TYPO3  7.6
PermissionAjaxController.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Beuser\Controller;
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
19 use TYPO3\CMS\Backend\Utility\BackendUtility;
20 use TYPO3\CMS\Core\DataHandling\DataHandler;
21 use TYPO3\CMS\Core\Imaging\Icon;
22 use TYPO3\CMS\Core\Imaging\IconFactory;
23 use TYPO3\CMS\Core\Utility\GeneralUtility;
24 use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
25 use TYPO3\CMS\Fluid\View\StandaloneView;
26 
32 class PermissionAjaxController
33 {
39  protected $conf = array();
40 
44  protected $iconFactory;
45 
49  public function __construct()
50  {
51  $this->iconFactory = GeneralUtility::makeInstance(IconFactory::class);
52  $this->getLanguageService()->includeLLFile('EXT:lang/locallang_mod_web_perm.xlf');
53  // Configuration, variable assignment
54  $this->conf['page'] = GeneralUtility::_POST('page');
55  $this->conf['who'] = GeneralUtility::_POST('who');
56  $this->conf['mode'] = GeneralUtility::_POST('mode');
57  $this->conf['bits'] = (int)GeneralUtility::_POST('bits');
58  $this->conf['permissions'] = (int)GeneralUtility::_POST('permissions');
59  $this->conf['action'] = GeneralUtility::_POST('action');
60  $this->conf['ownerUid'] = (int)GeneralUtility::_POST('ownerUid');
61  $this->conf['username'] = GeneralUtility::_POST('username');
62  $this->conf['groupUid'] = (int)GeneralUtility::_POST('groupUid');
63  $this->conf['groupname'] = GeneralUtility::_POST('groupname');
64  $this->conf['editLockState'] = (int)GeneralUtility::_POST('editLockState');
65  $this->conf['new_owner_uid'] = (int)GeneralUtility::_POST('newOwnerUid');
66  $this->conf['new_group_uid'] = (int)GeneralUtility::_POST('newGroupUid');
67  }
68 
76  public function dispatch(ServerRequestInterface $request, ResponseInterface $response)
77  {
78  $extPath = ExtensionManagementUtility::extPath('beuser');
79 
80  $view = GeneralUtility::makeInstance(StandaloneView::class);
81  $view->setPartialRootPaths(array('default' => ExtensionManagementUtility::extPath('beuser') . 'Resources/Private/Partials'));
82  $view->assign('pageId', $this->conf['page']);
83 
84  $content = '';
85  // Basic test for required value
86  if ($this->conf['page'] > 0) {
87  // Init TCE for execution of update
89  $tce = GeneralUtility::makeInstance(DataHandler::class);
90  $tce->stripslashes_values = false;
91  // Determine the scripts to execute
92  switch ($this->conf['action']) {
93  case 'show_change_owner_selector':
94  $content = $this->renderUserSelector($this->conf['page'], $this->conf['ownerUid'], $this->conf['username']);
95  break;
96  case 'change_owner':
97  $userId = $this->conf['new_owner_uid'];
98  if (is_int($userId)) {
99  // Prepare data to change
100  $data = array();
101  $data['pages'][$this->conf['page']]['perms_userid'] = $userId;
102  // Execute TCE Update
103  $tce->start($data, array());
104  $tce->process_datamap();
105 
106  $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangeOwner.html');
107  $view->assign('userId', $userId);
108  $usernameArray = BackendUtility::getUserNames('username', ' AND uid = ' . $userId);
109  $view->assign('username', $usernameArray[$userId]['username']);
110  $content = $view->render();
111  } else {
112  $response->getBody()->write('An error occurred: No page owner uid specified');
113  $response = $response->withStatus(500);
114  }
115  break;
116  case 'show_change_group_selector':
117  $content = $this->renderGroupSelector($this->conf['page'], $this->conf['groupUid'], $this->conf['groupname']);
118  break;
119  case 'change_group':
120  $groupId = $this->conf['new_group_uid'];
121  if (is_int($groupId)) {
122  // Prepare data to change
123  $data = array();
124  $data['pages'][$this->conf['page']]['perms_groupid'] = $groupId;
125  // Execute TCE Update
126  $tce->start($data, array());
127  $tce->process_datamap();
128 
129  $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangeGroup.html');
130  $view->assign('groupId', $groupId);
131  $groupnameArray = BackendUtility::getGroupNames('title', ' AND uid = ' . $groupId);
132  $view->assign('groupname', $groupnameArray[$groupId]['title']);
133  $content = $view->render();
134  } else {
135  $response->getBody()->write('An error occurred: No page group uid specified');
136  $response = $response->withStatus(500);
137  }
138  break;
139  case 'toggle_edit_lock':
140  // Prepare data to change
141  $data = array();
142  $data['pages'][$this->conf['page']]['editlock'] = $this->conf['editLockState'] === 1 ? 0 : 1;
143  // Execute TCE Update
144  $tce->start($data, array());
145  $tce->process_datamap();
146  $content = $this->renderToggleEditLock($this->conf['page'], $data['pages'][$this->conf['page']]['editlock']);
147  break;
148  default:
149  if ($this->conf['mode'] === 'delete') {
150  $this->conf['permissions'] = (int)($this->conf['permissions'] - $this->conf['bits']);
151  } else {
152  $this->conf['permissions'] = (int)($this->conf['permissions'] + $this->conf['bits']);
153  }
154  // Prepare data to change
155  $data = array();
156  $data['pages'][$this->conf['page']]['perms_' . $this->conf['who']] = $this->conf['permissions'];
157  // Execute TCE Update
158  $tce->start($data, array());
159  $tce->process_datamap();
160 
161  $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangePermission.html');
162  $view->assign('permission', $this->conf['permissions']);
163  $view->assign('scope', $this->conf['who']);
164  $content = $view->render();
165  }
166  } else {
167  $response->getBody()->write('This script cannot be called directly');
168  $response = $response->withStatus(500);
169  }
170  $response->getBody()->write($content);
171  $response = $response->withHeader('Content-Type', 'text/html; charset=utf-8');
172  return $response;
173  }
174 
183  protected function renderUserSelector($page, $ownerUid, $username = '')
184  {
185  $page = (int)$page;
186  $ownerUid = (int)$ownerUid;
187  // Get usernames
188  $beUsers = BackendUtility::getUserNames();
189  // Owner selector:
190  $options = '';
191  // Loop through the users
192  foreach ($beUsers as $uid => $row) {
193  $uid = (int)$uid;
194  $selected = $uid === $ownerUid ? ' selected="selected"' : '';
195  $options .= '<option value="' . $uid . '"' . $selected . '>' . htmlspecialchars($row['username']) . '</option>';
196  }
197  $elementId = 'o_' . $page;
198  $options = '<option value="0"></option>' . $options;
199  $selector = '<select name="new_page_owner" id="new_page_owner">' . $options . '</select>';
200  $saveButton = '<a class="saveowner btn btn-default" data-page="' . $page . '" data-owner="' . $ownerUid . '" data-element-id="' . $elementId . '" title="Change owner">' . $this->iconFactory->getIcon('actions-document-save', Icon::SIZE_SMALL)->render() . '</a>';
201  $cancelButton = '<a class="restoreowner btn btn-default" data-page="' . $page . '" data-owner="' . $ownerUid . '" data-element-id="' . $elementId . '"' . (!empty($username) ? ' data-username="' . htmlspecialchars($username) . '"' : '') . ' title="Cancel">' . $this->iconFactory->getIcon('actions-document-close', Icon::SIZE_SMALL)->render() . '</a>';
202  return '<span id="' . $elementId . '">'
203  . $selector
204  . '<span class="btn-group">'
205  . $saveButton
206  . $cancelButton
207  . '</span>'
208  . '</span>';
209  }
210 
219  protected function renderGroupSelector($page, $groupUid, $groupname = '')
220  {
221  $page = (int)$page;
222  $groupUid = (int)$groupUid;
223 
224  // Get usernames
225  $beGroupsO = $beGroups = BackendUtility::getGroupNames();
226  // Group selector:
227  $options = '';
228  // flag: is set if the page-groupid equals one from the group-list
229  $userset = 0;
230  // Loop through the groups
231  foreach ($beGroups as $uid => $row) {
232  $uid = (int)$uid;
233  if ($uid === $groupUid) {
234  $userset = 1;
235  $selected = ' selected="selected"';
236  } else {
237  $selected = '';
238  }
239  $options .= '<option value="' . $uid . '"' . $selected . '>' . htmlspecialchars($row['title']) . '</option>';
240  }
241  // If the group was not set AND there is a group for the page
242  if (!$userset && $groupUid) {
243  $options = '<option value="' . $groupUid . '" selected="selected">' .
244  htmlspecialchars($beGroupsO[$groupUid]['title']) . '</option>' . $options;
245  }
246  $elementId = 'g_' . $page;
247  $options = '<option value="0"></option>' . $options;
248  $selector = '<select name="new_page_group" id="new_page_group">' . $options . '</select>';
249  $saveButton = '<a class="savegroup btn btn-default" data-page="' . $page . '" data-group="' . $groupUid . '" data-element-id="' . $elementId . '" title="Change group">' . $this->iconFactory->getIcon('actions-document-save', Icon::SIZE_SMALL)->render() . '</a>';
250  $cancelButton = '<a class="restoregroup btn btn-default" data-page="' . $page . '" data-group="' . $groupUid . '" data-element-id="' . $elementId . '"' . (!empty($groupname) ? ' data-groupname="' . htmlspecialchars($groupname) . '"' : '') . ' title="Cancel">' . $this->iconFactory->getIcon('actions-document-close', Icon::SIZE_SMALL)->render() . '</a>';
251  return '<span id="' . $elementId . '">'
252  . $selector
253  . '<span class="btn-group">'
254  . $saveButton
255  . $cancelButton
256  . '</span>'
257  . '</span>';
258  }
259 
270  public static function renderOwnername($page, $ownerUid, $username, $validUser = true)
271  {
272  GeneralUtility::logDeprecatedFunction();
273  $elementId = 'o_' . $page;
274  return '<span id="' . $elementId . '"><a class="ug_selector changeowner" data-page="' . $page . '" data-owner="' . $ownerUid . '" data-username="' . htmlspecialchars($username) . '">' . ($validUser ? ($username == '' ? '<span class=not_set>[' . $GLOBALS['LANG']->getLL('notSet') . ']</span>' : htmlspecialchars(GeneralUtility::fixed_lgd_cs($username, 20))) : '<span class=not_set title="' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($username, 20)) . '">[' . $GLOBALS['LANG']->getLL('deleted') . ']</span>') . '</a></span>';
275  }
276 
287  public static function renderGroupname($page, $groupUid, $groupname, $validGroup = true)
288  {
289  GeneralUtility::logDeprecatedFunction();
290  $elementId = 'g_' . $page;
291  return '<span id="' . $elementId . '"><a class="ug_selector changegroup" data-page="' . $page . '" data-group="' . $groupUid . '" data-groupname="' . htmlspecialchars($groupname) . '">' . ($validGroup ? ($groupname == '' ? '<span class=not_set>[' . $GLOBALS['LANG']->getLL('notSet') . ']</span>' : htmlspecialchars(GeneralUtility::fixed_lgd_cs($groupname, 20))) : '<span class=not_set title="' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($groupname, 20)) . '">[' . $GLOBALS['LANG']->getLL('deleted') . ']</span>') . '</a></span>';
292  }
293 
301  protected function renderToggleEditLock($page, $editLockState)
302  {
303  $page = (int)$page;
304  if ($editLockState === 1) {
305  $ret = '<span id="el_' . $page . '"><a class="editlock btn btn-default" data-page="' . $page . '" data-lockstate="1" title="The page and all content is locked for editing by all non-Admin users.">' . $this->iconFactory->getIcon('actions-lock', Icon::SIZE_SMALL)->render() . '</a></span>';
306  } else {
307  $ret = '<span id="el_' . $page . '"><a class="editlock btn btn-default" data-page="' . $page . '" data-lockstate="0" title="Enable the &raquo;Admin-only&laquo; edit lock for this page">' . $this->iconFactory->getIcon('actions-unlock', Icon::SIZE_SMALL)->render() . '</a></span>';
308  }
309  return $ret;
310  }
311 
321  public static function renderPermissions($int, $pageId = 0, $who = 'user')
322  {
323  GeneralUtility::logDeprecatedFunction();
324  $str = '';
325  $permissions = array(1, 16, 2, 4, 8);
327  $iconFactory = GeneralUtility::makeInstance(IconFactory::class);
328  foreach ($permissions as $permission) {
329  if ($int & $permission) {
330  $str .= '<span title="' . $GLOBALS['LANG']->getLL($permission, true)
331  . ' class="change-permission text-success"'
332  . ' data-page="' . (int)$pageId . '"'
333  . ' data-permissions="' . (int)$int . '"'
334  . ' data-mode="delete"'
335  . ' data-who="' . htmlspecialchars($who) . '"'
336  . ' data-bits="' . $permission . '"'
337  . ' style="cursor:pointer">'
338  . $iconFactory->getIcon('status-status-permission-granted', Icon::SIZE_SMALL)->render()
339  . '</span>';
340  } else {
341  $str .= '<span title="' . $GLOBALS['LANG']->getLL($permission, true) . '"'
342  . ' class="change-permission text-danger"'
343  . ' data-page="' . (int)$pageId . '"'
344  . ' data-permissions="' . (int)$int . '"'
345  . ' data-mode="add"'
346  . ' data-who="' . htmlspecialchars($who) . '"'
347  . ' data-bits="' . $permission . '"'
348  . ' style="cursor:pointer">'
349  . $iconFactory->getIcon('status-status-permission-denied', Icon::SIZE_SMALL)->render()
350  . '</span>';
351  }
352  }
353  return '<span id="' . $pageId . '_' . $who . '">' . $str . '</span>';
354  }
355 
359  protected function getLanguageService()
360  {
361  return $GLOBALS['LANG'];
362  }
363 
367  protected function getBackendUser()
368  {
369  return $GLOBALS['BE_USER'];
370  }
371 }
Generated on Wed Nov 11 2015 01:52:01 for TYPO3 by   doxygen 1.8.3