Moved terms Of Use as a dedicated controller

config/nginx.rewrite.rules

@@ -29,6 +29,7 @@ rewrite ^/prod/baskets/.*$        /prod/router.php last;
 rewrite ^/prod/story/.*$          /prod/router.php last;
 rewrite ^/prod/WorkZone/.*$       /prod/router.php last;
 rewrite ^/prod/language/.*$       /prod/router.php last;
+rewrite ^/prod/TOU/.*$            /prod/router.php last;
 rewrite ^/prod/UserPreferences/.*$  /prod/router.php last;
 rewrite ^/prod/$                  /prod/router.php last;
 

lib/Alchemy/Phrasea/Application/Prod.php

@@ -50,6 +50,7 @@ return call_user_func(function()
       $app->mount('/bridge/', new Controller\Bridge());
       $app->mount('/push/', new Controller\Push());
       $app->mount('/printer/', new Controller\Printer());
+      $app->mount('/TOU/', new Controller\TOU());
       $app->mount('/feeds', new Controller\Feed());
       $app->mount('/tooltip', new Controller\Tooltip());
       $app->mount('/language', new Controller\Language());

lib/Alchemy/Phrasea/Controller/Prod/TOU.php

@@ -0,0 +1,70 @@
+<?php
+
+/*
+ * This file is part of Phraseanet
+ *
+ * (c) 2005-2012 Alchemy
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Alchemy\Phrasea\Controller\Prod;
+
+use Silex\Application;
+use Silex\ControllerProviderInterface;
+use Silex\ControllerCollection;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\HttpException;
+use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
+use Alchemy\Phrasea\Helper\Record as RecordHelper;
+
+/**
+ *
+ * @package
+ * @license     http://opensource.org/licenses/gpl-3.0 GPLv3
+ * @link        www.phraseanet.com
+ */
+class TOU implements ControllerProviderInterface
+{
+
+  public function connect(Application $app)
+  {
+    $controllers = new ControllerCollection();
+
+    $controllers->post('/deny/{sbas_id}/', function(Application $app, Request $request, $sbas_id)
+      {
+        $ret = array('success' => false, 'message' => '');
+
+        try
+        {
+          $user    = $app['Core']->getAuthenticatedUser();
+          $session = \Session_Handler::getInstance(\appbox::get_instance());
+
+          $databox = \databox::get_instance((int) $sbas_id);
+
+          $user->ACL()->revoke_access_from_bases(
+            $user->ACL()->get_granted_base(array(), array($databox->get_sbas_id()))
+          );
+          $user->ACL()->revoke_unused_sbas_rights();
+
+          $session->logout();
+
+          $ret = array('success' => true, 'message' => '');
+        }
+        catch (\Exception $e)
+        {
+
+        }
+
+        $Serializer = $app['Core']['Serializer'];
+        $datas      = $Serializer->serialize($ret, 'json');
+
+        return new Response($datas, 200, array('Content-Type' => 'application/json'));
+      });
+
+    return $controllers;
+  }
+
+}

lib/classes/databox/cgu.class.php

@@ -31,8 +31,9 @@ class databox_cgu
     foreach ($terms as $name => $term)
     {
       if (trim($term['terms']) == '')
+      {
         continue;
-
+      }
       $out .= '<div style="display:none;" class="cgu-dialog" title="' . str_replace('"', '&quot;', sprintf(_('cgus:: CGUs de la base %s'), $name)) . '">';
 
       $out .= '<blockquote>' . $term['terms'] . '</blockquote>';
@@ -46,49 +47,6 @@ class databox_cgu
     return $out;
   }
 
-  public static function denyCgus($sbas_id)
-  {
-    $appbox = appbox::get_instance();
-    $session = $appbox->get_session();
-    if (!$session->is_authenticated())
-
-      return '2';
-
-    $ret = '1';
-
-    try
-    {
-      $sql = 'DELETE FROM sbasusr WHERE sbas_id = :sbas_id AND usr_id = :usr_id';
-
-      $stmt = $appbox->get_connection()->prepare($sql);
-      $stmt->execute(array(':sbas_id' => $sbas_id, ':usr_id' => $session->get_usr_id()));
-      $stmt->closeCursor();
-    }
-    catch (Exception $e)
-    {
-      $ret = '0';
-    }
-
-    try
-    {
-      $sql = 'DELETE FROM basusr
-        WHERE base_id IN (SELECT base_id FROM bas WHERE sbas_id = :sbas_id)
-          AND usr_id = :usr_id';
-
-      $stmt = $appbox->get_connection()->prepare($sql);
-      $stmt->execute(array(':sbas_id' => $sbas_id, ':usr_id' => $session->get_usr_id()));
-      $stmt->closeCursor();
-    }
-    catch (Exception $e)
-    {
-      $ret = '0';
-    }
-
-    $session->logout();
-
-    return $ret;
-  }
-
   private static function getUnvalidated($home=false)
   {
     $terms = array();
@@ -116,7 +74,7 @@ class databox_cgu
 
         if (!$home)
         {
-          if(!$user->ACL()->has_access_to_sbas($databox->get_sbas_id()));
+          if(!$user->ACL()->has_access_to_sbas($databox->get_sbas_id()))
           {
             continue;
           }

www/.htaccess

@@ -30,6 +30,7 @@
   RewriteRule ^prod/push/.*$          /prod/router.php [L]
   RewriteRule ^prod/printer/.*$       /prod/router.php [L]
   RewriteRule ^prod/story/.*$         /prod/router.php [L]
+  RewriteRule ^prod/TOU/.*$         /prod/router.php [L]
   RewriteRule ^prod/WorkZone/.*$      /prod/router.php [L]
   RewriteRule ^prod/language/.*$      /prod/router.php [L]
   RewriteRule ^prod/$                 /prod/router.php [L]

www/prod/page0.js

@@ -629,17 +629,18 @@ function cancelCgus(id)
 
   $.ajax({
     type: "POST",
-    url: "/prod/prodFeedBack.php",
-    data: {
-      sbas_id:id,
-      action:'DENY_CGU'
-    },
+    url: "/prod/TOU/deny/" + id + "/",
+    dataType:'json',
     success: function(data){
-      if(data == '1')
+      if(data.success)
       {
         alert(language.cgusRelog);
         self.location.replace(self.location.href);
       }
+      alert
+      {
+        humane.error(data.message);
+      }
     }
   });
 

www/prod/prodFeedBack.php

@@ -89,10 +89,6 @@ switch ($action)
     $output = deleteRecord($parm['lst'], $parm['del_children']);
     break;
 
-  case 'DENY_CGU':
-    $parm = $request->get_parms('sbas_id');
-    $output = databox_cgu::denyCgus($parm['sbas_id']);
-    break;
   case 'READ_NOTIFICATIONS':
     try
     {