Squiz Matrix  4.12.2
 All Data Structures Namespaces Functions Variables Pages
trigger_action_set_future_permission.inc
1 <?php
17 require_once SQ_INCLUDE_PATH.'/general_occasional.inc';
18 require_once SQ_CORE_PACKAGE_PATH.'/system/triggers/trigger_action/trigger_action.inc';
19 require_once SQ_SYSTEM_ROOT.'/core/attributes/parameter_map/parameter_map.inc';
20 
33 class Trigger_Action_Set_Future_Permission extends Trigger_Action
34 {
35 
36 
60  public static function execute($settings, &$state)
61  {
62  // check required settings
63  if (!isset($settings['add'])) return FALSE;
64  if (!isset($settings['granted'])) return FALSE;
65  if (!isset($settings['permission'])) return FALSE;
66  if (!isset($settings['dependants_only'])) return FALSE;
67  if (!isset($settings['cascade_to_new'])) return FALSE;
68 
69  $parameter_map_value = array_get_index($settings, 'user_map', serialize(Array()));
70  $atr_parameter_map = new Asset_Attribute_Parameter_Map(0, $parameter_map_value);
71  $userid = $atr_parameter_map->getParameterValue('user');
72 
73  if (!empty($userid)) {
74  // ensure that the value from the parameter map is a valid asset id
75  $user_info = $GLOBALS['SQ_SYSTEM']->am->getAssetInfo($userid, Array('user', 'user_group'), FALSE);
76  if (empty($user_info)) return FALSE;
77  } else {
78  // no user id has been supplied by the parameter map, so use the static userid
79  if (empty($settings['userid'])) return FALSE;
80  $userid = $settings['userid'];
81  }
82 
83 
84  if (empty($state['asset'])) {
85  // grab the asset if assetid is given, but not the asset.
86  if (empty($state['assetid'])) {
87  return FALSE;
88  } else {
89  $state['asset'] = $GLOBALS['SQ_SYSTEM']->am->getAsset($state['assetid']);
90  }
91  }
92 
93  $cron_mgr = $GLOBALS['SQ_SYSTEM']->am->getSystemAsset('cron_manager');
94  if (is_null($cron_mgr)) return FALSE;
95 
96  $GLOBALS['SQ_SYSTEM']->am->includeAsset('cron_job_future_permission');
97 
98  $fp = new Cron_Job_Future_Permission();
99  $fp->setAttrValue('add', $settings['add']);
100  $fp->setAttrValue('permission', $settings['permission']);
101  $fp->setAttrValue('userids', Array($userid => $settings['granted']));
102  $fp->setAttrValue('cascade_to_new', $settings['cascade_to_new']);
103  $fp->setAttrValue('dependants_only', $settings['dependants_only']);
104 
105  if ($settings['when_type'] == 'by_attr_value') {
106  // need to try to consult an attribute value
107  if (empty($settings['when_attr_name'])) return FALSE; // incomplete config
108  if (!($state['asset'] instanceof $settings['when_asset_type'])) {
109  return FALSE; // wrong asset type
110  }
111  $val = @$state['asset']->attr($settings['when_attr_name']);
112  if (empty($val)) return FALSE; // empty date time attr
113  if ($settings['offset_used']) {
114  $offset = (int)substr($settings['when'], 4) * 60;
115  $when = iso8601_ts($val) + $offset;
116  if ($when < time()) return FALSE; // it's in the past
117  $fp->setAttrValue('when', 'OO='.substr(ts_iso8601($when), 0, 16));
118  } else {
119  // just the straight value
120  $ts = iso8601_ts($val);
121  if ($ts < time()) return FALSE; // in the past
122  $fp->setAttrValue('when', 'OO='.substr(ts_iso8601($ts), 0, 16));
123  }
124  } else if ($settings['when_type'] == 'by_meta_value') {
125  // need to try to consult a metadata value
126  if (empty($settings['when_meta_field_id'])) {
127  return FALSE; // incomplete config
128  }
129 
130  // Grab the Metadata for the asset which fired this trigger
131  $mm = $GLOBALS['SQ_SYSTEM']->getMetadataManager();
132  $val = $mm->getMetadataValueByAssetid($state['assetid'], $settings['when_meta_field_id'], FALSE, TRUE);
133 
134  // Now attempt to find our relevant Metadata Field
135  // If everything is fine then we should have a date value of some sort - otherwise fail
136  if (!isset($val)) return FALSE; // Expected Metadata Field not assigned
137 
138  if (empty($val)) return FALSE; // empty date time attr
139 
140  if ($settings['offset_used']) {
141  $offset = (int)substr($settings['when'], 4) * 60;
142  $when = iso8601_ts($val) + $offset;
143  if ($when < time()) return FALSE; // it's in the past
144  $fp->setAttrValue('when', 'OO='.substr(ts_iso8601($when), 0, 16));
145  } else {
146  // just the straight value
147  $ts = iso8601_ts($val);
148  if ($ts < time()) return FALSE; // in the past
149  $fp->setAttrValue('when', 'OO='.substr(ts_iso8601($ts), 0, 16));
150  }
151  } else {
152  // the simple, and backwards-compatible case:
153  $fp->setAttrValue('when', $settings['when']);
154  }
155 
156 
157  if ($GLOBALS['SQ_SYSTEM']->runLevelEnables(SQ_SECURITY_PERMISSIONS)) {
158  $user_for_permission_change = $GLOBALS['SQ_SYSTEM']->user;
159  } else {
160  // not doing the whole "security" thing - so pretend we are root
161  $user_for_permission_change = $GLOBALS['SQ_SYSTEM']->am->getSystemAsset('root_user');
162  }
163 
164  $GLOBALS['SQ_SYSTEM']->changeDatabaseConnection('db2');
165  $GLOBALS['SQ_SYSTEM']->doTransaction('BEGIN');
166 
167  // bail if we cannot set the asset that this cron job is to update
168  if (!$fp->setAssetToUpdate($state['asset'])) {
169  $GLOBALS['SQ_SYSTEM']->doTransaction('ROLLBACK');
170  $GLOBALS['SQ_SYSTEM']->restoreDatabaseConnection();
171  return FALSE;
172  }
173 
174  if ($cron_mgr->addJob($fp, $user_for_permission_change)) {
175  if ($GLOBALS['SQ_SYSTEM']->am->acquireLock($fp->id, 'links')) {
176  $GLOBALS['SQ_SYSTEM']->doTransaction('COMMIT');
177  $GLOBALS['SQ_SYSTEM']->restoreDatabaseConnection();
178  $GLOBALS['SQ_SYSTEM']->am->releaseLock($fp->id, 'links');
179  } else {
180  $GLOBALS['SQ_SYSTEM']->doTransaction('ROLLBACK');
181  $GLOBALS['SQ_SYSTEM']->restoreDatabaseConnection();
182  return FALSE;
183  }
184  } else {
185  $GLOBALS['SQ_SYSTEM']->doTransaction('ROLLBACK');
186  $GLOBALS['SQ_SYSTEM']->restoreDatabaseConnection();
187  return FALSE;
188  }
189 
190  return Array(
191  'jobid' => $fp->id,
192  'userid' => $user_for_permission_change->id,
193  'add' => $settings['add'],
194  'granted' => $settings['granted'],
195  'permission' => $fp->attr('permission'),
196  'granted_userid' => $userid,
197  'when' => $fp->attr('when'),
198  );
199 
200  }//end execute()
201 
202 
213  public static function getInterface($settings, $prefix, $write_access=FALSE)
214  {
215  // set defaults
216  $settings['add'] = array_get_index($settings, 'add', TRUE);
217  $settings['granted'] = array_get_index($settings, 'granted', 1);
218  $settings['permission'] = array_get_index($settings, 'permission', SQ_PERMISSION_READ);
219  $settings['userid'] = array_get_index($settings, 'userid', 0);
220  $settings['dependants_only'] = array_get_index($settings, 'dependants_only', TRUE);
221  $settings['cascade_to_new'] = array_get_index($settings, 'cascade_to_new', FALSE);
222  $settings['when'] = array_get_index($settings, 'when');
223  $settings['when_asset_type'] = array_get_index($settings, 'when_asset_type', '');
224  $settings['when_attr_name'] = array_get_index($settings, 'when_attr_name', '');
225  $settings['when_meta_field_id'] = array_get_index($settings, 'when_meta_field_id', '');
226 
227  if (!isset($settings['when_type'])) {
228  if (empty($settings['when'])) {
229  $settings['when_type'] = 'explicit_exact';
230  } else {
231  // some backwards compatibility
232  if (FALSE === strpos($settings['when'], 'OO!')) {
233  $settings['when_type'] = 'explicit_exact';
234  } else {
235  $settings['when_type'] = 'on_trigger_fire';
236  $weights = Array('i' => 1, 'h' => 60, 'd' => 1440, 'w' => 10080, 'm' => 43200, 'y' => 535600);
237  $settings['when'] = 'OO!i'.($weights[$settings['when'][3]] * substr($settings['when'], 4));
238  }
239  }
240  }
241  $munge_prefix = str_replace('[', '_', $prefix);
242  $munge_prefix = str_replace(']', '', $munge_prefix);
243  hidden_field($prefix.'[prefix]', $munge_prefix);
244  $prefix = $munge_prefix;
245 
246  ob_start();
247 
248  include_once SQ_ATTRIBUTES_PATH.'/duration/duration.inc';
249  $duration = new Asset_Attribute_Duration();
250  $duration->setEditParam('biggest_units', $duration->units['days']);
251  $duration->setEditParam('smallest_units', $duration->units['minutes']);
252  $mins = 0;
253  if (0 === strpos($settings['when'], 'OO!i')) {
254  $mins = ((int)(substr($settings['when'], 4)) * 60);
255  $duration->value = abs($mins);
256  }
257 
258  include_once SQ_ATTRIBUTES_PATH.'/datetime/datetime.inc';
259  $datetime = new Asset_Attribute_Datetime();
260  $datetime->setEditParam('show', Array('y', 'm', 'd', 'h', 'i'));
261  $datetime->setEditParam('min', date('Y-m-d H:i:s')); // must be in the future
262  if (FALSE === strpos($settings['when'], 'OO!')) {
263  $datetime->value = substr($settings['when'], 3).':00';
264  }
265 
266  echo translate('trigger_action_future_permission_add_cron_job_to').' ';
267 
268  // print the add/remove selection
269  if ($write_access) {
270  $action_options = Array(
271  '1' => strtolower(translate('add')),
272  '0' => strtolower(translate('remove')),
273  );
274  combo_box($prefix.'_add', $action_options, FALSE, ($settings['add'] ? '1' : '0'));
275  } else {
276  echo '<b>';
277  echo ($settings['add']) ? strtolower(translate('add')) : strtolower(translate('remove'));
278  echo '</b> ';
279  }
280 
281  // print the permission level selection
282  $permissions = self::_getPermissionList();
283  if ($write_access) {
284  combo_box($prefix.'_permission', $permissions, FALSE, $settings['permission']);
285  } else {
286  echo '<b>'.$permissions[$settings['permission']].'</b>';
287  }
288  echo ' permission to ';
289 
290  // print the grant/deny selection
291  if ($write_access) {
292  $permission_options = Array(
293  '1' => strtolower(translate('grant')),
294  '0' => strtolower(translate('deny')),
295  );
296  combo_box($prefix.'_granted', $permission_options, FALSE, $settings['granted']);
297  } else {
298  echo '<b>';
299  echo ($settings['granted']) ? strtolower(translate('grant')) : strtolower(translate('deny'));
300  echo '</b> ';
301  }
302 
303  echo ' '.translate('access_for').' ';
304 
305  // print the asset finder
306  if ($write_access) {
307  asset_finder(
308  $prefix.'_userid',
309  $settings['userid'],
310  Array(
311  'user' => 'D',
312  'user_group' => 'D',
313  )
314  );
315  } else {
316  $user = NULL;
317  if ($settings['userid'] > 0) {
318  $user = $GLOBALS['SQ_SYSTEM']->am->getAsset($settings['userid']);
319  }
320  if (is_null($user)) {
321  echo '<b>['.translate('trigger_no_user_selected').']</b>';
322  } else {
323  echo '<b>'.$user->name.'</b> ';
324  }
325  }
326 
327  // print the time to add a cron job
328  $formats = Array();
329 
330  ob_start();
331  label(translate('immediately_when_trigger_fired'), $prefix.'_when_type_on_trigger_fire');
332  $formats['on_trigger_fire'] = ob_get_clean();
333 
334  ob_start();
335  label(translate('trigger_action_future_permission_explicit_exact').' ', $prefix.'_when_type_explicit_exact');
336  $datetime->paint($prefix.'_explicit_exact', !$write_access);
337  $formats['explicit_exact'] = ob_get_clean();
338 
339  ob_start();
340  label(translate('as_determined_from_asset_attribute').'&nbsp;', $prefix.'_as_determined_from_attr');
341  echo self::getAttributeChooser($prefix.'_exact_attr', $write_access, $settings['when_asset_type'], $settings['when_attr_name']);
342  $formats['by_attr_value'] = ob_get_clean();
343 
344  ob_start();
345  label(translate('as_determined_from_metadata_field').'&nbsp;&nbsp;&nbsp;', $prefix.'_as_determined_from_meta');
346  $metadata_field_id = $settings['when_meta_field_id'];
347  if ($write_access) {
348  asset_finder($prefix.'_when_meta_field_id', $metadata_field_id, Array('metadata_field_date' => 'D'));
349  } else {
350  if ($metadata_field_id) {
351  $metadata_field = $GLOBALS['SQ_SYSTEM']->am->getAsset($metadata_field_id);
352 
353  // Found the associated Metadata Field asset
354  if ($metadata_field) {
355  echo get_asset_tag_line($metadata_field_id);
356  } else {
357  // Looks like we have an ex-asset...
358  echo '<span class="sq-backend-warning">Unknown asset (Id: #'.$metadata_field_id.')</span>';
359  }
360  } else {
361  echo '<b>No metadata field specified</b>';
362  }
363  }
364  $formats['by_meta_value'] = ob_get_clean();
365 
366  if ($write_access) {
367  $GLOBALS['SQ_SYSTEM']->backend->out->addOnLoad('initEnableFieldLists();');
368  ?>
369  <ul class="radio-list enable-field-list">
370  <?php
371  foreach ($formats as $type => $content) {
372  ?>
373  <li>
374  <?php radio_button($prefix.'_when_type', $type, ($settings['when_type'] == $type)); ?><div>
375  <?php echo $content; ?>
376  </div>
377  </li>
378  <?php
379  }
380  ?>
381  </ul>
382  <?php
383  } else {
384  echo preg_replace('/<label([^>]*)>/', '', $formats[$settings['when_type']]);
385  }
386 
387  echo '<p>';
388  label(translate('offset_for_above_fields').': ', $prefix.'_offset');
389  $duration->paint($prefix.'_offset_value', !$write_access);
390  echo ' ';
391  if ($write_access) {
392  combo_box($prefix.'_offset_operator', Array('-' => translate('before'), '+' => translate('after')), FALSE, ($mins < 0) ? '-' : '+');
393  } else {
394  echo translate(($mins < 0) ? 'before' : 'after');
395  }
396  echo ' '.translate('specified_value').'<br /><br /></p>';
397 
398  // Update to dependants only
399  if ($write_access) {
400  echo '<br />';
401  check_box($prefix.'_dependants_only', '1', $settings['dependants_only']);
402  echo translate('trigger_set_permission_dependants_only');
403  } else {
404  echo '<br />';
405  echo '<img src="'.sq_web_path('lib').'/web/images/'.($settings['dependants_only'] ? 'tick' : 'cross').'.gif" alt="'.($settings['dependants_only'] ? translate('yes') : translate('no')).'" /> ';
406  echo translate('trigger_set_permission_dependants_only');
407  }
408 
409  // Cascade to new children
410  if ($write_access) {
411  echo '<br />';
412  check_box($prefix.'_cascade_to_new', '1', $settings['cascade_to_new']);
413  echo translate('cascade_permission_to_new_children');
414  } else {
415  echo '<br />';
416  echo '<img src="'.sq_web_path('lib').'/web/images/'.($settings['cascade_to_new'] ? 'tick' : 'cross').'.gif" alt="'.($settings['cascade_to_new'] ? translate('yes') : translate('no')).'" /> ';
417  echo translate('cascade_permission_to_new_children');
418  }
419 
420  // print the parameter map
421  $parameter_map_value = array_get_index($settings, 'user_map', serialize(Array()));
422 
423  $atr_parameter_map = new Asset_Attribute_Parameter_Map(0, $parameter_map_value);
424 
425  $atr_parameter_map->setParameter('user', 'Userid or Groupid');
426  echo $atr_parameter_map->paint($prefix.'_parameter_map', !$write_access);
427 
428 
429  return ob_get_clean();
430 
431  }//end getInterface()
432 
433 
445  public static function processInterface(&$settings, $request_data)
446  {
447  $prefix = $request_data['prefix'];
448 
449  if (empty($_POST[$prefix.'_when_type'])) return TRUE;
450 
451  $settings['when_type'] = $_POST[$prefix.'_when_type'];
452 
453  //process add/remove
454  $add = array_get_index($_POST, $prefix.'_add', '1');
455  if ($add != '1' && $add != '0') {
456  return 'Add/Remove parameter is invalid';
457  }
458  $settings['add'] = ($add == '1') ? TRUE : FALSE;
459 
460  // process permission
461  $permission = array_get_index($_POST, $prefix.'_permission', '');
462  if ($permission === '') {
463  return 'Permission not specified';
464  }
465 
466  $valid_permissions = self::_getPermissionList();
467  if (isset($valid_permissions[$permission])) {
468  $settings['permission'] = $permission;
469  } else {
470  return 'Specified permission is invalid';
471  }
472 
473  // process granted
474  $granted = array_get_index($_POST, $prefix.'_granted', '');
475  if ($granted != '1' && $granted != '0') {
476  return 'Grant parameter is invalid';
477  }
478  $settings['granted'] = $granted;
479 
480  // process selected userid
481  $user_data = array_get_index($_POST, $prefix.'_userid', Array('assetid' => ''));
482  $userid = $user_data['assetid'];
483 
484  if (!empty($userid)) { // check if userid is a valid userid
485  $user = $GLOBALS['SQ_SYSTEM']->am->getAsset($userid);
486  if (is_null($user)) {
487  return 'Specified userid is not a valid userid';
488  } else {
489  $settings['userid'] = $userid;
490  }
491  }
492 
493  // dependants_only
494  $dependants_only = array_get_index($_POST, $prefix.'_dependants_only', '0');
495  $settings['dependants_only'] = ($dependants_only == '1') ? TRUE : FALSE;
496 
497  // cascade to new
498  $cascade_to_new = array_get_index($_POST, $prefix.'_cascade_to_new', '0');
499  $settings['cascade_to_new'] = ($cascade_to_new == '1') ? TRUE : FALSE;
500 
501  // process parameter map
502  $atr_parameter_map = new Asset_Attribute_Parameter_Map();
503  $atr_parameter_map->process($prefix.'_parameter_map');
504 
505  $settings['user_map'] = $atr_parameter_map->value;
506 
507  // process time
508  include_once SQ_ATTRIBUTES_PATH.'/duration/duration.inc';
509  $duration = new Asset_Attribute_Duration();
510  $duration->setEditParam('biggest_units', $duration->units['days']);
511  $duration->setEditParam('smallest_units', $duration->units['minutes']);
512 
513  include_once SQ_ATTRIBUTES_PATH.'/datetime/datetime.inc';
514  $datetime = new Asset_Attribute_Datetime();
515  $datetime->setEditParam('show', Array('y', 'm', 'd', 'h', 'i'));
516  $datetime->setEditParam('min', date('Y-m-d H:i:s')); // must be in the future
517 
518  switch ($settings['when_type']) {
519  case 'explicit_exact':
520  $settings['when_asset_type'] = '';
521  $settings['when_attr_name'] = '';
522  $datetime->process($prefix.'_explicit_exact');
523  $settings['when'] = 'OO='.substr($datetime->value, 0, 16);
524  break;
525 
526  case 'on_trigger_fire':
527  $settings['when_asset_type'] = '';
528  $settings['when_attr_name'] = '';
529  $settings['when'] = '';
530  break;
531 
532  case 'by_attr_value':
533  $settings['when_asset_type'] = $_POST[$prefix.'_exact_attr']['asset_type'];
534  $settings['when_attr_name'] = array_get_index($_POST[$prefix.'_exact_attr'], 'attribute');
535  $settings['when'] = '';
536  break;
537 
538 
539  case 'by_meta_value':
540  $settings['when_meta_field_id'] = 0;
541  if (isset($_POST[$prefix.'_when_meta_field_id']['assetid'])) {
542  $settings['when_meta_field_id'] = $_POST[$prefix.'_when_meta_field_id']['assetid'];
543  }
544  $settings['when'] = '';
545  }//end switch
546 
547  // Add or subtract any applicable offset when the "when_type" is not exact (ie; an absolute time)
548  $settings['offset_used'] = FALSE;
549  if ($settings['when_type'] != 'explicit_exact') {
550  $duration->process($prefix.'_offset_value');
551  $mins = ((int)$duration->value/60);
552 
553  // Only allow a "before" offset if we are not using an exact time or the Trigger Fire time as a reference
554  if (($settings['when_type'] != 'on_trigger_fire') && ($_POST[$prefix.'_offset_operator'] == '-')) {
555  $mins *= -1;
556  }
557 
558  $settings['when'] = 'OO!i'.$mins;
559  $settings['offset_used'] = TRUE;
560  }
561 
562  return FALSE;
563 
564  }//end processInterface()
565 
566 
578  protected static function getAttributeChooser($prefix, $write_access, $type, $attr)
579  {
580  ob_start();
581  if ($write_access) {
582  asset_type_chooser($prefix.'[asset_type]', FALSE, Array($type), TRUE);
583  } else {
584  echo '<b>'.$type.'</b> ';
585  }
586  $basic_part_1 = ob_get_contents();
587  ob_end_clean();
588 
589  ob_start();
590  if ($type == '') {
591  echo '<em>['.translate('asset_type_not_selected').']</em>';
592  } else {
593  $attrs = $GLOBALS['SQ_SYSTEM']->am->getAssetTypeAttributes($type, Array('name', 'type'));
594  if (empty($attrs)) {
595  echo '<b>['.translate('asset_type_no_attributes_found').']</b>';
596  } else {
597  if ($write_access) {
598  $attr_options = Array('' => '');
599  foreach ($attrs as $name => $type) {
600  if ($type['type'] == 'datetime') {
601  $attr_options[$name] = $name;
602  }
603  }
604  combo_box($prefix.'[attribute]', $attr_options, FALSE, $attr);
605  } else {
606  echo '<b>'.$attr.'</b>';
607  }
608  }
609  }
610  $basic_part_2 = ob_get_contents();
611  ob_end_clean();
612 
613  return $basic_part_1.$basic_part_2;
614 
615  }//end getAttributeChooser()
616 
617 
624  public static function _getPermissionList()
625  {
626  return Array(
627  SQ_PERMISSION_READ => 'read',
628  SQ_PERMISSION_WRITE => 'write',
629  SQ_PERMISSION_ADMIN => 'admin',
630  );
631 
632  }//end _getPermissionList()
633 
634 
635 }//end class
636 
637 ?>