hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-23 09:53:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge 4.0 branch

Browse Source
This commit is contained in:
Thibaud Fabre
2016-12-05 17:04:54 +01:00
parent b5bbb1851f b84c35ff66
commit 97f2e66698
158 changed files with 5378 additions and 1530 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
composer.json
View File

@@ -10,10 +10,8 @@
"type": "vcs",
"url": "https://github.com/alchemy-fr/tcpdf-clone"
},
{
"type": "git",
"url": "https://github.com/romainneutron/ProcessManager.git"
},
{
"type": "vcs",
"url": "https://github.com/alchemy-fr/imagine"
@@ -22,9 +20,13 @@
"type": "vcs",
"url": "https://github.com/alchemy-fr/JMSTranslationBundle"
},
{
"type": "vcs",
"url": "https://github.com/alchemy-fr/embed-bundle.git"
},
{
"type": "git",
"url": "https://github.com/bburnichon/fractal.git"
"url": "https://github.com/alchemy-fr/fractal.git"
}
],
"require": {

1
lib/Alchemy/Phrasea/Application.php
View File

@@ -544,6 +544,7 @@ class Application extends SilexApplication
$this['root.path'] = realpath(__DIR__ . '/../../..');
// temporary resources default path such as download zip, quarantined documents etc ..
$this['tmp.path'] = getenv('PHRASEANET_TMP') ?: $this['root.path'].'/tmp';
// plugin path
$this['plugin.path'] = $this['root.path'].'/plugins';
// thumbnails path

59
lib/Alchemy/Phrasea/Collection/CollectionService.php
View File

@@ -267,27 +267,28 @@ class CollectionService
*/
public function grantAdminRights(CollectionReference $reference, User $user)
{
$rights = [
"canputinalbum" => "1",
"candwnldhd" => "1",
"nowatermark" => "1",
"candwnldpreview" => "1",
"cancmd" => "1",
"canadmin" => "1",
"actif" => "1",
"canreport" => "1",
"canpush" => "1",
"basusr_infousr" => "",
"canaddrecord" => "1",
"canmodifrecord" => "1",
"candeleterecord" => "1",
"chgstatus" => "1",
"imgtools" => "1",
"manage" => "1",
"modify_struct" => "1"
];
$this->app->getAclForUser($user)->update_rights_to_base($reference->getBaseId(), $rights);
$this->app->getAclForUser($user)->update_rights_to_base(
$reference->getBaseId(),
[
"basusr_infousr" => "", // todo : wtf
\ACL::CANPUTINALBUM => true,
\ACL::CANDWNLDHD => true,
\ACL::NOWATERMARK => true,
\ACL::CANDWNLDPREVIEW => true,
\ACL::CANCMD => true,
\ACL::CANADMIN => true,
\ACL::ACTIF => true,
\ACL::CANREPORT => true,
\ACL::CANPUSH => true,
\ACL::CANADDRECORD => true,
\ACL::CANMODIFRECORD => true,
\ACL::CANDELETERECORD => true,
\ACL::CHGSTATUS => true,
\ACL::IMGTOOLS => true,
\ACL::COLL_MANAGE => true,
\ACL::COLL_MODIFY_STRUCT => true
]
);
}
public function setOrderMasters(CollectionReference $reference, array $userIds)
@@ -317,18 +318,28 @@ class CollectionService
$userQuery = $factory();
$result = $userQuery->on_base_ids([ $reference->getBaseId()] )
->who_have_right(['order_master'])
->who_have_right([\ACL::ORDER_MASTER])
->execute()->get_results();
/** @var ACLProvider $acl */
$acl = $this->app['acl'];
foreach ($result as $user) {
$acl->get($user)->update_rights_to_base($reference->getBaseId(), ['order_master' => false]);
$acl->get($user)->update_rights_to_base(
$reference->getBaseId(),
[
\ACL::ORDER_MASTER => false
]
);
}
foreach ($admins as $admin) {
$acl->get($admin)->update_rights_to_base($reference->getBaseId(), ['order_master' => true]);
$acl->get($admin)->update_rights_to_base(
$reference->getBaseId(),
[
\ACL::ORDER_MASTER => true
]
);
}
$conn->commit();

22
lib/Alchemy/Phrasea/Command/BuildSubdefs.php
View File

@@ -345,7 +345,9 @@ class BuildSubdefs extends Command
while( ($row = $stmt->fetch(\PDO::FETCH_ASSOC)) ) {
$type = $row['type'];
$msg = sprintf(' record %s (%s) : ', $row['record_id'], $type);
$msg = [];
$msg[] = sprintf(' record %s (%s) :', $row['record_id'], $type);
try {
$record = $this->databox->get_record($row['record_id']);
@@ -366,7 +368,7 @@ class BuildSubdefs extends Command
$subdef->delete();
}
$subdefsDeleted[] = $name;
$msg .= sprintf(" \"%s\" deleted,", $name);
$msg[] = sprintf(" \"%s\" pruned", $name);
}
continue;
}
@@ -386,11 +388,15 @@ class BuildSubdefs extends Command
continue;
}
}
// here an existing subdef must be (re)done
if(!$this->dry) {
if(isset($subdefNamesToDo[$name])) {
if (!$this->dry) {
$subdef->remove_file();
$subdef->set_substituted(false);
}
$msg[] = sprintf(" [\"%s\"] deleted", $name);
}
}
$subdefNamesToDo = array_keys($subdefNamesToDo);
@@ -401,7 +407,7 @@ class BuildSubdefs extends Command
$subdefGenerator->generateSubdefs($record, $subdefNamesToDo);
}
$msg .= sprintf(" [\"%s\"] built", implode('","', $subdefNamesToDo));
$msg[] = sprintf(" [\"%s\"] built", implode('","', $subdefNamesToDo));
}
else {
// $msg .= " nothing to build";
@@ -416,10 +422,10 @@ class BuildSubdefs extends Command
. ' WHERE record_id=:record_id';
if($this->reset_subdef_flag) {
$msg .= ", jeton[\"make_subdef\"]=0";
$msg[] = "jeton[\"make_subdef\"]=0";
}
if($this->set_writemeta_flag) {
$msg .= ", jeton[\"write_met_subdef\"]=1";
$msg[] = "jeton[\"write_met_subdef\"]=1";
}
if(!$this->dry) {
$this->connection->executeUpdate($sql, [
@@ -436,10 +442,10 @@ class BuildSubdefs extends Command
if($progress) {
$progress->advance();
$this->output->write($msg);
$this->output->write(implode(' ', $msg));
}
else {
$this->output->writeln($msg);
$this->output->writeln(implode("\n", $msg));
}
}

4
lib/Alchemy/Phrasea/Controller/Admin/CollectionController.php
View File

@@ -46,10 +46,10 @@ class CollectionController extends Controller
$admins = [];
if ($this->getAclForUser()->has_right_on_base($bas_id, 'manage')) {
if ($this->getAclForUser()->has_right_on_base($bas_id, \ACL::COLL_MANAGE)) {
$query = $this->createUserQuery();
$admins = $query->on_base_ids([$bas_id])
->who_have_right(['order_master'])
->who_have_right([\ACL::ORDER_MASTER])
->execute()
->get_results();
}

4
lib/Alchemy/Phrasea/Controller/Admin/DataboxesController.php
View File

@@ -31,8 +31,8 @@ class DataboxesController extends Controller
{
$acl = $this->getAclForUser();
$sbasIds = array_merge(
array_keys($acl->get_granted_sbas(['bas_manage'])),
array_keys($acl->get_granted_sbas(['bas_modify_struct']))
array_keys($acl->get_granted_sbas([\ACL::BAS_MANAGE])),
array_keys($acl->get_granted_sbas([\ACL::BAS_MODIFY_STRUCT]))
);
$sbas = [];

12
lib/Alchemy/Phrasea/Controller/Admin/RootController.php
View File

@@ -88,7 +88,7 @@ class RootController extends Controller
*/
public function displayStatusBitAction($databox_id)
{
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, \ACL::BAS_MODIFY_STRUCT)) {
$this->app->abort(403);
}
@@ -105,7 +105,7 @@ class RootController extends Controller
*/
public function displayDataboxStructureAction(Request $request, $databox_id)
{
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, \ACL::BAS_MODIFY_STRUCT)) {
$this->app->abort(403);
}
@@ -132,7 +132,7 @@ class RootController extends Controller
public function submitDatabaseStructureAction(Request $request, $databox_id)
{
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, \ACL::BAS_MODIFY_STRUCT)) {
$this->app->abort(403);
}
@@ -162,7 +162,7 @@ class RootController extends Controller
public function displayDatabaseStatusBitFormAction(Request $request, $databox_id, $bit)
{
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, \ACL::BAS_MODIFY_STRUCT)) {
$this->app->abort(403);
}
@@ -220,7 +220,7 @@ class RootController extends Controller
$this->app->abort(400, $this->app->trans('Bad request format, only JSON is allowed'));
}
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, \ACL::BAS_MODIFY_STRUCT)) {
$this->app->abort(403);
}
@@ -238,7 +238,7 @@ class RootController extends Controller
}
public function submitStatusBitAction(Request $request, $databox_id, $bit) {
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
if (!$this->getAclForUser()->has_right_on_sbas($databox_id, \ACL::BAS_MODIFY_STRUCT)) {
$this->app->abort(403);
}

36
lib/Alchemy/Phrasea/Controller/Admin/SetupController.php
View File

@@ -10,29 +10,43 @@
namespace Alchemy\Phrasea\Controller\Admin;
use Alchemy\Phrasea\Application;
use Alchemy\Phrasea\Controller\Controller;
use Alchemy\Phrasea\Core\Configuration\Configuration;
use Alchemy\Phrasea\Core\Configuration\PropertyAccess;
use Alchemy\Phrasea\Core\Configuration\RegistryManipulator;
use Alchemy\Phrasea\Core\Configuration\RegistryFormManipulator;
use Symfony\Component\HttpFoundation\Request;
class SetupController extends Controller
{
/**
* @var RegistryFormManipulator
*/
private $registryFormManipulator;
/**
* @var PropertyAccess
*/
private $configuration;
public function __construct(Application $app, RegistryFormManipulator $registryFormManipulator, PropertyAccess $configuration)
{
parent::__construct($app);
$this->registryFormManipulator = $registryFormManipulator;
$this->configuration = $configuration;
}
public function submitGlobalsAction(Request $request)
{
/** @var RegistryManipulator $manipulator */
$manipulator = $this->app['registry.manipulator'];
/** @var PropertyAccess $config */
$config = $this->app['conf'];
$form = $manipulator->createForm($this->app['conf']);
$form = $this->registryFormManipulator->createForm();
if ('POST' === $request->getMethod()) {
$form->submit($request->request->all());
if ($form->isValid()) {
$config->set('registry', $manipulator->getRegistryData($form));
return $this->app->redirectPath('setup_display_globals');
if ($form->isValid()) {
$registryData = $this->registryFormManipulator->getRegistryData($form, $this->configuration);
$this->configuration->set('registry', $registryData);
}
// Do not return a 400 status code as not very well handled in calling JS.

3
lib/Alchemy/Phrasea/Controller/Admin/TaskManagerController.php
View File

@@ -46,8 +46,10 @@ class TaskManagerController extends Controller
$this->getDispatcher()->addListener(KernelEvents::TERMINATE, function () use ($cmdLine) {
$process = new Process($cmdLine);
$process->setTimeout(0);
$process->disableOutput();
set_time_limit(0);
ignore_user_abort(true);
@@ -65,6 +67,7 @@ class TaskManagerController extends Controller
$info = $this->getLiveInformationRequest();
$data = $info->getManager();
if (null !== $pid = $data['process-id']) {
if (substr(php_uname(), 0, 7) == "Windows"){
exec(sprintf('TaskKill /PID %d', $pid));

8
lib/Alchemy/Phrasea/Controller/Admin/UserController.php
View File

@@ -285,7 +285,7 @@ class UserController extends Controller
$on_base = $request->request->get('base_id') ? : null;
$on_sbas = $request->request->get('sbas_id') ? : null;
$eligible_users = $user_query->on_bases_where_i_am($this->getAclForConnectedUser(), ['canadmin'])
$eligible_users = $user_query->on_bases_where_i_am($this->getAclForConnectedUser(), [\ACL::CANADMIN])
->like($like_field, $like_value)
->on_base_ids($on_base)
->on_sbas_ids($on_sbas);
@@ -357,7 +357,7 @@ class UserController extends Controller
$userRegistrations = [];
/** @var RegistrationRepository $registrationRepository */
$registrationRepository = $this->app['repo.registrations'];
$collections = $this->getAclForConnectedUser()->get_granted_base(['canadmin']);
$collections = $this->getAclForConnectedUser()->get_granted_base([\ACL::CANADMIN]);
$authenticatedUserId = $authenticatedUser->getId();
foreach ($registrationRepository->getPendingRegistrations($collections) as $registration) {
$user = $registration->getUser();
@@ -689,7 +689,7 @@ class UserController extends Controller
]);
}
$basList = array_keys($this->getAclForConnectedUser()->get_granted_base(['manage']));
$basList = array_keys($this->getAclForConnectedUser()->get_granted_base([\ACL::COLL_MANAGE]));
/** @var NativeQueryProvider $query */
$query = $this->app['orm.em.native-query'];
$models = $query->getModelForUser($this->getAuthenticatedUser(), $basList);
@@ -832,7 +832,7 @@ class UserController extends Controller
$this->getAclForUser($newUser)->apply_model(
$userRepository->find($model),
array_keys($this->getAclForConnectedUser()->get_granted_base(['manage']))
array_keys($this->getAclForConnectedUser()->get_granted_base([\ACL::COLL_MANAGE]))
);
$nbCreation++;

32
lib/Alchemy/Phrasea/Controller/Api/V1Controller.php
View File

@@ -486,7 +486,7 @@ class V1Controller extends Controller
{
$userQuery = new \User_Query($this->app);
$orderMasters = $userQuery->on_base_ids([ $collection->get_base_id() ] )
->who_have_right(['order_master'])
->who_have_right([\ACL::ORDER_MASTER])
->execute()
->get_results()
->map(function (User $user) {
@@ -632,7 +632,7 @@ class V1Controller extends Controller
$offset_start = max($request->get('offset_start', 0), 0);
$per_page = min(max($request->get('per_page', 10), 1), 1000);
$baseIds = array_keys($this->getAclForUser()->get_granted_base(['canaddrecord']));
$baseIds = array_keys($this->getAclForUser()->get_granted_base([\ACL::CANADDRECORD]));
$lazaretFiles = [];
@@ -667,7 +667,7 @@ class V1Controller extends Controller
return Result::createError($request, 404, sprintf('Lazaret file id %d not found', $lazaret_id))->createResponse();
}
if (!$this->getAclForUser()->has_right_on_base($lazaretFile->getBaseId(), 'canaddrecord')) {
if (!$this->getAclForUser()->has_right_on_base($lazaretFile->getBaseId(), \ACL::CANADDRECORD)) {
return Result::createError($request, 403, 'You do not have access to this quarantine item')->createResponse();
}
@@ -906,7 +906,7 @@ class V1Controller extends Controller
$collection = \collection::getByBaseId($this->app, $request->get('base_id'));
if (!$this->getAclForUser()->has_right_on_base($request->get('base_id'), 'canaddrecord')) {
if (!$this->getAclForUser()->has_right_on_base($request->get('base_id'), \ACL::CANADDRECORD)) {
return Result::createError($request, 403, sprintf(
'You do not have access to collection %s', $collection->get_label($this->app['locale'])
))->createResponse();
@@ -1003,7 +1003,7 @@ class V1Controller extends Controller
$record = $this->findDataboxById($request->get('databox_id'))->get_record($request->get('record_id'));
$base_id = $record->getBaseId();
$collection = \collection::getByBaseId($this->app, $base_id);
if (!$this->getAclForUser()->has_right_on_base($base_id, 'canaddrecord')) {
if (!$this->getAclForUser()->has_right_on_base($base_id, \ACL::CANADDRECORD)) {
return Result::createError($request, 403, sprintf(
'You do not have access to collection %s', $collection->get_label($this->app['locale.I18n'])
));
@@ -1035,7 +1035,7 @@ class V1Controller extends Controller
return null;
}
if ($media->get_name() === 'document'
&& !$acl->has_right_on_base($record->getBaseId(), 'candwnldhd')
&& !$acl->has_right_on_base($record->getBaseId(), \ACL::CANDWNLDHD)
&& !$acl->has_hd_grant($record)
) {
return null;
@@ -2448,7 +2448,7 @@ class V1Controller extends Controller
{
$collection = \collection::getByBaseId($this->app, $data->{'base_id'});
if (!$this->getAclForUser()->has_right_on_base($collection->get_base_id(), 'canaddrecord')) {
if (!$this->getAclForUser()->has_right_on_base($collection->get_base_id(), \ACL::CANADDRECORD)) {
$this->app->abort(403, sprintf('You can not create a story on this collection %s', $collection->get_base_id()));
}
@@ -2770,9 +2770,11 @@ class V1Controller extends Controller
$user = $this->getApiAuthenticatedUser();
$acl = $this->getAclForUser($user);
if (! $acl->has_access_to_module('admin') || ! $acl->has_right('manageusers')) {
if (! $acl->has_access_to_module('admin') || ! $acl->has_right(\ACL::CANADMIN)) {
return Result::createError($request, 401, 'You are not authorized')->createResponse();
}
return null;
}
public function ensureAccessToDatabox(Request $request)
@@ -2814,7 +2816,7 @@ class V1Controller extends Controller
public function ensureCanModifyRecord(Request $request)
{
$user = $this->getApiAuthenticatedUser();
if (!$this->getAclForUser($user)->has_right('modifyrecord')) {
if (!$this->getAclForUser($user)->has_right(\ACL::CANMODIFRECORD)) {
return Result::createError($request, 401, 'You are not authorized')->createResponse();
}
@@ -2826,7 +2828,7 @@ class V1Controller extends Controller
$user = $this->getApiAuthenticatedUser();
$record = $this->findDataboxById($request->attributes->get('databox_id'))
->get_record($request->attributes->get('record_id'));
if (!$this->getAclForUser($user)->has_right_on_base($record->getBaseId(), 'chgstatus')) {
if (!$this->getAclForUser($user)->has_right_on_base($record->getBaseId(), \ACL::CHGSTATUS)) {
return Result::createError($request, 401, 'You are not authorized')->createResponse();
}
@@ -2837,7 +2839,7 @@ class V1Controller extends Controller
{
$user = $this->getApiAuthenticatedUser();
$databox = $this->findDataboxById($request->attributes->get('databox_id'));
if (!$this->getAclForUser($user)->has_right_on_sbas($databox->get_sbas_id(), 'bas_modify_struct')) {
if (!$this->getAclForUser($user)->has_right_on_sbas($databox->get_sbas_id(), \ACL::BAS_MODIFY_STRUCT)) {
return Result::createError($request, 401, 'You are not authorized')->createResponse();
}
@@ -2850,9 +2852,9 @@ class V1Controller extends Controller
$record = $this->findDataboxById($request->attributes->get('databox_id'))
->get_record($request->attributes->get('record_id'));
// TODO: Check comparison. seems to be a mismatch
if ((!$this->getAclForUser($user)->has_right('addrecord')
&& !$this->getAclForUser($user)->has_right('deleterecord'))
|| !$this->getAclForUser($user)->has_right_on_base($record->getBaseId(), 'candeleterecord')
if ((!$this->getAclForUser($user)->has_right(\ACL::CANADDRECORD)
&& !$this->getAclForUser($user)->has_right(\ACL::CANDELETERECORD))
|| !$this->getAclForUser($user)->has_right_on_base($record->getBaseId(), \ACL::CANDELETERECORD)
) {
return Result::createError($request, 401, 'You are not authorized')->createResponse();
}
@@ -2866,7 +2868,7 @@ class V1Controller extends Controller
$record = $this->findDataboxById($request->attributes->get('databox_id'))
->get_record($request->attributes->get('record_id'));
if (!$this->getAclForUser($user)->has_right_on_base($record->getBaseId(), 'candeleterecord')) {
if (!$this->getAclForUser($user)->has_right_on_base($record->getBaseId(), \ACL::CANDELETERECORD)) {
return Result::createError($request, 401, 'You are not authorized')->createResponse();
}

2
lib/Alchemy/Phrasea/Controller/DatafileController.php
View File

@@ -66,7 +66,7 @@ class DatafileController extends AbstractDelivery
$stamp = false;
$watermark = !$this->acl->get($this->authentication->getUser())
->has_right_on_base($record->getBaseId(), 'nowatermark');
->has_right_on_base($record->getBaseId(), \ACL::NOWATERMARK);
if ($watermark && !$all_access) {
$subdef_class = null;

6
lib/Alchemy/Phrasea/Controller/PermalinkController.php
View File

@@ -126,9 +126,7 @@ class PermalinkController extends AbstractDelivery
$isDownload = $request->query->getBoolean('download', false);
if ($isDownload) {
$user = $this->app->getAuthenticatedUser();
if ($isDownload && $user = $this->app->getAuthenticatedUser()) {
$this->getEventDispatcher()->dispatch(
PhraseaEvents::EXPORT_CREATE,
new ExportEvent($user, 0, $sbas_id . '_' . $record_id, [ $subdef ], '')
@@ -136,7 +134,7 @@ class PermalinkController extends AbstractDelivery
}
if ($this->authentication->isAuthenticated()) {
$watermark = !$this->acl->get($this->authentication->getUser())->has_right_on_base($record->getBaseId(), 'nowatermark');
$watermark = !$this->acl->get($this->authentication->getUser())->has_right_on_base($record->getBaseId(), \ACL::NOWATERMARK);
if ($watermark) {
/** @var BasketElementRepository $repository */

8
lib/Alchemy/Phrasea/Controller/Prod/EditController.php
View File

@@ -39,7 +39,7 @@ class EditController extends Controller
$this->app,
$request,
RecordsRequest::FLATTEN_YES_PRESERVE_STORIES,
['canmodifrecord']
[\ACL::CANMODIFRECORD]
);
$thesaurus = false;
@@ -121,7 +121,7 @@ class EditController extends Controller
}
// generate javascript status
if ($this->getAclForUser()->has_right('changestatus')) {
if ($this->getAclForUser()->has_right(\ACL::CHGSTATUS)) {
$statusStructure = $databox->getStatusStructure();
foreach ($statusStructure as $statbit) {
$bit = $statbit['bit'];
@@ -158,7 +158,7 @@ class EditController extends Controller
$elements[$indice]['statbits'] = [];
$elements[$indice]['editableStatus'] = false;
if ($this->getAclForUser()->has_right_on_base($record->getBaseId(), 'chgstatus')) {
if ($this->getAclForUser()->has_right_on_base($record->getBaseId(), \ACL::CHGSTATUS)) {
$elements[$indice]['editableStatus'] = true;
foreach ($status as $n => $s) {
$tmp_val = substr(strrev($record->getStatus()), $n, 1);
@@ -279,7 +279,7 @@ class EditController extends Controller
public function applyAction(Request $request) {
$records = RecordsRequest::fromRequest($this->app, $request, RecordsRequest::FLATTEN_YES_PRESERVE_STORIES, ['canmodifrecord']);
$records = RecordsRequest::fromRequest($this->app, $request, RecordsRequest::FLATTEN_YES_PRESERVE_STORIES, [\ACL::CANMODIFRECORD]);
$databoxes = $records->databoxes();
if (count($databoxes) !== 1) {

6
lib/Alchemy/Phrasea/Controller/Prod/FeedController.php
View File

@@ -37,7 +37,7 @@ class FeedController extends Controller
public function publishRecordsAction(Request $request)
{
$feeds = $this->getFeedRepository()->getAllForUser($this->getAclForUser());
$publishing = RecordsRequest::fromRequest($this->app, $request, true, [], ['bas_chupub']);
$publishing = RecordsRequest::fromRequest($this->app, $request, true, [], [\ACL::BAS_CHUPUB]);
return $this->render(
'prod/actions/publish/publish.html.twig',
@@ -76,7 +76,7 @@ class FeedController extends Controller
$feed->addEntry($entry);
$publishing = RecordsRequest::fromRequest($this->app, $request, true, [], ['bas_chupub']);
$publishing = RecordsRequest::fromRequest($this->app, $request, true, [], [\ACL::BAS_CHUPUB]);
$manager = $this->getEntityManager();
foreach ($publishing as $record) {
$item = new FeedItem();
@@ -270,7 +270,7 @@ class FeedController extends Controller
public function ensureUserHasPublishRight()
{
$this->requireRight('bas_chupub');
$this->requireRight(\ACL::BAS_CHUPUB);
}
/**

2
lib/Alchemy/Phrasea/Controller/Prod/LazaretController.php
View File

@@ -42,7 +42,7 @@ class LazaretController extends Controller
*/
public function listElement(Request $request)
{
$baseIds = array_keys($this->getAclForUser()->get_granted_base(['canaddrecord']));
$baseIds = array_keys($this->getAclForUser()->get_granted_base([\ACL::CANADDRECORD]));
$lazaretFiles = null;
$perPage = 10;

9
lib/Alchemy/Phrasea/Controller/Prod/MoveCollectionController.php
View File

@@ -17,7 +17,7 @@ class MoveCollectionController extends Controller
{
public function displayForm(Request $request)
{
$records = RecordsRequest::fromRequest($this->app, $request, false, ['candeleterecord']);
$records = RecordsRequest::fromRequest($this->app, $request, false, [\ACL::CANDELETERECORD]);
$sbas_ids = array_map(function (\databox $databox) {
return $databox->get_sbas_id();
@@ -26,6 +26,7 @@ class MoveCollectionController extends Controller
$message = '';
$template = '';
$collections = $this->getAclForUser()->get_granted_base(['canaddrecord'], $sbas_ids);
$collections = $this->getAclForUser()->get_granted_base([\ACL::CANADDRECORD], $sbas_ids);
if (count($records->databoxes()) > 1) {
$success = false;
@@ -56,7 +57,7 @@ class MoveCollectionController extends Controller
public function apply(Request $request)
{
/** @var \record_adapter[] $records */
$records = RecordsRequest::fromRequest($this->app, $request, false, ['candeleterecord']);
$records = RecordsRequest::fromRequest($this->app, $request, false, [\ACL::CANDELETERECORD]);
$datas = [
'success' => false,
@@ -70,7 +71,7 @@ class MoveCollectionController extends Controller
return $this->app->json($datas);
}
if (!$this->getAclForUser()->has_right_on_base($request->request->get('base_id'), 'canaddrecord')) {
if (!$this->getAclForUser()->has_right_on_base($request->request->get('base_id'), \ACL::CANADDRECORD)) {
$datas['message'] = $this->app->trans("You do not have the permission to move records to %collection%", ['%collection%', \phrasea::bas_labels($request->request->get('base_id'), $this->app)]);
return $this->app->json($datas);
@@ -90,7 +91,7 @@ class MoveCollectionController extends Controller
if ($request->request->get("chg_coll_son") == "1") {
/** @var \record_adapter $child */
foreach ($record->getChildren() as $child) {
if ($this->getAclForUser()->has_right_on_base($child->getBaseId(), 'candeleterecord')) {
if ($this->getAclForUser()->has_right_on_base($child->getBaseId(), \ACL::CANDELETERECORD)) {
$child->move_to_collection($collection, $this->getApplicationBox());
}
}

8
lib/Alchemy/Phrasea/Controller/Prod/PropertyController.php
View File

@@ -28,7 +28,7 @@ class PropertyController extends Controller
$this->app->abort(400);
}
$records = RecordsRequest::fromRequest($this->app, $request, false, ['chgstatus']);
$records = RecordsRequest::fromRequest($this->app, $request, false, [\ACL::CHGSTATUS]);
$databoxes = $records->databoxes();
if (count($databoxes) > 1) {
@@ -81,7 +81,7 @@ class PropertyController extends Controller
$this->app->abort(400);
}
$records = RecordsRequest::fromRequest($this->app, $request, false, ['canmodifrecord']);
$records = RecordsRequest::fromRequest($this->app, $request, false, [\ACL::CANMODIFRECORD]);
$recordsType = [];
@@ -115,7 +115,7 @@ class PropertyController extends Controller
public function changeStatus(Request $request)
{
$applyStatusToChildren = $request->request->get('apply_to_children', []);
$records = RecordsRequest::fromRequest($this->app, $request, false, ['chgstatus']);
$records = RecordsRequest::fromRequest($this->app, $request, false, [\ACL::CHGSTATUS]);
$updated = [];
$postStatus = (array) $request->request->get('status');
@@ -149,7 +149,7 @@ class PropertyController extends Controller
public function changeType(Request $request)
{
$typeLst = $request->request->get('types', []);
$records = RecordsRequest::fromRequest($this->app, $request, false, ['canmodifrecord']);
$records = RecordsRequest::fromRequest($this->app, $request, false, [\ACL::CANMODIFRECORD]);
$mimeLst = $request->request->get('mimes', []);
$forceType = $request->request->get('force_types', '');
$updated = [];

8
lib/Alchemy/Phrasea/Controller/Prod/PushController.php
View File

@@ -395,7 +395,7 @@ class PushController extends Controller
$data = null;
$query = $this->createUserQuery();
$query->on_bases_where_i_am($this->getAclForUser($this->getAuthenticatedUser()), ['canpush']);
$query->on_bases_where_i_am($this->getAclForUser($this->getAuthenticatedUser()), [\ACL::CANPUSH]);
$query->in([$usr_id]);
@@ -431,7 +431,7 @@ class PushController extends Controller
$result = ['success' => false, 'message' => '', 'user' => null];
try {
if (!$this->getAclForUser($this->getAuthenticatedUser())->has_right('manageusers'))
if (!$this->getAclForUser($this->getAuthenticatedUser())->has_right(\ACL::CANADMIN))
throw new ControllerException($this->app->trans('You are not allowed to add users'));
if (!$request->request->get('firstname'))
@@ -502,7 +502,7 @@ class PushController extends Controller
public function searchUserAction(Request $request)
{
$query = $this->createUserQuery();
$query->on_bases_where_i_am($this->getAclForUser($this->getAuthenticatedUser()), ['canpush']);
$query->on_bases_where_i_am($this->getAclForUser($this->getAuthenticatedUser()), [\ACL::CANPUSH]);
$query
->like(\User_Query::LIKE_FIRSTNAME, $request->query->get('query'))
->like(\User_Query::LIKE_LASTNAME, $request->query->get('query'))
@@ -540,7 +540,7 @@ class PushController extends Controller
$list = $repository->findUserListByUserAndId($this->getAuthenticatedUser(), $list_id);
$query = $this->createUserQuery();
$query->on_bases_where_i_am($this->getAclForUser($this->getAuthenticatedUser()), ['canpush']);
$query->on_bases_where_i_am($this->getAclForUser($this->getAuthenticatedUser()), [\ACL::CANPUSH]);
if ($request->get('query')) {
$query

17
lib/Alchemy/Phrasea/Controller/Prod/RecordController.php
View File

@@ -130,9 +130,11 @@ class RecordController extends Controller
public function doDeleteRecords(Request $request)
{
$flatten = (bool)($request->request->get('del_children')) ? RecordsRequest::FLATTEN_YES_PRESERVE_STORIES : RecordsRequest::FLATTEN_NO;
$records = RecordsRequest::fromRequest($this->app, $request, $flatten, [
'candeleterecord'
]);
$records = RecordsRequest::fromRequest(
$this->app,
$request,$flatten,
[\ACL::CANDELETERECORD]
);
$basketElementsRepository = $this->getBasketElementRepository();
$StoryWZRepository = $this->getStoryWorkZoneRepository();
@@ -175,9 +177,12 @@ class RecordController extends Controller
*/
public function whatCanIDelete(Request $request)
{
$records = RecordsRequest::fromRequest($this->app, $request, !!$request->request->get('del_children'), [
'candeleterecord',
]);
$records = RecordsRequest::fromRequest(
$this->app,
$request,
!!$request->request->get('del_children'),
[\ACL::CANDELETERECORD]
);
return $this->render('prod/actions/delete_records_confirm.html.twig', [
'records' => $records,

8
lib/Alchemy/Phrasea/Controller/Prod/StoryController.php
View File

@@ -35,7 +35,7 @@ class StoryController extends Controller
{
$collection = \collection::getByBaseId($this->app, $request->request->get('base_id'));
if (!$this->getAclForUser()->has_right_on_base($collection->get_base_id(), 'canaddrecord')) {
if (!$this->getAclForUser()->has_right_on_base($collection->get_base_id(), \ACL::CANADDRECORD)) {
throw new AccessDeniedHttpException('You can not create a story on this collection');
}
@@ -109,7 +109,7 @@ class StoryController extends Controller
{
$Story = new \record_adapter($this->app, $sbas_id, $record_id);
if (!$this->getAclForUser()->has_right_on_base($Story->getBaseId(), 'canmodifrecord')) {
if (!$this->getAclForUser()->has_right_on_base($Story->getBaseId(), \ACL::CANMODIFRECORD)) {
throw new AccessDeniedHttpException('You can not add document to this Story');
}
@@ -145,7 +145,7 @@ class StoryController extends Controller
$story = new \record_adapter($this->app, $sbas_id, $record_id);
$record = new \record_adapter($this->app, $child_sbas_id, $child_record_id);
if (!$this->getAclForUser()->has_right_on_base($story->getBaseId(), 'canmodifrecord')) {
if (!$this->getAclForUser()->has_right_on_base($story->getBaseId(), \ACL::CANMODIFRECORD)) {
throw new AccessDeniedHttpException('You can not add document to this Story');
}
@@ -188,7 +188,7 @@ class StoryController extends Controller
throw new \Exception('This is not a story');
}
if (!$this->getAclForUser()->has_right_on_base($story->getBaseId(), 'canmodifrecord')) {
if (!$this->getAclForUser()->has_right_on_base($story->getBaseId(), \ACL::CANMODIFRECORD)) {
throw new ControllerException($this->app->trans('You can not edit this story'));
}

20
lib/Alchemy/Phrasea/Controller/Prod/ToolsController.php
View File

@@ -51,9 +51,9 @@ class ToolsController extends Controller
$acl = $this->getAclForUser();
if ($acl->has_right('bas_chupub')
&& $acl->has_right_on_base($record->getBaseId(), 'canmodifrecord')
&& $acl->has_right_on_base($record->getBaseId(), 'imgtools')
if ($acl->has_right(\ACL::BAS_CHUPUB)
&& $acl->has_right_on_base($record->getBaseId(), \ACL::CANMODIFRECORD)
&& $acl->has_right_on_base($record->getBaseId(), \ACL::IMGTOOLS)
) {
$databoxSubdefs = $record->getDatabox()->get_subdef_structure()->getSubdefGroup($record->getType());
@@ -64,7 +64,7 @@ class ToolsController extends Controller
}
if ('document' == $subdefName) {
if (!$acl->has_right_on_base($record->getBaseId(), 'candwnldhd')) {
if (!$acl->has_right_on_base($record->getBaseId(), \ACL::CANDWNLDHD)) {
continue;
}
$label = $this->app->trans('prod::tools: document');
@@ -149,7 +149,7 @@ class ToolsController extends Controller
$force = $request->request->get('force_substitution') == '1';
$selection = RecordsRequest::fromRequest($this->app, $request, false, array('canmodifrecord'));
$selection = RecordsRequest::fromRequest($this->app, $request, false, [\ACL::CANMODIFRECORD]);
foreach ($selection as $record) {
$substituted = false;
@@ -188,8 +188,10 @@ class ToolsController extends Controller
try {
$tempoDir = tempnam(sys_get_temp_dir(), 'substit');
unlink($tempoDir);
mkdir($tempoDir);
$tempoFile = $tempoDir . DIRECTORY_SEPARATOR . $fileName;
if (false === rename($file->getPathname(), $tempoFile)) {
@@ -342,10 +344,10 @@ class ToolsController extends Controller
$state = $request->request->get('state') == 'true' ? true : false;
$acl = $this->getAclForUser();
if (!$acl->has_right('bas_chupub')
|| !$acl->has_right_on_base($record->getBaseId(), 'canmodifrecord')
|| !$acl->has_right_on_base($record->getBaseId(), 'imgtools')
|| ('document' == $subdefName && !$acl->has_right_on_base($record->getBaseId(), 'candwnldhd'))
if (!$acl->has_right(\ACL::BAS_CHUPUB)
|| !$acl->has_right_on_base($record->getBaseId(), \ACL::CANMODIFRECORD)
|| !$acl->has_right_on_base($record->getBaseId(), \ACL::IMGTOOLS)
|| ('document' == $subdefName && !$acl->has_right_on_base($record->getBaseId(), \ACL::CANDWNLDHD))
|| ('document' != $subdefName && !$acl->has_access_to_subdef($record, $subdefName))
) {
$this->app->abort(403);

4
lib/Alchemy/Phrasea/Controller/Prod/UploadController.php
View File

@@ -115,7 +115,7 @@ class UploadController extends Controller
throw new BadRequestHttpException('Missing base_id parameter');
}
if (!$this->getAclForUser()->has_right_on_base($base_id, 'canaddrecord')) {
if (!$this->getAclForUser()->has_right_on_base($base_id, \ACL::CANADDRECORD)) {
throw new AccessDeniedHttpException('User is not allowed to add record on this collection');
}
@@ -243,7 +243,7 @@ class UploadController extends Controller
{
$collections = [];
foreach ($acl->get_granted_base(['canaddrecord']) as $collection) {
foreach ($acl->get_granted_base([\ACL::CANADDRECORD]) as $collection) {
$databox = $collection->get_databox();
if ( ! isset($collections[$databox->get_sbas_id()])) {

4
lib/Alchemy/Phrasea/Controller/RecordsRequest.php
View File

@@ -219,8 +219,8 @@ class RecordsRequest extends ArrayCollection
$repository = $app['repo.story-wz'];
$storyWZ = $repository->findByUserAndId(
$app, $app->getAuthenticatedUser()
, $request->get('story')
$app, $app->getAuthenticatedUser(),
$request->get('story')
);
$received[$storyWZ->getRecord($app)->get_serialize_key()] = $storyWZ->getRecord($app);

2
lib/Alchemy/Phrasea/Controller/Report/RootController.php
View File

@@ -53,7 +53,7 @@ class RootController extends Controller
$granted = [];
foreach ($this->getAclForUser()->get_granted_base(['canreport']) as $collection) {
foreach ($this->getAclForUser()->get_granted_base([\ACL::CANREPORT]) as $collection) {
if (!isset($granted[$collection->get_sbas_id()])) {
$granted[$collection->get_sbas_id()] = [
'id' => $collection->get_sbas_id(),

48
lib/Alchemy/Phrasea/Controller/Thesaurus/ThesaurusXmlHttpController.php
View File

@@ -700,43 +700,14 @@ class ThesaurusXmlHttpController extends Controller
foreach ($collections as $collection) {
$lcoll .= ($lcoll?",":"") . $collection->get_coll_id();
}
$site = $this->app['phraseanet.configuration']['main']['key'];
$usr_id = $this->getAuthenticatedUser()->getId();
$tids = explode('.', $request->get('id'));
$thid = implode('.', $tids);
try {
$databox = $this->findDataboxById($sbid);
$connbas = $databox->get_connection();
$dbname = \phrasea::sbas_labels($sbid, $this->app);
$t_nrec = [];
$lthid = strlen($thid);
// count occurrences
if ($lthid > 1) {
$dthid = str_replace('.', 'd', $thid);
$sql = "SELECT"
. " 0+SUBSTR(t.value, " . ($lthid + 2) . ") AS k, COUNT(DISTINCT(`record_id`)) AS n"
. " FROM (thit AS t INNER JOIN record AS r USING(record_id))"
. " INNER JOIN collusr AS c ON c.site=:site AND c.usr_id=:usr_id AND r.coll_id=c.coll_id"
. " WHERE t.value LIKE :like AND r.coll_id IN(".$lcoll.") AND (r.status^c.mask_xor)&c.mask_and=0"
. " GROUP BY k ORDER BY NULL";
$sqlparm = array(':like' => $dthid . 'd%', ':site'=>$site, ':usr_id'=>$usr_id);
$stmt = $connbas->prepare($sql);
$stmt->execute($sqlparm);
$rs = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$stmt->closeCursor();
foreach ($rs as $rowbas) {
$t_nrec[$thid . '.' . $rowbas['k']] = $rowbas;
}
}
$databox = $this->findDataboxById($sbid);
if ($request->get('type') == 'T') {
$xqroot = 'thesaurus';
$dom = $databox->get_dom_thesaurus();
@@ -758,17 +729,7 @@ class ThesaurusXmlHttpController extends Controller
$node0 = $nodes->item(0);
$key0 = null; // key of the sy in the current language (or key of the first sy if we can't find good lng)
$nts0 = 0; // count of ts under this term
$label = $this->buildBranchLabel($dbname, $lng, $node0, $key0, $nts0);
$class = '';
if ($nts0 > 0) {
$class .= ( $class == '' ? '' : ' ') . 'expandable';
}
if ($request->get('last')) {
$class .= ( $class == '' ? '' : ' ') . 'last';
}
// on dresse la liste des termes specifiques avec comme cle le synonyme dans la langue pivot
$nts = 0;
$tts = [];
@@ -795,7 +756,6 @@ class ThesaurusXmlHttpController extends Controller
}
}
if ($nts > 0) {
$field0 = $node0->getAttribute('field');
if ($field0) {
$field0 = 'field="' . $field0 . '"';
@@ -803,6 +763,7 @@ class ThesaurusXmlHttpController extends Controller
$html .= '<UL ' . $field0 . '>' . "\n";
if ($nts > 0) {
if ($request->get('sortsy') && $lng != '') {
ksort($tts, SORT_STRING);
} elseif ($request->get('type') == 'C') {
@@ -830,10 +791,6 @@ class ThesaurusXmlHttpController extends Controller
$html .= '<span>' . $ts['label'] . '</span>';
if (isset($t_nrec[$tid])) {
$html .= ' <I>' . $t_nrec[$tid]['n'] . '</I>';
}
$html .= "\n";
if ($ts['nts'] > 0) {
@@ -842,10 +799,9 @@ class ThesaurusXmlHttpController extends Controller
$html .= '</LI>' . "\n";
}
$html .= '</UL>' . "\n";
}
$html .= '</LI>' . "\n";
$html .= '</UL>' . "\n";
}
}
} catch (\Exception $e) {

2
lib/Alchemy/Phrasea/ControllerProvider/Admin/Collection.php
View File

@@ -45,7 +45,7 @@ class Collection implements ControllerProviderInterface, ServiceProviderInterfac
$controllers->before(function (Request $request) use ($firewall) {
$firewall
->requireAccessToModule('admin')
->requireRightOnBase($request->attributes->get('bas_id'), 'canadmin');
->requireRightOnBase($request->attributes->get('bas_id'), \ACL::CANADMIN);
});
$controllers->get('/{bas_id}/', 'controller.admin.collection:getCollection')

4
lib/Alchemy/Phrasea/ControllerProvider/Admin/Databox.php
View File

@@ -135,11 +135,11 @@ class Databox implements ControllerProviderInterface, ServiceProviderInterface
public function requireManageRightOnSbas(Request $request, Application $app)
{
$this->getFirewall($app)->requireRightOnSbas($request->attributes->get('databox_id'), 'bas_manage');
$this->getFirewall($app)->requireRightOnSbas($request->attributes->get('databox_id'), \ACL::BAS_MANAGE);
}
public function requireChangeSbasStructureRight(Request $request, Application $app)
{
$this->getFirewall($app)->requireRightOnSbas($request->attributes->get('databox_id'), 'bas_modify_struct');
$this->getFirewall($app)->requireRightOnSbas($request->attributes->get('databox_id'), \ACL::BAS_MODIFY_STRUCT);
}
}

2
lib/Alchemy/Phrasea/ControllerProvider/Admin/Feeds.php
View File

@@ -41,7 +41,7 @@ class Feeds implements ControllerProviderInterface, ServiceProviderInterface
$controllers->before(function () use ($firewall) {
$firewall
->requireAccessToModule('admin')
->requireRight('bas_chupub');
->requireRight(\ACL::BAS_CHUPUB);
});
$controllers->get('/list/', 'controller.admin.feeds:listFeedsAction')

2
lib/Alchemy/Phrasea/ControllerProvider/Admin/Fields.php
View File

@@ -51,7 +51,7 @@ class Fields implements ControllerProviderInterface, ServiceProviderInterface
$controllers->before(function () use ($firewall) {
$firewall
->requireAccessToModule('admin')
->requireRight('bas_modify_struct');
->requireRight(\ACL::BAS_MODIFY_STRUCT);
});
$controllers->get('/language.json', 'controller.admin.fields:getLanguage')

2
lib/Alchemy/Phrasea/ControllerProvider/Admin/Setup.php
View File

@@ -24,7 +24,7 @@ class Setup implements ControllerProviderInterface, ServiceProviderInterface
public function register(Application $app)
{
$app['controller.admin.setup'] = $app->share(function (PhraseaApplication $app) {
return new SetupController($app);
return new SetupController($app, $app['registry.manipulator'], $app['conf']);
});
}

2
lib/Alchemy/Phrasea/ControllerProvider/Admin/Subdefs.php
View File

@@ -41,7 +41,7 @@ class Subdefs implements ControllerProviderInterface, ServiceProviderInterface
$controllers->before(function (Request $request) use ($firewall) {
$firewall->requireAccessToModule('admin')
->requireRightOnSbas($request->attributes->get('sbas_id'), 'bas_modify_struct');
->requireRightOnSbas($request->attributes->get('sbas_id'), \ACL::BAS_MODIFY_STRUCT);
});
$controllers->get('/{sbas_id}/', 'controller.admin.subdefs:indexAction')

2
lib/Alchemy/Phrasea/ControllerProvider/Admin/TaskManager.php
View File

@@ -46,7 +46,7 @@ class TaskManager implements ControllerProviderInterface, ServiceProviderInterfa
};
$controllers->before(function () use ($firewall) {
$firewall->requireRight('taskmanager');
$firewall->requireRight(\ACL::TASKMANAGER);
});
$controllers

2
lib/Alchemy/Phrasea/ControllerProvider/Admin/Users.php
View File

@@ -43,7 +43,7 @@ class Users implements ControllerProviderInterface, ServiceProviderInterface
$controllers->before(function () use ($firewall) {
$firewall->requireAccessToModule('admin')
->requireRight('manageusers');
->requireRight(\ACL::CANADMIN);
});
$controllers->match('/rights/', 'controller.admin.users:editRightsAction')

11
lib/Alchemy/Phrasea/ControllerProvider/Api/V2.php
View File

@@ -53,12 +53,21 @@ class V2 extends Api implements ControllerProviderInterface, ServiceProviderInte
$app['controller.api.v2.orders'] = $app->share(
function (PhraseaApplication $app) {
return (new ApiOrderController($app))
$controller = new ApiOrderController(
$app,
$app['repo.orders'],
$app['repo.order-elements'],
$app['provider.order_basket']
);
$controller
->setDispatcher($app['dispatcher'])
->setEntityManagerLocator(new LazyLocator($app, 'orm.em'))
->setDelivererLocator(new LazyLocator($app, 'phraseanet.file-serve'))
->setFileSystemLocator(new LazyLocator($app, 'filesystem'))
->setJsonBodyHelper($app['json.body_helper']);
return $controller;
}
);
}

2
lib/Alchemy/Phrasea/ControllerProvider/Prod/Bridge.php
View File

@@ -40,7 +40,7 @@ class Bridge implements ControllerProviderInterface, ServiceProviderInterface
$firewall = $this->getFirewall($app);
$controllers->before(function () use ($firewall) {
$firewall->requireRight('bas_chupub');
$firewall->requireRight(\ACL::BAS_CHUPUB);
});
$controllers

2
lib/Alchemy/Phrasea/ControllerProvider/Prod/Edit.php
View File

@@ -47,7 +47,7 @@ class Edit implements ControllerProviderInterface, ServiceProviderInterface
$controllers->before(function () use ($firewall) {
$firewall
->requireNotGuest()
->requireRight('modifyrecord');
->requireRight(\ACL::CANMODIFRECORD);
});
$controllers->post('/', 'controller.prod.edit:submitAction');

2
lib/Alchemy/Phrasea/ControllerProvider/Prod/Lazaret.php
View File

@@ -53,7 +53,7 @@ class Lazaret implements ControllerProviderInterface, ServiceProviderInterface
$firewall = $this->getFirewall($app);
$controllers->before(function () use ($firewall) {
$firewall->requireRight('addrecord');
$firewall->requireRight(\ACL::CANADDRECORD);
});
$controllers->get('/', 'controller.prod.lazaret:listElement')

4
lib/Alchemy/Phrasea/ControllerProvider/Prod/MoveCollection.php
View File

@@ -41,8 +41,8 @@ class MoveCollection implements ControllerProviderInterface, ServiceProviderInte
$controllers->before(function () use ($firewall) {
$firewall
->requireRight('addrecord')
->requireRight('deleterecord');
->requireRight(\ACL::CANADDRECORD)
->requireRight(\ACL::CANDELETERECORD);
});
$controllers->post('/', 'controller.prod.move-collection:displayForm')

18
lib/Alchemy/Phrasea/ControllerProvider/Prod/Order.php
View File

@@ -12,8 +12,8 @@
namespace Alchemy\Phrasea\ControllerProvider\Prod;
use Alchemy\Phrasea\Application as PhraseaApplication;
use Alchemy\Phrasea\Controller\LazyLocator;
use Alchemy\Phrasea\ControllerProvider\ControllerProviderTrait;
use Alchemy\Phrasea\Core\LazyLocator;
use Alchemy\Phrasea\Order\Controller\ProdOrderController;
use Alchemy\Phrasea\Order\OrderBasketProvider;
use Alchemy\Phrasea\Order\OrderValidator;
@@ -39,11 +39,19 @@ class Order implements ControllerProviderInterface, ServiceProviderInterface
});
$app['controller.prod.order'] = $app->share(function (PhraseaApplication $app) {
return (new ProdOrderController($app))
$controller = new ProdOrderController(
$app,
$app['repo.orders'],
$app['repo.order-elements'],
$app['provider.order_basket']
);
$controller
->setDispatcher($app['dispatcher'])
->setEntityManagerLocator(new LazyLocator($app, 'orm.em'))
->setUserQueryFactory(new LazyLocator($app, 'phraseanet.user-query'))
;
->setUserQueryFactory(new LazyLocator($app, 'phraseanet.user-query'));
return $controller;
});
}
@@ -64,7 +72,7 @@ class Order implements ControllerProviderInterface, ServiceProviderInterface
};
$controllers->before(function () use ($firewall) {
$firewall->requireRight('order');
$firewall->requireRight(\ACL::CANCMD);
});
$controllers->get('/', 'controller.prod.order:displayOrders')

2
lib/Alchemy/Phrasea/ControllerProvider/Prod/Push.php
View File

@@ -46,7 +46,7 @@ class Push implements ControllerProviderInterface, ServiceProviderInterface
$firewall = $this->getFirewall($app);
$controllers->before(function () use ($firewall) {
$firewall->requireRight('push');
$firewall->requireRight(\ACL::CANPUSH);
});
$controllers->post('/sendform/', 'controller.prod.push:postFormAction');

2
lib/Alchemy/Phrasea/ControllerProvider/Prod/Share.php
View File

@@ -49,7 +49,7 @@ class Share implements ControllerProviderInterface, ServiceProviderInterface
->before(function (Request $request) use ($app, $firewall) {
$firewall->requireRightOnSbas(
\phrasea::sbasFromBas($app, $request->attributes->get('base_id')),
'bas_chupub'
\ACL::BAS_CHUPUB
);
})
->bind('share_record');

2
lib/Alchemy/Phrasea/ControllerProvider/Prod/Tools.php
View File

@@ -46,7 +46,7 @@ class Tools implements ControllerProviderInterface, ServiceProviderInterface
$firewall = $this->getFirewall($app);
$controllers->before(function () use ($firewall) {
$firewall->requireRight('doctools');
$firewall->requireRight(\ACL::IMGTOOLS);
});
$controllers->get('/', 'controller.prod.tools:indexAction');

2
lib/Alchemy/Phrasea/ControllerProvider/Prod/Upload.php
View File

@@ -55,7 +55,7 @@ class Upload implements ControllerProviderInterface, ServiceProviderInterface
$firewall = $this->getFirewall($app);
$controllers->before(function () use ($firewall) {
$firewall->requireRight('addrecord');
$firewall->requireRight(\ACL::CANADDRECORD);
});
$controllers->get('/', 'controller.prod.upload:getUploadForm')

178
lib/Alchemy/Phrasea/Core/Configuration/RegistryFormManipulator.php Normal file
View File

@@ -0,0 +1,178 @@
<?php
namespace Alchemy\Phrasea\Core\Configuration;
use Alchemy\Phrasea\Exception\RuntimeException;
use Alchemy\Phrasea\Form\Configuration\MainConfigurationFormType;
use Symfony\Component\Form\FormFactoryInterface;
use Symfony\Component\Form\FormInterface;
use Symfony\Component\Translation\TranslatorInterface;
class RegistryFormManipulator
{
/**
* @var FormFactoryInterface
*/
private $factory;
/**
* @var array
*/
private $languages;
/**
* @var TranslatorInterface
*/
private $translator;
/**
* @param FormFactoryInterface $factory
* @param TranslatorInterface $translator
* @param array $languages
*/
public function __construct(FormFactoryInterface $factory, TranslatorInterface $translator, array $languages)
{
$this->factory = $factory;
$this->languages = $languages;
$this->translator = $translator;
}
/**
* Creates a setup form. Set data if a configuration is given.
*
* @param PropertyAccess $conf
*
* @return FormInterface
*/
public function createForm(PropertyAccess $conf = null)
{
$form = $this->factory->create(new MainConfigurationFormType($this->translator, $this->languages));
$currentConf = $conf ? ($conf->get('registry') ?: []) : [];
$data = array_replace_recursive($this->getDefaultData($currentConf), $currentConf);
$form->setData($data);
return $form;
}
/**
* Gets the registry data given a submitted form.
* Default configuration is returned if no form provided.
*
* @param FormInterface $form
*
* @param PropertyAccess $conf
* @return array
*/
public function getRegistryData(FormInterface $form = null, PropertyAccess $conf = null)
{
$data = [];
if (null !== $form) {
if (!$form->isSubmitted()) {
throw new RuntimeException('Form must have been submitted');
}
$newData = $form->getData();
$data = $this->filterNullValues($newData);
}
$currentConf = $conf ? ($conf->get('registry') ?: []) : [];
return array_replace_recursive($this->getDefaultData($currentConf), $data);
}
private function filterNullValues(array &$array)
{
return array_filter($array, function (&$value) {
if (is_array($value)) {
$value = $this->filterNullValues($value);
}
return null !== $value;
});
}
private function getDefaultData(array $config)
{
return [
'general' => [
'title' => 'Phraseanet',
'keywords' => null,
'description' => null,
'analytics' => null,
'allow-indexation' => true,
'home-presentation-mode' => 'GALLERIA',
'default-subdef-url-ttl' => 7200,
],
'modules' => [
'thesaurus' => true,
'stories' => true,
'doc-substitution' => true,
'thumb-substitution' => true,
'anonymous-report' => false,
],
'actions' => [
'download-max-size' => 120,
'validation-reminder-days' => 2,
'validation-expiration-days' => 10,
'auth-required-for-export' => true,
'tou-validation-required-for-export' => false,
'export-title-choice' => false,
'default-export-title' => 'title',
'social-tools' => 'none',
'enable-push-authentication' => false,
'force-push-authentication' => false,
'enable-feed-notification' => true,
],
'ftp' => [
'ftp-enabled' => false,
'ftp-user-access' => false,
],
'registration' => [
'auto-select-collections' => true,
'auto-register-enabled' => false,
],
'maintenance' => [
'message' => 'The application is down for maintenance',
'enabled' => false,
],
'api-clients' => [
'api-enabled' => true,
'navigator-enabled' => true,
'office-enabled' => true,
],
'webservices' => [
'google-charts-enabled' => true,
'geonames-server' => 'http://geonames.alchemyasp.com/',
'captchas-enabled' => false,
'recaptcha-public-key' => '',
'recaptcha-private-key' => '',
],
'executables' => [
'h264-streaming-enabled' => false,
'auth-token-directory' => null,
'auth-token-directory-path' => null,
'auth-token-passphrase' => null,
'php-conf-path' => null,
'imagine-driver' => '',
'ffmpeg-threads' => 2,
'pdf-max-pages' => 5,
],
'searchengine' => [
'min-letters-truncation' => 1,
'default-query' => '',
'default-query-type' => 0,
],
'email' => [
'emitter-email' => 'phraseanet@example.com',
'prefix' => null,
'smtp-enabled' => false,
'smtp-auth-enabled' => false,
'smtp-host' => null,
'smtp-port' => null,
'smtp-secure-mode' => 'tls',
'smtp-user' => null,
'smtp-password' => isset($config['email']['smtp-password']) ? $config['email']['smtp-password'] : null,
],
];
}
}

170
lib/Alchemy/Phrasea/Core/Configuration/RegistryManipulator.php
View File

@@ -17,170 +17,12 @@ use Symfony\Component\Form\FormFactoryInterface;
use Symfony\Component\Form\FormInterface;
use Symfony\Component\Translation\TranslatorInterface;
class RegistryManipulator
/**
* Class RegistryManipulator
* @package Alchemy\Phrasea\Core\Configuration
* @deprecated Use RegistryFormManipulator instead
*/
class RegistryManipulator extends RegistryFormManipulator
{
/**
* @var FormFactoryInterface
*/
private $factory;
/**
* @var array
*/
private $languages;
/**
* @var TranslatorInterface
*/
private $translator;
/**
* @param FormFactoryInterface $factory
* @param TranslatorInterface $translator
* @param array $languages
*/
public function __construct(FormFactoryInterface $factory, TranslatorInterface $translator, array $languages)
{
$this->factory = $factory;
$this->languages = $languages;
$this->translator = $translator;
}
/**
* Creates a setup form. Set data if a configuration is given.
*
* @param PropertyAccess $conf
*
* @return FormInterface
*/
public function createForm(PropertyAccess $conf = null)
{
$form = $this->factory->create(new MainConfigurationFormType($this->translator, $this->languages));
$currentConf = $conf ? ($conf->get('registry') ?: []) : [];
$data = array_replace_recursive($this->getDefaultData(), $currentConf);
$form->setData($data);
return $form;
}
/**
* Gets the registry data given a submitted form.
* Default configuration is returned if no form provided.
*
* @param FormInterface $form
*
* @return array
*
* @throws RuntimeException
*/
public function getRegistryData(FormInterface $form = null)
{
$data = [];
if (null !== $form) {
if (!$form->isSubmitted()) {
throw new RuntimeException('Form must have been submitted');
}
$newData = $form->getData();
$data = $this->filterNullValues($newData);
}
return array_replace_recursive($this->getDefaultData(), $data);
}
private function filterNullValues(array &$array)
{
return array_filter($array, function (&$value) {
if (is_array($value)) {
$value = $this->filterNullValues($value);
}
return null !== $value;
});
}
private function getDefaultData()
{
return [
'general' => [
'title' => 'Phraseanet',
'keywords' => null,
'description' => null,
'analytics' => null,
'allow-indexation' => true,
'home-presentation-mode' => 'GALLERIA',
'default-subdef-url-ttl' => 7200,
],
'modules' => [
'thesaurus' => true,
'stories' => true,
'doc-substitution' => true,
'thumb-substitution' => true,
'anonymous-report' => false,
],
'actions' => [
'download-max-size' => 120,
'validation-reminder-days' => 2,
'validation-expiration-days' => 10,
'auth-required-for-export' => true,
'tou-validation-required-for-export' => false,
'export-title-choice' => false,
'default-export-title' => 'title',
'social-tools' => 'none',
'enable-push-authentication' => false,
'force-push-authentication' => false,
'enable-feed-notification' => true,
],
'ftp' => [
'ftp-enabled' => false,
'ftp-user-access' => false,
],
'registration' => [
'auto-select-collections' => true,
'auto-register-enabled' => false,
],
'maintenance' => [
'message' => 'The application is down for maintenance',
'enabled' => false,
],
'api-clients' => [
'api-enabled' => true,
'navigator-enabled' => true,
'office-enabled' => true,
],
'webservices' => [
'google-charts-enabled' => true,
'geonames-server' => 'http://geonames.alchemyasp.com/',
'captchas-enabled' => false,
'recaptcha-public-key' => '',
'recaptcha-private-key' => '',
],
'executables' => [
'h264-streaming-enabled' => false,
'auth-token-directory' => null,
'auth-token-directory-path' => null,
'auth-token-passphrase' => null,
'php-conf-path' => null,
'imagine-driver' => '',
'ffmpeg-threads' => 2,
'pdf-max-pages' => 5,
],
'searchengine' => [
'min-letters-truncation' => 1,
'default-query' => '',
'default-query-type' => 0,
],
'email' => [
'emitter-email' => 'phraseanet@example.com',
'prefix' => null,
'smtp-enabled' => false,
'smtp-auth-enabled' => false,
'smtp-host' => null,
'smtp-port' => null,
'smtp-secure-mode' => 'tls',
'smtp-user' => null,
'smtp-password' => null,
],
];
}
}

2
lib/Alchemy/Phrasea/Core/Event/Subscriber/LazaretSubscriber.php
View File

@@ -38,7 +38,7 @@ class LazaretSubscriber extends AbstractNotificationSubscriber
$query = $this->app['phraseanet.user-query'];
$users = $query
->on_base_ids([$lazaretFile->getBaseId()])
->who_have_right(['canaddrecord'])
->who_have_right([\ACL::CANADDRECORD])
->execute()
->get_results();

2
lib/Alchemy/Phrasea/Core/Event/Subscriber/OrderSubscriber.php
View File

@@ -48,7 +48,7 @@ class OrderSubscriber extends AbstractNotificationSubscriber
$query = $this->app['phraseanet.user-query'];
/** @var User[] $users */
$users = $query->on_base_ids($base_ids)
->who_have_right(['order_master'])
->who_have_right([\ACL::ORDER_MASTER])
->execute()->get_results();
if (count($users) == 0) {

3
lib/Alchemy/Phrasea/Filesystem/FilesystemService.php
View File

@@ -115,6 +115,7 @@ class FilesystemService
* @param \databox $databox
* @param string $source
* @param string $filename
* @return string
*/
public function writeMediaSourceFile(\databox $databox, $source, $filename)
{
@@ -122,6 +123,8 @@ class FilesystemService
$this->filesystem->copy($source, $realPath, true);
$this->filesystem->chmod($realPath, 0760);
return $realPath;
}
/**

2
lib/Alchemy/Phrasea/Helper/Prod.php
View File

@@ -93,7 +93,7 @@ class Prod extends Helper
if (!$bases[$sbasId]['thesaurus']) {
continue;
}
if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_sbas($sbasId, 'bas_modif_th')) {
if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_sbas($sbasId, \ACL::BAS_MODIF_TH)) {
continue;
}

202
lib/Alchemy/Phrasea/Helper/User/Edit.php
View File

@@ -71,7 +71,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
protected function delete_user(User $user)
{
$list = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['canadmin']));
$list = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base([\ACL::CANADMIN]));
$this->app->getAclForUser($user)->revoke_access_from_bases($list);
@@ -84,55 +84,54 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
public function get_users_rights()
{
$list = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['canadmin']));
$list = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base([\ACL::CANADMIN]));
$sql = "SELECT
b.sbas_id,
b.base_id,
sum(actif) as actif,
sum(canputinalbum) as canputinalbum,
sum(candwnldpreview) as candwnldpreview,
sum(candwnldhd) as candwnldhd,
sum(cancmd) as cancmd,
sum(nowatermark) as nowatermark,
$sql = "SELECT b.sbas_id, b.base_id,\n"
sum(canaddrecord) as canaddrecord,
sum(canmodifrecord) as canmodifrecord,
sum(chgstatus) as chgstatus,
sum(candeleterecord) as candeleterecord,
sum(imgtools) as imgtools,
. " SUM(actif) AS actif,\n"
. " SUM(canputinalbum) AS canputinalbum,\n"
. " SUM(candwnldpreview) AS candwnldpreview,\n"
. " SUM(candwnldhd) AS candwnldhd,\n"
. " SUM(cancmd) AS cancmd,\n"
. " SUM(nowatermark) AS nowatermark,\n"
sum(canadmin) as canadmin,
sum(canreport) as canreport,
sum(canpush) as canpush,
sum(manage) as manage,
sum(modify_struct) as modify_struct,
. " SUM(canaddrecord) AS canaddrecord,\n"
. " SUM(canmodifrecord) AS canmodifrecord,\n"
. " SUM(chgstatus) AS chgstatus,\n"
. " SUM(candeleterecord) AS candeleterecord,\n"
. " SUM(imgtools) AS imgtools,\n"
sum(sbu.bas_modif_th) as bas_modif_th,
sum(sbu.bas_manage) as bas_manage,
sum(sbu.bas_modify_struct) as bas_modify_struct,
sum(sbu.bas_chupub) as bas_chupub,
. " SUM(canadmin) AS canadmin,\n"
. " SUM(canreport) AS canreport,\n"
. " SUM(canpush) AS canpush,\n"
. " SUM(manage) AS manage,\n"
. " SUM(modify_struct) AS modify_struct,\n"
sum(time_limited) as time_limited,
DATE_FORMAT(limited_from,'%Y%m%d') as limited_from,
DATE_FORMAT(limited_to,'%Y%m%d') as limited_to,
. " SUM(sbu.bas_modif_th) AS bas_modif_th,\n"
. " SUM(sbu.bas_manage) AS bas_manage,\n"
. " SUM(sbu.bas_modify_struct) AS bas_modify_struct,\n"
. " SUM(sbu.bas_chupub) AS bas_chupub,\n"
sum(restrict_dwnld) as restrict_dwnld,
sum(remain_dwnld) as remain_dwnld,
sum(month_dwnld_max) as month_dwnld_max,
. " SUM(time_limited) AS time_limited,\n"
. " SUM(restrict_dwnld) AS restrict_dwnld,\n"
sum(mask_and + mask_xor) as masks
// --- todo : wtf doing sum on non booleans ?
. " SUM(remain_dwnld) AS remain_dwnld,\n"
. " SUM(month_dwnld_max) AS month_dwnld_max,\n"
. " SUM(mask_and + mask_xor) AS masks,\n"
// ---
FROM (Users u, bas b, sbas s)
LEFT JOIN (basusr bu)
ON (bu.base_id = b.base_id AND u.id = bu.usr_id)
LEFT join sbasusr sbu
ON (sbu.sbas_id = b.sbas_id AND u.id = sbu.usr_id)
WHERE ( (u.id IN (:users) )
AND b.sbas_id = s.sbas_id
AND (b.base_id IN (:bases)))
GROUP BY b.base_id
ORDER BY s.ord, s.sbas_id, b.ord, b.base_id ";
// -- todo : wtf no aggregate fct ?
. " DATE_FORMAT(limited_from,'%Y%m%d') AS limited_from,\n"
. " DATE_FORMAT(limited_to,'%Y%m%d') AS limited_to\n"
// ---
. " FROM (Users u, bas b, sbas s)\n"
. " LEFT JOIN (basusr bu) ON (bu.base_id = b.base_id AND u.id = bu.usr_id)\n"
. " LEFT join sbasusr sbu ON (sbu.sbas_id = b.sbas_id AND u.id = sbu.usr_id)\n"
. " WHERE ( (u.id IN (:users) ) AND b.sbas_id = s.sbas_id AND (b.base_id IN (:bases)))\n"
. " GROUP BY b.base_id\n"
. " ORDER BY s.ord, s.sbas_id, b.ord, b.base_id ";
$rs = $this->app->getApplicationBox()->get_connection()->fetchAll(
$sql,
@@ -146,10 +145,10 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
]
);
$sql = 'SELECT base_id, sum(1) as access FROM basusr
WHERE (usr_id IN (:users))
AND (base_id IN (:bases))
GROUP BY base_id';
$sql = "SELECT base_id, SUM(1) AS access FROM basusr\n"
. " WHERE (usr_id IN (:users)) AND (base_id IN (:bases))\n"
. " GROUP BY base_id";
$access = $this->app->getApplicationBox()->get_connection()->fetchAll(
$sql,
[
@@ -164,12 +163,13 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
$base_ids = [];
foreach ($access as $acc) {
$base_ids[$acc['base_id']] = $acc;
$base_ids[$acc['base_id']] = $acc['access'];
}
unset($access);
// add a 'access' column
foreach ($rs as $k => $row) {
$rs[$k]['access'] = array_key_exists($row['base_id'], $base_ids) ? $base_ids[$row['base_id']]['access'] : '0';
$rs[$k]['access'] = array_key_exists($row['base_id'], $base_ids) ? $base_ids[$row['base_id']] : '0';
foreach ($row as $dk => $data) {
if (is_null($data))
$rs[$k][$dk] = '0';
@@ -477,41 +477,45 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
public function apply_rights()
{
$ACL = $this->app->getAclForUser($this->app->getAuthenticatedUser());
$base_ids = array_keys($ACL->get_granted_base(['canadmin']));
$base_ids = array_keys($ACL->get_granted_base([\ACL::CANADMIN]));
$update = $create = $delete = $create_sbas = $update_sbas = [];
foreach ($base_ids as $base_id) {
$rights = [
'access',
'actif',
'canputinalbum',
'nowatermark',
'candwnldpreview',
'candwnldhd',
'cancmd',
'canaddrecord',
'canmodifrecord',
'chgstatus',
'candeleterecord',
'imgtools',
'canadmin',
'canreport',
'canpush',
'manage',
'modify_struct'
\ACL::ACCESS,
\ACL::ACTIF,
\ACL::CANPUTINALBUM,
\ACL::NOWATERMARK,
\ACL::CANDWNLDPREVIEW,
\ACL::CANDWNLDHD,
\ACL::CANCMD,
\ACL::CANADDRECORD,
\ACL::CANMODIFRECORD,
\ACL::CHGSTATUS,
\ACL::CANDELETERECORD,
\ACL::IMGTOOLS,
\ACL::CANADMIN,
\ACL::CANREPORT,
\ACL::CANPUSH,
\ACL::COLL_MANAGE,
\ACL::COLL_MODIFY_STRUCT
];
foreach ($rights as $k => $right) {
if (($right == 'access' && !$ACL->has_access_to_base($base_id))
|| ($right != 'access' && !$ACL->has_right_on_base($base_id, $right))) {
if (($right == \ACL::ACCESS && !$ACL->has_access_to_base($base_id))
|| ($right != \ACL::ACCESS && !$ACL->has_right_on_base($base_id, $right))) {
unset($rights[$k]);
continue;
}
$rights[$k] = $right . '_' . $base_id;
}
// todo : wtf check if parm contains good types (a checkbox should be a bool, not a "0" or "1"
// as required by ACL::update_rights_to_bas(...)
$parm = $this->unserializedRequestData($this->app['request'], $rights, 'values');
foreach ($parm as $p => $v) {
// p is like {bid}_{right} => right-value
if (trim($v) == '')
continue;
@@ -520,14 +524,18 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
$p = implode('_', $serial);
if ($p == 'access') {
if ($p == \ACL::ACCESS) {
if ($v === '1') {
$create_sbas[\phrasea::sbasFromBas($this->app, $base_id)] = \phrasea::sbasFromBas($this->app, $base_id);
$create[] = $base_id;
} else
}
else {
$delete[] = $base_id;
} else {
}
}
else {
$create_sbas[\phrasea::sbasFromBas($this->app, $base_id)] = \phrasea::sbasFromBas($this->app, $base_id);
// todo : wtf $update is arg. for ACL::update_rights_to_base(...) but $v is always a string. how to convert to bool ?
$update[$base_id][$p] = $v;
}
}
@@ -537,10 +545,10 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
foreach ($sbas_ids as $databox) {
$rights = [
'bas_modif_th',
'bas_manage',
'bas_modify_struct',
'bas_chupub'
\ACL::BAS_MODIF_TH,
\ACL::BAS_MANAGE,
\ACL::BAS_MODIFY_STRUCT,
\ACL::BAS_CHUPUB
];
foreach ($rights as $k => $right) {
if (!$ACL->has_right_on_sbas($databox->get_sbas_id(), $right)) {
@@ -550,6 +558,8 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
$rights[$k] = $right . '_' . $databox->get_sbas_id();
}
// todo : wtf check if parm contains good types (a checkbox should be a bool, not a "0" or "1"
// as required by ACL::update_rights_to_sbas(...)
$parm = $this->unserializedRequestData($this->app['request'], $rights, 'values');
foreach ($parm as $p => $v) {
@@ -569,6 +579,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
try {
$this->app->getApplicationBox()->get_connection()->beginTransaction();
/** @var User $user */
$user = $this->app['repo.users']->find($usr_id);
$this->app->getAclForUser($user)->revoke_access_from_bases($delete)
@@ -576,11 +587,18 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
->give_access_to_sbas($create_sbas);
foreach ($update as $base_id => $rights) {
$this->app->getAclForUser($user)->update_rights_to_base($base_id, $rights);
$this->app->getAclForUser($user)
->update_rights_to_base(
$base_id,
$rights
);
}
foreach ($update_sbas as $sbas_id => $rights) {
$this->app->getAclForUser($user)->update_rights_to_sbas($sbas_id, $rights);
$this->app->getAclForUser($user)->update_rights_to_sbas(
$sbas_id,
$rights
);
}
$this->app->getApplicationBox()->get_connection()->commit();
@@ -611,18 +629,18 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
}
$infos = [
'gender'
, 'first_name'
, 'last_name'
, 'email'
, 'address'
, 'zip'
, 'geonameid'
, 'function'
, 'company'
, 'activite'
, 'telephone'
, 'fax'
'gender',
'first_name',
'last_name',
'email',
'address',
'zip',
'geonameid',
'function',
'company',
'activite',
'telephone',
'fax'
];
$parm = $this->unserializedRequestData($this->request, $infos, 'user_infos');
@@ -688,7 +706,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
throw new AccessDeniedHttpException('You are not the owner of the template');
}
$base_ids = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['canadmin']));
$base_ids = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base([\ACL::CANADMIN]));
foreach ($this->users as $usr_id) {
$user = $this->app['repo.users']->find($usr_id);
@@ -744,7 +762,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
$activate = !!$this->request->get('limit');
$base_ids = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['canadmin']));
$base_ids = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base([\ACL::CANADMIN]));
foreach ($this->users as $usr_id) {
$user = $this->app['repo.users']->find($usr_id);
@@ -763,7 +781,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper
public function resetRights()
{
$base_ids = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['canadmin']));
$base_ids = array_keys($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base([\ACL::CANADMIN]));
foreach ($this->users as $usr_id) {
$user = $this->app['repo.users']->find($usr_id);

4
lib/Alchemy/Phrasea/Helper/User/Manage.php
View File

@@ -71,7 +71,7 @@ class Manage extends Helper
->last_model_is($this->query_parms['last_model'])
->get_inactives($this->query_parms['inactives'])
->include_templates(false)
->on_bases_where_i_am($this->app->getAclForUser($this->app->getAuthenticatedUser()), ['canadmin'])
->on_bases_where_i_am($this->app->getAclForUser($this->app->getAuthenticatedUser()), [\ACL::CANADMIN])
->execute();
return $results->get_results();
@@ -109,7 +109,7 @@ class Manage extends Helper
->last_model_is($this->query_parms['last_model'])
->get_inactives($this->query_parms['inactives'])
->include_templates(true)
->on_bases_where_i_am($this->app->getAclForUser($this->app->getAuthenticatedUser()), ['canadmin'])
->on_bases_where_i_am($this->app->getAclForUser($this->app->getAuthenticatedUser()), [\ACL::CANADMIN])
->limit($offset_start, $results_quantity)
->execute();

2
lib/Alchemy/Phrasea/Media/MediaTypeFactory.php
View File

@@ -30,6 +30,8 @@ class MediaTypeFactory
return new Type\Document();
case Type\Type::TYPE_FLASH:
return new Type\Flash();
case Type\Type::TYPE_UNKNOWN:
return new Type\Unknown();
}
throw new \RuntimeException('Could not create requested media type');

1
lib/Alchemy/Phrasea/Media/Subdef/Subdef.php
View File

@@ -20,6 +20,7 @@ interface Subdef
const TYPE_VIDEO = 'video';
const TYPE_AUDIO = 'audio';
const TYPE_FLEXPAPER = 'flexpaper';
const TYPE_UNKNOWN = 'unknown';
/**
* One of Subdef Type const

69
lib/Alchemy/Phrasea/Media/Subdef/Unknown.php Normal file
View File

@@ -0,0 +1,69 @@
<?php
/*
* This file is part of Phraseanet
*
* (c) 2005-2016 Alchemy
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Alchemy\Phrasea\Media\Subdef;
use MediaAlchemyst\Specification\Image as ImageSpecification;
use Symfony\Component\Translation\TranslatorInterface;
class Unknown extends Provider
{
const OPTION_SIZE = 'size';
const OPTION_RESOLUTION = 'resolution';
const OPTION_STRIP = 'strip';
const OPTION_QUALITY = 'quality';
const OPTION_FLATTEN = 'flatten';
const OPTION_ICODEC = 'icodec';
protected $options = [];
public function __construct(TranslatorInterface $translator)
{
$this->translator = $translator;
$this->registerOption(new OptionType\Range($this->translator->trans('Dimension'), self::OPTION_SIZE, 20, 3000, 800));
$this->registerOption(new OptionType\Range($this->translator->trans('Resolution'), self::OPTION_RESOLUTION, 50, 300, 72));
$this->registerOption(new OptionType\Boolean($this->translator->trans('Remove ICC Profile'), self::OPTION_STRIP, false));
$this->registerOption(new OptionType\Boolean($this->translator->trans('Flatten layers'), self::OPTION_FLATTEN, false));
$this->registerOption(new OptionType\Range($this->translator->trans('Quality'), self::OPTION_QUALITY, 0, 100, 75));
$this->registerOption(new OptionType\Enum('Image Codec', self::OPTION_ICODEC, array('jpeg', 'png', 'tiff'), 'jpeg'));
}
public function getType()
{
return self::TYPE_IMAGE;
}
public function getDescription()
{
return $this->translator->trans('Generates an image');
}
public function getMediaAlchemystSpec()
{
if (! $this->spec) {
$this->spec = new ImageSpecification();
}
$size = $this->getOption(self::OPTION_SIZE)->getValue();
$resolution = $this->getOption(self::OPTION_RESOLUTION)->getValue();
$this->spec->setImageCodec($this->getOption(self::OPTION_ICODEC)->getValue());
$this->spec->setResizeMode(ImageSpecification::RESIZE_MODE_INBOUND_FIXEDRATIO);
$this->spec->setDimensions($size, $size);
$this->spec->setQuality($this->getOption(self::OPTION_QUALITY)->getValue());
$this->spec->setStrip($this->getOption(self::OPTION_STRIP)->getValue());
$this->spec->setFlatten($this->getOption(self::OPTION_FLATTEN)->getValue());
$this->spec->setResolution($resolution, $resolution);
return $this->spec;
}
}

4
lib/Alchemy/Phrasea/Media/SubdefSubstituer.php
View File

@@ -67,9 +67,9 @@ class SubdefSubstituer
$source = $file->getRealPath();
$target = $this->fs->generateDocumentFilename($record, $file);
$this->fs->writeMediaSourceFile($record->getDatabox(), $source, $target);
$target = $this->fs->writeMediaSourceFile($record->getDatabox(), $source, $target);
$media = $this->mediavorus->guess($source);
$media = $this->mediavorus->guess($target);
$this->createMediaSubdef($record, 'document', $media);

1
lib/Alchemy/Phrasea/Media/Type/Type.php
View File

@@ -18,6 +18,7 @@ interface Type
const TYPE_DOCUMENT = 'document';
const TYPE_FLASH = 'flash';
const TYPE_IMAGE = 'image';
const TYPE_UNKNOWN = 'unknown';
public function getType();
}

21
lib/Alchemy/Phrasea/Media/Type/Unknown.php Normal file
View File

@@ -0,0 +1,21 @@
<?php
/*
* This file is part of Phraseanet
*
* (c) 2005-2016 Alchemy
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Alchemy\Phrasea\Media\Type;
class Unknown implements Type
{
public function getType()
{
return self::TYPE_UNKNOWN;
}
}

39
lib/Alchemy/Phrasea/Model/Entities/ElasticsearchRecord.php
View File

@@ -38,6 +38,9 @@ class ElasticsearchRecord implements RecordInterface, MutableRecordInterface
private $updated;
private $created;
private $sha256;
private $width;
private $height;
private $size;
private $uuid;
private $position;
private $type;
@@ -232,6 +235,42 @@ class ElasticsearchRecord implements RecordInterface, MutableRecordInterface
$this->sha256 = $sha256;
}
/** {@inheritdoc} */
public function getWidth()
{
return $this->width;
}
/** {@inheritdoc} */
public function setWidth($width)
{
$this->width = $width;
}
/** {@inheritdoc} */
public function getHeight()
{
return $this->height;
}
/** {@inheritdoc} */
public function setHeight($height)
{
$this->height = $height;
}
/** {@inheritdoc} */
public function getSize()
{
return $this->size;
}
/** {@inheritdoc} */
public function setSize($size)
{
$this->size = $size;
}
/**
* @param string|null $locale
*

57
lib/Alchemy/Phrasea/Model/Manipulator/ACLManipulator.php
View File

@@ -71,12 +71,15 @@ class ACLManipulator implements ManipulatorInterface
{
$collections = $databox->get_collections();
$acl->update_rights_to_sbas($databox->get_sbas_id(), [
'bas_manage' => '1',
'bas_modify_struct' => '1',
'bas_modif_th' => '1',
'bas_chupub' => '1'
]);
$acl->update_rights_to_sbas(
$databox->get_sbas_id(),
[
\ACL::BAS_MANAGE => true,
\ACL::BAS_MODIFY_STRUCT => true,
\ACL::BAS_MODIF_TH => true,
\ACL::BAS_CHUPUB => true
]
);
$acl->give_access_to_base(array_map(function (\collection $collection) {
return $collection->get_base_id();
@@ -100,26 +103,28 @@ class ACLManipulator implements ManipulatorInterface
$acl->set_limits($baseId, false);
$acl->remove_quotas_on_base($baseId);
$acl->set_masks_on_base($baseId, '0', '0', '0', '0');
$acl->update_rights_to_base($baseId, [
'canputinalbum' => '1',
'candwnldhd' => '1',
'candwnldsubdef' => '1',
'nowatermark' => '1',
'candwnldpreview' => '1',
'cancmd' => '1',
'canadmin' => '1',
'canreport' => '1',
'canpush' => '1',
'creationdate' => '1',
'canaddrecord' => '1',
'canmodifrecord' => '1',
'candeleterecord' => '1',
'chgstatus' => '1',
'imgtools' => '1',
'manage' => '1',
'modify_struct' => '1',
'bas_modify_struct' => '1'
]);
$acl->update_rights_to_base(
$baseId,
[
'creationdate' => '1', // todo : wtf
\ACL::CANPUTINALBUM => true,
\ACL::CANDWNLDHD => true,
\ACL::NOWATERMARK => true,
\ACL::CANDWNLDPREVIEW => true,
\ACL::CANCMD => true,
\ACL::CANADMIN => true,
\ACL::CANREPORT => true,
\ACL::CANPUSH => true,
\ACL::CANADDRECORD => true,
\ACL::CANMODIFRECORD => true,
\ACL::CANDELETERECORD => true,
\ACL::CHGSTATUS => true,
\ACL::IMGTOOLS => true,
\ACL::COLL_MANAGE => true,
\ACL::COLL_MODIFY_STRUCT => true,
\ACL::BAS_MODIFY_STRUCT => true
]
);
}
/**

17
lib/Alchemy/Phrasea/Model/Manipulator/RegistrationManipulator.php
View File

@@ -81,13 +81,16 @@ class RegistrationManipulator implements ManipulatorInterface
$this->aclProvider->get($user)->give_access_to_sbas([$collection->get_sbas_id()]);
$this->aclProvider->get($user)->give_access_to_base([$collection->get_base_id()]);
$this->aclProvider->get($user)->update_rights_to_base($collection->get_base_id(), [
'canputinalbum' => '1',
'candwnldhd' => (string) (int) $grantHd,
'nowatermark' => (string) (int) $grantWatermark,
'candwnldpreview' => '1',
'actif' => '1',
]);
$this->aclProvider->get($user)->update_rights_to_base(
$collection->get_base_id(),
[
\ACL::CANPUTINALBUM => true,
\ACL::CANDWNLDHD => (bool)$grantHd,
\ACL::NOWATERMARK => (bool)$grantWatermark,
\ACL::CANDWNLDPREVIEW => true,
\ACL::ACTIF => true
]
);
$this->em->remove($registration);
$this->em->flush();
}

50
lib/Alchemy/Phrasea/Model/NativeQueryProvider.php
View File

@@ -32,16 +32,13 @@ class NativeQueryProvider
$selectClause = $rsm->generateSelectClause();
return $this->em->createNativeQuery("
SELECT d.date_modif AS date_demand, d.base_id AS base_demand, " . $selectClause . "
FROM (demand d INNER JOIN Users u ON d.usr_id=u.id
AND d.en_cours=1
AND u.deleted=0
)
WHERE (base_id='" . implode("' OR base_id='", $basList) . "')
ORDER BY d.usr_id DESC, d.base_id ASC
", $rsm)
->getResult();
return $this->em->createNativeQuery(
"SELECT d.date_modif AS date_demand, d.base_id AS base_demand, " . $selectClause . "\n"
. " FROM (demand d INNER JOIN Users u ON d.usr_id=u.id AND d.en_cours=1 AND u.deleted=0)\n"
. " WHERE (base_id='" . implode("' OR base_id='", $basList) . "')\n"
. " ORDER BY d.usr_id DESC, d.base_id ASC",
$rsm
)->getResult();
}
public function getModelForUser(User $user, array $basList)
@@ -51,14 +48,14 @@ class NativeQueryProvider
$selectClause = $rsm->generateSelectClause();
$query = $this->em->createNativeQuery("
SELECT " . $selectClause . "
FROM Users u
INNER JOIN basusr b ON (b.usr_id=u.id)
WHERE u.model_of = :user_id
AND b.base_id IN (" . implode(', ', $basList) . ")
AND u.deleted='0'
GROUP BY u.id", $rsm);
$query = $this->em->createNativeQuery(
"SELECT " . $selectClause . " FROM Users u INNER JOIN basusr b ON (b.usr_id=u.id)\n"
. " WHERE u.model_of = :user_id\n"
. " AND b.base_id IN (" . implode(', ', $basList) . ")\n"
. " AND u.deleted='0'\n"
. " GROUP BY u.id",
$rsm
);
$query->setParameter(':user_id', $user->getId());
@@ -72,14 +69,15 @@ class NativeQueryProvider
$rsm->addScalarResult('base_id', 'base_id');
$selectClause = $rsm->generateSelectClause();
$query = $this->em->createNativeQuery('
SELECT b.base_id, '.$selectClause.' FROM Users u, basusr b
WHERE u.id = b.usr_id
AND b.base_id IN (' . implode(', ', $basList) . ')
AND u.model_of IS NULL
AND b.actif="1"
AND b.canadmin="1"
AND u.deleted="0"', $rsm
$query = $this->em->createNativeQuery(
"SELECT b.base_id, ".$selectClause." FROM Users u, basusr b\n"
. " WHERE u.id = b.usr_id\n"
. " AND b.base_id IN (" . implode(', ', $basList) . ")\n"
. " AND u.model_of IS NULL\n"
. " AND b.actif=1\n"
. " AND b.canadmin=1\n"
. " AND u.deleted=0",
$rsm
);
return $query->getResult();

21
lib/Alchemy/Phrasea/Model/RecordInterface.php
View File

@@ -48,6 +48,27 @@ interface RecordInterface extends RecordReferenceInterface
/** @return array */
public function getExif();
/**
* The width of the 'document' subdef
*
* @return integer|null
*/
public function getWidth();
/**
* The height of the 'document' subdef
*
* @return integer|null
*/
public function getHeight();
/**
* The size (filesize) of the 'document' subdef
*
* @return integer|null
*/
public function getSize();
/**
* Get Caption with requested fields if exists.
* @param array $fields Returns only public fields when null

14
lib/Alchemy/Phrasea/Order/Controller/ApiOrderController.php
View File

@@ -22,6 +22,7 @@ use Alchemy\Phrasea\Http\DeliverDataInterface;
use Alchemy\Phrasea\Model\Entities\Basket;
use Alchemy\Phrasea\Model\Entities\BasketElement;
use Alchemy\Phrasea\Model\Entities\Order;
use Alchemy\Phrasea\Model\Entities\Token;
use Alchemy\Phrasea\Order\OrderElementTransformer;
use Alchemy\Phrasea\Order\OrderFiller;
use Alchemy\Phrasea\Order\OrderTransformer;
@@ -88,7 +89,7 @@ class ApiOrderController extends BaseOrderController
]);
};
$builder = $this->app['repo.orders']->createQueryBuilder('o');
$builder = $this->getOrderRepository()->createQueryBuilder('o');
$builder
->where($builder->expr()->eq('o.user', $this->getAuthenticatedUser()->getId()))
;
@@ -138,11 +139,10 @@ class ApiOrderController extends BaseOrderController
}
/**
* @param Request $request
* @param int $orderId
* @return Response
*/
public function getArchiveAction(Request $request, $orderId)
public function getArchiveAction($orderId)
{
$order = $this->findOr404($orderId);
@@ -160,12 +160,11 @@ class ApiOrderController extends BaseOrderController
$exportName = sprintf('%s/%s.zip', $this->app['tmp.download.path'], $export->getExportName());
$user = $this->getAuthenticatedUser();
$subdefs = $this->findDataboxSubdefNames();
$exportData = $export->prepare_export($user, $this->getFilesystem(), $subdefs, true, true);
$exportData['export_name'] = $exportName;
/** @var Token $token */
$token = $this->app['manipulator.token']->createDownloadToken($user, serialize($exportData));
$lst = [];
@@ -180,7 +179,7 @@ class ApiOrderController extends BaseOrderController
set_time_limit(0);
ignore_user_abort(true);
$file = \set_export::build_zip($this->app, $token, $exportData, $exportName);
$file = \set_export::build_zip($this->app, $token, $exportData, $token->getValue() . '.zip');
return $this->deliverFile($file, $exportName, DeliverDataInterface::DISPOSITION_INLINE, 'application/zip');
}
@@ -188,7 +187,6 @@ class ApiOrderController extends BaseOrderController
public function acceptElementsAction(Request $request, $orderId)
{
$elementIds = $this->fetchElementIdsFromRequest($request);
$elements = $this->doAcceptElements($orderId, $elementIds, $this->getAuthenticatedUser());
$resource = new Collection($elements, function (BasketElement $element) {
@@ -242,7 +240,7 @@ class ApiOrderController extends BaseOrderController
$filtered = [];
foreach ($records as $index => $record) {
if (!$record->isStory() && $acl->has_right_on_base($record->getBaseId(), 'cancmd')) {
if (!$record->isStory() && $acl->has_right_on_base($record->getBaseId(), \ACL::CANCMD)) {
$filtered[$index] = $record;
}
}

43
lib/Alchemy/Phrasea/Order/Controller/BaseOrderController.php
View File

@@ -10,6 +10,7 @@
namespace Alchemy\Phrasea\Order\Controller;
use Alchemy\Phrasea\Application;
use Alchemy\Phrasea\Application\Helper\DispatcherAware;
use Alchemy\Phrasea\Application\Helper\EntityManagerAware;
use Alchemy\Phrasea\Controller\Controller;
@@ -22,10 +23,10 @@ use Alchemy\Phrasea\Model\Entities\OrderElement;
use Alchemy\Phrasea\Model\Entities\User;
use Alchemy\Phrasea\Model\Repositories\OrderElementRepository;
use Alchemy\Phrasea\Model\Repositories\OrderRepository;
use Alchemy\Phrasea\Order\OrderBasketProvider;
use Alchemy\Phrasea\Order\OrderDelivery;
use Alchemy\Phrasea\Order\OrderValidator;
use Alchemy\Phrasea\Order\PartialOrder;
use Alchemy\Phrasea\Record\RecordReference;
use Alchemy\Phrasea\Record\RecordReferenceCollection;
use Assert\Assertion;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
@@ -38,12 +39,46 @@ class BaseOrderController extends Controller
use DispatcherAware;
use EntityManagerAware;
/**
* @var OrderRepository
*/
private $orderRepository;
/**
* @var OrderElementRepository
*/
private $orderElementRepository;
/**
* @var OrderBasketProvider
*/
private $orderBasketProvider;
/**
* @param Application $app
* @param OrderRepository $orderRepository
* @param OrderElementRepository $orderElementRepository
* @param OrderBasketProvider $orderBasketProvider
*/
public function __construct(
Application $app,
OrderRepository $orderRepository,
OrderElementRepository $orderElementRepository,
OrderBasketProvider $orderBasketProvider
) {
parent::__construct($app);
$this->orderRepository = $orderRepository;
$this->orderElementRepository = $orderElementRepository;
$this->orderBasketProvider = $orderBasketProvider;
}
/**
* @return OrderRepository
*/
protected function getOrderRepository()
{
return $this->app['repo.orders'];
return $this->orderRepository;
}
/**
@@ -51,7 +86,7 @@ class BaseOrderController extends Controller
*/
protected function getOrderElementRepository()
{
return $this->app['repo.order-elements'];
return $this->orderElementRepository;
}
/**
@@ -116,7 +151,7 @@ class BaseOrderController extends Controller
$elements = $this->findRequestedElements($order_id, $elementIds, $acceptor);
$order = $this->findOr404($order_id);
$basket = $this->app['provider.order_basket']->provideBasketForOrderAndUser($order, $acceptor);
$basket = $this->orderBasketProvider->provideBasketForOrderAndUser($order, $acceptor);
$partialOrder = new PartialOrder($order, $elements);

4
lib/Alchemy/Phrasea/Order/Controller/ProdOrderController.php
View File

@@ -37,7 +37,7 @@ class ProdOrderController extends BaseOrderController
*/
public function createOrder(Request $request)
{
$records = RecordsRequest::fromRequest($this->app, $request, true, ['cancmd']);
$records = RecordsRequest::fromRequest($this->app, $request, true, [\ACL::CANCMD]);
try {
if ($records->isEmpty()) {
@@ -109,7 +109,7 @@ class ProdOrderController extends BaseOrderController
$sort = $request->query->get('sort');
$baseIds = array_keys($this->getAclForUser()->get_granted_base(['order_master']));
$baseIds = array_keys($this->getAclForUser()->get_granted_base([\ACL::ORDER_MASTER]));
$ordersList = $this->getOrderRepository()->listOrders($baseIds, $offsetStart, $perPage, $sort);
$total = $this->getOrderRepository()->countTotalOrders($baseIds);

2
lib/Alchemy/Phrasea/Order/OrderValidator.php
View File

@@ -114,7 +114,7 @@ class OrderValidator
$element->getRecordId()
);
$acl->grant_hd_on($recordReference, $user, 'order');
$acl->grant_hd_on($recordReference, $user, \ACL::GRANT_ACTION_ORDER);
}
}

4
lib/Alchemy/Phrasea/Out/Module/PDF.php
View File

@@ -166,7 +166,7 @@ class PDF
$fimg = $subdef->getRealPath();
if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($rec->getBaseId(), "nowatermark")
if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($rec->getBaseId(), \ACL::NOWATERMARK)
&& $subdef->get_type() == \media_subdef::TYPE_IMAGE) {
$fimg = \recordutils_image::watermark($this->app, $subdef);
}
@@ -438,7 +438,7 @@ class PDF
$f = $subdef->getRealPath();
if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($rec->getBaseId(), "nowatermark")
if (!$this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($rec->getBaseId(), \ACL::NOWATERMARK)
&& $subdef->get_type() == \media_subdef::TYPE_IMAGE)
$f = \recordutils_image::watermark($this->app, $subdef);

2
lib/Alchemy/Phrasea/Search/SubdefTransformer.php
View File

@@ -53,7 +53,7 @@ class SubdefTransformer extends TransformerAbstract
return null;
}
if ($media->get_name() === 'document'
&& !$acl->has_right_on_base($record->getBaseId(), 'candwnldhd')
&& !$acl->has_right_on_base($record->getBaseId(), \ACL::CANDWNLDHD)
&& !$acl->has_hd_grant($record)
) {
return null;

8
lib/Alchemy/Phrasea/SearchEngine/Elastic/ElasticSearchEngine.php
View File

@@ -460,7 +460,7 @@ class ElasticSearchEngine implements SearchEngineInterface
$acl = $this->app->getAclForUser($this->app->getAuthenticatedUser());
$grantedCollections = array_keys($acl->get_granted_base(['actif']));
$grantedCollections = array_keys($acl->get_granted_base([\ACL::ACTIF]));
if (count($grantedCollections) === 0) {
return ['bool' => ['must_not' => ['match_all' => new \stdClass()]]];
@@ -540,10 +540,16 @@ class ElasticSearchEngine implements SearchEngineInterface
$sort['_score'] = $options->getSortOrder();
} elseif ($options->getSortBy() === SearchEngineOptions::SORT_CREATED_ON) {
$sort['created_on'] = $options->getSortOrder();
} elseif ($options->getSortBy() === 'recordid') {
$sort['record_id'] = $options->getSortOrder();
} else {
$sort[sprintf('caption.%s', $options->getSortBy())] = $options->getSortOrder();
}
if (! array_key_exists('record_id', $sort)) {
$sort['record_id'] = $options->getSortOrder();
}
return $sort;
}

3
lib/Alchemy/Phrasea/SearchEngine/Elastic/ElasticsearchRecordHydrator.php
View File

@@ -51,6 +51,9 @@ class ElasticsearchRecordHydrator
$record->setOriginalName(igorw\get_in($data, ['original_name'], ''));
$record->setRecordId(igorw\get_in($data, ['record_id'], 0));
$record->setSha256(igorw\get_in($data, ['sha256'], ''));
$record->setWidth(igorw\get_in($data, ['width'], 0));
$record->setHeight(igorw\get_in($data, ['height'], 0));
$record->setSize(igorw\get_in($data, ['size'], 0));
$record->setType(igorw\get_in($data, ['type'], 'unknown'));
$updatedOn = igorw\get_in($data, ['updated_on']);
$record->setUpdated($updatedOn ? new \DateTime($updatedOn) : $updatedOn);

1
lib/Alchemy/Phrasea/SearchEngine/Elastic/Indexer.php
View File

@@ -144,6 +144,7 @@ class Indexer
}
if ($what & self::RECORDS) {
$databox->clearCandidates();
$this->recordIndexer->populateIndex($bulk, $databox);
// Final flush

4
lib/Alchemy/Phrasea/SearchEngine/Elastic/Indexer/Record/Fetcher.php
View File

@@ -132,7 +132,9 @@ class Fetcher
. ", r.sha256" // -- TODO rename in "hash"
. ", r.originalname AS original_name"
. ", r.mime, r.type, r.parent_record_id, r.credate AS created_on, r.moddate AS updated_on"
. " FROM record r INNER JOIN coll c ON (c.coll_id = r.coll_id)"
. ", subdef.width, subdef.height, subdef.size"
. " FROM (record r INNER JOIN coll c ON (c.coll_id = r.coll_id))"
. " LEFT JOIN subdef ON subdef.record_id=r.record_id AND subdef.name='document'"
. " -- WHERE"
. " ORDER BY r.record_id DESC"
. " LIMIT :offset, :limit";

3
lib/Alchemy/Phrasea/SearchEngine/Elastic/Indexer/Record/Hydrator/CoreHydrator.php
View File

@@ -45,6 +45,9 @@ class CoreHydrator implements HydratorInterface
$record['base_id'] = $this->helper->getUniqueCollectionId($this->databox_id, $record['collection_id']);
$record['databox_id'] = $this->databox_id;
$record['databox_name'] = $this->databox_name;
$record['width'] = (int) $record['width'];
$record['height'] = (int) $record['height'];
$record['size'] = (int) $record['size'];
$record['record_type'] = ((int) $record['parent_record_id'] === 1)
? SearchEngineInterface::GEM_TYPE_STORY

24
lib/Alchemy/Phrasea/SearchEngine/Elastic/Indexer/RecordIndex.php
View File

@@ -47,8 +47,8 @@ class RecordIndex implements MappingProvider
$mapping = new MappingBuilder();
// Compound primary key
$mapping->addField('record_id', FieldMapping::TYPE_INTEGER);
$mapping->addField('databox_id', FieldMapping::TYPE_INTEGER);
$mapping->addIntegerField('record_id');
$mapping->addIntegerField('databox_id');
// Database name (still indexed for facets)
$mapping->addStringField('databox_name')->disableAnalysis();
@@ -66,6 +66,10 @@ class RecordIndex implements MappingProvider
$mapping->addStringField('type')->disableAnalysis();
$mapping->addStringField('record_type')->disableAnalysis();
$mapping->addIntegerField('width')->disableIndexing();
$mapping->addIntegerField('height')->disableIndexing();
$mapping->addIntegerField('size')->disableIndexing();
$mapping->addDateField('created_on', FieldMapping::DATE_FORMAT_MYSQL_OR_CAPTION);
$mapping->addDateField('updated_on', FieldMapping::DATE_FORMAT_MYSQL_OR_CAPTION);
@@ -87,9 +91,7 @@ class RecordIndex implements MappingProvider
private function buildCaptionMapping(MappingBuilder $parent, $name, array $fields)
{
$fieldConverter = new Mapping\FieldToFieldMappingConverter();
$captionMapping = new Mapping\ComplexFieldMapping($name, FieldMapping::TYPE_OBJECT);
$captionMapping->useAsPropertyContainer();
$captionMapping = new Mapping\ComplexPropertiesMapping($name);
foreach ($fields as $field) {
$captionMapping->addChild($fieldConverter->convertField($field, $this->locales));
@@ -109,7 +111,7 @@ class RecordIndex implements MappingProvider
private function buildThesaurusPathMapping($name)
{
$thesaurusMapping = new Mapping\ComplexFieldMapping($name, FieldMapping::TYPE_OBJECT);
$thesaurusMapping = new Mapping\ComplexPropertiesMapping($name);
foreach (array_keys($this->structure->getThesaurusEnabledFields()) as $name) {
$child = new Mapping\StringFieldMapping($name);
@@ -118,7 +120,7 @@ class RecordIndex implements MappingProvider
$child->setAnalyzer('keyword', 'searching');
$child->addChild((new Mapping\StringFieldMapping('raw'))->enableRawIndexing());
$thesaurusMapping->addChild($thesaurusMapping);
$thesaurusMapping->addChild($child);
}
return $thesaurusMapping;
@@ -127,9 +129,7 @@ class RecordIndex implements MappingProvider
private function buildMetadataTagMapping($name)
{
$tagConverter = new Mapping\MetadataTagToFieldMappingConverter();
$metadataMapping = new Mapping\ComplexFieldMapping($name, FieldMapping::TYPE_OBJECT);
$metadataMapping->useAsPropertyContainer();
$metadataMapping = new Mapping\ComplexPropertiesMapping($name);
foreach ($this->structure->getMetadataTags() as $tag) {
$metadataMapping->addChild($tagConverter->convertTag($tag));
@@ -141,9 +141,7 @@ class RecordIndex implements MappingProvider
private function buildFlagMapping($name)
{
$index = 0;
$flagMapping = new Mapping\ComplexFieldMapping($name, FieldMapping::TYPE_OBJECT);
$flagMapping->useAsPropertyContainer();
$flagMapping = new Mapping\ComplexPropertiesMapping($name);
foreach ($this->structure->getAllFlags() as $childName => $_) {
if (trim($childName) == '') {

72
lib/Alchemy/Phrasea/SearchEngine/Elastic/Mapping/ComplexFieldMapping.php
View File

@@ -13,64 +13,12 @@ namespace Alchemy\Phrasea\SearchEngine\Elastic\Mapping;
use Alchemy\Phrasea\SearchEngine\Elastic\FieldMapping;
class ComplexFieldMapping extends FieldMapping
class ComplexFieldMapping extends ComplexMapping
{
/**
* @var FieldMapping[]
*/
private $children = [];
private $childKey = 'fields';
public function useAsPropertyContainer()
public function __construct($name, $type = null)
{
$this->childKey = 'properties';
}
public function useAsFieldContainer()
{
$this->childKey = 'fields';
}
/**
* @param FieldMapping $child
* @return FieldMapping
*/
public function addChild(FieldMapping $child)
{
if (isset($this->children[$child->getName()])) {
throw new \LogicException(sprintf('There is already a "%s" multi field.', $child->getName()));
}
if ($child->getType() !== $this->getType() && $this->getType() !== self::TYPE_OBJECT) {
throw new \LogicException('Child field type must match parent type.');
}
return $this->children[$child->getName()] = $child;
}
/**
* @return RawFieldMapping
*/
public function addRawChild()
{
return $this->addChild(new RawFieldMapping($this->getType()));
}
/**
* @return bool
*/
public function hasChildren()
{
return ! empty($this->children);
}
/**
* @return FieldMapping[]
*/
public function getChildren()
{
return $this->children;
parent::__construct($name, $type ?: FieldMapping::TYPE_OBJECT);
}
/**
@@ -78,16 +26,12 @@ class ComplexFieldMapping extends FieldMapping
*/
protected function getProperties()
{
if (! $this->hasChildren()) {
return [];
$properties = parent::getProperties();
if (! empty($properties)) {
return ['fields' => parent::getProperties()];
}
$properties = [ ];
foreach ($this->children as $name => $child) {
$properties[$name] = $child->toArray();
}
return [ $this->childKey => $properties ];
return $properties;
}
}

81
lib/Alchemy/Phrasea/SearchEngine/Elastic/Mapping/ComplexMapping.php Normal file
View File

@@ -0,0 +1,81 @@
<?php
/*
* This file is part of phrasea-4.0.
*
* (c) Alchemy <info@alchemy.fr>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Alchemy\Phrasea\SearchEngine\Elastic\Mapping;
use Alchemy\Phrasea\SearchEngine\Elastic\FieldMapping;
class ComplexMapping extends FieldMapping
{
/**
* @var FieldMapping[]
*/
private $children = [];
/**
* @param FieldMapping $child
* @return FieldMapping
*/
public function addChild(FieldMapping $child)
{
if (isset($this->children[$child->getName()])) {
throw new \LogicException(sprintf('There is already a "%s" multi field.', $child->getName()));
}
if ($child->getType() !== $this->getType() && $this->getType() !== self::TYPE_OBJECT) {
throw new \LogicException('Child field type must match parent type.');
}
return $this->children[$child->getName()] = $child;
}
/**
* @return RawFieldMapping
*/
public function addRawChild()
{
return $this->addChild(new RawFieldMapping($this->getType()));
}
/**
* @return bool
*/
public function hasChildren()
{
return ! empty($this->children);
}
/**
* @return FieldMapping[]
*/
public function getChildren()
{
return $this->children;
}
/**
* @return array
*/
protected function getProperties()
{
if (! $this->hasChildren()) {
return [];
}
$properties = [ ];
foreach ($this->children as $name => $child) {
$properties[$name] = $child->toArray();
}
return $properties;
}
}

31
lib/Alchemy/Phrasea/SearchEngine/Elastic/Mapping/ComplexPropertiesMapping.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
/*
* This file is part of phrasea-4.0.
*
* (c) Alchemy <info@alchemy.fr>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Alchemy\Phrasea\SearchEngine\Elastic\Mapping;
use Alchemy\Phrasea\SearchEngine\Elastic\FieldMapping;
class ComplexPropertiesMapping extends ComplexMapping
{
public function __construct($name)
{
parent::__construct($name, FieldMapping::TYPE_OBJECT);
}
/**
* @return array
*/
public function getProperties()
{
return [ 'properties' => parent::getProperties() ];
}
}

4
lib/Alchemy/Phrasea/SearchEngine/SearchEngineOptions.php
View File

@@ -639,9 +639,9 @@ class SearchEngineOptions
$options->onCollections($bas);
if ($isAuthenticated && $acl->has_right('modifyrecord')) {
if ($isAuthenticated && $acl->has_right(\ACL::CANMODIFRECORD)) {
$bf = array_filter($bas, function (\collection $collection) use ($acl) {
return $acl->has_right_on_base($collection->get_base_id(), 'canmodifrecord');
return $acl->has_right_on_base($collection->get_base_id(), \ACL::CANMODIFRECORD);
});
$options->allowBusinessFieldsOn($bf);

2
lib/Alchemy/Phrasea/Security/Firewall.php
View File

@@ -146,7 +146,7 @@ class Firewall
public function requireOrdersAdmin()
{
if (empty($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base(['order_master']))) {
if (empty($this->app->getAclForUser($this->app->getAuthenticatedUser())->get_granted_base([\ACL::ORDER_MASTER]))) {
$this->app->abort(403, 'You are not an order admin');
}

3
lib/Alchemy/Phrasea/Setup/DoctrineMigrations/OrderMigration.php
View File

@@ -11,6 +11,7 @@
namespace Alchemy\Phrasea\Setup\DoctrineMigrations;
use Alchemy\Phrasea\Model\Entities\Order;
use Doctrine\DBAL\Schema\Schema;
class OrderMigration extends AbstractMigration
@@ -23,6 +24,8 @@ class OrderMigration extends AbstractMigration
public function doUpSql(Schema $schema)
{
$this->addSql("CREATE TABLE Orders (id INT AUTO_INCREMENT NOT NULL, user_id INT NOT NULL, basket_id INT DEFAULT NULL, order_usage VARCHAR(2048) NOT NULL, todo INT DEFAULT NULL, deadline DATETIME NOT NULL, created_on DATETIME NOT NULL, INDEX IDX_E283F8D8A76ED395 (user_id), UNIQUE INDEX UNIQ_E283F8D81BE1FB52 (basket_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB");
$this->addSql(sprintf("ALTER TABLE Orders ADD COLUMN notification_method VARCHAR(32) NOT NULL DEFAULT '%s'", Order::NOTIFY_MAIL));
$this->addSql("ALTER TABLE Orders ALTER COLUMN notification_method DROP DEFAULT");
$this->addSql("CREATE TABLE OrderElements (id INT AUTO_INCREMENT NOT NULL, order_master INT DEFAULT NULL, order_id INT DEFAULT NULL, base_id INT NOT NULL, record_id INT NOT NULL, deny TINYINT(1) DEFAULT NULL, INDEX IDX_8C7066C8EE86B303 (order_master), INDEX IDX_8C7066C88D9F6D38 (order_id), UNIQUE INDEX unique_ordercle (base_id, record_id, order_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB");
$this->addSql("ALTER TABLE Orders ADD CONSTRAINT FK_E283F8D8A76ED395 FOREIGN KEY (user_id) REFERENCES Users (id)");
$this->addSql("ALTER TABLE Orders ADD CONSTRAINT FK_E283F8D81BE1FB52 FOREIGN KEY (basket_id) REFERENCES Baskets (id)");

7
lib/Alchemy/Phrasea/Setup/DoctrineMigrations/Version20160511160640.php
View File

@@ -18,9 +18,7 @@ class Version20160511160640 extends BaseMigration
{
// this up() migration is auto-generated, please modify it to your needs
$this->abortIf($this->connection->getDatabasePlatform()->getName() != 'mysql', 'Migration can only be executed safely on \'mysql\'.');
$this->addSql(sprintf("ALTER TABLE Orders ADD COLUMN notification_method VARCHAR(32) NOT NULL DEFAULT '%s'", Order::NOTIFY_MAIL));
$this->addSql("ALTER TABLE Orders ALTER COLUMN notification_method DROP DEFAULT");
// no-op
}
/**
@@ -30,7 +28,6 @@ class Version20160511160640 extends BaseMigration
{
// this down() migration is auto-generated, please modify it to your needs
$this->abortIf($this->connection->getDatabasePlatform()->getName() != 'mysql', 'Migration can only be executed safely on \'mysql\'.');
$this->addSql("ALTER TABLE Orders DROP COLUMN notification_method");
// no-op
}
}

39
lib/Alchemy/Phrasea/Setup/Installer.php
View File

@@ -59,21 +59,40 @@ class Installer
$this->app->getAclForUser($admin)
->give_access_to_sbas([$databox->get_sbas_id()])
->update_rights_to_sbas(
$databox->get_sbas_id(), [
'bas_manage' => 1, 'bas_modify_struct' => 1,
'bas_modif_th' => 1, 'bas_chupub' => 1
$databox->get_sbas_id(),
[
\ACL::BAS_MANAGE => true,
\ACL::BAS_MODIFY_STRUCT => true,
\ACL::BAS_MODIF_TH => true,
\ACL::BAS_CHUPUB => true
]
);
$collection = \collection::create($this->app, $databox, $this->app['phraseanet.appbox'], 'test', $admin);
$this->app->getAclForUser($admin)->give_access_to_base([$collection->get_base_id()]);
$this->app->getAclForUser($admin)->update_rights_to_base($collection->get_base_id(), [
'canpush' => 1, 'cancmd' => 1
, 'canputinalbum' => 1, 'candwnldhd' => 1, 'candwnldpreview' => 1, 'canadmin' => 1
, 'actif' => 1, 'canreport' => 1, 'canaddrecord' => 1, 'canmodifrecord' => 1
, 'candeleterecord' => 1, 'chgstatus' => 1, 'imgtools' => 1, 'manage' => 1
, 'modify_struct' => 1, 'nowatermark' => 1
$this->app->getAclForUser($admin)
->give_access_to_base([$collection->get_base_id()]);
$this->app->getAclForUser($admin)
->update_rights_to_base(
$collection->get_base_id(),
[
\ACL::CANPUSH => true,
\ACL::CANCMD => true,
\ACL::CANPUTINALBUM => true,
\ACL::CANDWNLDHD => true,
\ACL::CANDWNLDPREVIEW => true,
\ACL::CANADMIN => true,
\ACL::ACTIF => true,
\ACL::CANREPORT => true,
\ACL::CANADDRECORD => true,
\ACL::CANMODIFRECORD => true,
\ACL::CANDELETERECORD => true,
\ACL::CHGSTATUS => true,
\ACL::IMGTOOLS => true,
\ACL::COLL_MANAGE => true,
\ACL::COLL_MODIFY_STRUCT => true,
\ACL::NOWATERMARK => true
]
);

1
lib/Alchemy/Phrasea/TaskManager/Editor/SubdefsEditor.php
View File

@@ -53,6 +53,7 @@ class SubdefsEditor extends AbstractEditor
<flush>5</flush>
<maxrecs>20</maxrecs>
<maxmegs>256</maxmegs>
<maxduration>3600</maxduration>
</tasksettings>
EOF;
}

15
lib/Alchemy/Phrasea/TaskManager/TaskList.php
View File

@@ -49,6 +49,17 @@ class TaskList implements TaskListInterface
$arguments[] = $this->phpConf;
}
$maxmegs = 128; // default (Mo) if not set in xml
$maxduration = 1800; // default (seconds) if not set in xml
if( ($sxSettings = @simplexml_load_string($task->getSettings())) ) {
if( ($v = (int)($sxSettings->maxmegs)) && $v > 0) {
$maxmegs = $v;
}
if( ($v = (int)($sxSettings->maxduration)) && $v > 0) {
$maxduration = $v;
}
}
$arguments[] = '-f';
$arguments[] = $this->root . '/bin/console';
$arguments[] = '--';
@@ -57,9 +68,9 @@ class TaskList implements TaskListInterface
$arguments[] = $task->getId();
$arguments[] = '--listen-signal';
$arguments[] = '--max-duration';
$arguments[] = '1800';
$arguments[] = $maxduration;
$arguments[] = '--max-memory';
$arguments[] = 128 << 20;
$arguments[] = $maxmegs << 20;
$builder = ProcessBuilder::create($arguments);
$builder->setTimeout(0);

18
lib/Alchemy/Phrasea/Twig/PhraseanetExtension.php
View File

@@ -133,7 +133,7 @@ class PhraseanetExtension extends \Twig_Extension
$structure = $databox->getStatusStructure()->toArray();
if (!$this->isGrantedOnCollection($record->getBaseId(), 'chgstatus')) {
if (!$this->isGrantedOnCollection($record->getBaseId(), [\ACL::CHGSTATUS])) {
$structure = array_filter($structure, function($status) {
return (bool) $status['printable'];
});
@@ -175,16 +175,25 @@ class PhraseanetExtension extends \Twig_Extension
return true;
}
public function isGrantedOnCollection($baseId, $rights)
/**
* returns true if user is authenticated and has all the passed rights on the base
* todo : wtf $rights is an array since it's never called with more than 1 right in it ?
*
* @param $baseId
* @param array $rights
* @return bool
* @throws \Exception
*/
public function isGrantedOnCollection($baseId, Array $rights)
{
if (false === ($this->app->getAuthenticatedUser() instanceof User)) {
return false;
}
$rights = (array) $rights;
$acl = $this->app->getAclForUser($this->app->getAuthenticatedUser());
foreach ($rights as $right) {
if (false === $this->app->getAclForUser($this->app->getAuthenticatedUser())->has_right_on_base($baseId, $right)) {
if (! $acl->has_right_on_base($baseId, $right)) {
return false;
}
@@ -196,6 +205,7 @@ class PhraseanetExtension extends \Twig_Extension
public function getCollectionLogo($baseId)
{
if (false === $this->app['filesystem']->exists(sprintf('%s/config/minilogos/%s', $this->app['root.path'], $baseId))) {
return '';
}

2
lib/Alchemy/Phrasea/Vocabulary/ControlProvider/UserProvider.php
View File

@@ -56,7 +56,7 @@ class UserProvider implements ControlProviderInterface
->like(\User_Query::LIKE_LOGIN, $query)
->like_match(\User_Query::LIKE_MATCH_OR)
->include_phantoms(true)
->on_bases_where_i_am($this->app->getAclForUser($for_user), ['canadmin'])
->on_bases_where_i_am($this->app->getAclForUser($for_user), [\ACL::CANADMIN])
->limit(0, 50)
->execute()->get_results();

711
lib/classes/ACL.php
View File

File diff suppressed because it is too large Load Diff

2
lib/classes/User/Query.php
View File

@@ -14,7 +14,7 @@ use Alchemy\Phrasea\Model\Entities\User;
use Doctrine\Common\Collections\ArrayCollection;
use Alchemy\Phrasea\Utilities\Countries;
class User_Query implements User_QueryInterface
class User_Query
{
const ORD_ASC = 'ASC';
const ORD_DESC = 'DESC';

47
lib/classes/User/QueryInterface.php
View File

@@ -1,47 +0,0 @@
<?php
/*
* This file is part of Phraseanet
*
* (c) 2005-2016 Alchemy
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
use Alchemy\Phrasea\Application;
interface User_QueryInterface
{
public function __construct(Application $app);
public function get_results();
public function who_have_right(Array $rights);
public function who_have_not_right(Array $rights);
public function execute();
public function get_total();
public function get_page();
public function on_bases_where_i_am(ACL $ACL, Array $rights);
public function on_sbas_where_i_am(ACL $ACL, Array $rights);
public function limit($offset_start, $results_quantity);
public function like($like_field, $like_value);
public function like_match($like_match);
public function on_sbas_ids(Array $sbas_ids);
public function on_base_ids(Array $base_ids);
public function sort_by($sort, $ord = 'asc');
public function get_inactives($boolean = true);
}

83
lib/classes/databox.php
View File

@@ -1121,9 +1121,12 @@ class databox extends base implements ThumbnailedElement
$this->app->getAclForUser($user)
->give_access_to_sbas([$this->id])
->update_rights_to_sbas(
$this->id, [
'bas_manage' => 1, 'bas_modify_struct' => 1,
'bas_modif_th' => 1, 'bas_chupub' => 1
$this->id,
[
\ACL::BAS_MANAGE => true,
\ACL::BAS_MODIFY_STRUCT => true,
\ACL::BAS_MODIF_TH => true,
\ACL::BAS_CHUPUB => true
]
);
@@ -1133,9 +1136,7 @@ class databox extends base implements ThumbnailedElement
$rs = $stmt->fetchAll(PDO::FETCH_ASSOC);
$stmt->closeCursor();
$sql = "INSERT INTO bas
(base_id, active, server_coll_id, sbas_id) VALUES
(null,'1', :coll_id, :sbas_id)";
$sql = "INSERT INTO bas (active, server_coll_id, sbas_id) VALUES ('1', :coll_id, :sbas_id)";
$stmt = $conn->prepare($sql);
$base_ids = [];
@@ -1156,24 +1157,28 @@ class databox extends base implements ThumbnailedElement
$this->app->getAclForUser($user)->give_access_to_base($base_ids);
foreach ($base_ids as $base_id) {
$this->app->getAclForUser($user)->update_rights_to_base($base_id, [
'canpush' => 1,
'cancmd' => 1,
'canputinalbum' => 1,
'candwnldhd' => 1,
'candwnldpreview' => 1,
'canadmin' => 1,
'actif' => 1,
'canreport' => 1,
'canaddrecord' => 1,
'canmodifrecord' => 1,
'candeleterecord' => 1,
'chgstatus' => 1,
'imgtools' => 1,
'manage' => 1,
'modify_struct' => 1,
'nowatermark' => 1
]);
$this->app->getAclForUser($user)
->update_rights_to_base(
$base_id,
[
\ACL::CANPUSH => true,
\ACL::CANCMD => true,
\ACL::CANPUTINALBUM => true,
\ACL::CANDWNLDHD => true,
\ACL::CANDWNLDPREVIEW => true,
\ACL::CANADMIN => true,
\ACL::ACTIF => true,
\ACL::CANREPORT => true,
\ACL::CANADDRECORD => true,
\ACL::CANMODIFRECORD => true,
\ACL::CANDELETERECORD => true,
\ACL::CHGSTATUS => true,
\ACL::IMGTOOLS => true,
\ACL::COLL_MANAGE => true,
\ACL::COLL_MODIFY_STRUCT => true,
\ACL::NOWATERMARK => true
]
);
}
$this->app->getAclForUser($user)->delete_data_from_cache();
@@ -1190,14 +1195,40 @@ class databox extends base implements ThumbnailedElement
return $this;
}
public function clearCandidates()
{
try {
$domct = $this->get_dom_cterms();
if ($domct !== false) {
$nodesToDel = [];
for($n = $domct->documentElement->firstChild; $n; $n = $n->nextSibling) {
if(!($n->getAttribute('delbranch'))){
$nodesToDel[] = $n;
}
}
foreach($nodesToDel as $n) {
$n->parentNode->removeChild($n);
}
if(!empty($nodesToDel)) {
$this->saveCterms($domct);
}
}
} catch (\Exception $e) {
}
}
public function reindex()
{
$this->clearCandidates();
$this->get_connection()->update('pref', ['updated_on' => '0000-00-00 00:00:00'], ['prop' => 'indexes']);
// Set TO_INDEX flag on all records
$sql = "UPDATE record SET jeton = (jeton | :token)";
$sql = "UPDATE record SET jeton = ((jeton & ~ :token_and) | :token_or)";
$stmt = $this->connection->prepare($sql);
$stmt->bindValue(':token', PhraseaTokens::TO_INDEX, PDO::PARAM_INT);
$stmt->bindValue(':token_and', PhraseaTokens::INDEXING, PDO::PARAM_INT);
$stmt->bindValue(':token_or', PhraseaTokens::TO_INDEX, PDO::PARAM_INT);
$stmt->execute();
$this->app['dispatcher']->dispatch(

2
lib/classes/databox/status.php
View File

@@ -24,7 +24,7 @@ class databox_status
foreach ($app->getAclForUser($app->getAuthenticatedUser())->get_granted_sbas() as $databox) {
$see_all = false;
foreach ($databox->get_collections() as $collection) {
if ($app->getAclForUser($app->getAuthenticatedUser())->has_right_on_base($collection->get_base_id(), 'chgstatus')) {
if ($app->getAclForUser($app->getAuthenticatedUser())->has_right_on_base($collection->get_base_id(), \ACL::CHGSTATUS)) {
$see_all = true;
break;
}

8
lib/classes/databox/subdef.php
View File

@@ -12,6 +12,7 @@ use Alchemy\Phrasea\Media\Subdef\Audio;
use Alchemy\Phrasea\Media\Subdef\FlexPaper;
use Alchemy\Phrasea\Media\Subdef\Gif;
use Alchemy\Phrasea\Media\Subdef\Image;
use Alchemy\Phrasea\Media\Subdef\Unknown;
use Alchemy\Phrasea\Media\Subdef\Subdef as SubdefSpecs;
use Alchemy\Phrasea\Media\Subdef\Video;
use Alchemy\Phrasea\Media\Type\Type as SubdefType;
@@ -37,6 +38,7 @@ class databox_subdef
SubdefType::TYPE_FLASH => [SubdefSpecs::TYPE_IMAGE],
SubdefType::TYPE_IMAGE => [SubdefSpecs::TYPE_IMAGE],
SubdefType::TYPE_VIDEO => [SubdefSpecs::TYPE_IMAGE, SubdefSpecs::TYPE_VIDEO, SubdefSpecs::TYPE_ANIMATION],
SubdefType::TYPE_UNKNOWN => [SubdefSpecs::TYPE_IMAGE]
];
/**
@@ -111,6 +113,9 @@ class databox_subdef
case SubdefSpecs::TYPE_FLEXPAPER:
$this->subdef_type = $this->buildFlexPaperSubdef($sd);
break;
case SubdefSpecs::TYPE_UNKNOWN:
$this->subdef_type = $this->buildImageSubdef($sd);
break;
}
}
@@ -372,6 +377,9 @@ class databox_subdef
case SubdefSpecs::TYPE_VIDEO:
$mediatype_obj = new Video($this->translator);
break;
case SubdefSpecs::TYPE_UNKNOWN:
$mediatype_obj = new Unknown($this->translator);
break;
default:
continue;
break;

4
lib/classes/eventsmanager/broker.php
View File

@@ -129,13 +129,13 @@ class eventsmanager_broker
foreach ($rs as $row) {
$type = 'eventsmanager_' . $row['type'];
$data = @json_decode($row['datas'], true);
$json = @json_decode($row['datas'], true);
if (json_last_error() !== JSON_ERROR_NONE) {
continue;
}
$content = $this->pool_classes[$type]->datas($data, $row['unread']);
$content = $this->pool_classes[$type]->datas($json, $row['unread']);
if ( ! isset($this->pool_classes[$type]) || count($content) === 0) {
$sql = 'DELETE FROM notifications WHERE id = :id';

2
lib/classes/eventsmanager/notify/autoregister.php
View File

@@ -73,6 +73,6 @@ class eventsmanager_notify_autoregister extends eventsmanager_notifyAbstract
return false;
}
return $this->app->getAclForUser($user)->has_right('manageusers');
return $this->app->getAclForUser($user)->has_right(\ACL::CANADMIN);
}
}

2
lib/classes/eventsmanager/notify/order.php
View File

@@ -75,6 +75,6 @@ class eventsmanager_notify_order extends eventsmanager_notifyAbstract
*/
public function is_available(User $user)
{
return $this->app->getAclForUser($user)->has_right('order_master');
return $this->app->getAclForUser($user)->has_right(\ACL::ORDER_MASTER);
}
}

2
lib/classes/eventsmanager/notify/register.php
View File

@@ -75,6 +75,6 @@ class eventsmanager_notify_register extends eventsmanager_notifyAbstract
return false;
}
return $this->app->getAclForUser($user)->has_right('manageusers');
return $this->app->getAclForUser($user)->has_right(\ACL::CANADMIN);
}
}

2
lib/classes/eventsmanager/notify/uploadquarantine.php
View File

@@ -75,6 +75,6 @@ class eventsmanager_notify_uploadquarantine extends eventsmanager_notifyAbstract
*/
public function is_available(User $user)
{
return $this->app->getAclForUser($user)->has_right('addrecord');
return $this->app->getAclForUser($user)->has_right(\ACL::CANADDRECORD);
}
}

2
lib/classes/eventsmanager/notify/validationdone.php
View File

@@ -90,6 +90,6 @@ class eventsmanager_notify_validationdone extends eventsmanager_notifyAbstract
*/
public function is_available(User $user)
{
return $this->app->getAclForUser($user)->has_right('push');
return $this->app->getAclForUser($user)->has_right(\ACL::CANPUSH);
}
}

2
lib/classes/media/subdef.php
View File

@@ -656,10 +656,12 @@ class media_subdef extends media_abstract implements cache_cacheableInterface
$params['height'] = $media->getHeight();
}
/** @var callable $factoryProvider */
$factoryProvider = $app['provider.factory.media_subdef'];
$factory = $factoryProvider($record->getDataboxId());
$subdef = $factory($params);
Assertion::isInstanceOf($subdef, \media_subdef::class);
$repository = self::getMediaSubdefRepository($app, $record->getDataboxId());

Some files were not shown because too many files have changed in this diff Show More