'].get(app['authentication'].getUser()).has_right_on_base(bas_id, 'manage') %}
<span>{% trans 'admin::base:collection: aucun fichier (minilogo, watermark ...)' %}</span>
<form class="fileupload no-ajax" enctype="multipart/form-data" method="post" action="{{ path('admin_collection_submit_stamp', { 'bas_id' : bas_id }) }}" style="margin:0;">
<span class="btn btn-success fileinput-button">
@@ -218,7 +218,7 @@
<h5>{% trans 'admin::base:collection: image de presentation : ' %}</h5>
{% if collection.getPresentation(bas_id) is not empty %}
<div class="thumbnail" style="width:650px;height:200px">{{ collection.getPresentation(bas_id)| raw }}</div>
{% if app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(bas_id, 'manage') %}
<form method="post" action="{{ path('admin_collection_delete_banner', { 'bas_id' : bas_id }) }}" style="margin:0;">
<button class="btn btn-danger btn-mini">
<i class="icon-trash icon-white"></i>
@@ -226,7 +226,7 @@
</button>
</form>
{% endif%}
{% elseif app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
{% elseif app['acl'].get(app['authentication'].getUser()).has_right_on_base(bas_id, 'manage') %}
<span>{% trans 'admin::base:collection: aucun fichier (minilogo, watermark ...)' %}</span>
<form class="fileupload no-ajax" enctype="multipart/form-data" method="post" action="{{ path('admin_collection_submit_banner', { 'bas_id' : bas_id }) }}" style="margin:0;">
<span class="btn btn-success fileinput-button">

4
templates/web/admin/collection/create.html.twig
View File

@@ -32,10 +32,10 @@
</div>
<div class="control-group">
<div class="controls">
{% if app['authentication'].getUser().ACL().get_granted_base(["canadmin"]) | length > 0 %}
{% if app['acl'].get(app['authentication'].getUser()).get_granted_base(["canadmin"]) | length > 0 %}
<select id="othcollsel" name="othcollsel" disabled>
<option>{% trans "choisir" %}</option>
{% for collection in app['authentication'].getUser().ACL().get_granted_base(["canadmin"]) %}
{% for collection in app['acl'].get(app['authentication'].getUser()).get_granted_base(["canadmin"]) %}
<option value="{{ collection.get_base_id() }}">{{ collection.get_label(app['locale.I18n']) }}</option>
{% endfor %}
</select>

2
templates/web/admin/connected-users.html.twig
View File

@@ -24,7 +24,7 @@
<tr>
<td colspan="2"><strong>{{ 'admin::monitor: bases sur lesquelles l\'utilisateur est connecte : ' | trans }} :</strong></td>
</tr>
{% for databox in user.ACL().get_granted_sbas() %}
{% for databox in app['acl'].get(user).get_granted_sbas() %}
<tr>
<td colspan="2" style="overflow:hidden;" >{{ databox.get_label(app['locale.I18n']) }}</td>
</tr>

2
templates/web/admin/databases.html.twig
View File

@@ -43,7 +43,7 @@
</ul>
</div>
{% if app['authentication'].getUser().ACL().is_admin() %}
{% if app['acl'].get(app['authentication'].getUser()).is_admin() %}
<div class="db_infos">
<h2>{% trans 'admin::base: Version' %}</h2>

10
templates/web/admin/databox/databox.html.twig
View File

@@ -30,7 +30,7 @@
<li>
{% trans 'admin::base: Alias' %} : <span id="viewname">{{ databox.get_label(app['locale.I18n']) }}</span>
{% if app['authentication'].getUser().ACL().has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %}
<img src="/skins/icons/edit_0.gif" id="show-view-name" />
<div class="well well-small" id="change-view-name" style="display:none;">
<form method="post" action="{{ path('admin_database_rename', {'databox_id': databox.get_sbas_id()}) }}">
@@ -87,7 +87,7 @@
</div>
</div>
{% if app['authentication'].getUser().ACL().has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %}
<div>
<form method="post" action="{{ path('admin_database_set_indexable', {'databox_id': databox.get_sbas_id()}) }}" style="margin:0;">
<label class="checkbox" for="is_indexable">
@@ -178,7 +178,7 @@
<li>
<form class="form-inline" method="post" action="{{ path('admin_database_mount_collection', {'databox_id': databox.get_sbas_id(), 'collection_id' : collId }) }}">
{% trans "Monter" %} {{ name }}
{% if app['authentication'].getUser().ACL().get_granted_base(["canadmin"]) | length > 0 %}
{% if app['acl'].get(app['authentication'].getUser()).get_granted_base(["canadmin"]) | length > 0 %}
<label for="othcollsel">{% trans "admin::base:collection: Vous pouvez choisir une collection de reference pour donenr des acces " %}</label>
<select id="othcollsel" name="othcollsel" >
<option>{% trans "choisir" %}</option>
@@ -227,7 +227,7 @@
<h4>{% trans "admin::base: logo impression PDF" %}</h4>
<div id="printLogoDIV_OK">
<img class="thumbnail" id="printLogo" src="/custom/minilogos/logopdf_{{ databox.get_sbas_id() }}.jpg" />
{% if app['authentication'].getUser().ACL().has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %}
<form method="post" target="right" action="{{ path('admin_database_delete_logo', {'databox_id': databox.get_sbas_id()}) }}" >
<button class="btn btn-mini btn-danger">{% trans "admin::base:collection: supprimer le logo" %}</button>
</form>
@@ -235,7 +235,7 @@
</div>
<div id="printLogoDIV_NONE">
{% trans "admin::base:collection: aucun fichier (minilogo, watermark ...)" %}
{% if app['authentication'].getUser().ACL().has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %}
<input id="fileupload" class="no-ajax" type="file" name="newLogoPdf" data-url="{{ path('admin_database_submit_logo', {'databox_id': databox.get_sbas_id()}) }}" accept="image/jpg, image/jpeg">
<i>{% trans "admin::base: envoyer un logo (jpeg 35px de hauteur max)" %}</i>
{% endif %}

6
templates/web/admin/editusers.html.twig
View File

@@ -25,7 +25,7 @@
{% endif %}
{% if name == 'access' %}
{% if class != 'checked' and type == 'base' and admin.ACL().has_access_to_base(id) is empty %}
{% if class != 'checked' and type == 'base' and app['acl'].get(admin).has_access_to_base(id) is empty %}
<div class="no_switch">
</div>
{% else %}
@@ -34,10 +34,10 @@
</div>
{% endif %}
{% else %}
{% if class != 'checked' and type == 'base' and admin.ACL().has_right_on_base(id, name) is empty %}
{% if class != 'checked' and type == 'base' and app['acl'].get(admin).has_right_on_base(id, name) is empty %}
<div class="no_switch">
</div>
{% elseif class != 'checked' and type == 'sbas' and admin.ACL().has_right_on_sbas(id, name) is empty %}
{% elseif class != 'checked' and type == 'sbas' and app['acl'].get(admin).has_right_on_sbas(id, name) is empty %}
<div class="no_switch">
</div>
{% else %}

2
templates/web/admin/publications/fiche.html.twig
View File

@@ -101,7 +101,7 @@
<div class="controls">
<select id="edit_pub_base_id" class="input-large" name="base_id" {% if feed.isPublic() %}disabled="disabled"{% endif %}>
<option value="">{% trans 'Non-Restreinte (publique)' %}</option>
{% for databox in app['authentication'].getUser().ACL().get_granted_sbas('bas_chupub') %}
{% for databox in app['acl'].get(app['authentication'].getUser()).get_granted_sbas('bas_chupub') %}
<optgroup label="{{ databox.get_label(app['locale.I18n']) }}">
{% for collection in databox.get_collections() %}
<option {% if feed.getBaseId() and feed.getCollection(app).get_base_id() == collection.get_base_id() %}selected="selected"{% endif %} value="{{ collection.get_base_id() }}">{{ collection.get_name() }}</option>

2
templates/web/admin/publications/list.html.twig
View File

@@ -23,7 +23,7 @@
<div class="controls">
<select id="add_pub_base_id" class="input-large" name="base_id">
<option value="">{% trans 'Non-Restreinte (publique)' %}</option>
{% for databox in app['authentication'].getUser().ACL().get_granted_sbas('bas_chupub') %}
{% for databox in app['acl'].get(app['authentication'].getUser()).get_granted_sbas('bas_chupub') %}
<optgroup label="{{ databox.get_label(app['locale.I18n']) }}">
{% for collection in databox.get_collections() %}
<option value="{{ collection.get_base_id() }}">{{ collection.get_name() }}</option>

30
templates/web/admin/tree.html.twig
View File

@@ -2,7 +2,7 @@
<ul id="tree" class="filetree">
{% if app['authentication'].getUser().ACL().is_admin() %}
{% if app['acl'].get(app['authentication'].getUser()).is_admin() %}
<li>
<a target="right" href="{{ path('admin_dashbord') }}" class="ajax">
<img src="/skins/admin/Dashboard.png" />
@@ -15,7 +15,7 @@
</li>
{% endif %}
{% if app['authentication'].getUser().ACL().is_admin() %}
{% if app['acl'].get(app['authentication'].getUser()).is_admin() %}
<li>
<a target="right" href="{{ path('setup_display_globals') }}" class="ajax">
<img src="/skins/admin/Setup.png" />
@@ -36,7 +36,7 @@
</a>
</li>
{% if app['authentication'].getUser().ACL().has_right('manageusers') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('manageusers') %}
<li class="{% if feature == 'users' %}selected{% endif %}">
<a target="right" href="{{ path('admin_users_search') }}" class="ajax zone_editusers">
<img src="/skins/admin/Users.png" />
@@ -51,7 +51,7 @@
</li>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('bas_chupub') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('bas_chupub') %}
<li class="">
<a target="right" href="{{ path('admin_feeds_list') }}" class="ajax">
<img src="/skins/icons/rss16.png" />
@@ -60,7 +60,7 @@
</li>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('taskmanager') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('taskmanager') %}
<li class="{% if feature == 'taskmanager' %}selected{% endif %}">
<a target="right" href="{{ path('admin_tasks_list') }}" class="ajax">
<img src="/skins/admin/TaskManager.png" />
@@ -103,7 +103,7 @@
</div>
<ul>
{% if app['authentication'].getUser().ACL().has_right_on_sbas( sbas_id , 'bas_modify_struct') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_sbas( sbas_id , 'bas_modify_struct') %}
<li>
<a target="right" class="ajax" href="{{ path('database_display_stucture', { 'databox_id' : sbas_id }) }}">
<img src="/skins/icons/miniadjust01.gif"/>
@@ -144,7 +144,7 @@
{% set seeUsrGene = false %}
{% for coll in databox.get_collections() %}
{% if app['authentication'].getUser().ACL.has_right_on_base( coll.get_base_id() , 'canadmin') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base( coll.get_base_id() , 'canadmin') %}
{% set seeUsrGene = true %}
{% endif %}
{% endfor %}
@@ -159,9 +159,9 @@
{% endif %}
{% for collection in databox.get_collections() %}
{% if (collection.get_base_id() in app['authentication'].getUser().ACL.get_granted_base(['canadmin'])|keys
or collection.get_base_id() in app['authentication'].getUser().ACL.get_granted_base(['manage'])|keys
or collection.get_base_id() in app['authentication'].getUser().ACL.get_granted_base(['modify_struct'])|keys) %}
{% if (collection.get_base_id() in app['acl'].get(app['authentication'].getUser()).get_granted_base(['canadmin'])|keys
or collection.get_base_id() in app['acl'].get(app['authentication'].getUser()).get_granted_base(['manage'])|keys
or collection.get_base_id() in app['acl'].get(app['authentication'].getUser()).get_granted_base(['modify_struct'])|keys) %}
<li>
<div style="padding:0 0 2px 0;">
@@ -171,7 +171,7 @@
</div>
<ul>
{% if (app['authentication'].getUser().ACL.has_right_on_base(collection.get_base_id(), 'modify_struct')) %}
{% if (app['acl'].get(app['authentication'].getUser()).has_right_on_base(collection.get_base_id(), 'modify_struct')) %}
<li>
<a target="right" href="{{ path('admin_collection_display_suggested_values', { 'bas_id' : collection.get_base_id() }) }}" class="ajax">
<img src="/skins/icons/foldph20open_0.gif"/>
@@ -180,10 +180,10 @@
</li>
{% endif %}
{% if (app['authentication'].getUser().ACL.has_right_on_base( collection.get_base_id(), 'canadmin')) %}
{% if (app['authentication'].getUser().ACL.has_right_on_base( collection.get_base_id(), 'canmodifrecord')
and app['authentication'].getUser().ACL.has_right_on_base( collection.get_base_id(), 'manage')
and app['authentication'].getUser().ACL.has_right_on_sbas( sbas_id, 'bas_manage') ) %}
{% if (app['acl'].get(app['authentication'].getUser()).has_right_on_base( collection.get_base_id(), 'canadmin')) %}
{% if (app['acl'].get(app['authentication'].getUser()).has_right_on_base( collection.get_base_id(), 'canmodifrecord')
and app['acl'].get(app['authentication'].getUser()).has_right_on_base( collection.get_base_id(), 'manage')
and app['acl'].get(app['authentication'].getUser()).has_right_on_sbas( sbas_id, 'bas_manage') ) %}
<li>
<a target="right" href="{{ path('admin_users_search', { 'base_id' : [ collection.get_base_id() ] }) }}" class="ajax">
<img src="/skins/admin/Users.png"/>

2
templates/web/admin/users.html.twig
View File

@@ -130,7 +130,7 @@
{% if usr.is_template() %}
<img title="{% trans 'This is a template' %}" src="/skins/icons/template.png"/>
{% else %}
{% if usr.ACL().is_phantom() %}
{% if app['acl'].get(usr).is_phantom() %}
<img title="{% trans 'This user has no rights' %}" src="/skins/admin/ghost.png"/>
{% endif %}
{{usr.get_id()}}

10
templates/web/client/baskets.html.twig
View File

@@ -45,7 +45,7 @@
<div class="baskCreate" title="{% trans 'action:: nouveau panier' %}" onclick="newBasket();"></div>
<div style="float:right;position:relative;width:3px;height:16px;"></div>
{% if total_baskets > 0 and (app['authentication'].getUser().ACL().has_right("candwnldhd") or app['authentication'].getUser().ACL().has_right("candwnldpreview") or app['authentication'].getUser().ACL().has_right("cancmd") > 0) %}
{% if total_baskets > 0 and (app['acl'].get(app['authentication'].getUser()).has_right("candwnldhd") or app['acl'].get(app['authentication'].getUser()).has_right("candwnldpreview") or app['acl'].get(app['authentication'].getUser()).has_right("cancmd") > 0) %}
<div class="baskDownload" title="{% trans 'action : exporter' %}" onclick="evt_dwnl();"></div>
{% endif %}
@@ -117,10 +117,10 @@
onclick="evt_del_in_chutier({{ element.getId() }});"
title="{% trans 'action : supprimer' %}">
</div>
{% if app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'candwnldhd')
or app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'candwnldpreview')
or app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'cancmd')
or app['authentication'].getUser().ACL().has_preview_grant(record) %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'candwnldhd')
or app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'candwnldpreview')
or app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'cancmd')
or app['acl'].get(app['authentication'].getUser()).has_preview_grant(record) %}
<div class="baskOneDownload" onclick="evt_dwnl('{{ record.get_serialize_key() }}');" title="{% trans 'action : exporter' %}"></div>
{% endif %}
</div>

2
templates/web/common/caption.html.twig
View File

@@ -6,7 +6,7 @@
{% import 'common/caption_templates/preview.html.twig' as cap_prev %}
{% if app['authentication'].getUser() %}
{% set business = app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'canmodifrecord') %}
{% set business = app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'canmodifrecord') %}
{% else %}
{% set business = false %}
{% endif %}

6
templates/web/common/drop_down_options.html.twig
View File

@@ -8,7 +8,7 @@
<tr>
<td>
<div class="context-menu context-menu-theme-vista">
{% if app['authentication'].getUser().ACL.has_right_on_base(record.get_base_id, 'canputinalbum') and not record.is_grouping() %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id, 'canputinalbum') and not record.is_grouping() %}
<div title="" class="context-menu-item">
<div class="context-menu-item-inner"
onclick="evt_add_in_chutier('{{record.get_sbas_id}}','{{record.get_record_id}}',false,this);return(false);">
@@ -16,7 +16,7 @@
</div>
</div>
{% endif %}
{% if app['authentication'].getUser().ACL.has_right_on_base(record.get_base_id, 'candwnldpreview') or app['authentication'].getUser().ACL.has_right_on_base(record.get_base_id, 'candwnldhd') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id, 'candwnldpreview') or app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id, 'candwnldhd') %}
<div title="" class="context-menu-item">
<div class="context-menu-item-inner"
onclick="evt_dwnl('{{record.get_sbas_id}}_{{record.get_record_id}}',false,this);return(false);">
@@ -30,7 +30,7 @@
{% trans 'action : print' %}
</div>
</div>
{% if app['phraseanet.registry'].get('GV_social_tools') == 'all' or (app['phraseanet.registry'].get('GV_social_tools') == 'publishers' and user.ACL().has_right_on_sbas(record.get_sbas_id(), 'bas_chupub')) %}
{% if app['phraseanet.registry'].get('GV_social_tools') == 'all' or (app['phraseanet.registry'].get('GV_social_tools') == 'publishers' and app['acl'].get(user).has_right_on_sbas(record.get_sbas_id(), 'bas_chupub')) %}
{% if record.is_grouping() is empty %}
<div title="" class="context-menu-item">
<div class="context-menu-item-inner"

10
templates/web/common/menubar.html.twig
View File

@@ -33,7 +33,7 @@
{% endif %}
</li>
{% if app['browser'].isNewGeneration and app['phraseanet.registry'].get('GV_thesaurus') == true and app['authentication'].getUser().ACL.has_access_to_module('thesaurus') %}
{% if app['browser'].isNewGeneration and app['phraseanet.registry'].get('GV_thesaurus') == true and app['acl'].get(app['authentication'].getUser()).has_access_to_module('thesaurus') %}
<li>
<a target="_blank" href="{{ path('thesaurus') }}">
<span class="{% if module is defined and module == "thesaurus" %}selected{% endif %}">
@@ -45,7 +45,7 @@
{# MODULE #}
{% if app['authentication'].getUser().ACL.has_access_to_module('admin') %}
{% if app['acl'].get(app['authentication'].getUser()).has_access_to_module('admin') %}
<li>
<a target="_blank" href="{{ path('admin') }}">
<span class="{% if module is defined and module == "admin" %}selected{% endif %}">
@@ -56,7 +56,7 @@
{% endif %}
{# MODULE #}
{% if app['authentication'].getUser().ACL.has_access_to_module('report') %}
{% if app['acl'].get(app['authentication'].getUser()).has_access_to_module('report') %}
<li>
<a target="_blank" href="{{ path('report_dashboard') }}">
<span class="{% if module is defined and module == "report" %}selected{% endif %}">
@@ -77,7 +77,7 @@
{# MODULE #}
{% if module is defined and module == "prod" %}
{% if app['authentication'].getUser().ACL.has_access_to_module('upload') %}
{% if app['acl'].get(app['authentication'].getUser()).has_access_to_module('upload') %}
<li>
{% set link = path('upload_form') %}
@@ -105,7 +105,7 @@
</li>
{% endif %}
{% if module is defined and module == "prod" and app['authentication'].getUser().ACL.has_right('order_master') %}
{% if module is defined and module == "prod" and app['acl'].get(app['authentication'].getUser()).has_right('order_master') %}
<li>
<a href="{{ path('prod_orders') }}" class="dialog full-dialog" title="{% trans 'Orders manager' %}">
<span>

2
templates/web/common/preview.html.twig
View File

@@ -9,7 +9,7 @@
{% set previewHtml5 = null %}
{% if app['authentication'].getUser().ACL().has_access_to_subdef(record, 'preview') %}
{% if app['acl'].get(app['authentication'].getUser()).has_access_to_subdef(record, 'preview') %}
{% set preview_obj = record.get_preview() %}
{% else %}
{% set preview_obj = record.get_thumbnail() %}

4
templates/web/lightbox/IE6/feed.html.twig
View File

@@ -34,7 +34,7 @@
</div>
<div class="lightbox_container left">
{% if first_item %}
{% if app['authentication'].getUser().ACL().has_access_to_subdef(first_item.getRecord(app), 'preview') %}
{% if app['acl'].get(app['authentication'].getUser()).has_access_to_subdef(first_item.getRecord(app), 'preview') %}
{% set preview = first_item.getRecord(app).get_preview() %}
{% else %}
{% set preview = first_item.getRecord(app).get_thumbnail() %}
@@ -81,7 +81,7 @@
<div class="right_column_wrapper right_column_wrapper_caption left unselectable" style="width:230px;height:auto;">
<div id="record_infos">
<div class="lightbox_container">
{% set business = app['authentication'].getUser().ACL().has_right_on_base(first_item.getRecord(app).get_base_id(), 'canmodifrecord') %}
{% set business = app['acl'].get(app['authentication'].getUser()).has_right_on_base(first_item.getRecord(app).get_base_id(), 'canmodifrecord') %}
{% if first_item %}
{{caption.format_caption(first_item.getRecord(app), '', null, business)}}
{% endif %}

2
templates/web/lightbox/IE6/validate.html.twig
View File

@@ -94,7 +94,7 @@
<div id="record_infos">
<div class="lightbox_container">
{% if basket_element %}
{% set business = app['authentication'].getUser().ACL().has_right_on_base(basket_element.getRecord(app).get_base_id(), 'canmodifrecord') %}
{% set business = app['acl'].get(app['authentication'].getUser()).has_right_on_base(basket_element.getRecord(app).get_base_id(), 'canmodifrecord') %}
{{caption.format_caption(basket_element.getRecord(app), '', null, business)}}
{% endif %}
</div>

4
templates/web/lightbox/feed.html.twig
View File

@@ -42,7 +42,7 @@
</div>
<div class="lightbox_container PNB record_display_box">
{% if first_item %}
{% if app['authentication'].getUser().ACL().has_access_to_subdef(first_item.getRecord(app), 'preview') %}
{% if app['acl'].get(app['authentication'].getUser()).has_access_to_subdef(first_item.getRecord(app), 'preview') %}
{% set bask_prev = first_item.getRecord(app).get_preview() %}
{% else %}
{% set bask_prev = first_item.getRecord(app).get_thumbnail() %}
@@ -81,7 +81,7 @@
<div class="right_column_wrapper caption right_column_wrapper_caption PNB">
<div id="record_infos" class="PNB">
<div class="lightbox_container PNB">
{% set business = app['authentication'].getUser().ACL().has_right_on_base(first_item.getRecord(app).get_base_id(), 'canmodifrecord') %}
{% set business = app['acl'].get(app['authentication'].getUser()).has_right_on_base(first_item.getRecord(app).get_base_id(), 'canmodifrecord') %}
{% if first_item %}
{{caption.format_caption(first_item.getRecord(app), '', null, business)}}
{% endif %}

2
templates/web/lightbox/validate.html.twig
View File

@@ -97,7 +97,7 @@
<div id="record_infos" class="PNB">
<div class="lightbox_container PNB">
{% if basket_element %}
{% set business = app['authentication'].getUser().ACL().has_right_on_base(basket_element.getRecord(app).get_base_id(), 'canmodifrecord') %}
{% set business = app['acl'].get(app['authentication'].getUser()).has_right_on_base(basket_element.getRecord(app).get_base_id(), 'canmodifrecord') %}
{{caption.format_caption(basket_element.getRecord(app), '', null, business)}}
{% endif %}
</div>

2
templates/web/prod/Story/Create.html.twig
View File

@@ -2,7 +2,7 @@
<label>{% trans 'Collection' %}</label>
<select name="base_id">
{% for collection in app['authentication'].getUser().ACL().get_granted_base(['canaddrecord']) %}
{% for collection in app['acl'].get(app['authentication'].getUser()).get_granted_base(['canaddrecord']) %}
<option value="{{ collection.get_base_id() }}">{{ collection.get_databox().get_label(app['locale.I18n']) }} / {{ collection.get_label(app['locale.I18n']) }}</option>
{% endfor %}
</select>

14
templates/web/prod/WorkZone/Basket.html.twig
View File

@@ -10,36 +10,36 @@
<img src="/skins/prod/000000/images/print_history.gif"/>
</button>
{% if app['authentication'].getUser().ACL().has_right('modifyrecord') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('modifyrecord') %}
<button class="ui-corner-all TOOL_ppen_btn basket_window" title="{% trans 'action : editer' %}">
<img src="/skins/prod/000000/images/ppen_history.gif"/>
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('changestatus') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('changestatus') %}
<button class="ui-corner-all TOOL_chgstatus_btn basket_window" title="{% trans 'action : status' %}">
<img src="/skins/prod/000000/images/chgstatus_history.gif"/>
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('deleterecord') and app['authentication'].getUser().ACL().has_right('addrecord') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('deleterecord') and app['acl'].get(app['authentication'].getUser()).has_right('addrecord') %}
<button class="ui-corner-all TOOL_chgcoll_btn basket_window" title="{% trans 'action : collection' %}">
<img src="/skins/prod/000000/images/chgcoll_history.gif"/>
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('push') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('push') %}
<button class="ui-corner-all TOOL_pushdoc_btn basket_window" title="{% trans 'action : push' %}">
<img src="/skins/icons/push16.png"/>
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('push') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('push') %}
<button class="ui-corner-all TOOL_feedback_btn basket_window" title="{% trans 'Feedback' %}">
<img src="/skins/icons/feedback16.png"/>
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('bas_chupub') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('bas_chupub') %}
<button class="ui-corner-all TOOL_bridge_btn basket_window" title="{% trans 'action : bridge' %}">
<img src="/skins/icons/door.png"/>
</button>
@@ -48,7 +48,7 @@
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('doctools') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('doctools') %}
<button class="ui-corner-all TOOL_imgtools_btn basket_window" title="{% trans 'action : outils' %}">
<img src="/skins/prod/000000/images/imgtools_history.gif"/>
</button>

14
templates/web/prod/WorkZone/Story.html.twig
View File

@@ -9,36 +9,36 @@
<img src="/skins/prod/000000/images/print_history.gif"/>
</button>
{% if app['authentication'].getUser().ACL().has_right('modifyrecord') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('modifyrecord') %}
<button class="ui-corner-all TOOL_ppen_btn story_window" title="{% trans 'action : editer' %}">
<img src="/skins/prod/000000/images/ppen_history.gif"/>
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('changestatus') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('changestatus') %}
<button class="ui-corner-all TOOL_chgstatus_btn story_window" title="{% trans 'action : status' %}">
<img src="/skins/prod/000000/images/chgstatus_history.gif"/>
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('deleterecord') and app['authentication'].getUser().ACL().has_right('addrecord') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('deleterecord') and app['acl'].get(app['authentication'].getUser()).has_right('addrecord') %}
<button class="ui-corner-all TOOL_chgcoll_btn story_window" title="{% trans 'action : collection' %}">
<img src="/skins/prod/000000/images/chgcoll_history.gif"/>
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('push') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('push') %}
<button class="ui-corner-all TOOL_pushdoc_btn story_window" title="{% trans 'action : push' %}">
<img src="/skins/icons/push16.png"/>
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('push') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('push') %}
<button class="ui-corner-all TOOL_feedback_btn story_window" title="{% trans 'Feedback' %}">
<img src="/skins/icons/feedback16.png"/>
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('bas_chupub') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('bas_chupub') %}
<button class="ui-corner-all TOOL_bridge_btn story_window" title="{% trans 'action : bridge' %}">
<img src="/skins/icons/door.png"/>
</button>
@@ -47,7 +47,7 @@
</button>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('doctools') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('doctools') %}
<button class="ui-corner-all TOOL_imgtools_btn story_window" title="{% trans 'action : outils' %}">
<img src="/skins/prod/000000/images/imgtools_history.gif"/>
</button>

2
templates/web/prod/actions/Push.html.twig
View File

@@ -87,7 +87,7 @@
<input class="search" name="users-search" placeholder="{% trans 'Users' %}" type="text" style="width:210px;"/>
<br/>
{% trans 'Select a user in the list'%} <br/>
{% if app['authentication'].getUser().ACL().has_right('manageusers') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('manageusers') %}
{% trans 'or' %}
<a href="{{ path('prod_push_add_user') }}" class="user_adder link">{% trans 'Add user' %}</a>
{% endif %}

2
templates/web/prod/actions/edit_default.html.twig
View File

@@ -27,7 +27,7 @@
{% endif %}
{% set class_status = 'nostatus' %}
{% if app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'chgstatus') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'chgstatus') %}
{% set class_status = '' %}
{% endif %}

22
templates/web/prod/index.html.twig
View File

@@ -169,7 +169,7 @@
<div id="THPD_tabs">
<ul>
<li class="th_tab"><a href="#THPD_T"><span>{% trans 'prod::thesaurusTab:thesaurus' %}</span></a></li>
{% if app['authentication'].getUser().ACL().has_access_to_module('thesaurus') %}
{% if app['acl'].get(app['authentication'].getUser()).has_access_to_module('thesaurus') %}
<li class="th_tab"><a href="#THPD_C"><span>{% trans 'prod::thesaurusTab:candidats' %}</span></a></li>
{% endif %}
</ul>
@@ -209,7 +209,7 @@
</div>
</div>
</div>
{% if app['authentication'].getUser().ACL().has_access_to_module('thesaurus') %}
{% if app['acl'].get(app['authentication'].getUser()).has_access_to_module('thesaurus') %}
<div id="THPD_C">
<div id='THPD_C_treeBox' class="searchZone">
<div onclick="Xclick(event);return(false);" ondblclick="CXdblClick(event);">
@@ -248,7 +248,7 @@
{% trans 'Browse Baskets' %}
</a>
</div>
{% if app['phraseanet.registry'].get('GV_multiAndReport') and app['authentication'].getUser().ACL().has_right('addrecord') %}
{% if app['phraseanet.registry'].get('GV_multiAndReport') and app['acl'].get(app['authentication'].getUser()).has_right('addrecord') %}
<div class="context-menu-item-inner">
<a title="{% trans 'action:: nouveau reportage' %}" class="dialog small-dialog" href="{{ path('prod_stories_create') }}">
<img style="cursor:pointer;" src="/skins/icons/mtadd_0.gif" title="{% trans 'action:: nouveau reportage' %}" />
@@ -531,19 +531,19 @@
</span>
{% set actions = {} %}
{% if app['authentication'].getUser().ACL().has_right('modifyrecord') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('modifyrecord') %}
{% set label %}
{% trans 'action : editer' %}
{% endset %}
{% set actions = actions|merge( { 'edit' : {'icon': "/skins/prod/000000/images/ppen_history.gif", 'class':'TOOL_ppen_btn', 'label' : label} }) %}
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('changestatus') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('changestatus') %}
{% set label %}
{% trans 'action : status' %}
{% endset %}
{% set actions = actions|merge( { 'status' : {'icon': "/skins/prod/000000/images/chgstatus_history.gif", 'class':'TOOL_chgstatus_btn', 'label' : label} }) %}
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('deleterecord') and app['authentication'].getUser().ACL().has_right('addrecord') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('deleterecord') and app['acl'].get(app['authentication'].getUser()).has_right('addrecord') %}
{% set label %}
{% trans 'action : collection' %}
{% endset %}
@@ -591,7 +591,7 @@
</span>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('push') and app['authentication'].getUser().ACL().has_right('bas_chupub') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('push') and app['acl'].get(app['authentication'].getUser()).has_right('bas_chupub') %}
<span class="dropdownButton">
<div class="btn-group">
<button class="TOOL_pushdoc_btn default_action results_window btn btn-inverse">
@@ -622,7 +622,7 @@
</ul>
</div>
</span>
{% elseif app['authentication'].getUser().ACL().has_right('push') %}
{% elseif app['acl'].get(app['authentication'].getUser()).has_right('push') %}
<span class="dropdownButton">
<div class="btn-group">
<button class="TOOL_pushdoc_btn default_action results_window btn btn-inverse" >
@@ -639,7 +639,7 @@
</ul>
</div>
</span>
{% elseif app['authentication'].getUser().ACL().has_right('bas_chupub') %}
{% elseif app['acl'].get(app['authentication'].getUser()).has_right('bas_chupub') %}
<span class="dropdownButton">
<div class="btn-group">
<button class="TOOL_pushdoc_btn default_action results_window btn btn-inverse" >
@@ -658,7 +658,7 @@
</span>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('doctools') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('doctools') %}
<span class="classicButton">
<div class="btn-group">
<button class="TOOL_imgtools_btn results_window btn btn-inverse" >
@@ -667,7 +667,7 @@
</div>
</span>
{% endif %}
{% if app['authentication'].getUser().ACL().has_right('deleterecord') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right('deleterecord') %}
<span class="classicButton">
<div class="btn-group">
<button class="TOOL_trash_btn results_window btn btn-inverse" >

4
templates/web/prod/preview/caption.html.twig
View File

@@ -1,6 +1,6 @@
{% import 'common/caption_templates/preview.html.twig' as caption %}
{% if app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id, 'canmodifrecord') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id, 'canmodifrecord') %}
<div class="edit_button" style="text-align:right">
<a href="#" onclick="editThis('IMGT','{{record.get_serialize_key()}}');">
<img style="vertical-align:middle" src="/skins/prod/000000/images/ppen_history.gif" />
@@ -11,7 +11,7 @@
<div style="text-align:center;">
{{record.get_status_icons()|raw}}
</div>
{% set business = app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'canmodifrecord') %}
{% set business = app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'canmodifrecord') %}
{% if record.is_from_reg() %}
{{caption.format_caption(record, '', null, business)}}
{% else %}

2
templates/web/prod/preview/short_history.html.twig
View File

@@ -55,7 +55,7 @@
{% trans 'report::Modification du document -- je ne me souviens plus de quoi...' %}
{% endif %}
<span class="actor">
{% if app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'canreport') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'canreport') %}
{% if done['user'] and done['user'].get_id() != app['authentication'].getUser().get_id() %}
{% set user_infos = done['user'].get_display_name() %}
{% trans %}report:: par {{ user_infos }}{% endtrans %}

4
templates/web/prod/preview/tools.html.twig
View File

@@ -1,5 +1,5 @@
{% if (record.is_from_basket is empty) and app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'canputinalbum') %}
{% if (record.is_from_basket is empty) and app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'canputinalbum') %}
<div sbas="{{record.get_sbas_id()}}" id="PREV_BASKADD_{{record.get_serialize_key}}"
class="baskAdder" title="{% trans 'action : ajouter au panier' %}"
onclick="evt_add_in_chutier('{{record.get_sbas_id()}}','{{record.get_record_id()}}',false,this);return(false);"></div>
@@ -17,7 +17,7 @@
<div class="printer" title="'{% trans 'action : print' %}"
onclick="evt_print('{{record.get_sbas_id()}}_{{record.get_record_id()}}');return(false);"></div>
{% if app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'candwnldhd') or app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'candwnldpreview') %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'candwnldhd') or app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'candwnldpreview') %}
<div class="downloader" title="{% trans 'action : exporter' %}"
onclick="evt_dwnl('{{record.get_sbas_id()}}_{{record.get_record_id()}}');return(false);"></div>
{% endif %}

2
templates/web/prod/results/answerlist.html.twig
View File

@@ -14,7 +14,7 @@
<td valign="middle">
<div class='desc' style='max-height:{{th_size+70}}px;overflow-y:auto;'>
<div class="fixeddesc">
{% set business = app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'canmodifrecord') %}
{% set business = app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), 'canmodifrecord') %}
{{caption.format_caption(record, highlight, searchEngine, business)}}
{% if app['authentication'].getUser().getPrefs('technical_display') == 'group' %}<hr/>{{record.get_technical_infos|raw}}{% endif %}
</div>

2
templates/web/prod/results/record.html.twig
View File

@@ -80,7 +80,7 @@
{% endif %}
<td style='text-align:right;width:{{l_width}}px;' valign='bottom'>
{{drop_down.prod(record, entry_id)}}
{% if record.has_preview() and app['authentication'].getUser().ACL().has_access_to_subdef(record, 'preview') %}
{% if record.has_preview() and app['acl'].get(app['authentication'].getUser()).has_access_to_subdef(record, 'preview') %}
<div tooltipsrc="{{ path('prod_tooltip_preview', { 'sbas_id' : record.get_sbas_id(), 'record_id' : record.get_record_id() }) }}" class="previewTips"></div>
{% endif %}
{% if user_rollover_thumbnail == 'preview' %}

4
templates/web/prod/upload/lazaret.html.twig
View File

@@ -318,8 +318,8 @@
</h5>
<ul class="thumbnails">
{% for record in records %}
{% if app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), "canaddrecord")
and app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), "candeleterecord") %}
{% if app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), "canaddrecord")
and app['acl'].get(app['authentication'].getUser()).has_right_on_base(record.get_base_id(), "candeleterecord") %}
<li class="records-subititution span3">
<div class="thumbnail">
<div class="record-thumb" style="text-align:center;">

4
tests/Alchemy/Tests/Phrasea/Application/ApiAbstract.php
View File

@@ -14,7 +14,7 @@ abstract class ApiAbstract extends \PhraseanetWebTestCaseAbstract
{
/**
*
* @var Symfony\Component\HttpKernel\Client
* @var Client
*/
protected $client;
@@ -1999,7 +1999,7 @@ abstract class ApiAbstract extends \PhraseanetWebTestCaseAbstract
$lazaretSession = new \Alchemy\Phrasea\Model\Entities\LazaretSession();
self::$DI['app']['EM']->persist($lazaretSession);
$quarantineItem;
$quarantineItem = null;
$callback = function ($element, $visa, $code) use (&$quarantineItem) {
$quarantineItem = $element;
};

16
tests/Alchemy/Tests/Phrasea/Authentication/ACLProviderTest.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace Alchemy\Tests\Phrasea\Authentication;
use Alchemy\Phrasea\Application;
use Alchemy\Phrasea\Authentication\ACLProvider;
class ACLProviderTest extends \PhraseanetPHPUnitAbstract
{
public function testGetACL()
{
$acl = self::$DI['app']['acl']->get(self::$DI['user']);
$this->assertInstanceOf('\ACL', $acl);
}
}

9
tests/Alchemy/Tests/Phrasea/Authentication/AuthenticatorTest.php
View File

@@ -96,10 +96,15 @@ class AuthenticatorTest extends \PhraseanetPHPUnitAbstract
->method('get_granted_sbas')
->will($this->returnValue(array()));
$user->expects($this->once())
->method('ACL')
$aclProvider = $this->getMockBuilder('Alchemy\Phrasea\Authentication\ACLProvider')
->disableOriginalConstructor()
->getMock();
$aclProvider->expects($this->any())
->method('get')
->will($this->returnValue($acl));
$app['acl'] = $aclProvider;
$em->expects($this->at(0))
->method('persist')
->with($this->isInstanceOf('Alchemy\Phrasea\Model\Entities\Session'))

16
tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php
View File

@@ -3,6 +3,7 @@
namespace Alchemy\Tests\Phrasea\Controller\Admin;
use Alchemy\Phrasea\Application;
use Alchemy\Phrasea\Authentication\ACLProvider;
use Alchemy\Phrasea\Border\File;
class AdminCollectionTest extends \PhraseanetWebTestCaseAuthenticatedAbstract
@@ -12,7 +13,7 @@ class AdminCollectionTest extends \PhraseanetWebTestCaseAuthenticatedAbstract
public function tearDown()
{
self::$DI['app']['authentication']->setUser(self::$DI['user']);
self::$DI['app']['acl'] = new ACLProvider(self::$DI['app']);
foreach (self::$createdCollections as $collection) {
try {
$collection->unmount_collection(self::$DI['app']);
@@ -26,6 +27,7 @@ class AdminCollectionTest extends \PhraseanetWebTestCaseAuthenticatedAbstract
}
}
self::$createdCollections = array();
// /!\ re enable collection
self::$DI['collection']->enable(self::$DI['app']['phraseanet.appbox']);
@@ -38,8 +40,8 @@ class AdminCollectionTest extends \PhraseanetWebTestCaseAuthenticatedAbstract
self::$DI['app'] = new Application('test');
self::giveRightsToUser(self::$DI['app'], self::$DI['user']);
self::$DI['user']->ACL()->revoke_access_from_bases(array(self::$DI['collection_no_access']->get_base_id()));
self::$DI['user']->ACL()->set_masks_on_base(self::$DI['collection_no_access_by_status']->get_base_id(), '0000000000000000000000000000000000000000000000000001000000000000', '0000000000000000000000000000000000000000000000000001000000000000', '0000000000000000000000000000000000000000000000000001000000000000', '0000000000000000000000000000000000000000000000000001000000000000');
self::$DI['app']['acl']->get(self::$DI['user'])->revoke_access_from_bases(array(self::$DI['collection_no_access']->get_base_id()));
self::$DI['app']['acl']->get(self::$DI['user'])->set_masks_on_base(self::$DI['collection_no_access_by_status']->get_base_id(), '0000000000000000000000000000000000000000000000000001000000000000', '0000000000000000000000000000000000000000000000000001000000000000', '0000000000000000000000000000000000000000000000000001000000000000', '0000000000000000000000000000000000000000000000000001000000000000');
parent::tearDownAfterClass();
}
@@ -103,12 +105,10 @@ class AdminCollectionTest extends \PhraseanetWebTestCaseAuthenticatedAbstract
{
$this->setAdmin(true);
$collection = $this->createOneCollection();
$file = new File(self::$DI['app'], self::$DI['app']['mediavorus']->guess(__DIR__ . '/../../../../../files/test001.jpg'), $collection);
$file = new File(self::$DI['app'], self::$DI['app']['mediavorus']->guess(__DIR__ . '/../../../../../files/test001.jpg'), self::$DI['collection']);
\record_adapter::createFromFile($file, self::$DI['app']);
self::$DI['client']->request('GET', '/admin/collection/' . $collection->get_base_id() . '/informations/details/');
self::$DI['client']->request('GET', '/admin/collection/' . self::$DI['collection']->get_base_id() . '/informations/details/');
$this->assertTrue(self::$DI['client']->getResponse()->isOk());
}
@@ -279,7 +279,7 @@ class AdminCollectionTest extends \PhraseanetWebTestCaseAuthenticatedAbstract
$this->checkRedirection(self::$DI['client']->getResponse(), '/admin/collection/' . self::$DI['collection']->get_base_id() . '/?success=1');
$this->assertTrue(self::$DI['user_alt1']->ACL()->has_right_on_base(self::$DI['collection']->get_base_id(), 'order_master'));
$this->assertTrue(self::$DI['app']['acl']->get(self::$DI['user_alt1'])->has_right_on_base(self::$DI['collection']->get_base_id(), 'order_master'));
}
/**

Some files were not shown because too many files have changed in this diff Show More