File <code>modules/cms/action/folder/FolderAdvancedAction.class.php</code>

File modules/cms/action/folder/FolderAdvancedAction.class.php

Last commit: Sat Mar 19 12:10:34 2022 +0100 dankert Removed support for: Export, Import, Compress, Uncompress, Extract. This is more comfortable via WebDAV.

1 <?php 2 namespace cms\action\folder; 3 use cms\action\Action; 4 use cms\action\FolderAction; 5 use cms\action\Method; 6 use cms\base\Startup; 7 use cms\model\Permission; 8 use cms\model\BaseObject; 9 use cms\model\File; 10 use cms\model\Folder; 11 use cms\model\Link; 12 use cms\model\Page; 13 use cms\model\Project; 14 use cms\model\Url; 15 use language\Messages; 16 use util\exception\SecurityException; 17 use util\Html; 18 19 20 class FolderAdvancedAction extends FolderAction implements Method { 21 22 public function view() { 23 $this->setTemplateVar('writable',$this->folder->hasRight(Permission::ACL_WRITE) ); 24 25 $list = array(); 26 27 // Schleife ueber alle Objekte in diesem Ordner 28 foreach( $this->folder->getObjects() as $o ) 29 { 30 /* @var $o BaseObject */ 31 $id = $o->objectid; 32 33 if ( $o->hasRight(Permission::ACL_READ) ) 34 { 35 $list[$id]['objectid'] = $id; 36 $list[$id]['id' ] = 'obj'.$id; 37 $list[$id]['name' ] = $o->getDefaultName()->name; 38 $list[$id]['filename'] = $o->filename; 39 $list[$id]['desc' ] = $o->getDefaultName()->description; 40 if ( $list[$id]['desc'] == '' ) 41 $list[$id]['desc'] = \cms\base\Language::lang('NO_DESCRIPTION_AVAILABLE'); 42 $list[$id]['desc'] = 'ID '.$id.' - '.$list[$id]['desc']; 43 44 $list[$id]['type'] = $o->getType(); 45 46 $list[$id]['icon'] = $o->getType(); 47 48 $list[$id]['url' ] = Html::url($o->getType(),'',$id); 49 $list[$id]['date'] = date( \cms\base\Language::lang('DATE_FORMAT'),$o->lastchangeDate ); 50 $list[$id]['user'] = $o->lastchangeUser; 51 52 if ( $this->request->isTrue("markall") || $this->request->isTrue('obj'.$id) ) 53 $this->setTemplateVar('obj'.$id,'1'); 54 } 55 } 56 57 if ( $this->folder->hasRight(Permission::ACL_WRITE) ) 58 { 59 // Alle anderen Ordner ermitteln 60 $otherfolder = array(); 61 $project = new Project( $this->folder->projectid ); 62 foreach( $project->getAllFolders() as $id ) 63 { 64 $f = new Folder( $id ); 65 if ( $f->hasRight( Permission::ACL_WRITE ) ) 66 $otherfolder[$id] = Startup::FILE_SEP.implode( Startup::FILE_SEP,$f->parentObjectNames(false,true) ); 67 } 68 asort( $otherfolder ); 69 70 $this->setTemplateVar('folder',$otherfolder); 71 72 // URLs zum Umsortieren der Eintraege 73 $this->setTemplateVar('order_url' ,Html::url('folder','order',$this->folder->objectid) ); 74 } 75 76 $actionList = array(); 77 $actionList[] = 'copy'; 78 $actionList[] = 'link'; 79 $actionList[] = 'archive'; 80 81 if ( $this->folder->hasRight(Permission::ACL_WRITE) ) 82 { 83 $actionList[] = 'move'; 84 $actionList[] = 'delete'; 85 } 86 87 $this->setTemplateVar('actionlist',$actionList ); 88 $this->setTemplateVar('defaulttype',$this->request->getAlphanum('type')); 89 90 $this->setTemplateVar('object' ,$list ); 91 $this->setTemplateVar('act_objectid',$this->folder->objectid); 92 93 $project = new Project($this->folder->projectid); 94 $rootFolder = new Folder( $project->getRootObjectId() ); 95 $rootFolder->load(); 96 97 $this->setTemplateVar('properties' ,$this->folder->getProperties() ); 98 $this->setTemplateVar('rootfolderid' ,$rootFolder->objectid ); 99 $this->setTemplateVar('rootfoldername',$rootFolder->filename ); 100 } 101 102 103 public function post() { 104 $type = $this->request->getText('type'); 105 $ids = explode(',',$this->request->getText('ids')); 106 $targetObjectId = $this->request->getText('targetobjectid'); 107 108 // Prüfen, ob Schreibrechte im Zielordner bestehen. 109 switch( $type ) 110 { 111 case 'move': 112 case 'copy': 113 case 'link': 114 $f = new Folder( $targetObjectId ); 115 116 // Beim Verkn�pfen muss im Zielordner die Berechtigung zum Erstellen 117 // von Verkn�pfungen vorhanden sein. 118 // 119 // Beim Verschieben und Kopieren muss im Zielordner die Berechtigung 120 // zum Erstellen von Ordner, Dateien oder Seiten vorhanden sein. 121 if ( ( $type=='link' && $f->hasRight( Permission::ACL_CREATE_LINK ) ) || 122 ( ( $type=='move' || $type == 'copy' ) && 123 ( $f->hasRight(Permission::ACL_CREATE_FOLDER) || $f->hasRight(Permission::ACL_CREATE_FILE) || $f->hasRight(Permission::ACL_CREATE_PAGE) ) ) ) 124 ; // OK 125 else 126 throw new SecurityException('no_rights'); 127 128 break; 129 default: 130 } 131 132 133 $ids = $this->folder->getObjectIds(); 134 $objectList = array(); 135 136 foreach( $ids as $id ) 137 { 138 // Nur, wenn Objekt ausgewaehlt wurde 139 if ( !$this->request->isTrue('obj'.$id) ) 140 continue; 141 142 $o = new BaseObject( $id ); 143 $o->load(); 144 145 // Fuer die gewuenschte Aktion muessen pro Objekt die entsprechenden Rechte 146 // vorhanden sein. 147 if ( $type == 'copy' && $o->hasRight( Permission::ACL_READ ) || 148 $type == 'move' && $o->hasRight( Permission::ACL_WRITE ) || 149 $type == 'link' && $o->hasRight( Permission::ACL_READ ) || 150 $type == 'archive' && $o->hasRight( Permission::ACL_READ ) || 151 $type == 'delete' && $o->hasRight( Permission::ACL_DELETE ) ) 152 $objectList[ $id ] = $o->getProperties(); 153 else 154 $this->addNoticeFor($o,Messages::NO_RIGHTS ); 155 } 156 157 $ids = array_keys($objectList); 158 159 foreach( $ids as $id ) 160 { 161 $o = new BaseObject( $id ); 162 $o->load(); 163 164 switch( $type ) 165 { 166 case 'move': 167 if ( $o->isFolder ) 168 { 169 $f = new Folder( $id ); 170 $allsubfolders = $f->getAllSubFolderIds(); 171 172 // Plausibilisierungsprüfung: 173 // 174 // Wenn 175 // - Das Zielverzeichnis sich nicht in einem Unterverzeichnis des zu verschiebenen Ordners liegt 176 // und 177 // - Das Zielverzeichnis nicht der zu verschiebene Ordner ist 178 // dann verschieben 179 if ( !in_array($targetObjectId,$allsubfolders) && $id != $targetObjectId ) 180 { 181 $this->addNoticeFor($o,Messages::MOVED); 182 $o->setParentId( $targetObjectId ); 183 } 184 else 185 { 186 $this->addErrorFor($o,Messages::NO_RIGHTS); 187 } 188 } 189 else 190 { 191 $o->setParentId( $targetObjectId ); 192 $this->addNoticeFor($o,Messages::MOVED); 193 } 194 break; 195 196 case 'copy': 197 switch( $o->getType() ) 198 { 199 case 'folder': 200 // Ordner zur Zeit nicht kopieren 201 // Funktion waere zu verwirrend 202 $this->addErrorFor($o,Messages::CANNOT_COPY_FOLDER); 203 break; 204 205 case 'file': 206 $f = new File(); 207 $f->load(); 208 $f->filename = ''; 209 $f->parentid = $targetObjectId; 210 $f->persist(); 211 $f->copyValueFromFile( $id ); 212 $f->copyNamesFrom( $id ); 213 214 $this->addNoticeFor($o,Messages::COPIED); 215 break; 216 217 case 'page': 218 $p = new Page(); 219 $p->load(); 220 $p->filename = ''; 221 $p->parentid = $targetObjectId; 222 $p->persist(); 223 $p->copyValuesFromPage( $id ); 224 $p->copyNamesFrom( $id ); 225 $this->addNoticeFor($o,Messages::COPIED); 226 break; 227 228 case 'link': 229 $l = new Link(); 230 $l->load(); 231 $l->filename = ''; 232 $l->parentid = $targetObjectId; 233 $l->persist(); 234 $l->copyNamesFrom( $id ); 235 $this->addNoticeFor($o,Messages::COPIED); 236 break; 237 238 default: 239 throw new \LogicException('fatal: what type to delete?'); 240 } 241 $notices[] = \cms\base\Language::lang('COPIED'); 242 break; 243 244 case 'link': 245 246 if ( $o->isFile || 247 $o->isImage || 248 $o->isText || 249 $o->isPage ) // Nur Seiten oder Dateien sind verknuepfbar 250 { 251 $link = new Link(); 252 $link->parentid = $targetObjectId; 253 254 $link->linkedObjectId = $id; 255 $link->isLinkToObject = true; 256 $link->persist(); 257 $link->copyNamesFrom($o->objectid); 258 $this->addNoticeFor($o,Messages::LINKED); 259 } 260 else 261 { 262 $this->addErrorFor($o,Messages::ERROR); 263 } 264 break; 265 266 case 'delete': 267 268 if ( $this->request->isTrue('confirm') ) 269 { 270 switch( $o->getType() ) 271 { 272 case 'folder': 273 $f = new Folder( $id ); 274 $f->deleteAll(); 275 break; 276 277 case 'file': 278 $f = new File( $id ); 279 $f->delete(); 280 break; 281 282 case 'page': 283 $p = new Page( $id ); 284 $p->load(); 285 $p->delete(); 286 break; 287 288 case 'link': 289 $l = new Link( $id ); 290 $l->delete(); 291 break; 292 293 case 'url': 294 $u = new Url( $id ); 295 $u->delete(); 296 break; 297 298 default: 299 throw new \LogicException("Error while deleting: Unknown type: {$o->getType()}"); 300 } 301 $this->addNoticeFor($o,Messages::DELETED); 302 } 303 else 304 { 305 $this->addNoticeFor($o,Messages::NOTHING_DONE); 306 } 307 308 break; 309 310 default: 311 $this->addErrorFor($o,Messages::ERROR); 312 } 313 314 } 315 316 $this->folder->setTimestamp(); 317 } 318 319 320 321 }

Download modules/cms/action/folder/FolderAdvancedAction.class.php

History Sat, 19 Mar 2022 12:10:34 +0100 dankert Removed support for: Export, Import, Compress, Uncompress, Extract. This is more comfortable via WebDAV. Wed, 9 Mar 2022 13:28:52 +0100 dankert Refactoring: Checkbox values are always sent to the server. In the actions we must test the value with 'isTrue()' Sun, 5 Dec 2021 20:33:24 +0100 dankert Cleanup: Removed unusable properties from class 'Value' and 'BaseObject'. Fri, 3 Dec 2021 23:36:56 +0100 dankert Some security enhancements. Fri, 3 Dec 2021 23:27:44 +0100 dankert New: Only allowed methods are shown in the dropdown menu; Some security enhancements. Sun, 14 Mar 2021 23:51:49 +0100 Jan Dankert Refactoring: Using the ValidationException where possible. Fri, 26 Feb 2021 01:06:01 +0100 Jan Dankert Refactoring accessing the request parameter values. Mon, 4 Jan 2021 23:14:09 +0100 Jan Dankert New: Groups may contain subgroups. Users within a group inherit the permissions of all parent groups. Mon, 4 Jan 2021 19:03:18 +0100 Jan Dankert Refactoring: ACL class is renamed to Permission, because most RBAC/DMAC concepts are calling it a permission. Thu, 19 Nov 2020 14:49:58 +0100 Jan Dankert Fix: Action::addNotice() is replaced by Action::addNoticeFor() Wed, 18 Nov 2020 01:46:36 +0100 Jan Dankert Refactoring of model classes: New method persist() and some other cleanups. Tue, 17 Nov 2020 23:51:00 +0100 Jan Dankert Refactoring: Every Actionmethod has now its own class.