diff --git a/src/copyright/ui/ajax-copyright-hist.php b/src/copyright/ui/ajax-copyright-hist.php
index 86b42f2a..889ea7d3 100644
--- a/src/copyright/ui/ajax-copyright-hist.php
+++ b/src/copyright/ui/ajax-copyright-hist.php
@@ -1,329 +1,326 @@
Name = "ajax-copyright-hist";
$this->Title = TITLE_copyrightHistogramProcessPost;
$this->DBaccess = PLUGIN_DB_WRITE;
$this->OutputType = 'JSON';
$this->LoginFlag = 0;
$this->NoMenu = 0;
parent::__construct();
global $container;
$this->dataTablesUtility = $container->get('utils.data_tables_utility');
$this->uploadDao = $container->get('dao.upload');
$this->dbManager = $container->get('db.manager');
$this->copyrightDao = $container->get('dao.copyright');
}
/**
* \brief Display the loaded menu and plugins.
*/
function Output()
{
if ($this->State != PLUGIN_STATE_READY)
{
return 0;
}
$action = GetParm("action", PARM_STRING);
$id = GetParm("id", PARM_STRING);
$upload = GetParm("upload", PARM_INTEGER);
if( ($action=="update" || $action=="delete") && !isset($id))
{
$text = _("Wrong request");
- echo "$text
";
- return;
+ return "$text
";
}
else if (isset($id))
{
list($upload, $item, $hash, $type) = explode(",", $id);
}
/* check upload permissions */
- $UploadPerm = GetUploadPerm($upload);
- if ($UploadPerm < Auth::PERM_READ)
+ if (!$this->uploadDao->isAccessible($upload, Auth::getGroupId()))
{
$text = _("Permission Denied");
- echo "$text
";
- return;
+ return "$text
";
}
$this->uploadtree_tablename = $this->uploadDao->getUploadtreeTableName($upload);
switch($action)
{
case "getData":
return $this->doGetData($upload);
case "update":
return $this->doUpdate($item, $hash, $type);
case "delete":
return $this->doDelete($item, $hash, $type);
case "undo":
return $this->doUndo($item, $hash, $type);
}
}
/**
* @return string
*/
protected function doGetData($upload)
{
$item = GetParm("item", PARM_INTEGER);
$agent_pk = GetParm("agent", PARM_STRING);
$type = GetParm("type", PARM_STRING);
$filter = GetParm("filter", PARM_STRING);
$listPage = "copyright-list";
header('Content-type: text/json');
list($aaData, $iTotalRecords, $iTotalDisplayRecords) = $this->getTableData($upload, $item, $agent_pk, $type,$listPage, $filter);
return new JsonResponse(array(
'sEcho' => intval($_GET['sEcho']),
'aaData' => $aaData,
'iTotalRecords' => $iTotalRecords,
'iTotalDisplayRecords' => $iTotalDisplayRecords
)
);
}
private function getTableData($upload, $item, $agent_pk, $type,$listPage, $filter)
{
list ($rows, $iTotalDisplayRecords, $iTotalRecords) = $this->getCopyrights($upload, $item, $this->uploadtree_tablename, $agent_pk, $type, $filter);
$aaData = array();
if (!empty($rows))
{
foreach ($rows as $row)
{
$aaData [] = $this->fillTableRow($row, $item, $upload, $agent_pk, $type,$listPage, $filter);
}
}
return array($aaData, $iTotalRecords, $iTotalDisplayRecords);
}
protected function getCopyrights($upload_pk, $item, $uploadTreeTableName, $agentId, $type, $filter)
{
$offset = GetParm('iDisplayStart', PARM_INTEGER);
$limit = GetParm('iDisplayLength', PARM_INTEGER);
$tableName = $this->getTableName($type);
$orderString = $this->getOrderString();
list($left, $right) = $this->uploadDao->getLeftAndRight($item, $uploadTreeTableName);
if ($filter == "")
{
$filter = "none";
}
$sql_upload = "";
if ('uploadtree_a' == $uploadTreeTableName)
{
$sql_upload = " AND UT.upload_fk=$upload_pk ";
}
$join = "";
$filterQuery = "";
if ($type == 'statement' && $filter == "nolic")
{
$noLicStr = "No_license_found";
$voidLicStr = "Void";
$join = " INNER JOIN license_file AS LF on cp.pfile_fk=LF.pfile_fk ";
$filterQuery = " AND LF.rf_fk IN (SELECT rf_pk FROM license_ref WHERE rf_shortname IN ('$noLicStr','$voidLicStr')) ";
} else
{
// No filter, nothing to do
}
$params = array($left, $right, $type, $agentId);
$filterParms = $params;
$searchFilter = $this->addSearchFilter($filterParms);
$unorderedQuery = "FROM $tableName AS cp " .
"INNER JOIN $uploadTreeTableName AS UT ON cp.pfile_fk = UT.pfile_fk " .
$join .
"WHERE cp.content!='' " .
"AND ( UT.lft BETWEEN $1 AND $2 ) " .
"AND cp.type = $3 " .
"AND cp.agent_fk= $4 " .
$sql_upload;
$totalFilter = $filterQuery . " " . $searchFilter;
$grouping = " GROUP BY content ";
$countQuery = "SELECT count(*) FROM (SELECT content, count(*) $unorderedQuery $totalFilter $grouping) as K";
$iTotalDisplayRecordsRow = $this->dbManager->getSingleRow($countQuery,
$filterParms, __METHOD__.$tableName . ".count");
$iTotalDisplayRecords = $iTotalDisplayRecordsRow['count'];
$countAllQuery = "SELECT count(*) FROM (SELECT content, count(*) $unorderedQuery$grouping) as K";
$iTotalRecordsRow = $this->dbManager->getSingleRow($countAllQuery, $params, __METHOD__,$tableName . "count.all");
$iTotalRecords = $iTotalRecordsRow['count'];
$range = "";
$filterParms[] = $offset;
$range .= ' OFFSET $' . count($filterParms);
$filterParms[] = $limit;
$range .= ' LIMIT $' . count($filterParms);
$sql = "SELECT content, hash, count(*) as copyright_count " .
$unorderedQuery . $totalFilter . " GROUP BY content, hash " . $orderString . $range;
$statement = __METHOD__ . $filter.$tableName . $uploadTreeTableName;
$this->dbManager->prepare($statement, $sql);
$result = $this->dbManager->execute($statement, $filterParms);
$rows = $this->dbManager->fetchAll($result);
$this->dbManager->freeResult($result);
return array($rows, $iTotalDisplayRecords, $iTotalRecords);
}
private function getTableName($type)
{
switch ($type) {
case "ecc" :
$tableName = "ecc";
break;
default:
$tableName = "copyright";
}
return $tableName;
}
private function getOrderString()
{
$columnNamesInDatabase = array('copyright_count', 'content');
$defaultOrder = CopyrightHistogram::returnSortOrder();
$orderString = $this->dataTablesUtility->getSortingString($_GET, $columnNamesInDatabase, $defaultOrder);
return $orderString;
}
private function addSearchFilter(&$filterParams)
{
$searchPattern = GetParm('sSearch', PARM_STRING);
if (empty($searchPattern))
{
return '';
}
$filterParams[] = "%$searchPattern%";
return ' AND CP.content ilike $'.count($filterParams).' ';
}
/**
* @param $row
* @param $uploadTreeId
* @param $upload
* @param $agentId
* @param $type
* @param string $filter
* @internal param bool $normalizeString
* @return array
*/
private function fillTableRow($row, $uploadTreeId, $upload, $agentId, $type,$listPage, $filter = "")
{
$hash = $row['hash'];
$output = array('DT_RowId' => "$upload,$uploadTreeId,$hash,$type" );
$link = "" . $row['copyright_count'] . "";
$output['0'] = $link;
$output['1'] = convertToUTF8($row['content']);
$output['2'] = "![](\"images/space_16.png\")
";
return $output;
}
/**
* @param int $itemId
* @param string
* @param string 'copyright'|'ecc'
* @return string
*/
protected function doUpdate($itemId, $hash, $type)
{
$content = GetParm("value", PARM_RAW);
if (!$content)
{
return new Response('empty content not allowed', Response::HTTP_BAD_REQUEST ,array('Content-type'=>'text/plain'));
}
$item = $this->uploadDao->getItemTreeBounds($itemId, $this->uploadtree_tablename);
$cpTable = $this->getTableName($type);
$this->copyrightDao->updateTable($item, $hash, $content, Auth::getUserId(), $cpTable);
return new Response('success', Response::HTTP_OK,array('Content-type'=>'text/plain'));
}
protected function doDelete($itemId, $hash, $type)
{
$item = $this->uploadDao->getItemTreeBounds($itemId, $this->uploadtree_tablename);
$cpTable = $this->getTableName($type);
$this->copyrightDao->updateTable($item, $hash, '', Auth::getUserId(), $cpTable);
return new Response('Successfully deleted', Response::HTTP_OK, array('Content-type'=>'text/plain'));
}
protected function doUndo($itemId, $hash, $type) {
$item = $this->uploadDao->getItemTreeBounds($itemId, $this->uploadtree_tablename);
$cpTable = $this->getTableName($type);
if ($cpTable != 'copyright') {
return new Response('There is not undo for ' . $cpTable, Response::HTTP_NOT_IMPLEMENTED, array('Content-type' => 'text/plain'));
}
$this->copyrightDao->rollbackTable($item, $hash, Auth::getUserId(), $cpTable);
return new Response('Successfully restored', Response::HTTP_OK, array('Content-type'=>'text/plain'));
}
}
$NewPlugin = new CopyrightHistogramProcessPost;
$NewPlugin->Initialize();
diff --git a/src/copyright/ui/list.php b/src/copyright/ui/list.php
index ec6096a3..a6c4a84e 100644
--- a/src/copyright/ui/list.php
+++ b/src/copyright/ui/list.php
@@ -1,420 +1,398 @@
Name = "copyright-list";
$this->Title = TITLE_copyright_list;
$this->Version = "1.0";
$this->Dependency = array("copyright-hist", "ecc-hist");
$this->DBaccess = PLUGIN_DB_READ;
$this->LoginFlag = 0;
$this->NoMenu = 0;
parent::__construct();
global $container;
$this->dbManager = $container->get('db.manager');
+ $this->uploadDao = $container->get('dao.upload');
}
/**
* \brief Customize submenus.
*/
function RegisterMenus()
{
if ($this->State != PLUGIN_STATE_READY) {
return(0);
}
// micro-menu
$agent_pk = GetParm("agent",PARM_INTEGER);
$uploadtree_pk = GetParm("item",PARM_INTEGER);
$hash = GetParm("hash",PARM_RAW);
$type = GetParm("type",PARM_RAW);
- $Page = GetParm("page",PARM_INTEGER);
$Excl = GetParm("excl",PARM_RAW);
- $filter = GetParm("filter",PARM_RAW);
$URL = $this->Name . "&agent=$agent_pk&item=$uploadtree_pk&hash=$hash&type=$type&page=-1";
- if (!empty($Excl)) $URL .= "&excl=$Excl";
+ if (!empty($Excl)) {
+ $URL .= "&excl=$Excl";
+ }
$text = _("Show All Files");
menu_insert($this->Name."::Show All",0, $URL, $text);
-
} // RegisterMenus()
-
/**
* \return return rows to process, and $upload_pk
* @param $Uploadtree_pk
* @param $Agent_pk
* @param $upload_pk
* @param $hash
* @param $type
* @param $tableName
* @throws Exception
* @return array
*/
function GetRows($Uploadtree_pk, $Agent_pk, &$upload_pk, $hash, $type, $tableName)
{
- global $PG_CONN;
-
/******* Get license names and counts ******/
- /* Find lft and rgt bounds for this $Uploadtree_pk */
- $sql = "SELECT lft,rgt,upload_fk FROM uploadtree
- WHERE uploadtree_pk = $Uploadtree_pk";
- $result = pg_query($PG_CONN, $sql);
- DBCheckResult($result, $sql, __FILE__, __LINE__);
- $row = pg_fetch_assoc($result);
+ $row = $this->uploadDao->getUploadEntry($Uploadtree_pk);
$lft = $row["lft"];
$rgt = $row["rgt"];
$upload_pk = $row["upload_fk"];
- pg_free_result($result);
/* get all the copyright records for this uploadtree. */
$sql = "SELECT content, type, uploadtree_pk, ufile_name, PF
from $tableName,
(SELECT uploadtree_pk, pfile_fk as PF, ufile_name from uploadtree
where upload_fk=$1
and uploadtree.lft BETWEEN $2 and $3) as SS
where PF=pfile_fk and agent_fk=$4 and hash=$5 and type=$6 order by uploadtree_pk";
$statement = __METHOD__.$tableName;
$this->dbManager->prepare($statement, $sql);
$result = $this->dbManager->execute($statement,array($upload_pk, $lft, $rgt, $Agent_pk, $hash, $type));
$rows = $this->dbManager->fetchAll($result);
$this->dbManager->freeResult($result);
return $rows;
}
-
/**
* \brief Remove unwanted rows by hash and type and
* exclusions and filter
* \param $NumRows - the number of instances.
* \return new array and $NumRows
*/
function GetRequestedRows($rows, $excl, &$NumRows, $filter)
{
- global $PG_CONN;
-
$NumRows = count($rows);
$prev = 0;
$ExclArray = explode(":", $excl);
/* filter will need to know the rf_pk of "No_license_found" or "Void" */
if (!empty($filter))
{
$NoLicStr = "No_license_found";
$VoidLicStr = "Void";
$rf_clause = "";
- $sql = "select rf_pk from license_ref where rf_shortname IN ('$NoLicStr', '$VoidLicStr')";
- $result = pg_query($PG_CONN, $sql);
- DBCheckResult($result, $sql, __FILE__, __LINE__);
- if (pg_num_rows($result) > 0)
- {
- $rf_rows = pg_fetch_all($result);
+
+ $sql = "select rf_pk from license_ref where rf_shortname IN ($1, $2)";
+ $statement = __METHOD__."NoLicenseFoundORVoid";
+ $this->dbManager->prepare($statement, $sql);
+ $result = $this->dbManager->execute($statement,array("$NoLicStr", "$VoidLicStr"));
+ $rf_rows = $this->dbManager->fetchAll($result);
+ if(!empty($rf_rows)){
foreach($rf_rows as $row)
{
if (!empty($rf_clause)) $rf_clause .= " or ";
$rf_clause .= " rf_fk=$row[rf_pk]";
}
}
- pg_free_result($result);
+ $this->dbManager->freeResult($result);
}
for($RowIdx = 0; $RowIdx < $NumRows; $RowIdx++)
{
$row = $rows[$RowIdx];
/* remove excluded files */
if ($excl)
{
$FileExt = GetFileExt($rows[$RowIdx]['ufile_name']);
if (in_array($FileExt, $ExclArray))
{
unset($rows[$RowIdx]);
continue;
}
}
/* apply filters */
if (($filter == "nolic") and ($rf_clause))
{
/* discard file unless it has no license */
- $sql = "select rf_fk from license_file where ($rf_clause) and pfile_fk={$row['pf']}";
- $result = pg_query($PG_CONN, $sql);
- DBCheckResult($result, $sql, __FILE__, __LINE__);
- $FoundRows = pg_num_rows($result);
- pg_free_result($result);
- if ($FoundRows == 0)
+ $sql = "select rf_fk from license_file where ($rf_clause) and pfile_fk=$1";
+ $statement = __METHOD__."CheckForNoLicenseFound";
+ $this->dbManager->prepare($statement, $sql);
+ $result = $this->dbManager->execute($statement,array("{$row['pf']}"));
+ $FoundRows = $this->dbManager->fetchAll($result);
+ if (empty($FoundRows))
{
unset($rows[$RowIdx]);
continue;
- }
+ }
}
-
-
}
/* reset array keys, keep order (uploadtree_pk) */
$rows2 = array();
foreach ($rows as $row) {
$rows2[] = $row;
}
unset($rows);
/* remove duplicate files */
$NumRows = count($rows2);
$prev = 0;
for($RowIdx = 0; $RowIdx < $NumRows; $RowIdx++)
{
if ($RowIdx > 0)
{
/* Since rows are ordered by uploadtree_pk,
* remove duplicate uploadtree_pk's. This can happen if there
* are multiple same copyrights in one file.
*/
if ($rows2[$RowIdx-1]['uploadtree_pk'] == $rows2[$RowIdx]['uploadtree_pk'])
unset($rows2[$RowIdx-1]);
}
}
/* sort by name so output has some order */
usort($rows2, 'copyright_namecmp');
return $rows2;
}
function OutputOpen()
{
if ($this->State != PLUGIN_STATE_READY) {
return(0);
}
return parent::OutputOpen();
}
/**
* \brief Display the loaded menu and plugins.
*/
function Output()
{
if ($this->State != PLUGIN_STATE_READY) {
return;
}
- global $PG_CONN;
-
- // make sure there is a db connection
- if (!$PG_CONN) {
- echo _("NO DB connection");
- }
$OutBuf = "";
$Time = microtime(true);
-
$Max = 50;
/* Input parameters */
$agent_pk = GetParm("agent",PARM_INTEGER);
$uploadtree_pk = GetParm("item",PARM_INTEGER);
$hash = GetParm("hash",PARM_RAW);
$type = GetParm("type",PARM_RAW);
$excl = GetParm("excl",PARM_RAW);
$filter = GetParm("filter",PARM_RAW);
if (empty($uploadtree_pk) || empty($hash) || empty($type) || empty($agent_pk))
{
$this->vars['pageContent'] = $this->Name . _("is missing required parameters");
return;
}
/* Check item1 and item2 upload permissions */
- $Row = GetSingleRec("uploadtree", "WHERE uploadtree_pk = $uploadtree_pk");
- $UploadPerm = GetUploadPerm($Row['upload_fk']);
- if ($UploadPerm < Auth::PERM_READ)
+ $Row = $this->uploadDao->getUploadEntry($uploadtree_pk);
+ if (!$this->uploadDao->isAccessible($Row['upload_fk'], Auth::getGroupId()))
{
$this->vars['pageContent'] = "" . _("Permission Denied") . "
";
return;
}
-
$Page = GetParm("page",PARM_INTEGER);
if (empty($Page)) {
$Page=0;
}
list($tableName,$modBack,$viewName) = $this->getTableName($type);
/* get all rows */
$upload_pk = -1;
- $rows = $this->GetRows($uploadtree_pk, $agent_pk, $upload_pk, $hash, $type, $tableName);
-
- /* Get uploadtree_tablename */
- $uploadtree_tablename = GetUploadtreeTableName($upload_pk);
+ $allRows = $this->GetRows($uploadtree_pk, $agent_pk, $upload_pk, $hash, $type, $tableName);
+ $uploadtree_tablename = $this->uploadDao->getUploadtreeTableName($upload_pk);
/* slim down to all rows with this hash and type, and filter */
$NumInstances = 0;
- $rows = $this->GetRequestedRows($rows, $excl, $NumInstances, $filter);
+ $rows = $this->GetRequestedRows($allRows, $excl, $NumInstances, $filter);
// micro menus
$OutBuf .= menu_to_1html(menu_find($this->Name, $MenuDepth),0);
$RowCount = count($rows);
if ($RowCount)
{
$Content = htmlentities($rows[0]['content']);
$Offset = ($Page < 0) ? 0 : $Page*$Max;
$PkgsOnly = false;
$text = _("files");
$text1 = _("unique");
$text3 = _("copyright");
$text4 = _("email");
$text5 = _("url");
switch ($type)
{
case "statement":
$TypeStr = "$text3";
break;
case "email":
$TypeStr = "$text4";
break;
case "url":
$TypeStr = "$text5";
break;
case "ecc":
$TypeStr = _("export restriction");
break;
}
$OutBuf .= "$NumInstances $TypeStr instances found in $RowCount $text";
$OutBuf .= ": $Content";
$text = _("Display excludes files with these extensions");
if (!empty($excl)) $OutBuf .= "
$text: $excl";
/* Get the page menu */
if (($RowCount >= $Max) && ($Page >= 0))
{
$PagingMenu = "\n" . MenuPage($Page,intval((($RowCount+$Offset)/$Max))) . "\n";
$OutBuf .= $PagingMenu;
}
else
{
$PagingMenu = "";
}
/* Offset is +1 to start numbering from 1 instead of zero */
$LinkLast = "$viewName&agent=$agent_pk";
$ShowBox = 1;
$ShowMicro=NULL;
$baseURL = "?mod=" . $this->Name . "&agent=$agent_pk&item=$uploadtree_pk&hash=$hash&type=$type&page=-1";
// display rows
$RowNum = 0;
foreach($rows as $row)
{
++$RowNum;
if ($RowNum < $Offset)
continue;
// Allow user to exclude files with this extension
$FileExt = GetFileExt($row['ufile_name']);
if (empty($excl))
$URL = $baseURL . "&excl=$FileExt";
else
$URL = $baseURL . "&excl=$excl:$FileExt";
$text = _("Exclude this file type");
$Header = "$text.";
$ok = true;
if ($excl)
{
$ExclArray = explode(":", $excl);
if (in_array($FileExt, $ExclArray)) $ok = false;
}
if ($ok)
{
$OutBuf .= Dir2Browse($modBack, $row['uploadtree_pk'], $LinkLast, $ShowBox, $ShowMicro, $RowNum, $Header, '', $uploadtree_tablename);
}
}
-
}
else
{
$OutBuf .= _("No files found");
}
if (!empty($PagingMenu)) {
$OutBuf .= $PagingMenu . "\n";
}
$OutBuf .= "
\n";
$Time = microtime(true) - $Time;
$text = _("Elapsed time");
$text1 = _("seconds");
$OutBuf .= sprintf("$text: %.2f $text1\n", $Time);
$this->vars['pageContent'] = $OutBuf;
return;
}
function getTemplateName()
{
return 'copyrightlist.html.twig';
}
private function getTableName($type)
{
switch ($type) {
case "ecc" :
$tableName = "ecc";
$modBack = "ecc-hist";
$viewName = "ecc-view";
break;
default:
$tableName = "copyright";
$modBack = "copyright-hist";
$viewName = "copyright-view";
}
return array($tableName, $modBack,$viewName);
}
}
$NewPlugin = new copyright_list;
$NewPlugin->Initialize();
diff --git a/src/delagent/ui/admin-upload-delete.php b/src/delagent/ui/admin-upload-delete.php
index 806df573..fd7e8774 100644
--- a/src/delagent/ui/admin-upload-delete.php
+++ b/src/delagent/ui/admin-upload-delete.php
@@ -1,187 +1,196 @@
Name = "admin_upload_delete";
$this->Title = TITLE_admin_upload_delete;
$this->MenuList = "Organize::Uploads::Delete Uploaded File";
$this->DBaccess = PLUGIN_DB_WRITE;
parent::__construct();
+
+ global $container;
+ $this->uploadDao = $container->get('dao.upload');
}
/**
* \brief Given a folder_pk, try to add a job after checking permissions.
* \param $uploadpk - the upload(upload_id) you want to delete
*
* \return string with the message.
*/
function TryToDelete($uploadpk) {
- if (! GetUploadPerm($uploadpk) >= Auth::PERM_WRITE) {
+ if(!$this->uploadDao->isEditable($uploadpk, Auth::getGroupId())){
$text=_("You dont have permissions to delete the upload");
return DisplayMessage($text);
}
$rc = $this->Delete($uploadpk);
if (! empty($rc)) {
$text=_("Deletion Scheduling failed: ");
return DisplayMessage($text.$rc);
}
/* Need to refresh the screen */
$URL = Traceback_uri() . "?mod=showjobs&upload=$uploadpk ";
$LinkText = _("View Jobs");
$text=_("Deletion added to job queue.");
$msg = "$text $LinkText";
return displayMessage($msg);
}
/**
* \brief Given a folder_pk, add a job.
* \param $uploadpk - the upload(upload_id) you want to delete
* \param $Depends - Depends is not used for now
*
* \return NULL on success, string on failure.
*/
function Delete($uploadpk, $Depends = NULL)
{
/* Prepare the job: job "Delete" */
$user_pk = Auth::getUserId();
$group_pk = Auth::getGroupId();
$jobpk = JobAddJob($user_pk, $group_pk, "Delete", $uploadpk);
if (empty($jobpk) || ($jobpk < 0)) {
$text = _("Failed to create job record");
return ($text);
}
/* Add job: job "Delete" has jobqueue item "delagent" */
$jqargs = "DELETE UPLOAD $uploadpk";
$jobqueuepk = JobQueueAdd($jobpk, "delagent", $jqargs, NULL, NULL);
if (empty($jobqueuepk)) {
$text = _("Failed to place delete in job queue");
return ($text);
}
/* Tell the scheduler to check the queue. */
$success = fo_communicate_with_scheduler("database", $output, $error_msg);
if (!$success)
{
$error_msg = _("Is the scheduler running? Your jobs have been added to job queue.");
$URL = Traceback_uri() . "?mod=showjobs&upload=$uploadpk ";
$LinkText = _("View Jobs");
$msg = "$error_msg $LinkText";
return $msg;
}
return (NULL);
} // Delete()
/**
* \brief Generate the text for this plugin.
*/
public function Output()
{
$V = "";
/* If this is a POST, then process the request. */
$uploadpk = GetParm('upload', PARM_INTEGER);
if (!empty($uploadpk)) {
$V.= $this->TryToDelete($uploadpk);
}
/* Create the AJAX (Active HTTP) javascript for doing the reply
and showing the response. */
$V.= ActiveHTTPscript("Uploads");
$V.= "\n";
/* Build HTML form */
$V.= "\n";
return $V;
}
}
$NewPlugin = new admin_upload_delete;
diff --git a/src/demomod/ui/demomod.php b/src/demomod/ui/demomod.php
index 6606c9f4..d7e3cf6a 100644
--- a/src/demomod/ui/demomod.php
+++ b/src/demomod/ui/demomod.php
@@ -1,232 +1,233 @@
Name . Traceback_parm_keep(array("upload","item"));
$MenuName = "Demomod View";
$Item = GetParm("item",PARM_INTEGER);
$Upload = GetParm("upload",PARM_INTEGER);
if (!empty($Item))
{
$text = _("Demomod data");
menu_insert("Browse::$MenuName",100,$URI,$text);
menu_insert("View::$MenuName",100,$URI,$text);
}
} // RegisterMenus()
/**
* \brief This is called before the plugin is used.
* It should assume that Install() was already run one time
* (possibly years ago and not during this object's creation).
*
* \return true on success, false on failure.
* A failed initialize is not used by the system.
*
* \note This function must NOT assume that other plugins are installed.
*/
function Initialize()
{
if ($this->State != PLUGIN_STATE_INVALID) return(1); // don't re-run
return($this->State == PLUGIN_STATE_VALID);
} // Initialize()
/**
* \brief Display the demomod data
*
* \param $upload_pk
* \param $uploadtree_pk
*/
function ShowData($upload_pk, $uploadtree_pk)
{
global $PG_CONN;
/* Check the demomod_ars table to see if we have any data */
$sql = "select ars_pk from demomod_ars where upload_fk=$upload_pk and ars_success=true";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
$rows = pg_num_rows($result);
pg_free_result($result);
if ($rows == 0) return _("There is no demomod data for this upload. Use Jobs > Schedule Agent.");
/* Get the scan result */
/* First we need the pfile_pk */
$sql = "select pfile_fk from $this->uploadtree_tablename where uploadtree_pk=$uploadtree_pk and upload_fk=$upload_pk";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
$rows = pg_num_rows($result);
if ($rows == 0) return _("Internal consistency error. Failed: $sql");
$row = pg_fetch_assoc($result);
$pfile_fk = $row['pfile_fk'];
pg_free_result($result);
/* Now we can get the scan result */
$sql = "select firstbytes from demomod where pfile_fk=$pfile_fk";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
$rows = pg_num_rows($result);
if ($rows == 0) return _("Internal consistency error. Failed: $sql");
$row = pg_fetch_assoc($result);
$firstbytes = $row['firstbytes'];
pg_free_result($result);
$text = _("The first bytes of this file are: ");
return ($text . $firstbytes);
}
/**
* \brief This function returns the scheduler status.
*/
function Output()
{
$uTime = microtime(true);
if ($this->State != PLUGIN_STATE_READY) {
return(0);
}
$V="";
$Upload = GetParm("upload",PARM_INTEGER);
- $UploadPerm = GetUploadPerm($Upload);
- if ($UploadPerm < PERM_READ)
+ /* @var $uploadDao UploadDao */
+ $uploadDao = $GLOBALS['container']->get('dao.upload');
+ if (!$uploadDao->isAccessible($Upload, Fossology\Lib\Auth\Auth::getGroupId()))
{
$text = _("Permission Denied");
- echo "$text";
- return;
+ return "$text
";
}
$Item = GetParm("item",PARM_INTEGER);
$updcache = GetParm("updcache",PARM_INTEGER);
/* Remove "updcache" from the GET args.
* This way all the url's based on the input args won't be
* polluted with updcache
* Use Traceback_parm_keep to ensure that all parameters are in order */
$CacheKey = "?mod=" . $this->Name . Traceback_parm_keep(array("upload","item","agent"));
if ($updcache)
{
$_SERVER['REQUEST_URI'] = preg_replace("/&updcache=[0-9]*/","",$_SERVER['REQUEST_URI']);
unset($_GET['updcache']);
$V = ReportCachePurgeByKey($CacheKey);
}
else
{
$V = ReportCacheGet($CacheKey);
}
$this->uploadtree_tablename = GetUploadtreeTableName($Upload);
if (empty($V) ) // no cache exists
{
switch($this->OutputType)
{
case "XML":
break;
case "HTML":
$V .= "\n";
/************************/
/* Show the folder path */
/************************/
$V .= Dir2Browse($this->Name,$Item,NULL,1,"Browse", -1, '', '', $this->uploadtree_tablename) . "\n";
if (!empty($Upload))
{
$Uri = preg_replace("/&item=([0-9]*)/","",Traceback());
$V .= js_url();
$V .= $this->ShowData($Upload, $Item);
}
$V .= "\n";
$V .= "
\n";
break;
case "Text":
break;
default:
}
$Cached = false;
}
else
$Cached = true;
if (!$this->OutputToStdout) {
return($V);
}
print "$V";
$Time = microtime(true) - $uTime; // convert usecs to secs
$text = _("Elapsed time: %.2f seconds");
printf( "$text", $Time);
if ($Cached)
{
$text = _("cached");
$text1 = _("Update");
echo " $text $text1 ";
}
else
{
/* Cache Report if this took longer than 1/2 second*/
if ($Time > 0.5) ReportCachePut($CacheKey, $V);
}
return;
}
-};
+}
$NewPlugin = new ui_demomod;
$NewPlugin->Initialize();
-
-?>
diff --git a/src/lib/php/common-perms.php b/src/lib/php/common-perms.php
index ec5ba3f4..81fcd216 100644
--- a/src/lib/php/common-perms.php
+++ b/src/lib/php/common-perms.php
@@ -1,346 +1,298 @@
getAdminGroupMap
* @param $user_pk
*
* @return Array in the format {group_pk=>group_name, group_pk=>group_name, ...}
* Array may be empty.
**/
function GetGroupArray($user_pk)
{
global $PG_CONN;
$GroupArray = array();
if ($_SESSION[Auth::USER_LEVEL] == PLUGIN_DB_ADMIN)
{
$sql = "select group_pk, group_name from groups";
}
else
{
$sql = "select group_pk, group_name from groups, group_user_member
where group_pk=group_fk and user_fk='$user_pk' and group_perm=1";
}
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
if (pg_num_rows($result) > 0)
{
while($row = pg_fetch_assoc($result))
{
$GroupArray[$row['group_pk']] = $row['group_name'];
}
}
pg_free_result($result);
natcasesort($GroupArray);
return $GroupArray;
}
- /**
- * @brief Get the upload permission for a user
- * @param $upload_pk
- * @param $user_pk (optional, default is current user_pk)
- * @return hightest permission level a user has for an upload
- **/
- function GetUploadPerm($upload_pk, $user_pk=0)
- {
- global $PG_CONN;
-
- if ($user_pk == 0) $user_pk = Auth::getUserId ();
-
- if ($_SESSION[Auth::USER_LEVEL] == PLUGIN_DB_ADMIN) return Auth::PERM_ADMIN;
-
- //for the command line didn't have session info
- $UserRow = GetSingleRec("Users", "where user_pk='$user_pk'");
- if ($UserRow['user_perm'] == PLUGIN_DB_ADMIN) return Auth::PERM_ADMIN;
-
- $sql = "select max(perm) as perm from perm_upload, group_user_member where perm_upload.upload_fk=$upload_pk and user_fk=$user_pk and group_user_member.group_fk=perm_upload.group_fk";
- $result = pg_query($PG_CONN, $sql);
- DBCheckResult($result, $sql, __FILE__, __LINE__);
- if (pg_num_rows($result) < 1)
- $perm = Auth::PERM_NONE;
- else
- {
- $row = pg_fetch_assoc($result);
- $perm = $row['perm'];
- }
- pg_free_result($result);
-
- /* check the upload public permission */
- $sql = "select public_perm from upload where upload_pk=$upload_pk";
- $result = pg_query($PG_CONN, $sql);
- DBCheckResult($result, $sql, __FILE__, __LINE__);
-
- if (pg_num_rows($result) < 1)
- $perm2 = Auth::PERM_NONE;
- else
- {
- $row = pg_fetch_assoc($result);
- $perm2 = $row['public_perm'];
- }
- pg_free_result($result);
-
- return max($perm, $perm2);
- }
-
-
/**
* \brief Delete a group.
* \param $group_pk
* Returns NULL on success, string on failure.
*/
function DeleteGroup($group_pk)
{
global $PG_CONN;
$user_pk = Auth::getUserId();
/* Make sure groupname looks valid */
if (empty($group_pk))
{
$text = _("Error: Group name must be specified.");
return ($text);
}
/* See if the group already exists */
$sql = "SELECT group_pk FROM groups WHERE group_pk = '$group_pk'";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
if (pg_num_rows($result) < 1)
{
pg_free_result($result);
$text = _("Group does not exist. Not deleted.");
return ($text);
}
pg_free_result($result);
/* Make sure the user has permission to delete this group
* Look through all the group users (table group_user_member)
* and make sure the user has admin access.
*/
if ($_SESSION[Auth::USER_LEVEL] != PLUGIN_DB_ADMIN)
{
$sql = "SELECT * FROM group_user_member WHERE group_fk = '$group_pk' and user_fk='$user_pk' and group_perm=1";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
if (pg_num_rows($result) < 1)
{
pg_free_result($result);
$text = _("Permission Denied.");
return ($text);
}
pg_free_result($result);
}
/* Start transaction */
$sql = "begin";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
/* Delete group records from perm_upload */
$sql = "delete from perm_upload where group_fk='$group_pk'";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
/* Delete group records from group_user_member */
$sql = "delete from group_user_member where group_fk='$group_pk'";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
/* Update new_upload_group_fk and new_upload_perm in users table */
$sql = "update users set new_upload_group_fk=NULL, new_upload_perm=NULL where new_upload_group_fk='$group_pk'";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
/* Delete group records from groups table */
$sql = "delete from groups where group_pk='$group_pk'";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
/* End transaction */
$sql = "commit";
$result = pg_query($PG_CONN, $sql);
DBCheckResult($result, $sql, __FILE__, __LINE__);
pg_free_result($result);
return (NULL);
}