diff --git a/lib/Alchemy/Phrasea/Controller/Datafiles.php b/lib/Alchemy/Phrasea/Controller/Datafiles.php index 946b94e661..a8b2cc2167 100644 --- a/lib/Alchemy/Phrasea/Controller/Datafiles.php +++ b/lib/Alchemy/Phrasea/Controller/Datafiles.php @@ -66,10 +66,16 @@ class Datafiles extends AbstractDelivery $watermark = !$app['acl']->get($app['authentication']->getUser())->has_right_on_base($record->get_base_id(), 'nowatermark'); if ($watermark && !$all_access) { - $subdef_class = $databox - ->get_subdef_structure() - ->get_subdef($record->get_type(), $subdef) - ->get_class(); + $subdef_class = null; + try { + $subdef_class = $databox + ->get_subdef_structure() + ->get_subdef($record->get_type(), $subdef) + ->get_class(); + } catch(\Exception_Databox_SubdefNotFound $e) { + + } + if ($subdef_class == \databox_subdef::CLASS_PREVIEW && $app['acl']->get($app['authentication']->getUser())->has_preview_grant($record)) { $watermark = false; @@ -79,11 +85,8 @@ class Datafiles extends AbstractDelivery } if ($watermark && !$all_access) { - $repository = $app['repo.basket-elements']; - /* @var $repository BasketElementRepository */ - $ValidationByRecord = $repository->findReceivedValidationElementsByRecord($record, $app['authentication']->getUser()); $ReceptionByRecord = $repository->findReceivedElementsByRecord($record, $app['authentication']->getUser()); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Order.php b/lib/Alchemy/Phrasea/Controller/Prod/Order.php index 1a5b8ad683..98cfb0f21c 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Order.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Order.php @@ -146,6 +146,7 @@ class Order implements ControllerProviderInterface 'order_id' => $order->getId(), 'usr_id' => $order->getUser()->getId() ]); + $success = true; $app['EM']->persist($order); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Push.php b/lib/Alchemy/Phrasea/Controller/Prod/Push.php index 5109a0e4df..28ad989498 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Push.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Push.php @@ -221,7 +221,7 @@ class Push implements ControllerProviderInterface 'basket' => $Basket->getId(), ); - if (!$app['conf']->get(['registry', 'actions', 'force-authentication']) || !$request->get('force_authentication')) { + if (!$app['conf']->get(['registry', 'actions', 'enable-push-authentication']) || !$request->get('force_authentication')) { $arguments['LOG'] = $app['manipulator.token']->createBasketAccessToken($Basket, $user_receiver); } @@ -416,7 +416,7 @@ class Push implements ControllerProviderInterface 'basket' => $Basket->getId(), ); - if (!$app['conf']->get(['registry', 'actions', 'force-authentication']) || !$request->get('force_authentication')) { + if (!$app['conf']->get(['registry', 'actions', 'enable-push-authentication']) || !$request->get('force_authentication')) { $arguments['LOG'] = $app['manipulator.token']->createBasketAccessToken($Basket, $participant_user); } diff --git a/lib/Alchemy/Phrasea/Core/Configuration/RegistryManipulator.php b/lib/Alchemy/Phrasea/Core/Configuration/RegistryManipulator.php index 0fa7d495ba..2771ab2ade 100644 --- a/lib/Alchemy/Phrasea/Core/Configuration/RegistryManipulator.php +++ b/lib/Alchemy/Phrasea/Core/Configuration/RegistryManipulator.php @@ -110,7 +110,8 @@ class RegistryManipulator 'export-title-choice' => false, 'default-export-title' => 'title', 'social-tools' => 'none', - 'force-authentication' => false, + 'enable-push-authentication' => false, + 'force-push-authentication' => false, ], 'ftp' => [ 'ftp-enabled' => false, diff --git a/lib/Alchemy/Phrasea/Form/Configuration/ActionsFormType.php b/lib/Alchemy/Phrasea/Form/Configuration/ActionsFormType.php index 34016f3e2d..fd61d66c76 100644 --- a/lib/Alchemy/Phrasea/Form/Configuration/ActionsFormType.php +++ b/lib/Alchemy/Phrasea/Form/Configuration/ActionsFormType.php @@ -47,7 +47,7 @@ class ActionsFormType extends AbstractType 'label' => 'Enable this setting to share on Facebook and Twitter', 'choices' => ['none' => 'Disabled', 'publishers' => 'Publishers', 'all' => 'Enabled'], ]); - $builder->add('force-authentication', 'checkbox', [ + $builder->add('enable-push-authentication', 'checkbox', [ 'label' => 'Enable Forcing authentication to see push content', 'help_message' => 'Adds an option to the push form submission to restrict push recipient(s) to Phraseanet users only.', ]); diff --git a/lib/classes/databox.php b/lib/classes/databox.php index 4d379972b0..b62b1652f5 100644 --- a/lib/classes/databox.php +++ b/lib/classes/databox.php @@ -664,20 +664,24 @@ class databox extends base try { $metaStructData = $this->get_data_from_cache(self::CACHE_META_STRUCT); } catch (\Exception $e) { - $sql = 'SELECT id, name FROM metadatas_structure ORDER BY sorter ASC'; + $sql = 'SELECT id, `name` FROM metadatas_structure ORDER BY sorter ASC'; $stmt = $this->get_connection()->prepare($sql); $stmt->execute(); $rs = $stmt->fetchAll(PDO::FETCH_ASSOC); $stmt->closeCursor(); - $metaStructData = $rs; - $this->set_data_to_cache($metaStructData, self::CACHE_META_STRUCT); + if ($rs) { + $metaStructData = $rs; + $this->set_data_to_cache($metaStructData, self::CACHE_META_STRUCT); + } } $this->meta_struct = new databox_descriptionStructure(); - foreach ($metaStructData as $row) { - $this->meta_struct->add_element(databox_field::get_instance($this->app, $this, $row['id'])); + if ($metaStructData) { + foreach ($metaStructData as $row) { + $this->meta_struct->add_element(databox_field::get_instance($this->app, $this, $row['id'])); + } } return $this->meta_struct; diff --git a/templates/web/prod/WorkZone/Macros.html.twig b/templates/web/prod/WorkZone/Macros.html.twig index 3af456d212..6bee665ea9 100644 --- a/templates/web/prod/WorkZone/Macros.html.twig +++ b/templates/web/prod/WorkZone/Macros.html.twig @@ -48,7 +48,7 @@ {% if app['acl'].get(app['authentication'].getUser()).has_right('modifyrecord') %}
{% trans 'action::editer' %} + class="context-menu-item-inner">{{ 'edit' | trans }}
{% endif %} @@ -219,7 +219,7 @@ onclick="downloadThis('lst={{story.getRecord(app).get_serialize_key()}}');">{{ 'action::exporter' | trans }} - {% if app['authentication'].getUser().ACL().has_right('modifyrecord') %} + {% if app['acl'].get(app['authentication'].getUser()).has_right('modifyrecord') %}
{{ 'action::editer' | trans }} diff --git a/templates/web/prod/actions/Download/prepare.html.twig b/templates/web/prod/actions/Download/prepare.html.twig index e7aac4c7e5..e09f88ab8f 100644 --- a/templates/web/prod/actions/Download/prepare.html.twig +++ b/templates/web/prod/actions/Download/prepare.html.twig @@ -91,7 +91,7 @@
-
+ {% if anonymous %} {% endif%} diff --git a/tests/Alchemy/Tests/Phrasea/Application/OverviewTest.php b/tests/Alchemy/Tests/Phrasea/Application/OverviewTest.php index 91b13788d8..d371c63799 100644 --- a/tests/Alchemy/Tests/Phrasea/Application/OverviewTest.php +++ b/tests/Alchemy/Tests/Phrasea/Application/OverviewTest.php @@ -9,10 +9,28 @@ class OverviewTest extends \PhraseanetAuthenticatedWebTestCase { public function testDatafilesRouteAuthenticated() { + $subdef = 'preview'; + $acl = $this->getMockBuilder('ACL') + ->disableOriginalConstructor() + ->getMock(); + $acl->expects($this->any()) + ->method('has_access_to_subdef') + ->with($this->isInstanceOf('\record_adapter'), $this->equalTo($subdef)) + ->will($this->returnValue(true)); + + $aclProvider = $this->getMockBuilder('Alchemy\Phrasea\Authentication\ACLProvider') + ->disableOriginalConstructor() + ->getMock(); + $aclProvider->expects($this->any()) + ->method('get') + ->will($this->returnValue($acl)); + + self::$DI['app']['acl'] = $aclProvider; + $path = self::$DI['app']['url_generator']->generate('datafile', array( 'sbas_id' => self::$DI['record_1']->get_sbas_id(), 'record_id' => self::$DI['record_1']->get_record_id(), - 'subdef' => 'preview', + 'subdef' => $subdef, )); self::$DI['client']->request('GET', $path); @@ -38,6 +56,23 @@ class OverviewTest extends \PhraseanetAuthenticatedWebTestCase public function testEtag() { + $acl = $this->getMockBuilder('ACL') + ->disableOriginalConstructor() + ->getMock(); + $acl->expects($this->any()) + ->method('has_access_to_subdef') + ->with($this->isInstanceOf('\record_adapter'), $this->isType('string')) + ->will($this->returnValue(true)); + + $aclProvider = $this->getMockBuilder('Alchemy\Phrasea\Authentication\ACLProvider') + ->disableOriginalConstructor() + ->getMock(); + $aclProvider->expects($this->any()) + ->method('get') + ->will($this->returnValue($acl)); + + self::$DI['app']['acl'] = $aclProvider; + $path = self::$DI['app']['url_generator']->generate('datafile', array( 'sbas_id' => self::$DI['record_1']->get_sbas_id(), 'record_id' => self::$DI['record_1']->get_record_id(), diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php index 22d0c3d448..6edcc70ce8 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Admin/AdminCollectionTest.php @@ -593,6 +593,8 @@ class AdminCollectionTest extends \PhraseanetAuthenticatedWebTestCase */ public function testSetWatermarkBadRequest() { + $this->setAdmin(true); + self::$DI['client']->request('POST', '/admin/collection/' . self::$DI['collection']->get_base_id() . '/picture/watermark/'); $this->assertBadResponse(self::$DI['client']->getResponse()); diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Admin/UsersTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Admin/UsersTest.php index e9502b3258..bb79b1fe74 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Admin/UsersTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Admin/UsersTest.php @@ -48,12 +48,13 @@ class UsersTest extends \PhraseanetAuthenticatedWebTestCase $user = self::$DI['app']['manipulator.user']->createUser(uniqid('user_'), 'test', 'titi@titi.fr'); + self::giveRightsToUser(self::$DI['app'], self::$DI['app']['authentication']->getUser(), array(self::$DI['collection']->get_base_id()), true); + self::$DI['client']->request('POST', '/admin/users/rights/apply/', [ 'users' => $user->getId(), 'values' => 'canreport_' . self::$DI['collection']->get_base_id() . '=1&manage_' . self::$DI['collection']->get_base_id() . '=1&canpush_' . self::$DI['collection']->get_base_id() . '=1', 'user_infos' => ['email' => 'toto@toto.fr' ] ]); - $response = self::$DI['client']->getResponse(); $this->assertTrue($response->isOK()); $this->assertEquals("application/json", $response->headers->get("content-type")); diff --git a/tests/Alchemy/Tests/Phrasea/Controller/Root/LoginTest.php b/tests/Alchemy/Tests/Phrasea/Controller/Root/LoginTest.php index 4564732d3d..68abb32e94 100644 --- a/tests/Alchemy/Tests/Phrasea/Controller/Root/LoginTest.php +++ b/tests/Alchemy/Tests/Phrasea/Controller/Root/LoginTest.php @@ -238,7 +238,7 @@ class LoginTest extends \PhraseanetAuthenticatedWebTestCase ; $this->logout(self::$DI['app']); $email = $this->generateEmail(); - $user = self::$DI['app']['manipulator.user']->createUser('test', 'test', $email); + $user = self::$DI['app']['manipulator.user']->createUser(uniqid('test_'), uniqid('test_'), $email); $token = self::$DI['app']['manipulator.token']->createResetEmailToken($user, $email); $user->setMailLocked(true); diff --git a/tests/classes/PhraseanetTestCase.php b/tests/classes/PhraseanetTestCase.php index 2447f36c8e..c142c657f0 100644 --- a/tests/classes/PhraseanetTestCase.php +++ b/tests/classes/PhraseanetTestCase.php @@ -527,7 +527,7 @@ abstract class PhraseanetTestCase extends WebTestCase * * @param User $user */ - public static function giveRightsToUser(Application $app, User $user, $base_ids = null) + public static function giveRightsToUser(Application $app, User $user, $base_ids = null, $force = false) { $app['acl']->get($user)->delete_data_from_cache(\ACL::CACHE_GLOBAL_RIGHTS); $app['acl']->get($user)->give_access_to_sbas(array_keys($app['phraseanet.appbox']->get_databoxes())); @@ -553,7 +553,7 @@ abstract class PhraseanetTestCase extends WebTestCase $app['acl']->get($user)->delete_data_from_cache(\ACL::CACHE_RIGHTS_BAS); - if ($app['acl']->get($user)->has_access_to_base($base_id)) { + if ($app['acl']->get($user)->has_access_to_base($base_id) && false === $force) { continue; } diff --git a/tests/classes/record/adapterTest.php b/tests/classes/record/adapterTest.php index c8315edef3..5c3f6be07b 100644 --- a/tests/classes/record/adapterTest.php +++ b/tests/classes/record/adapterTest.php @@ -36,7 +36,34 @@ class record_adapterTest extends \PhraseanetAuthenticatedTestCase */ public function testSetExport() { - self::$DI['app']['acl']->get( self::$DI['app']['authentication']->getUser())->update_rights_to_base(self::$DI['record_1']->get_base_id(), ['order_master' => true]); + $acl = $this->getMockBuilder('ACL') + ->disableOriginalConstructor() + ->getMock(); + $acl->expects($this->any()) + ->method('has_right') + ->with($this->equalTo('order')) + ->will($this->returnValue(true)); + $acl->expects($this->any()) + ->method('has_access_to_record') + ->with($this->isInstanceOf('\record_adapter')) + ->will($this->returnValue(true)); + $acl->expects($this->any()) + ->method('has_right_on_base') + ->with($this->isType(\PHPUnit_Framework_Constraint_IsType::TYPE_INT), $this->equalTo('cancmd')) + ->will($this->returnValue(true)); + $acl->expects($this->any()) + ->method('has_right_on_sbas') + ->with($this->isType(\PHPUnit_Framework_Constraint_IsType::TYPE_INT), $this->equalTo('cancmd')) + ->will($this->returnValue(true)); + + $aclProvider = $this->getMockBuilder('Alchemy\Phrasea\Authentication\ACLProvider') + ->disableOriginalConstructor() + ->getMock(); + $aclProvider->expects($this->any()) + ->method('get') + ->will($this->returnValue($acl)); + + self::$DI['app']['acl'] = $aclProvider; $eventManagerStub = $this->getMockBuilder('\eventsmanager_broker') ->disableOriginalConstructor() @@ -49,7 +76,7 @@ class record_adapterTest extends \PhraseanetAuthenticatedTestCase self::$DI['app']['events-manager'] = $eventManagerStub; - self::$DI['client']->request('POST', '/prod/order/', [ + self::$DI['client']->request('POST', self::$DI['app']['url_generator']->generate('prod_order_new'), [ 'lst' => self::$DI['record_1']->get_serialize_key(), 'deadline' => '+10 minutes' ]);