mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-23 09:53:15 +00:00
Merge branch 'master' into PHRAS-2680-webhook-privacy-and-security
This commit is contained in:
Nicolas Maillat
@@ -114,6 +114,7 @@ class MoveCollectionController extends Controller
|
||||
$trashCollectionsBySbasId = [];
|
||||
|
||||
foreach ($records as $record) {
|
||||
$oldCollectionId = $record->getCollection()->get_coll_id();
|
||||
$record->move_to_collection($collection, $this->getApplicationBox());
|
||||
|
||||
if ($request->request->get("chg_coll_son") == "1") {
|
||||
@@ -130,7 +131,7 @@ class MoveCollectionController extends Controller
|
||||
$trashCollectionsBySbasId[$sbasId] = $record->getDatabox()->getTrashCollection();
|
||||
}
|
||||
if ($trashCollectionsBySbasId[$sbasId] !== null) {
|
||||
if ($record->getCollection()->get_coll_id() == $trashCollectionsBySbasId[$sbasId]->get_coll_id() && $collection->get_coll_id() !== $trashCollectionsBySbasId[$sbasId]->get_coll_id()) {
|
||||
if ($oldCollectionId == $trashCollectionsBySbasId[$sbasId]->get_coll_id() && $collection->get_coll_id() !== $trashCollectionsBySbasId[$sbasId]->get_coll_id()) {
|
||||
// record is already in trash so active it
|
||||
foreach ($record->get_subdefs() as $subdef) {
|
||||
if (($pl = $subdef->get_permalink())) {
|
||||
|
||||
@@ -214,7 +214,7 @@ class QueryController extends Controller
|
||||
if (min($d2top, $d2bottom) < 4) {
|
||||
if ($d2bottom < 4) {
|
||||
if($page != 1){
|
||||
$string .= "<a id='PREV_PAGE' class='btn btn-primary btn-mini'></a>";
|
||||
$string .= "<a id='PREV_PAGE' class='btn btn-primary btn-mini icon-baseline-chevron_left-24px'></a>";
|
||||
}
|
||||
for ($i = 1; ($i <= 4 && (($i <= $npages) === true)); $i++) {
|
||||
if ($i == $page)
|
||||
@@ -223,13 +223,13 @@ class QueryController extends Controller
|
||||
$string .= '<a class="btn btn-primary btn-mini search-navigate-action" data-page="'.$i.'">' . $i . '</a>';
|
||||
}
|
||||
if ($npages > 4)
|
||||
$string .= "<a id='NEXT_PAGE' class='btn btn-primary btn-mini'></a>";
|
||||
$string .= '<a href="#" class="btn btn-primary btn-mini search-navigate-action" data-page="' . $npages . '" id="last"></a>';
|
||||
$string .= "<a id='NEXT_PAGE' class='btn btn-primary btn-mini icon icon-baseline-chevron_right-24px'></a>";
|
||||
$string .= '<a href="#" class="btn btn-primary btn-mini search-navigate-action icon icon-double-arrows" data-page="' . $npages . '" id="last"></a>';
|
||||
} else {
|
||||
$start = $npages - 4;
|
||||
if (($start) > 0){
|
||||
$string .= '<a class="btn btn-primary btn-mini search-navigate-action" data-page="1" id="first"></a>';
|
||||
$string .= '<a id="PREV_PAGE" class="btn btn-primary btn-mini"></a>';
|
||||
$string .= '<a class="btn btn-primary btn-mini search-navigate-action" data-page="1" id="first"><span class="icon icon-double-arrows icon-inverse"></span></a>';
|
||||
$string .= '<a id="PREV_PAGE" class="btn btn-primary btn-mini icon icon-baseline-chevron_left-24px"></a>';
|
||||
}else
|
||||
$start = 1;
|
||||
for ($i = ($start); $i <= $npages; $i++) {
|
||||
@@ -239,11 +239,11 @@ class QueryController extends Controller
|
||||
$string .= '<a class="btn btn-primary btn-mini search-navigate-action" data-page="'.$i.'">' . $i . '</a>';
|
||||
}
|
||||
if($page < $npages){
|
||||
$string .= "<a id='NEXT_PAGE' class='btn btn-primary btn-mini'></a>";
|
||||
$string .= "<a id='NEXT_PAGE' class='btn btn-primary btn-mini icon icon-baseline-chevron_right-24px'></a>";
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$string .= '<a class="btn btn-primary btn-mini btn-mini search-navigate-action" data-page="1" id="first"></a>';
|
||||
$string .= '<a class="btn btn-primary btn-mini search-navigate-action" data-page="1" id="first"><span class="icon icon-double-arrows icon-inverse"></span></a>';
|
||||
|
||||
for ($i = ($page - 2); $i <= ($page + 2); $i++) {
|
||||
if ($i == $page)
|
||||
@@ -252,10 +252,10 @@ class QueryController extends Controller
|
||||
$string .= '<a class="btn btn-primary btn-mini search-navigate-action" data-page="'.$i.'">' . $i . '</a>';
|
||||
}
|
||||
|
||||
$string .= '<a href="#" class="btn btn-primary btn-mini search-navigate-action" data-page="' . $npages . '" id="last"></a>';
|
||||
$string .= '<a href="#" class="btn btn-primary btn-mini search-navigate-action icon icon-double-arrows" data-page="' . $npages . '" id="last"></a>';
|
||||
}
|
||||
}
|
||||
$string .= '<div style="display:none;"><div id="NEXT_PAGE"></div><div id="PREV_PAGE"></div></div>';
|
||||
$string .= '<div style="display:none;"><div id="NEXT_PAGE" class="icon icon-baseline-chevron_right-24px"></div><div id="PREV_PAGE" class="icon icon-baseline-chevron_left-24px"></div></div>';
|
||||
|
||||
$explain = $this->render(
|
||||
"prod/results/infos.html.twig",
|
||||
@@ -470,7 +470,6 @@ class QueryController extends Controller
|
||||
$json['results'] = $this->render($template, ['results'=> $result]);
|
||||
}
|
||||
|
||||
|
||||
return $this->app->json($json);
|
||||
}
|
||||
|
||||
|
||||
@@ -15,12 +15,9 @@ use Alchemy\Phrasea\Core\Configuration\DisplaySettingService;
|
||||
use Alchemy\Phrasea\Exception\SessionNotFound;
|
||||
use Alchemy\Phrasea\Feed\Aggregate;
|
||||
use Alchemy\Phrasea\Helper;
|
||||
use Alchemy\Phrasea\Model\Entities\UserSetting;
|
||||
use Alchemy\Phrasea\Helper\WorkZone as WorkzoneHelper;
|
||||
use Alchemy\Phrasea\Model\Repositories\FeedRepository;
|
||||
use Symfony\Component\Finder\Finder;
|
||||
use Symfony\Component\Finder\SplFileInfo;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
// use Alchemy\Phrasea\Plugin\ActionBarPluginInterface;
|
||||
|
||||
|
||||
class RootController extends Controller
|
||||
@@ -43,12 +40,11 @@ class RootController extends Controller
|
||||
public function indexAction(Request $request) {
|
||||
try {
|
||||
\Session_Logger::updateClientInfos($this->app, 1);
|
||||
} catch (SessionNotFound $e) {
|
||||
}
|
||||
catch (SessionNotFound $e) {
|
||||
return $this->app->redirectPath('logout');
|
||||
}
|
||||
|
||||
$css = [];
|
||||
|
||||
$user = $this->getAuthenticatedUser();
|
||||
$cssfile = $this->getSettings()->getUserSetting($user, 'css');
|
||||
|
||||
@@ -110,7 +106,7 @@ class RootController extends Controller
|
||||
|
||||
return $this->render('prod/index.html.twig', [
|
||||
'module_name' => 'Production',
|
||||
'WorkZone' => new Helper\WorkZone($this->app, $request),
|
||||
'WorkZone' => new WorkzoneHelper($this->app, $request),
|
||||
'module_prod' => $helper,
|
||||
'search_datas' => $helper->get_search_datas(),
|
||||
'cssfile' => $cssfile,
|
||||
@@ -123,7 +119,7 @@ class RootController extends Controller
|
||||
'feeds' => $feeds,
|
||||
'aggregate' => $aggregate,
|
||||
'GV_google_api' => $conf->get(['registry', 'webservices', 'google-charts-enabled']),
|
||||
'geocodingProviders' => $conf->get(['geocoding-providers']),
|
||||
'geocodingProviders' => $conf->get(['geocoding-providers']),
|
||||
'search_status' => \databox_status::getSearchStatus($this->app),
|
||||
'thesau_js_list' => $thjslist,
|
||||
'thesau_json_sbas' => json_encode($sbas),
|
||||
|
||||
@@ -367,15 +367,17 @@ class UploadController extends Controller
|
||||
$postMaxSize = PHP_INT_MAX;
|
||||
}
|
||||
|
||||
$r = 0;
|
||||
switch (strtolower(substr($postMaxSize, -1))) {
|
||||
/** @noinspection PhpMissingBreakStatementInspection */
|
||||
case 'g':
|
||||
$postMaxSize *= 1024;
|
||||
$r += 10;
|
||||
/** @noinspection PhpMissingBreakStatementInspection */
|
||||
case 'm':
|
||||
$postMaxSize *= 1024;
|
||||
$r += 10;
|
||||
case 'k':
|
||||
$postMaxSize *= 1024;
|
||||
$r += 10;
|
||||
$postMaxSize = ((int)($postMaxSize))<<$r;
|
||||
}
|
||||
|
||||
return min(UploadedFile::getMaxFilesize(), (int) $postMaxSize);
|
||||
|
||||
@@ -524,27 +524,36 @@ class AccountController extends Controller
|
||||
|
||||
$list = array_keys($this->app['repo.collections-registry']->getBaseIdMap());
|
||||
|
||||
$this->app->getAclForUser($user)->revoke_access_from_bases($list);
|
||||
try {
|
||||
$this->app->getAclForUser($user)->revoke_access_from_bases($list);
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
// one or more access could not be revoked ? the user will not be phantom
|
||||
$this->app->addFlash('error', $this->app->trans('phraseanet::error: failed to revoke some user access'));
|
||||
}
|
||||
|
||||
if ($this->app->getAclForUser($user)->is_phantom()) {
|
||||
// send confirmation email: the account has been deleted
|
||||
|
||||
try {
|
||||
$receiver = Receiver::fromUser($user);
|
||||
} catch (InvalidArgumentException $e) {
|
||||
$mail = MailSuccessAccountDelete::create($this->app, $receiver);
|
||||
}
|
||||
catch (InvalidArgumentException $e) {
|
||||
$this->app->addFlash('error', $this->app->trans('phraseanet::erreur: echec du serveur de mail'));
|
||||
$mail = null;
|
||||
}
|
||||
|
||||
$mail = MailSuccessAccountDelete::create($this->app, $receiver);
|
||||
|
||||
$this->app['manipulator.user']->delete($user, [$user->getId() => $oldGrantedBaseIds]);
|
||||
if($mail) {
|
||||
$this->deliver($mail);
|
||||
}
|
||||
|
||||
$this->deliver($mail);
|
||||
$this->getAuthenticator()->closeAccount();
|
||||
$this->app->addFlash('info', $this->app->trans('phraseanet::account The account has been deleted'));
|
||||
}
|
||||
|
||||
$this->getAuthenticator()->closeAccount();
|
||||
$this->app->addFlash('info', $this->app->trans('phraseanet::account The account has been deleted'));
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -94,10 +94,9 @@ class SessionController extends Controller
|
||||
}
|
||||
|
||||
/**
|
||||
* Check session state
|
||||
*
|
||||
* @param Request $request
|
||||
* @param Request $request
|
||||
* @return JsonResponse
|
||||
* @throws \Exception in case "new \DateTime()" fails ?
|
||||
*/
|
||||
public function updateSession(Request $request)
|
||||
{
|
||||
@@ -120,7 +119,8 @@ class SessionController extends Controller
|
||||
|
||||
return $this->app->json($ret);
|
||||
}
|
||||
} else {
|
||||
}
|
||||
else {
|
||||
$ret['status'] = 'disconnected';
|
||||
|
||||
return $this->app->json($ret);
|
||||
@@ -128,7 +128,8 @@ class SessionController extends Controller
|
||||
|
||||
try {
|
||||
$this->getApplicationBox()->get_connection();
|
||||
} catch (\Exception $e) {
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
return $this->app->json($ret);
|
||||
}
|
||||
|
||||
@@ -148,8 +149,9 @@ class SessionController extends Controller
|
||||
$module->setModuleId($moduleId);
|
||||
$module->setSession($session);
|
||||
$manager->persist($module);
|
||||
} else {
|
||||
$manager->persist($session->getModuleById($moduleId)->setUpdated(new \DateTime()));
|
||||
}
|
||||
else {
|
||||
$manager->persist($session->getModuleById($moduleId)->setUpdated($now));
|
||||
}
|
||||
|
||||
$manager->persist($session);
|
||||
@@ -231,7 +233,10 @@ class SessionController extends Controller
|
||||
*/
|
||||
private function getBasketRepository()
|
||||
{
|
||||
return $this->getEntityManager()->getRepository('Phraseanet:Basket');
|
||||
/** @var BasketRepository $ret */
|
||||
$ret = $this->getEntityManager()->getRepository('Phraseanet:Basket');
|
||||
|
||||
return $ret;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -11,28 +11,29 @@
|
||||
|
||||
namespace Alchemy\Phrasea\Helper;
|
||||
|
||||
use Doctrine\Common\Collections\ArrayCollection;
|
||||
use Alchemy\Phrasea\Model\Entities\Basket as BasketEntity;
|
||||
use Alchemy\Phrasea\Model\Repositories\BasketRepository;
|
||||
use Alchemy\Phrasea\Model\Repositories\StoryWZRepository;
|
||||
use Doctrine\Common\Collections\ArrayCollection;
|
||||
|
||||
class WorkZone extends Helper
|
||||
{
|
||||
const BASKETS = 'baskets';
|
||||
const STORIES = 'stories';
|
||||
const BASKETS = 'baskets';
|
||||
const STORIES = 'stories';
|
||||
const VALIDATIONS = 'validations';
|
||||
|
||||
/**
|
||||
*
|
||||
* Returns an ArrayCollection containing three keys :
|
||||
* - self::BASKETS : an ArrayCollection of the actives baskets
|
||||
* (Non Archived)
|
||||
* - self::BASKETS : an ArrayCollection of the actives baskets (Non Archived)
|
||||
* - self::STORIES : an ArrayCollection of working stories
|
||||
* - self::VALIDATIONS : the validation people are waiting from me
|
||||
*
|
||||
* @return \Doctrine\Common\Collections\ArrayCollection
|
||||
* @param null|string $sort "date"|"name"
|
||||
* @return ArrayCollection
|
||||
*/
|
||||
public function getContent($sort)
|
||||
public function getContent($sort = null)
|
||||
{
|
||||
/* @var $repo_baskets Alchemy\Phrasea\Model\Repositories\BasketRepository */
|
||||
/* @var $repo_baskets BasketRepository */
|
||||
$repo_baskets = $this->app['repo.baskets'];
|
||||
|
||||
$sort = in_array($sort, ['date', 'name']) ? $sort : 'name';
|
||||
@@ -42,7 +43,7 @@ class WorkZone extends Helper
|
||||
$baskets = $repo_baskets->findActiveByUser($this->app->getAuthenticatedUser(), $sort);
|
||||
|
||||
// force creation of a default basket
|
||||
if (0 === count($baskets)) {
|
||||
if (count($baskets) === 0) {
|
||||
$basket = new BasketEntity();
|
||||
|
||||
$basket->setName($this->app->trans('Default basket'));
|
||||
@@ -55,7 +56,7 @@ class WorkZone extends Helper
|
||||
|
||||
$validations = $repo_baskets->findActiveValidationByUser($this->app->getAuthenticatedUser(), $sort);
|
||||
|
||||
/* @var $repo_stories Alchemy\Phrasea\Model\Repositories\StoryWZRepository */
|
||||
/* @var $repo_stories StoryWZRepository */
|
||||
$repo_stories = $this->app['repo.story-wz'];
|
||||
|
||||
$stories = $repo_stories->findByUser($this->app, $this->app->getAuthenticatedUser(), $sort);
|
||||
|
||||
@@ -61,7 +61,7 @@ class SubdefGenerator
|
||||
|
||||
public function generateSubdefs(\record_adapter $record, array $wanted_subdefs = null)
|
||||
{
|
||||
if ($record->get_hd_file() !== null) {
|
||||
if ($record->get_hd_file() !== null && $record->get_hd_file()->getMimeType() == "application/x-indesign") {
|
||||
$mediaSource = $this->mediavorus->guess($record->get_hd_file()->getPathname());
|
||||
$metadatas = $mediaSource->getMetadatas();
|
||||
|
||||
@@ -69,15 +69,27 @@ class SubdefGenerator
|
||||
if(!isset($this->tmpFilesystem)){
|
||||
$this->tmpFilesystem = Manager::create();
|
||||
}
|
||||
$tmpDir = $this->tmpFilesystem->createTemporaryDirectory();
|
||||
$tmpDir = $this->tmpFilesystem->createTemporaryDirectory(0777, 500);
|
||||
|
||||
try {
|
||||
$this->app['filesystem']->dumpFile($tmpDir.'/file.jpg', $metadatas->get('XMP-xmp:PageImage')->getValue()->asString());
|
||||
$this->tmpFilePath = $tmpDir.'/file.jpg';
|
||||
} catch (\Exception $e) {
|
||||
$this->logger->error(sprintf('Unable to write temporary file : %s', $e->getMessage()));
|
||||
$files = $this->app['exiftool.preview-extractor']->extract($record->get_hd_file()->getPathname(), $tmpDir);
|
||||
|
||||
$selected = null;
|
||||
$size = null;
|
||||
|
||||
foreach ($files as $file) {
|
||||
if ($file->isDir() || $file->isDot()) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (is_null($selected) || $file->getSize() > $size) {
|
||||
$selected = $file->getPathname();
|
||||
$size = $file->getSize();
|
||||
}
|
||||
}
|
||||
|
||||
if ($selected) {
|
||||
$this->tmpFilePath = $selected;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -54,21 +54,24 @@ class BasketRepository extends EntityRepository
|
||||
/**
|
||||
* Returns all basket for a given user that are not marked as archived
|
||||
*
|
||||
* @param User $user
|
||||
* @param User $user
|
||||
* @param null|string $sort
|
||||
* @return Basket[]
|
||||
*/
|
||||
public function findActiveByUser(User $user, $sort = null)
|
||||
{
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
LEFT JOIN b.elements e
|
||||
WHERE b.user = :usr_id
|
||||
AND b.archived = false';
|
||||
// checked : 4 usages, "b.elements" is useless
|
||||
$dql = "SELECT b\n"
|
||||
. " FROM Phraseanet:Basket b\n"
|
||||
// . " LEFT JOIN b.elements e\n" //
|
||||
. " WHERE b.user = :usr_id\n"
|
||||
. " AND b.archived = false";
|
||||
|
||||
if ($sort == 'date') {
|
||||
$dql .= ' ORDER BY b.created DESC';
|
||||
} elseif ($sort == 'name') {
|
||||
$dql .= ' ORDER BY b.name ASC';
|
||||
$dql .= "\n ORDER BY b.created DESC";
|
||||
}
|
||||
elseif ($sort == 'name') {
|
||||
$dql .= "\n ORDER BY b.name ASC";
|
||||
}
|
||||
|
||||
$query = $this->_em->createQuery($dql);
|
||||
@@ -80,24 +83,27 @@ class BasketRepository extends EntityRepository
|
||||
/**
|
||||
* Returns all unread basket for a given user that are not marked as archived
|
||||
*
|
||||
* @param User $user
|
||||
* @param User $user
|
||||
* @return Basket[]
|
||||
*/
|
||||
public function findUnreadActiveByUser(User $user)
|
||||
{
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
JOIN b.elements e
|
||||
LEFT JOIN b.validation s
|
||||
LEFT JOIN s.participants p
|
||||
WHERE b.archived = false
|
||||
AND (
|
||||
(b.user = :usr_id_owner AND b.isRead = false)
|
||||
OR (b.user != :usr_id_ownertwo
|
||||
AND p.user = :usr_id_participant
|
||||
AND p.is_aware = false)
|
||||
)
|
||||
AND (s.expires IS NULL OR s.expires > CURRENT_TIMESTAMP())';
|
||||
// checked : 2 usages, "b.elements" is useless
|
||||
$dql = "SELECT b\n"
|
||||
. " FROM Phraseanet:Basket b\n"
|
||||
// . " JOIN b.elements e\n"
|
||||
. " LEFT JOIN b.validation s\n"
|
||||
. " LEFT JOIN s.participants p\n"
|
||||
. " WHERE b.archived = false\n"
|
||||
. " AND (\n"
|
||||
. " (b.user = :usr_id_owner AND b.isRead = false)\n"
|
||||
. " OR \n"
|
||||
. " (b.user != :usr_id_ownertwo\n"
|
||||
. " AND p.user = :usr_id_participant\n"
|
||||
. " AND p.is_aware = false\n"
|
||||
. " AND s.expires > CURRENT_TIMESTAMP()\n"
|
||||
. " )\n"
|
||||
. " )";
|
||||
|
||||
$params = [
|
||||
'usr_id_owner' => $user->getId(),
|
||||
@@ -115,11 +121,22 @@ class BasketRepository extends EntityRepository
|
||||
* Returns all baskets that are in validation session not expired and
|
||||
* where a specified user is participant (not owner)
|
||||
*
|
||||
* @param User $user
|
||||
* @param User $user
|
||||
* @param null|string $sort
|
||||
* @return Basket[]
|
||||
*/
|
||||
public function findActiveValidationByUser(User $user, $sort = null)
|
||||
{
|
||||
// checked : 2 usages, "b.elements" seems useless.
|
||||
$dql = "SELECT b\n"
|
||||
. "FROM Phraseanet:Basket b\n"
|
||||
// . " JOIN b.elements e\n"
|
||||
// . " JOIN e.validation_datas v\n"
|
||||
. " JOIN b.validation s\n"
|
||||
. " JOIN s.participants p\n"
|
||||
. "WHERE b.user != ?1 AND p.user = ?2\n"
|
||||
. " AND (s.expires IS NULL OR s.expires > CURRENT_TIMESTAMP())";
|
||||
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
JOIN b.elements e
|
||||
@@ -130,9 +147,9 @@ class BasketRepository extends EntityRepository
|
||||
AND (s.expires IS NULL OR s.expires > CURRENT_TIMESTAMP()) ';
|
||||
|
||||
if ($sort == 'date') {
|
||||
$dql .= ' ORDER BY b.created DESC';
|
||||
$dql .= "\nORDER BY b.created DESC";
|
||||
} elseif ($sort == 'name') {
|
||||
$dql .= ' ORDER BY b.name ASC';
|
||||
$dql .= "\nORDER BY b.name ASC";
|
||||
}
|
||||
|
||||
$query = $this->_em->createQuery($dql);
|
||||
@@ -152,10 +169,11 @@ class BasketRepository extends EntityRepository
|
||||
*/
|
||||
public function findUserBasket($basket_id, User $user, $requireOwner)
|
||||
{
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
LEFT JOIN b.elements e
|
||||
WHERE b.id = :basket_id';
|
||||
// checked : 3 usages, "b.elements e" seems useless
|
||||
$dql = "SELECT b\n"
|
||||
. " FROM Phraseanet:Basket b\n"
|
||||
// . " LEFT JOIN b.elements e\n"
|
||||
. " WHERE b.id = :basket_id";
|
||||
|
||||
$query = $this->_em->createQuery($dql);
|
||||
$query->setParameters(['basket_id' => $basket_id]);
|
||||
@@ -188,7 +206,7 @@ class BasketRepository extends EntityRepository
|
||||
|
||||
public function findContainingRecordForUser(\record_adapter $record, User $user)
|
||||
{
|
||||
|
||||
// todo : check "e.sbas_id = e.sbas_id" ???
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
JOIN b.elements e
|
||||
@@ -210,29 +228,31 @@ class BasketRepository extends EntityRepository
|
||||
{
|
||||
switch ($type) {
|
||||
case self::RECEIVED:
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
JOIN b.elements e';
|
||||
// todo : check when called, and if "LEFT JOIN b.elements e" is usefull
|
||||
$dql = "SELECT b\n"
|
||||
. "FROM Phraseanet:Basket b\n"
|
||||
. " JOIN b.elements e\n"
|
||||
. "WHERE b.user = :usr_id AND b.pusher_id IS NOT NULL";
|
||||
$params = [
|
||||
'usr_id' => $user->getId()
|
||||
];
|
||||
break;
|
||||
case self::VALIDATION_DONE:
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
JOIN b.elements e
|
||||
JOIN b.validation s
|
||||
JOIN s.participants p
|
||||
WHERE b.user != ?1 AND p.user = ?2';
|
||||
// todo : check when called, and if "LEFT JOIN b.elements e" is usefull
|
||||
$dql = "SELECT b\n"
|
||||
. "FROM Phraseanet:Basket b\n"
|
||||
. " JOIN b.elements e\n"
|
||||
. " JOIN b.validation s\n"
|
||||
. " JOIN s.participants p\n"
|
||||
. "WHERE b.user != ?1 AND p.user = ?2";
|
||||
$params = [
|
||||
1 => $user->getId()
|
||||
, 2 => $user->getId()
|
||||
1 => $user->getId(),
|
||||
2 => $user->getId()
|
||||
];
|
||||
break;
|
||||
case self::VALIDATION_SENT:
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
JOIN b.elements e
|
||||
JOIN b.validation v
|
||||
WHERE b.user = :usr_id';
|
||||
$params = [
|
||||
@@ -242,7 +262,6 @@ class BasketRepository extends EntityRepository
|
||||
case self::MYBASKETS:
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
LEFT JOIN b.elements e
|
||||
LEFT JOIN b.validation s
|
||||
LEFT JOIN s.participants p
|
||||
WHERE (b.user = :usr_id)';
|
||||
@@ -251,6 +270,7 @@ class BasketRepository extends EntityRepository
|
||||
];
|
||||
break;
|
||||
default:
|
||||
// todo : check when called, and if "LEFT JOIN b.elements e" is usefull
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
LEFT JOIN b.elements e
|
||||
@@ -296,6 +316,7 @@ class BasketRepository extends EntityRepository
|
||||
*/
|
||||
public function findActiveValidationAndBasketByUser(User $user, $sort = null)
|
||||
{
|
||||
// todo : check caller and if "LEFT JOIN b.elements e" is usefull
|
||||
$dql = 'SELECT b
|
||||
FROM Phraseanet:Basket b
|
||||
LEFT JOIN b.elements e
|
||||
|
||||
@@ -1115,7 +1115,6 @@ class ACL implements cache_cacheableInterface
|
||||
/**
|
||||
* @param array $base_ids
|
||||
* @return $this
|
||||
* @throws DBALException
|
||||
* @throws Exception
|
||||
*/
|
||||
public function revoke_access_from_bases(Array $base_ids)
|
||||
@@ -1125,24 +1124,30 @@ class ACL implements cache_cacheableInterface
|
||||
|
||||
$usr_id = $this->user->getId();
|
||||
|
||||
$errors = 0;
|
||||
foreach ($base_ids as $base_id) {
|
||||
if (!$stmt_del->execute([':base_id' => $base_id, ':usr_id' => $usr_id])) {
|
||||
throw new Exception('Error while deleteing some rights');
|
||||
}
|
||||
|
||||
$this->app['dispatcher']->dispatch(
|
||||
AclEvents::ACCESS_TO_BASE_REVOKED,
|
||||
new AccessToBaseRevokedEvent(
|
||||
$this,
|
||||
array(
|
||||
'base_id'=>$base_id
|
||||
if ($stmt_del->execute([':base_id' => $base_id, ':usr_id' => $usr_id])) {
|
||||
$this->app['dispatcher']->dispatch(
|
||||
AclEvents::ACCESS_TO_BASE_REVOKED,
|
||||
new AccessToBaseRevokedEvent(
|
||||
$this,
|
||||
[
|
||||
'base_id' => $base_id
|
||||
]
|
||||
)
|
||||
)
|
||||
);
|
||||
);
|
||||
}
|
||||
else {
|
||||
$errors++;
|
||||
}
|
||||
}
|
||||
$stmt_del->closeCursor();
|
||||
$this->delete_data_from_cache(self::CACHE_RIGHTS_BAS);
|
||||
|
||||
if($errors > 0) {
|
||||
throw new Exception('Error while deleting some rights');
|
||||
}
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
|
||||
@@ -11,6 +11,9 @@
|
||||
|
||||
use Alchemy\Phrasea\Application;
|
||||
use Alchemy\Phrasea\Model\Entities\User;
|
||||
use Alchemy\Phrasea\Model\Repositories\BasketRepository;
|
||||
use Alchemy\Phrasea\Model\Repositories\UserRepository;
|
||||
|
||||
|
||||
class eventsmanager_notify_orderdeliver extends eventsmanager_notifyAbstract
|
||||
{
|
||||
@@ -31,9 +34,9 @@ class eventsmanager_notify_orderdeliver extends eventsmanager_notifyAbstract
|
||||
|
||||
/**
|
||||
*
|
||||
* @param Array $datas
|
||||
* @param string[] $data
|
||||
* @param boolean $unread
|
||||
* @return string
|
||||
* @return array
|
||||
*/
|
||||
public function datas(array $data, $unread)
|
||||
{
|
||||
@@ -41,24 +44,29 @@ class eventsmanager_notify_orderdeliver extends eventsmanager_notifyAbstract
|
||||
$ssel_id = $data['ssel_id'];
|
||||
$n = $data['n'];
|
||||
|
||||
if (null === $user= $this->app['repo.users']->find(($from))) {
|
||||
/** @var UserRepository $userRepo */
|
||||
$userRepo = $this->app['repo.users'];
|
||||
if( ($user= $userRepo->find(($from))) === null ) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$sender = $user->getDisplayName();
|
||||
|
||||
try {
|
||||
/** @var BasketRepository $repository */
|
||||
$repository = $this->app['repo.baskets'];
|
||||
|
||||
$basket = $repository->findUserBasket($ssel_id, $this->app->getAuthenticatedUser(), false);
|
||||
} catch (\Exception $e) {
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$ret = [
|
||||
'text' => $this->app->trans('%user% vous a delivre %quantity% document(s) pour votre commande %title%', ['%user%' => $sender, '%quantity%' => $n, '%title%' => '<a href="/lightbox/compare/'
|
||||
. $ssel_id . '/" target="_blank">'
|
||||
. $basket->getName() . '</a>'])
|
||||
, 'class' => ''
|
||||
. $basket->getName() . '</a>']),
|
||||
'class' => ''
|
||||
];
|
||||
|
||||
return $ret;
|
||||
|
||||
@@ -11,6 +11,9 @@
|
||||
|
||||
use Alchemy\Phrasea\Application;
|
||||
use Alchemy\Phrasea\Model\Entities\User;
|
||||
use Alchemy\Phrasea\Model\Repositories\BasketRepository;
|
||||
use Alchemy\Phrasea\Model\Repositories\UserRepository;
|
||||
|
||||
|
||||
class eventsmanager_notify_validationdone extends eventsmanager_notifyAbstract
|
||||
{
|
||||
@@ -31,35 +34,38 @@ class eventsmanager_notify_validationdone extends eventsmanager_notifyAbstract
|
||||
|
||||
/**
|
||||
*
|
||||
* @param string $datas
|
||||
* @param string[] $data
|
||||
* @param boolean $unread
|
||||
* @return Array
|
||||
* @return array
|
||||
*/
|
||||
public function datas(array $data, $unread)
|
||||
{
|
||||
$from = $data['from'];
|
||||
$ssel_id = $data['ssel_id'];
|
||||
|
||||
if (null === $registered_user = $this->app['repo.users']->find($from)) {
|
||||
/** @var UserRepository $userRepo */
|
||||
$userRepo = $this->app['repo.users'];
|
||||
if ( ($registered_user = $userRepo->find($from)) === null ) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$sender = $registered_user->getDisplayName();
|
||||
|
||||
try {
|
||||
/** @var BasketRepository $repository */
|
||||
$repository = $this->app['repo.baskets'];
|
||||
|
||||
$basket = $repository->findUserBasket($ssel_id, $this->app->getAuthenticatedUser(), false);
|
||||
} catch (\Exception $e) {
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
return [];
|
||||
}
|
||||
|
||||
$ret = [
|
||||
'text' => $this->app->trans('%user% a envoye son rapport de validation de %title%', ['%user%' => $sender, '%title%' => '<a href="/lightbox/validate/'
|
||||
. $ssel_id . '/" target="_blank">'
|
||||
. $basket->getName() . '</a>'
|
||||
])
|
||||
, 'class' => ''
|
||||
. $basket->getName() . '</a>']),
|
||||
'class' => ''
|
||||
];
|
||||
|
||||
return $ret;
|
||||
@@ -84,12 +90,18 @@ class eventsmanager_notify_validationdone extends eventsmanager_notifyAbstract
|
||||
}
|
||||
|
||||
/**
|
||||
* @param integer $usr_id The id of the user to check
|
||||
* @param User $user The id of the user to check
|
||||
*
|
||||
* @return boolean
|
||||
*/
|
||||
public function is_available(User $user)
|
||||
{
|
||||
return $this->app->getAclForUser($user)->has_right(\ACL::CANPUSH);
|
||||
try {
|
||||
return $this->app->getAclForUser($user)->has_right(\ACL::CANPUSH);
|
||||
}
|
||||
catch (\Exception $e) {
|
||||
// has_right(unknow_right) ? will not happen !
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,13 +9,16 @@
|
||||
*/
|
||||
|
||||
use Alchemy\Phrasea\Application;
|
||||
use Alchemy\Phrasea\Model\Serializer\CaptionSerializer;
|
||||
use Alchemy\Phrasea\Model\Entities\Token;
|
||||
use Alchemy\Phrasea\Model\Entities\User;
|
||||
use Alchemy\Phrasea\Model\Repositories\BasketRepository;
|
||||
use Alchemy\Phrasea\Model\Repositories\StoryWZRepository;
|
||||
use Alchemy\Phrasea\Model\Serializer\CaptionSerializer;
|
||||
use Assert\Assertion;
|
||||
use Doctrine\DBAL\Connection;
|
||||
use Symfony\Component\Filesystem\Filesystem;
|
||||
|
||||
|
||||
class set_export extends set_abstract
|
||||
{
|
||||
private static $maxFilenameLength = 256;
|
||||
@@ -60,6 +63,7 @@ class set_export extends set_abstract
|
||||
$remain_hd = [];
|
||||
|
||||
if ($storyWZid) {
|
||||
/** @var StoryWZRepository $repository */
|
||||
$repository = $app['repo.story-wz'];
|
||||
|
||||
$storyWZ = $repository->findByUserAndId($this->app, $app->getAuthenticatedUser(), $storyWZid);
|
||||
@@ -68,6 +72,7 @@ class set_export extends set_abstract
|
||||
}
|
||||
|
||||
if ($sstid != "") {
|
||||
/** @var BasketRepository $repository */
|
||||
$repository = $app['repo.baskets'];
|
||||
|
||||
$Basket = $repository->findUserBasket($sstid, $app->getAuthenticatedUser(), false);
|
||||
|
||||
Reference in New Issue
Block a user