Xibo

Merge lp:~dangarner/xibo/server-layout-media-permissions into lp:xibo/1.3

  1. server-layout-media-permissions
  2. Merge into faye
Proposed by Dan Garner
Status: Merged
Merged at revision: 220
Proposed branch: lp:~dangarner/xibo/server-layout-media-permissions
Merge into: lp:xibo/1.3
Diff against target: 14520 lines (+7237/-5111)
59 files modified
server/install/database/41.sql (+218/-0)
server/lib/app/kit.class.php (+13/-0)
server/lib/app/permissionmanager.class.php (+83/-0)
server/lib/app/responsemanager.class.php (+11/-5)
server/lib/app/translationengine.class.php (+1/-1)
server/lib/data/dataset.data.class.php (+148/-0)
server/lib/data/datasetcolumn.data.class.php (+127/-0)
server/lib/data/datasetdata.data.class.php (+84/-0)
server/lib/data/datasetgroupsecurity.data.class.php (+149/-0)
server/lib/data/layout.data.class.php (+21/-10)
server/lib/data/layoutgroupsecurity.data.class.php (+149/-0)
server/lib/data/layoutmediagroupsecurity.data.class.php (+194/-0)
server/lib/data/layoutregiongroupsecurity.data.class.php (+150/-0)
server/lib/data/media.data.class.php (+9/-11)
server/lib/data/mediagroupsecurity.data.class.php (+188/-0)
server/lib/data/schedule.data.class.php (+2/-0)
server/lib/data/templategroupsecurity.data.class.php (+130/-0)
server/lib/include.php (+1/-0)
server/lib/js/core.js (+12/-3)
server/lib/js/dataset.js (+69/-0)
server/lib/js/layout.js (+3/-3)
server/lib/js/mediamanager.js (+65/-117)
server/lib/modules/module.class.php (+1164/-74)
server/lib/pages/content.class.php (+120/-104)
server/lib/pages/dataset.class.php (+1022/-0)
server/lib/pages/display.class.php (+9/-9)
server/lib/pages/displaygroup.class.php (+1/-1)
server/lib/pages/group.class.php (+1/-1)
server/lib/pages/index.class.php (+1/-1)
server/lib/pages/layout.class.php (+664/-261)
server/lib/pages/mediamanager.class.php (+165/-49)
server/lib/pages/oauth.class.php (+1/-1)
server/lib/pages/region.class.php (+94/-30)
server/lib/pages/schedule.class.php (+109/-15)
server/lib/pages/template.class.php (+225/-50)
server/lib/pages/user.class.php (+66/-111)
server/lib/service/rest.class.php (+3/-6)
server/lib/xmds.inc.php (+1/-0)
server/locale/dbtranslate.php (+1/-0)
server/modules/counter.module.php (+340/-0)
server/modules/embedded.module.php (+70/-32)
server/modules/flash.module.php (+88/-914)
server/modules/image.module.php (+92/-934)
server/modules/microblog.module.php (+55/-14)
server/modules/module_user_general.php (+382/-150)
server/modules/powerpoint.module.php (+88/-914)
server/modules/text.module.php (+313/-273)
server/modules/ticker.module.php (+52/-17)
server/modules/video.module.php (+88/-900)
server/modules/webpage.module.php (+74/-46)
server/template/css/calendar.css (+1/-0)
server/template/css/links.css (+14/-0)
server/template/css/presentation.css (+31/-1)
server/template/css/xibo.css (+7/-2)
server/template/footer.php (+1/-1)
server/template/header.php (+10/-13)
server/template/pages/dataset_view.php (+51/-0)
server/template/pages/layout_edit.php (+1/-0)
server/template/pages/mediamanager.php (+5/-37)
To merge this branch: bzr merge lp:~dangarner/xibo/server-layout-media-permissions
Reviewer Review Type Date Requested Status
Dan Garner Approve
Review via email: mp+72121@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Dan Garner (dangarner) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'server/img/forms/background_timeline.png'
0Binary files server/img/forms/background_timeline.png 2008-12-10 23:48:58 +0000 and server/img/forms/background_timeline.png 2011-08-18 23:36:27 +0000 differ0Binary files server/img/forms/background_timeline.png 2008-12-10 23:48:58 +0000 and server/img/forms/background_timeline.png 2011-08-18 23:36:27 +0000 differ
=== modified file 'server/install/database/41.sql'
--- server/install/database/41.sql 2011-06-05 17:18:24 +0000
+++ server/install/database/41.sql 2011-08-18 23:36:27 +0000
@@ -1,3 +1,221 @@
1CREATE TABLE IF NOT EXISTS `lklayoutgroup` (
2 `LkLayoutGroupID` int(11) NOT NULL AUTO_INCREMENT,
3 `LayoutID` int(11) NOT NULL,
4 `GroupID` int(11) NOT NULL,
5 `View` tinyint(4) NOT NULL DEFAULT '0',
6 `Edit` tinyint(4) NOT NULL DEFAULT '0',
7 `Del` tinyint(4) NOT NULL DEFAULT '0',
8 PRIMARY KEY (`LkLayoutGroupID`),
9 KEY `LayoutID` (`LayoutID`),
10 KEY `GroupID` (`GroupID`)
11) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
12
13ALTER TABLE `lklayoutgroup`
14 ADD CONSTRAINT `lklayoutgroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`),
15 ADD CONSTRAINT `lklayoutgroup_ibfk_1` FOREIGN KEY (`LayoutID`) REFERENCES `layout` (`layoutID`);
16
17ALTER TABLE `group` ADD `IsEveryone` TINYINT NOT NULL DEFAULT '0';
18
19INSERT INTO `group` (
20`groupID` ,
21`group` ,
22`IsUserSpecific` ,
23`IsEveryone`
24)
25VALUES (
26NULL , 'Everyone', '0', '1'
27);
28
29CREATE TABLE IF NOT EXISTS `lkmediagroup` (
30 `LkMediaGroupID` int(11) NOT NULL AUTO_INCREMENT,
31 `MediaID` int(11) NOT NULL,
32 `GroupID` int(11) NOT NULL,
33 `View` tinyint(4) NOT NULL DEFAULT '0',
34 `Edit` tinyint(4) NOT NULL DEFAULT '0',
35 `Del` tinyint(4) NOT NULL DEFAULT '0',
36 PRIMARY KEY (`LkMediaGroupID`),
37 KEY `MediaID` (`MediaID`),
38 KEY `GroupID` (`GroupID`)
39) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
40
41ALTER TABLE `lkmediagroup`
42 ADD CONSTRAINT `lkmediagroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`),
43 ADD CONSTRAINT `lkmediagroup_ibfk_1` FOREIGN KEY (`MediaID`) REFERENCES `media` (`MediaID`);
44
45CREATE TABLE IF NOT EXISTS `lklayoutmediagroup` (
46 `LkLayoutMediaGroup` int(11) NOT NULL AUTO_INCREMENT,
47 `LayoutID` int(11) NOT NULL,
48 `RegionID` varchar(50) NOT NULL,
49 `MediaID` varchar(50) NOT NULL,
50 `GroupID` int(11) NOT NULL,
51 `View` tinyint(4) NOT NULL DEFAULT '0',
52 `Edit` tinyint(4) NOT NULL DEFAULT '0',
53 `Del` tinyint(4) NOT NULL DEFAULT '0',
54 PRIMARY KEY (`LkLayoutMediaGroup`),
55 KEY `LayoutID` (`LayoutID`),
56 KEY `GroupID` (`GroupID`)
57) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
58
59ALTER TABLE `lklayoutmediagroup`
60 ADD CONSTRAINT `lklayoutmediagroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`),
61 ADD CONSTRAINT `lklayoutmediagroup_ibfk_1` FOREIGN KEY (`LayoutID`) REFERENCES `layout` (`layoutID`);
62
63CREATE TABLE IF NOT EXISTS `lktemplategroup` (
64 `LkTemplateGroupID` int(11) NOT NULL AUTO_INCREMENT,
65 `TemplateID` int(11) NOT NULL,
66 `GroupID` int(11) NOT NULL,
67 `View` tinyint(4) NOT NULL DEFAULT '0',
68 `Edit` tinyint(4) NOT NULL DEFAULT '0',
69 `Del` tinyint(4) NOT NULL DEFAULT '0',
70 PRIMARY KEY (`LkTemplateGroupID`),
71 KEY `TemplateID` (`TemplateID`),
72 KEY `GroupID` (`GroupID`)
73) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
74
75ALTER TABLE `lktemplategroup`
76 ADD CONSTRAINT `lktemplategroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`),
77 ADD CONSTRAINT `lktemplategroup_ibfk_1` FOREIGN KEY (`TemplateID`) REFERENCES `template` (`TemplateID`);
78
79ALTER TABLE `layout` DROP `permissionID`;
80
81ALTER TABLE `media` DROP FOREIGN KEY `media_ibfk_1` ;
82ALTER TABLE `media` DROP `permissionID`;
83
84ALTER TABLE `template` DROP FOREIGN KEY `template_ibfk_2` ;
85ALTER TABLE `template` DROP `permissionID`;
86
87DROP TABLE `permission`;
88
89CREATE TABLE IF NOT EXISTS `lklayoutregiongroup` (
90 `LkLayoutRegionGroup` int(11) NOT NULL AUTO_INCREMENT,
91 `LayoutID` int(11) NOT NULL,
92 `RegionID` varchar(50) NOT NULL,
93 `GroupID` int(11) NOT NULL,
94 `View` tinyint(4) NOT NULL DEFAULT '0',
95 `Edit` tinyint(4) NOT NULL DEFAULT '0',
96 `Del` tinyint(4) NOT NULL DEFAULT '0',
97 PRIMARY KEY (`LkLayoutRegionGroup`),
98 KEY `LayoutID` (`LayoutID`),
99 KEY `GroupID` (`GroupID`)
100) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
101
102ALTER TABLE `lklayoutregiongroup`
103 ADD CONSTRAINT `lklayoutregiongroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`),
104 ADD CONSTRAINT `lklayoutregiongroup_ibfk_1` FOREIGN KEY (`LayoutID`) REFERENCES `layout` (`layoutID`);
105
106INSERT INTO lktemplategroup (TemplateID, GroupID, View)
107SELECT TemplateID, GroupId, 1
108 FROM template
109 CROSS JOIN (SELECT GroupID, `Group` FROM `group` WHERE IsEveryone = 1) `group`
110 WHERE IsSystem = 1;
111
112INSERT INTO `setting` (
113`settingid` ,
114`setting` ,
115`value` ,
116`type` ,
117`helptext` ,
118`options` ,
119`cat` ,
120`userChange`
121)
122VALUES (
123NULL , 'REGION_OPTIONS_COLOURING', 'media', 'dropdown', NULL , 'Media Colouring|Permissions Colouring', 'permissions', '1'
124);
125
126UPDATE `setting` SET `setting` = 'LAYOUT_DEFAULT',
127`helptext` = 'New layouts will be created with these settings. If public everyone will be able to view and use this layout.' WHERE `setting`.`settingid` =2 LIMIT 1 ;
128
129UPDATE `setting` SET `setting` = 'MEDIA_DEFAULT',
130`helptext` = 'Media will be created with these settings. If public everyone will be able to view and use this media.' WHERE `setting`.`settingid` =1 LIMIT 1 ;
131
132INSERT INTO `pages` (`name`, `pagegroupID`) VALUES
133('help', 2),
134('clock', 2);
135
136INSERT INTO `module` (
137`ModuleID` ,
138`Module` ,
139`Enabled` ,
140`RegionSpecific` ,
141`Description` ,
142`ImageUri` ,
143`SchemaVersion` ,
144`ValidExtensions`
145)
146VALUES (
147NULL , 'Counter', '1', '1', 'Customer Counter connected to a Remote Control', 'img/forms/webpage.gif', '1', NULL
148);
149
150INSERT INTO `pagegroup` (
151`pagegroupID` ,
152`pagegroup`
153)
154VALUES (
155NULL , 'DataSets'
156);
157
158INSERT INTO `pages` (`name`, `pagegroupID`)
159SELECT 'dataset', pagegroupID
160 FROM pagegroup
161 WHERE pagegroup = 'DataSets';
162
163INSERT INTO `menuitem` (`menuID`, `pageID`, `Text`, `sequence`)
164SELECT '4', pageID, 'DataSets', '6'
165 FROM pages
166 WHERE `name` = 'dataset';
167
168CREATE TABLE IF NOT EXISTS `dataset` (
169 `DataSetID` int(11) NOT NULL AUTO_INCREMENT,
170 `DataSet` varchar(50) NOT NULL,
171 `Description` varchar(254) DEFAULT NULL,
172 `UserID` int(11) NOT NULL,
173 PRIMARY KEY (`DataSetID`),
174 KEY `UserID` (`UserID`)
175) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
176
177CREATE TABLE IF NOT EXISTS `datasetcolumn` (
178 `DataSetColumnID` int(11) NOT NULL AUTO_INCREMENT,
179 `DataSetID` int(11) NOT NULL,
180 `Heading` varchar(50) NOT NULL,
181 `DataTypeID` smallint(6) NOT NULL,
182 `ListContent` varchar(255) DEFAULT NULL,
183 `ColumnOrder` smallint(6) NOT NULL,
184 PRIMARY KEY (`DataSetColumnID`),
185 KEY `DataSetID` (`DataSetID`)
186) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
187
188ALTER TABLE `datasetcolumn`
189 ADD CONSTRAINT `datasetcolumn_ibfk_1` FOREIGN KEY (`DataSetID`) REFERENCES `dataset` (`DataSetID`);
190
191CREATE TABLE IF NOT EXISTS `datasetdata` (
192 `DataSetDataID` int(11) NOT NULL AUTO_INCREMENT,
193 `DataSetColumnID` int(11) NOT NULL,
194 `RowNumber` int(11) NOT NULL,
195 `Value` varchar(255) NOT NULL,
196 PRIMARY KEY (`DataSetDataID`),
197 KEY `DataColumnID` (`DataSetColumnID`)
198) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
199
200ALTER TABLE `datasetdata`
201 ADD CONSTRAINT `datasetdata_ibfk_1` FOREIGN KEY (`DataSetColumnID`) REFERENCES `datasetcolumn` (`DataSetColumnID`);
202
203CREATE TABLE IF NOT EXISTS `lkdatasetgroup` (
204 `LkDataSetGroupID` int(11) NOT NULL AUTO_INCREMENT,
205 `DataSetID` int(11) NOT NULL,
206 `GroupID` int(11) NOT NULL,
207 `View` tinyint(4) NOT NULL DEFAULT '0',
208 `Edit` tinyint(4) NOT NULL DEFAULT '0',
209 `Del` tinyint(4) NOT NULL DEFAULT '0',
210 PRIMARY KEY (`LkDataSetGroupID`),
211 KEY `DataSetID` (`DataSetID`),
212 KEY `GroupID` (`GroupID`)
213) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
214
215ALTER TABLE `lkdatasetgroup`
216 ADD CONSTRAINT `lkdatasetgroup_ibfk_2` FOREIGN KEY (`GroupID`) REFERENCES `group` (`groupID`),
217 ADD CONSTRAINT `lkdatasetgroup_ibfk_1` FOREIGN KEY (`DataSetID`) REFERENCES `dataset` (`DataSetID`);
218
1219
2220
3UPDATE `version` SET `app_ver` = '1.3.0', `XmdsVersion` = 2;221UPDATE `version` SET `app_ver` = '1.3.0', `XmdsVersion` = 2;
4222
=== modified file 'server/lib/app/kit.class.php'
--- server/lib/app/kit.class.php 2011-02-28 16:05:59 +0000
+++ server/lib/app/kit.class.php 2011-08-18 23:36:27 +0000
@@ -490,5 +490,18 @@
490 return mail($to, $subject, $message, $headers);490 return mail($to, $subject, $message, $headers);
491 }491 }
492492
493 public static function SelectList($listName, $listValues, $idColumn, $nameColumn, $selectedId = '', $callBack = '')
494 {
495 $list = '<select name="' . $listName . '" id="' . $listName . '"' . $callBack . '>';
496
497 foreach ($listValues as $listItem)
498 {
499 $list .= '<option value="' . $listItem[$idColumn] . '" ' . (($listItem[$idColumn] == $selectedId) ? 'selected' : '') . '>' . $listItem[$nameColumn] . '</option>';
500 }
501
502 $list .= '</select>';
503
504 return $list;
505 }
493}506}
494?>507?>
495508
=== added file 'server/lib/app/permissionmanager.class.php'
--- server/lib/app/permissionmanager.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/app/permissionmanager.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,83 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.');
22
23class PermissionManager
24{
25 private $db;
26 private $user;
27
28 public $ownerId;
29
30 public $view;
31 public $edit;
32 public $del;
33 public $modifyPermissions;
34
35 /**
36 * Constructs the Module Manager.
37 * @return
38 * @param $db Object
39 * @param $user Object
40 */
41 public function __construct(database $db, User $user)
42 {
43 $this->db =& $db;
44 $this->user =& $user;
45
46 $this->view = false;
47 $this->edit = false;
48 $this->del = false;
49 $this->modifyPermissions = false;
50 }
51
52 public function Evaluate($ownerId, $view, $edit, $del)
53 {
54 $user =& $this->user;
55
56 $this->ownerId = $ownerId;
57 $this->view = $view;
58 $this->edit = $edit;
59 $this->del = $del;
60
61 // Basic checks first
62 if ($this->user->usertypeid == 1 || $ownerId == $user->userid)
63 {
64 // Super admin or owner, therefore permission granted to everything
65 $this->FullAccess();
66 }
67 else if ($this->user->usertypeid == 2 && $this->view == 1)
68 {
69 // Group Admin and we have view permissions (i.e. this group is assigned to this item)
70 $this->view = true;
71 $this->edit = true;
72 $this->del = true;
73 }
74 }
75
76 public function FullAccess()
77 {
78 $this->view = true;
79 $this->edit = true;
80 $this->del = true;
81 $this->modifyPermissions = true;
82 }
83}
0\ No newline at end of file84\ No newline at end of file
185
=== modified file 'server/lib/app/responsemanager.class.php'
--- server/lib/app/responsemanager.class.php 2010-05-29 11:16:24 +0000
+++ server/lib/app/responsemanager.class.php 2011-08-18 23:36:27 +0000
@@ -45,20 +45,25 @@
45 public $refresh;45 public $refresh;
46 public $refreshLocation;46 public $refreshLocation;
47 public $focusInFirstInput;47 public $focusInFirstInput;
48 public $appendHiddenSubmit;
48 49
49 public $login;50 public $login;
50 public $clockUpdate;51 public $clockUpdate;
52
53 public $uniqueReference;
51 54
52 public function __construct()55 public function __construct()
53 { 56 {
54 // Determine if this is an AJAX call or not57 // Determine if this is an AJAX call or not
55 $this->ajax = Kit::GetParam('ajax', _REQUEST, _BOOL, false);58 $this->ajax = Kit::GetParam('ajax', _REQUEST, _BOOL, false);
56 59
57 // Assume success60 // Assume success
58 $this->success = true;61 $this->success = true;
59 $this->clockUpdate = false;62 $this->clockUpdate = false;
60 $this->focusInFirstInput = true;63 $this->focusInFirstInput = true;
61 $this->buttons = '';64 $this->appendHiddenSubmit = true;
65 $this->uniqueReference = '';
66 $this->buttons = '';
62 67
63 return true;68 return true;
64 }69 }
@@ -212,6 +217,7 @@
212 // General217 // General
213 $response['html'] = $this->html;218 $response['html'] = $this->html;
214 $response['buttons'] = $this->buttons;219 $response['buttons'] = $this->buttons;
220 $response['uniqueReference'] = $this->uniqueReference;
215 221
216 $response['success'] = $this->success;222 $response['success'] = $this->success;
217 $response['callBack'] = $this->callBack;223 $response['callBack'] = $this->callBack;
218224
=== modified file 'server/lib/app/translationengine.class.php'
--- server/lib/app/translationengine.class.php 2010-09-18 15:40:51 +0000
+++ server/lib/app/translationengine.class.php 2011-08-18 23:36:27 +0000
@@ -75,7 +75,7 @@
75 {75 {
76 // Remove any quality rating (as we aren't interested)76 // Remove any quality rating (as we aren't interested)
77 $rawLang = explode(';', $lang);77 $rawLang = explode(';', $lang);
78 $lang = $rawLang[0];78 $lang = str_replace("-", "_", $rawLang[0]);
7979
80 if (in_array($lang . '.mo', $supportedLangs))80 if (in_array($lang . '.mo', $supportedLangs))
81 {81 {
8282
=== added file 'server/lib/data/dataset.data.class.php'
--- server/lib/data/dataset.data.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/data/dataset.data.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,148 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.");
22
23class DataSet extends Data
24{
25 /**
26 * Add a data set
27 * @param <type> $dataSet
28 * @param <type> $description
29 * @param <type> $userId
30 * @return <type>
31 */
32 public function Add($dataSet, $description, $userId)
33 {
34 $db =& $this->db;
35
36 // Validation
37 if (strlen($dataSet) > 50 || strlen($dataSet) < 1)
38 {
39 $this->SetError(25001, __("Name must be between 1 and 50 characters"));
40 return false;
41 }
42
43 if (strlen($description) > 254)
44 {
45 $this->SetError(25002, __("Description can not be longer than 254 characters"));
46 return false;
47 }
48
49 // Ensure there are no layouts with the same name
50 $SQL = sprintf("SELECT DataSet FROM dataset WHERE DataSet = '%s' ", $dataSet);
51
52 if ($db->GetSingleRow($SQL))
53 {
54 trigger_error($db->error());
55 $this->SetError(25004, sprintf(__("There is already dataset called '%s'. Please choose another name."), $dataSet));
56 return false;
57 }
58 // End Validation
59
60 $SQL = "INSERT INTO dataset (DataSet, Description, UserID) ";
61 $SQL .= " VALUES ('%s', '%s', %d) ";
62
63 if (!$id = $db->insert_query(sprintf($SQL, $dataSet, $description, $userId)))
64 {
65 trigger_error($db->error());
66 $this->SetError(25005, __('Could not add DataSet'));
67
68 return false;
69 }
70
71 Debug::LogEntry($db, 'audit', 'Complete', 'DataSet', 'Add');
72
73 return $id;
74 }
75
76 /**
77 * Edit a DataSet
78 * @param <type> $dataSetId
79 * @param <type> $dataSet
80 * @param <type> $description
81 */
82 public function Edit($dataSetId, $dataSet, $description)
83 {
84 $db =& $this->db;
85
86 // Validation
87 if (strlen($dataSet) > 50 || strlen($dataSet) < 1)
88 {
89 $this->SetError(25001, __("Name must be between 1 and 50 characters"));
90 return false;
91 }
92
93 if (strlen($description) > 254)
94 {
95 $this->SetError(25002, __("Description can not be longer than 254 characters"));
96 return false;
97 }
98
99 // Ensure there are no layouts with the same name
100 $SQL = sprintf("SELECT DataSet FROM dataset WHERE DataSet = '%s' AND DataSetID <> %d ", $dataSet, $dataSetId);
101
102 if ($db->GetSingleRow($SQL))
103 {
104 trigger_error($db->error());
105 $this->SetError(25004, sprintf(__("There is already a dataset called '%s'. Please choose another name."), $dataSet));
106 return false;
107 }
108 // End Validation
109
110 $SQL = "UPDATE dataset SET DataSet = '%s', Description = '%s' WHERE DataSetID = %d ";
111 $SQL = sprintf($SQL, $dataSet, $description, $dataSetId);
112
113 if (!$db->query($SQL))
114 {
115 trigger_error($db->error());
116 $this->SetError(25005, sprintf(__('Cannot edit dataset %s'), $dataSet));
117 return false;
118 }
119
120 return true;
121 }
122
123 /**
124 * Delete DataSet
125 * @param <type> $dataSetId
126 */
127 public function Delete($dataSetId)
128 {
129 $db =& $this->db;
130
131 Kit::ClassLoader('datasetgroupsecurity');
132 $security = new DataSetGroupSecurity($db);
133 $security->UnlinkAll($dataSetId);
134
135 $SQL = "DELETE FROM dataset WHERE DataSetID = %d";
136 $SQL = sprintf($SQL, $dataSetId);
137
138 if (!$db->query($SQL))
139 {
140 trigger_error($db->error());
141 $this->SetError(25005, __('Cannot delete dataset'));
142 return false;
143 }
144
145 return true;
146 }
147}
148?>
0\ No newline at end of file149\ No newline at end of file
1150
=== added file 'server/lib/data/datasetcolumn.data.class.php'
--- server/lib/data/datasetcolumn.data.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/data/datasetcolumn.data.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,127 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.");
22
23class DataSetColumn extends Data
24{
25 public function Add($dataSetId, $heading, $dataTypeId, $listContent, $columnOrder = '')
26 {
27 $db =& $this->db;
28
29 // Is the column order provided?
30 if ($columnOrder == '')
31 {
32 $SQL = "";
33 $SQL .= "SELECT IFNULL(MAX(ColumnOrder), 1) AS ColumnOrder ";
34 $SQL .= " FROM datasetcolumn ";
35 $SQL .= sprintf("WHERE datasetID = %d ", $dataSetId);
36
37 if (!$columnOrder = $db->GetSingleValue($SQL, 'ColumnOrder', _INT))
38 {
39 trigger_error($db->error());
40 return $this->SetError(25005, __('Could not determine the Column Order'));
41 }
42 }
43
44 $SQL = "INSERT INTO datasetcolumn (DataSetID, Heading, DataTypeID, ListContent, ColumnOrder) ";
45 $SQL .= " VALUES (%d, '%s', %d, '%s', %d) ";
46 $SQL = sprintf($SQL, $dataSetId, $heading, $dataTypeId, $listContent, $columnOrder);
47
48 if (!$id = $db->insert_query($SQL))
49 {
50 trigger_error($db->error());
51 return $this->SetError(25005, __('Could not add DataSet Column'));
52 }
53
54 Debug::LogEntry($db, 'audit', 'Complete', 'DataSetColumn', 'Add');
55
56 return $id;
57 }
58
59 public function Edit($dataSetColumnId, $heading, $dataTypeId, $listContent, $columnOrder)
60 {
61 $db =& $this->db;
62
63 // Validation
64 if ($listContent != '')
65 {
66 $list = explode(',', $listContent);
67
68 // We can check this is valid by building up a NOT IN sql statement, if we get results.. we know its not good
69 $select = '';
70
71 for ($i=0; $i < count($list); $i++)
72 {
73 $list_val = $list[$i];
74 $select .= "'$list_val',";
75 }
76
77 $select = rtrim($select, ',');
78
79 $SQL = sprintf("SELECT DataSetDataID FROM datasetdata WHERE DataColumnID = %d AND Value NOT IN (%s)", $dataSetColumnId, $select);
80
81 if (!$results = $db->query($SQL))
82 {
83 trigger_error($db->error());
84 return $this->SetError(25005, __('Could not edit DataSet Column'));
85 }
86
87 if ($db->num_rows($results) > 0)
88 return $this->SetError(25005, __('New list content value is invalid as it doesnt include values for existing data'));
89 }
90
91 $SQL = "UPDATE datasetcolumn SET Heading = '%s', ListContent = '%s', ColumnOrder = %d ";
92 $SQL .= " WHERE DataSetColumnID = %d";
93
94 $SQL = sprintf($SQL, $heading, $listContent, $columnOrder, $dataSetColumnId);
95
96 if (!$db->query($SQL))
97 {
98 trigger_error($db->error());
99 return $this->SetError(25005, __('Could not edit DataSet Column'));
100 }
101
102 Debug::LogEntry($db, 'audit', 'Complete', 'DataSetColumn', 'Edit');
103
104 return true;
105 }
106
107 public function Delete($dataSetColumnId)
108 {
109 $db =& $this->db;
110
111 $SQL = "DELETE FROM datasetcolumn ";
112 $SQL .= " WHERE DataSetColumnID = %d";
113
114 $SQL = sprintf($SQL, $dataSetColumnId);
115
116 if (!$db->query($SQL))
117 {
118 trigger_error($db->error());
119 return $this->SetError(25005, __('Could not delete DataSet Column'));
120 }
121
122 Debug::LogEntry($db, 'audit', 'Complete', 'DataSetColumn', 'Delete');
123
124 return true;
125 }
126}
127?>
0\ No newline at end of file128\ No newline at end of file
1129
=== added file 'server/lib/data/datasetdata.data.class.php'
--- server/lib/data/datasetdata.data.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/data/datasetdata.data.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,84 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die("Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.");
22
23class DataSetData extends Data
24{
25 public function Add($dataSetColumnId, $rowNumber, $value)
26 {
27 $db =& $this->db;
28
29 $SQL = "INSERT INTO datasetdata (DataSetColumnID, RowNumber, Value) ";
30 $SQL .= " VALUES (%d, %d, '%s') ";
31 $SQL = sprintf($SQL, $dataSetColumnId, $rowNumber, $value);
32
33 if (!$id = $db->insert_query($SQL))
34 {
35 trigger_error($db->error());
36 return $this->SetError(25005, __('Could not add DataSet Data'));
37 }
38
39 Debug::LogEntry($db, 'audit', 'Complete', 'DataSetData', 'Add');
40
41 return $id;
42 }
43
44 public function Edit($dataSetColumnId, $rowNumber, $value)
45 {
46 $db =& $this->db;
47
48 $SQL = "UPDATE datasetdata SET Value = '%s' ";
49 $SQL .= " WHERE DataSetColumnID = %d AND RowNumber = %d";
50
51 $SQL = sprintf($SQL, $value, $dataSetColumnId, $rowNumber);
52
53 if (!$db->query($SQL))
54 {
55 trigger_error($db->error());
56 return $this->SetError(25005, __('Could not edit DataSet Data'));
57 }
58
59 Debug::LogEntry($db, 'audit', 'Complete', 'DataSetData', 'Edit');
60
61 return true;
62 }
63
64 public function Delete($dataSetColumnId, $rowNumber)
65 {
66 $db =& $this->db;
67
68 $SQL = "DELETE FROM datasetdata ";
69 $SQL .= " WHERE DataSetColumnID = %d AND RowNumber = %d";
70
71 $SQL = sprintf($SQL, $dataSetColumnId, $rowNumber);
72
73 if (!$db->query($SQL))
74 {
75 trigger_error($db->error());
76 return $this->SetError(25005, __('Could not delete Data for Column/Row'));
77 }
78
79 Debug::LogEntry($db, 'audit', 'Complete', 'DataSetData', 'Delete');
80
81 return true;
82 }
83}
84?>
0\ No newline at end of file85\ No newline at end of file
186
=== added file 'server/lib/data/datasetgroupsecurity.data.class.php'
--- server/lib/data/datasetgroupsecurity.data.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/data/datasetgroupsecurity.data.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,149 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.');
22
23class DataSetGroupSecurity extends Data
24{
25 public function __construct(database $db)
26 {
27 parent::__construct($db);
28 }
29
30 /**
31 * Links a Display Group to a Group
32 * @return
33 * @param $displayGroupID Object
34 * @param $groupID Object
35 */
36 public function Link($dataSetId, $groupId, $view, $edit, $del)
37 {
38 $db =& $this->db;
39
40 Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'Link');
41
42 $SQL = "";
43 $SQL .= "INSERT ";
44 $SQL .= "INTO lkdatasetgroup ";
45 $SQL .= " ( ";
46 $SQL .= " DataSetID, ";
47 $SQL .= " GroupID, ";
48 $SQL .= " View, ";
49 $SQL .= " Edit, ";
50 $SQL .= " Del ";
51 $SQL .= " ) ";
52 $SQL .= " VALUES ";
53 $SQL .= " ( ";
54 $SQL .= sprintf(" %d, %d, %d, %d, %d ", $dataSetId, $groupId, $view, $edit, $del);
55 $SQL .= " )";
56
57 if (!$db->query($SQL))
58 {
59 trigger_error($db->error());
60 $this->SetError(25024, __('Could not Link DataSet to Group'));
61
62 return false;
63 }
64
65 Debug::LogEntry($db, 'audit', 'OUT', 'DataSetGroupSecurity', 'Link');
66
67 return true;
68 }
69
70 /**
71 * Links everyone to the layout specified
72 * @param <type> $layoutId
73 * @param <type> $view
74 * @param <type> $edit
75 * @param <type> $del
76 * @return <type>
77 */
78 public function LinkEveryone($dataSetId, $view, $edit, $del)
79 {
80 $db =& $this->db;
81
82 Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'LinkEveryone');
83
84 $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT);
85
86 return $this->Link($dataSetId, $groupId, $view, $edit, $del);
87 }
88
89 /**
90 * Unlinks a display group from a group
91 * @return
92 * @param $displayGroupID Object
93 * @param $groupID Object
94 */
95 public function Unlink($dataSetId, $groupId)
96 {
97 $db =& $this->db;
98
99 Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'Unlink');
100
101 $SQL = "";
102 $SQL .= "DELETE FROM ";
103 $SQL .= " lkdatasetgroup ";
104 $SQL .= sprintf(" WHERE DataSetID = %d AND GroupID = %d ", $dataSetId, $groupId);
105
106 if (!$db->query($SQL))
107 {
108 trigger_error($db->error());
109 $this->SetError(25025, __('Could not Unlink DataSet from Group'));
110
111 return false;
112 }
113
114 Debug::LogEntry($db, 'audit', 'OUT', 'DataSetGroupSecurity', 'Unlink');
115
116 return true;
117 }
118
119 /**
120 * Unlinks a display group from a group
121 * @return
122 * @param $displayGroupID Object
123 * @param $groupID Object
124 */
125 public function UnlinkAll($dataSetId)
126 {
127 $db =& $this->db;
128
129 Debug::LogEntry($db, 'audit', 'IN', 'DataSetGroupSecurity', 'Unlink');
130
131 $SQL = "";
132 $SQL .= "DELETE FROM ";
133 $SQL .= " lkdatasetgroup ";
134 $SQL .= sprintf(" WHERE DataSetID = %d ", $dataSetId);
135
136 if (!$db->query($SQL))
137 {
138 trigger_error($db->error());
139 $this->SetError(25025, __('Could not Unlink DataSet from Group'));
140
141 return false;
142 }
143
144 Debug::LogEntry($db, 'audit', 'OUT', 'DataSetGroupSecurity', 'Unlink');
145
146 return true;
147 }
148}
149?>
0\ No newline at end of file150\ No newline at end of file
1151
=== modified file 'server/lib/data/layout.data.class.php'
--- server/lib/data/layout.data.class.php 2011-01-07 22:03:11 +0000
+++ server/lib/data/layout.data.class.php 2011-08-18 23:36:27 +0000
@@ -29,13 +29,12 @@
29 * Add a layout29 * Add a layout
30 * @param <type> $layout30 * @param <type> $layout
31 * @param <type> $description31 * @param <type> $description
32 * @param <type> $permissionid
33 * @param <type> $tags32 * @param <type> $tags
34 * @param <type> $userid33 * @param <type> $userid
35 * @param <type> $templateId34 * @param <type> $templateId
36 * @return <type>35 * @return <type>
37 */36 */
38 public function Add($layout, $description, $permissionid, $tags, $userid, $templateId)37 public function Add($layout, $description, $tags, $userid, $templateId)
39 {38 {
40 $db =& $this->db;39 $db =& $this->db;
41 $currentdate = date("Y-m-d H:i:s");40 $currentdate = date("Y-m-d H:i:s");
@@ -75,17 +74,17 @@
75 Debug::LogEntry($db, 'audit', 'Validation Compelte', 'Layout', 'Add');74 Debug::LogEntry($db, 'audit', 'Validation Compelte', 'Layout', 'Add');
7675
77 // Get the XML for this template.76 // Get the XML for this template.
78 $templateXml = $this->GetTemplateXml($templateId);77 $templateXml = $this->GetTemplateXml($templateId, $userid);
7978
80 Debug::LogEntry($db, 'audit', 'Retrieved template xml', 'Layout', 'Add');79 Debug::LogEntry($db, 'audit', 'Retrieved template xml', 'Layout', 'Add');
8180
82 $SQL = <<<END81 $SQL = <<<END
83 INSERT INTO layout (layout, description, userID, permissionID, createdDT, modifiedDT, tags, xml)82 INSERT INTO layout (layout, description, userID, createdDT, modifiedDT, tags, xml)
84 VALUES ('%s', '%s', %d, %d, '%s', '%s', '%s', '%s')83 VALUES ('%s', '%s', %d, %d, '%s', '%s', '%s')
85END;84END;
8685
87 $SQL = sprintf($SQL, $db->escape_string($layout),86 $SQL = sprintf($SQL, $db->escape_string($layout),
88 $db->escape_string($description), $userid, $permissionid,87 $db->escape_string($description), $userid,
89 $db->escape_string($currentdate),88 $db->escape_string($currentdate),
90 $db->escape_string($currentdate),89 $db->escape_string($currentdate),
91 $db->escape_string($tags),90 $db->escape_string($tags),
@@ -124,7 +123,7 @@
124 * Gets the XML for the specified template id123 * Gets the XML for the specified template id
125 * @param <type> $templateId124 * @param <type> $templateId
126 */125 */
127 private function GetTemplateXml($templateId)126 private function GetTemplateXml($templateId, $userId)
128 {127 {
129 $db =& $this->db;128 $db =& $this->db;
130129
@@ -149,7 +148,16 @@
149 if (!$row = $db->GetSingleRow(sprintf("SELECT xml FROM template WHERE templateID = %d ", $templateId)))148 if (!$row = $db->GetSingleRow(sprintf("SELECT xml FROM template WHERE templateID = %d ", $templateId)))
150 trigger_error(__('Error getting this template.'), E_USER_ERROR);149 trigger_error(__('Error getting this template.'), E_USER_ERROR);
151150
152 $xml = $row['xml'];151 $xmlDoc = new DOMDocument("1.0");
152 $xmlDoc->loadXML($row['xml']);
153
154 $regionNodeList = $xmlDoc->getElementsByTagName('region');
155
156 //get the regions
157 foreach ($regionNodeList as $region)
158 $region->setAttribute('userId', $userId);
159
160 $xml = $xmlDoc->saveXML();
153 }161 }
154162
155 return $xml;163 return $xml;
@@ -348,8 +356,8 @@
348356
349 // The Layout ID is the old layout357 // The Layout ID is the old layout
350 $SQL = "";358 $SQL = "";
351 $SQL .= " INSERT INTO layout (layout, permissionID, xml, userID, description, tags, templateID, retired, duration, background, createdDT, modifiedDT) ";359 $SQL .= " INSERT INTO layout (layout, xml, userID, description, tags, templateID, retired, duration, background, createdDT, modifiedDT) ";
352 $SQL .= " SELECT '%s', permissionID, xml, %d, description, tags, templateID, retired, duration, background, '%s', '%s' ";360 $SQL .= " SELECT '%s', xml, %d, description, tags, templateID, retired, duration, background, '%s', '%s' ";
353 $SQL .= " FROM layout ";361 $SQL .= " FROM layout ";
354 $SQL .= " WHERE layoutid = %d";362 $SQL .= " WHERE layoutid = %d";
355 $SQL = sprintf($SQL, $db->escape_string($newLayoutName), $userId, $db->escape_string($currentdate), $db->escape_string($currentdate), $oldLayoutId);363 $SQL = sprintf($SQL, $db->escape_string($newLayoutName), $userId, $db->escape_string($currentdate), $db->escape_string($currentdate), $oldLayoutId);
@@ -427,6 +435,9 @@
427 $db =& $this->db;435 $db =& $this->db;
428436
429 // Remove all LK records for this layout437 // Remove all LK records for this layout
438 $db->query(sprintf('DELETE FROM lklayoutgroup WHERE layoutid = %d', $layoutId));
439 $db->query(sprintf('DELETE FROM lklayoutmediagroup WHERE layoutid = %d', $layoutId));
440 $db->query(sprintf('DELETE FROM lklayoutregiongroup WHERE layoutid = %d', $layoutId));
430 $db->query(sprintf('DELETE FROM lklayoutmedia WHERE layoutid = %d', $layoutId));441 $db->query(sprintf('DELETE FROM lklayoutmedia WHERE layoutid = %d', $layoutId));
431442
432 // Remove the Layout443 // Remove the Layout
433444
=== added file 'server/lib/data/layoutgroupsecurity.data.class.php'
--- server/lib/data/layoutgroupsecurity.data.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/data/layoutgroupsecurity.data.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,149 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.');
22
23class LayoutGroupSecurity extends Data
24{
25 public function __construct(database $db)
26 {
27 parent::__construct($db);
28 }
29
30 /**
31 * Links a Display Group to a Group
32 * @return
33 * @param $displayGroupID Object
34 * @param $groupID Object
35 */
36 public function Link($layoutId, $groupId, $view, $edit, $del)
37 {
38 $db =& $this->db;
39
40 Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'Link');
41
42 $SQL = "";
43 $SQL .= "INSERT ";
44 $SQL .= "INTO lklayoutgroup ";
45 $SQL .= " ( ";
46 $SQL .= " LayoutID, ";
47 $SQL .= " GroupID, ";
48 $SQL .= " View, ";
49 $SQL .= " Edit, ";
50 $SQL .= " Del ";
51 $SQL .= " ) ";
52 $SQL .= " VALUES ";
53 $SQL .= " ( ";
54 $SQL .= sprintf(" %d, %d, %d, %d, %d ", $layoutId, $groupId, $view, $edit, $del);
55 $SQL .= " )";
56
57 if (!$db->query($SQL))
58 {
59 trigger_error($db->error());
60 $this->SetError(25024, __('Could not Link Layout to Group'));
61
62 return false;
63 }
64
65 Debug::LogEntry($db, 'audit', 'OUT', 'LayoutGroupSecurity', 'Link');
66
67 return true;
68 }
69
70 /**
71 * Links everyone to the layout specified
72 * @param <type> $layoutId
73 * @param <type> $view
74 * @param <type> $edit
75 * @param <type> $del
76 * @return <type>
77 */
78 public function LinkEveryone($layoutId, $view, $edit, $del)
79 {
80 $db =& $this->db;
81
82 Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'LinkEveryone');
83
84 $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT);
85
86 return $this->Link($layoutId, $groupId, $view, $edit, $del);
87 }
88
89 /**
90 * Unlinks a display group from a group
91 * @return
92 * @param $displayGroupID Object
93 * @param $groupID Object
94 */
95 public function Unlink($layoutId, $groupId)
96 {
97 $db =& $this->db;
98
99 Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'Unlink');
100
101 $SQL = "";
102 $SQL .= "DELETE FROM ";
103 $SQL .= " lklayoutgroup ";
104 $SQL .= sprintf(" WHERE LayoutID = %d AND GroupID = %d ", $layoutId, $groupId);
105
106 if (!$db->query($SQL))
107 {
108 trigger_error($db->error());
109 $this->SetError(25025, __('Could not Unlink Layout from Group'));
110
111 return false;
112 }
113
114 Debug::LogEntry($db, 'audit', 'OUT', 'LayoutGroupSecurity', 'Unlink');
115
116 return true;
117 }
118
119 /**
120 * Unlinks a display group from a group
121 * @return
122 * @param $displayGroupID Object
123 * @param $groupID Object
124 */
125 public function UnlinkAll($layoutId)
126 {
127 $db =& $this->db;
128
129 Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'Unlink');
130
131 $SQL = "";
132 $SQL .= "DELETE FROM ";
133 $SQL .= " lklayoutgroup ";
134 $SQL .= sprintf(" WHERE LayoutID = %d ", $layoutId);
135
136 if (!$db->query($SQL))
137 {
138 trigger_error($db->error());
139 $this->SetError(25025, __('Could not Unlink Layout from Group'));
140
141 return false;
142 }
143
144 Debug::LogEntry($db, 'audit', 'OUT', 'LayoutGroupSecurity', 'Unlink');
145
146 return true;
147 }
148}
149?>
0\ No newline at end of file150\ No newline at end of file
1151
=== added file 'server/lib/data/layoutmediagroupsecurity.data.class.php'
--- server/lib/data/layoutmediagroupsecurity.data.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/data/layoutmediagroupsecurity.data.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,194 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.');
22
23class LayoutMediaGroupSecurity extends Data
24{
25 public function __construct(database $db)
26 {
27 parent::__construct($db);
28 }
29
30 /**
31 * Links a Display Group to a Group
32 * @return
33 * @param $displayGroupID Object
34 * @param $groupID Object
35 */
36 public function Link($layoutId, $regionId, $mediaId, $groupId, $view, $edit, $del)
37 {
38 $db =& $this->db;
39
40 Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Link');
41
42 $SQL = "";
43 $SQL .= "INSERT ";
44 $SQL .= "INTO lklayoutmediagroup ";
45 $SQL .= " ( ";
46 $SQL .= " LayoutID, ";
47 $SQL .= " RegionID, ";
48 $SQL .= " MediaID, ";
49 $SQL .= " GroupID, ";
50 $SQL .= " View, ";
51 $SQL .= " Edit, ";
52 $SQL .= " Del ";
53 $SQL .= " ) ";
54 $SQL .= " VALUES ";
55 $SQL .= " ( ";
56 $SQL .= sprintf(" %d, '%s', '%s', %d, %d, %d, %d ", $layoutId, $regionId, $mediaId, $groupId, $view, $edit, $del);
57 $SQL .= " )";
58
59 if (!$db->query($SQL))
60 {
61 trigger_error($db->error());
62 $this->SetError(25026, __('Could not Link Layout Media to Group'));
63
64 return false;
65 }
66
67 Debug::LogEntry($db, 'audit', 'OUT', 'LayoutMediaGroupSecurity', 'Link');
68
69 return true;
70 }
71
72 /**
73 * Links everyone to the layout specified
74 * @param <type> $layoutId
75 * @param <type> $view
76 * @param <type> $edit
77 * @param <type> $del
78 * @return <type>
79 */
80 public function LinkEveryone($layoutId, $regionId, $mediaId, $view, $edit, $del)
81 {
82 $db =& $this->db;
83
84 Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'LinkEveryone');
85
86 $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT);
87
88 return $this->Link($layoutId, $regionId, $mediaId, $groupId, $view, $edit, $del);
89 }
90
91 /**
92 * Unlinks a display group from a group
93 * @return
94 * @param $displayGroupID Object
95 * @param $groupID Object
96 */
97 public function Unlink($layoutId, $regionId, $mediaId, $groupId)
98 {
99 $db =& $this->db;
100
101 Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Unlink');
102
103 $SQL = "";
104 $SQL .= "DELETE FROM ";
105 $SQL .= " lklayoutmediagroup ";
106 $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' AND MediaID = '%s' AND GroupID = %d ", $layoutId, $regionId, $mediaId, $groupId);
107
108 if (!$db->query($SQL))
109 {
110 trigger_error($db->error());
111 $this->SetError(25027, __('Could not Unlink Layout Media from Group'));
112
113 return false;
114 }
115
116 Debug::LogEntry($db, 'audit', 'OUT', 'LayoutMediaGroupSecurity', 'Unlink');
117
118 return true;
119 }
120
121 /**
122 * Unlinks a display group from a group
123 * @return
124 * @param $displayGroupID Object
125 * @param $groupID Object
126 */
127 public function UnlinkAll($layoutId, $regionId, $mediaId)
128 {
129 $db =& $this->db;
130
131 Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Unlink');
132
133 $SQL = "";
134 $SQL .= "DELETE FROM ";
135 $SQL .= " lklayoutmediagroup ";
136 $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' AND MediaID = '%s' ", $layoutId, $regionId, $mediaId);
137
138 if (!$db->query($SQL))
139 {
140 trigger_error($db->error());
141 $this->SetError(25028, __('Could not Unlink Layout Media from Group'));
142
143 return false;
144 }
145
146 Debug::LogEntry($db, 'audit', 'OUT', 'LayoutMediaGroupSecurity', 'Unlink');
147
148 return true;
149 }
150
151 /**
152 * Copies a media items permissions
153 * @param <type> $layoutId
154 * @param <type> $regionId
155 * @param <type> $mediaId
156 * @param <type> $newMediaId
157 * @return <type>
158 */
159 public function Copy($layoutId, $regionId, $mediaId, $newMediaId)
160 {
161 $db =& $this->db;
162
163 Debug::LogEntry($db, 'audit', 'IN', 'LayoutMediaGroupSecurity', 'Copy');
164
165 $SQL = "";
166 $SQL .= "INSERT ";
167 $SQL .= "INTO lklayoutmediagroup ";
168 $SQL .= " ( ";
169 $SQL .= " LayoutID, ";
170 $SQL .= " RegionID, ";
171 $SQL .= " MediaID, ";
172 $SQL .= " GroupID, ";
173 $SQL .= " View, ";
174 $SQL .= " Edit, ";
175 $SQL .= " Del ";
176 $SQL .= " ) ";
177 $SQL .= " SELECT LayoutID, RegionID, '%s', GroupID, View, Edit, Del ";
178 $SQL .= " FROM lklayoutmediagroup ";
179 $SQL .= " WHERE LayoutID = %d AND RegionID = '%s' AND MediaID = '%s' ";
180
181 $SQL = sprintf($SQL, $newMediaId, $layoutId, $regionId, $mediaId);
182
183 if (!$db->query($SQL))
184 {
185 trigger_error($db->error());
186 $this->SetError(25028, __('Could not Copy Layout Media Security'));
187
188 return false;
189 }
190
191 return true;
192 }
193}
194?>
0\ No newline at end of file195\ No newline at end of file
1196
=== added file 'server/lib/data/layoutregiongroupsecurity.data.class.php'
--- server/lib/data/layoutregiongroupsecurity.data.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/data/layoutregiongroupsecurity.data.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,150 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.');
22
23class LayoutRegionGroupSecurity extends Data
24{
25 public function __construct(database $db)
26 {
27 parent::__construct($db);
28 }
29
30 /**
31 * Links a Display Group to a Group
32 * @return
33 * @param $displayGroupID Object
34 * @param $groupID Object
35 */
36 public function Link($layoutId, $regionId, $groupId, $view, $edit, $del)
37 {
38 $db =& $this->db;
39
40 Debug::LogEntry($db, 'audit', 'IN', 'LayoutRegionGroupSecurity', 'Link');
41
42 $SQL = "";
43 $SQL .= "INSERT ";
44 $SQL .= "INTO lklayoutregiongroup ";
45 $SQL .= " ( ";
46 $SQL .= " LayoutID, ";
47 $SQL .= " RegionID, ";
48 $SQL .= " GroupID, ";
49 $SQL .= " View, ";
50 $SQL .= " Edit, ";
51 $SQL .= " Del ";
52 $SQL .= " ) ";
53 $SQL .= " VALUES ";
54 $SQL .= " ( ";
55 $SQL .= sprintf(" %d, '%s', '%s', %d, %d, %d ", $layoutId, $regionId, $groupId, $view, $edit, $del);
56 $SQL .= " )";
57
58 if (!$db->query($SQL))
59 {
60 trigger_error($db->error());
61 $this->SetError(25026, __('Could not Link Layout Region to Group'));
62
63 return false;
64 }
65
66 Debug::LogEntry($db, 'audit', 'OUT', 'LayoutRegionGroupSecurity', 'Link');
67
68 return true;
69 }
70
71 /**
72 * Links everyone to the layout specified
73 * @param <type> $layoutId
74 * @param <type> $view
75 * @param <type> $edit
76 * @param <type> $del
77 * @return <type>
78 */
79 public function LinkEveryone($layoutId, $regionId, $view, $edit, $del)
80 {
81 $db =& $this->db;
82
83 Debug::LogEntry($db, 'audit', 'IN', 'LayoutGroupSecurity', 'LinkEveryone');
84
85 $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT);
86
87 return $this->Link($layoutId, $regionId, $groupId, $view, $edit, $del);
88 }
89
90 /**
91 * Unlinks a display group from a group
92 * @return
93 * @param $displayGroupID Object
94 * @param $groupID Object
95 */
96 public function Unlink($layoutId, $regionId, $groupId)
97 {
98 $db =& $this->db;
99
100 Debug::LogEntry($db, 'audit', 'IN', 'LayoutRegionGroupSecurity', 'Unlink');
101
102 $SQL = "";
103 $SQL .= "DELETE FROM ";
104 $SQL .= " lklayoutregiongroup ";
105 $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' AND GroupID = %d ", $layoutId, $regionId, $groupId);
106
107 if (!$db->query($SQL))
108 {
109 trigger_error($db->error());
110 $this->SetError(25027, __('Could not Unlink Layout Region from Group'));
111
112 return false;
113 }
114
115 Debug::LogEntry($db, 'audit', 'OUT', 'LayoutRegionGroupSecurity', 'Unlink');
116
117 return true;
118 }
119
120 /**
121 * Unlinks a display group from a group
122 * @return
123 * @param $displayGroupID Object
124 * @param $groupID Object
125 */
126 public function UnlinkAll($layoutId, $regionId)
127 {
128 $db =& $this->db;
129
130 Debug::LogEntry($db, 'audit', 'IN', 'LayoutRegionGroupSecurity', 'Unlink');
131
132 $SQL = "";
133 $SQL .= "DELETE FROM ";
134 $SQL .= " lklayoutregiongroup ";
135 $SQL .= sprintf(" WHERE LayoutID = %d AND RegionID = '%s' ", $layoutId, $regionId);
136
137 if (!$db->query($SQL))
138 {
139 trigger_error($db->error());
140 $this->SetError(25028, __('Could not Unlink Layout Region from Group'));
141
142 return false;
143 }
144
145 Debug::LogEntry($db, 'audit', 'OUT', 'LayoutRegionGroupSecurity', 'Unlink');
146
147 return true;
148 }
149}
150?>
0\ No newline at end of file151\ No newline at end of file
1152
=== modified file 'server/lib/data/media.data.class.php'
--- server/lib/data/media.data.class.php 2011-05-14 10:14:52 +0000
+++ server/lib/data/media.data.class.php 2011-08-18 23:36:27 +0000
@@ -33,11 +33,10 @@
33 * @param <type> $name33 * @param <type> $name
34 * @param <type> $duration34 * @param <type> $duration
35 * @param <type> $fileName35 * @param <type> $fileName
36 * @param <type> $permissionId
37 * @param <type> $userId36 * @param <type> $userId
38 * @return <type>37 * @return <type>
39 */38 */
40 public function Add($fileId, $type, $name, $duration, $fileName, $permissionId, $userId)39 public function Add($fileId, $type, $name, $duration, $fileName, $userId)
41 {40 {
42 $db =& $this->db;41 $db =& $this->db;
4342
@@ -62,11 +61,11 @@
62 return $this->SetError(12, __('Media you own already has this name. Please choose another.'));61 return $this->SetError(12, __('Media you own already has this name. Please choose another.'));
6362
64 // All OK to insert this record63 // All OK to insert this record
65 $SQL = "INSERT INTO media (name, type, duration, originalFilename, permissionID, userID, retired ) ";64 $SQL = "INSERT INTO media (name, type, duration, originalFilename, userID, retired ) ";
66 $SQL .= "VALUES ('%s', '%s', '%s', '%s', %d, %d, 0) ";65 $SQL .= "VALUES ('%s', '%s', '%s', '%s', %d, 0) ";
6766
68 $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($type),67 $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($type),
69 $db->escape_string($duration), $db->escape_string($fileName), $permissionId, $userId);68 $db->escape_string($duration), $db->escape_string($fileName), $userId);
7069
71 if (!$mediaId = $db->insert_query($SQL))70 if (!$mediaId = $db->insert_query($SQL))
72 {71 {
@@ -111,10 +110,9 @@
111 * @param <type> $mediaId110 * @param <type> $mediaId
112 * @param <type> $name111 * @param <type> $name
113 * @param <type> $duration112 * @param <type> $duration
114 * @param <type> $permissionId
115 * @return <bool>113 * @return <bool>
116 */114 */
117 public function Edit($mediaId, $name, $duration, $permissionId, $userId)115 public function Edit($mediaId, $name, $duration, $userId)
118 {116 {
119 $db =& $this->db;117 $db =& $this->db;
120118
@@ -128,8 +126,8 @@
128 if ($db->GetSingleRow(sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d", $db->escape_string($name), $userId)))126 if ($db->GetSingleRow(sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d", $db->escape_string($name), $userId)))
129 return $this->SetError(12, __('Media you own already has this name. Please choose another.'));127 return $this->SetError(12, __('Media you own already has this name. Please choose another.'));
130 128
131 $SQL = "UPDATE media SET name = '%s', duration = %d, permissionID = %d WHERE MediaID = %d";129 $SQL = "UPDATE media SET name = '%s', duration = %d WHERE MediaID = %d";
132 $SQL = sprintf($SQL, $db->escape_string($name), $duration, $permissionId, $mediaId);130 $SQL = sprintf($SQL, $db->escape_string($name), $duration, $mediaId);
133131
134 if (!$db->query($SQL))132 if (!$db->query($SQL))
135 {133 {
@@ -153,7 +151,7 @@
153 // Call add with this file Id and then update the existing mediaId with the returned mediaId151 // Call add with this file Id and then update the existing mediaId with the returned mediaId
154 // from the add call.152 // from the add call.
155 // Will need to get some information about the existing media record first.153 // Will need to get some information about the existing media record first.
156 $SQL = "SELECT name, duration, permissionId, UserID, type FROM media WHERE MediaID = %d";154 $SQL = "SELECT name, duration, UserID, type FROM media WHERE MediaID = %d";
157 $SQL = sprintf($SQL, $mediaId);155 $SQL = sprintf($SQL, $mediaId);
158156
159 if (!$row = $db->GetSingleRow($SQL))157 if (!$row = $db->GetSingleRow($SQL))
@@ -162,7 +160,7 @@
162 return $this->SetError(31, 'Unable to get information about existing media record.');160 return $this->SetError(31, 'Unable to get information about existing media record.');
163 }161 }
164162
165 if (!$newMediaId = $this->Add($fileId, $row['type'], $row['name'], $row['duration'], $fileName, $row['permissionId'], $row['UserID']))163 if (!$newMediaId = $this->Add($fileId, $row['type'], $row['name'], $row['duration'], $fileName, $row['UserID']))
166 return false;164 return false;
167165
168 // Update the existing record with the new record's id166 // Update the existing record with the new record's id
169167
=== added file 'server/lib/data/mediagroupsecurity.data.class.php'
--- server/lib/data/mediagroupsecurity.data.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/data/mediagroupsecurity.data.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,188 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.');
22
23class MediaGroupSecurity extends Data
24{
25 public function __construct(database $db)
26 {
27 parent::__construct($db);
28 }
29
30 /**
31 * Links a Display Group to a Group
32 * @return
33 * @param $displayGroupID Object
34 * @param $groupID Object
35 */
36 public function Link($mediaId, $groupId, $view, $edit, $del)
37 {
38 $db =& $this->db;
39
40 Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Link');
41
42 $SQL = "";
43 $SQL .= "INSERT ";
44 $SQL .= "INTO lkmediagroup ";
45 $SQL .= " ( ";
46 $SQL .= " MediaID, ";
47 $SQL .= " GroupID, ";
48 $SQL .= " View, ";
49 $SQL .= " Edit, ";
50 $SQL .= " Del ";
51 $SQL .= " ) ";
52 $SQL .= " VALUES ";
53 $SQL .= " ( ";
54 $SQL .= sprintf(" %d, %d, %d, %d, %d ", $mediaId, $groupId, $view, $edit, $del);
55 $SQL .= " )";
56
57 if (!$db->query($SQL))
58 {
59 trigger_error($db->error());
60 $this->SetError(25026, __('Could not Link Media to Group'));
61
62 return false;
63 }
64
65 Debug::LogEntry($db, 'audit', 'OUT', 'MediaGroupSecurity', 'Link');
66
67 return true;
68 }
69
70 /**
71 * Links everyone to the layout specified
72 * @param <type> $layoutId
73 * @param <type> $view
74 * @param <type> $edit
75 * @param <type> $del
76 * @return <type>
77 */
78 public function LinkEveryone($mediaId, $view, $edit, $del)
79 {
80 $db =& $this->db;
81
82 Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'LinkEveryone');
83
84 $groupId = $db->GetSingleValue("SELECT GroupID FROM `group` WHERE IsEveryone = 1", 'GroupID', _INT);
85
86 return $this->Link($mediaId, $groupId, $view, $edit, $del);
87 }
88
89 /**
90 * Unlinks a display group from a group
91 * @return
92 * @param $displayGroupID Object
93 * @param $groupID Object
94 */
95 public function Unlink($mediaId, $groupId)
96 {
97 $db =& $this->db;
98
99 Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Unlink');
100
101 $SQL = "";
102 $SQL .= "DELETE FROM ";
103 $SQL .= " lkmediagroup ";
104 $SQL .= sprintf(" WHERE MediaID = %d AND GroupID = %d ", $mediaId, $groupId);
105
106 if (!$db->query($SQL))
107 {
108 trigger_error($db->error());
109 $this->SetError(25027, __('Could not Unlink Layout from Group'));
110
111 return false;
112 }
113
114 Debug::LogEntry($db, 'audit', 'OUT', 'MediaGroupSecurity', 'Unlink');
115
116 return true;
117 }
118
119 /**
120 * Unlinks a display group from a group
121 * @return
122 * @param $displayGroupID Object
123 * @param $groupID Object
124 */
125 public function UnlinkAll($mediaId)
126 {
127 $db =& $this->db;
128
129 Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Unlink');
130
131 $SQL = "";
132 $SQL .= "DELETE FROM ";
133 $SQL .= " lkmediagroup ";
134 $SQL .= sprintf(" WHERE MediaID = %d ", $mediaId);
135
136 if (!$db->query($SQL))
137 {
138 trigger_error($db->error());
139 $this->SetError(25028, __('Could not Unlink Media from Group'));
140
141 return false;
142 }
143
144 Debug::LogEntry($db, 'audit', 'OUT', 'MediaGroupSecurity', 'Unlink');
145
146 return true;
147 }
148
149 /**
150 * Copies a media items permissions
151 * @param <type> $mediaId
152 * @param <type> $newMediaId
153 * @return <type>
154 */
155 public function Copy($mediaId, $newMediaId)
156 {
157 $db =& $this->db;
158
159 Debug::LogEntry($db, 'audit', 'IN', 'MediaGroupSecurity', 'Copy');
160
161 $SQL = "";
162 $SQL .= "INSERT ";
163 $SQL .= "INTO lkmediagroup ";
164 $SQL .= " ( ";
165 $SQL .= " MediaID, ";
166 $SQL .= " GroupID, ";
167 $SQL .= " View, ";
168 $SQL .= " Edit, ";
169 $SQL .= " Del ";
170 $SQL .= " ) ";
171 $SQL .= " SELECT '%s', GroupID, View, Edit, Del ";
172 $SQL .= " FROM lkmediagroup ";
173 $SQL .= " WHERE MediaID = '%s' ";
174
175 $SQL = sprintf($SQL, $newMediaId, $mediaId);
176
177 if (!$db->query($SQL))
178 {
179 trigger_error($db->error());
180 $this->SetError(25028, __('Could not Copy Layout Media Security'));
181
182 return false;
183 }
184
185 return true;
186 }
187}
188?>
0\ No newline at end of file189\ No newline at end of file
1190
=== modified file 'server/lib/data/schedule.data.class.php'
--- server/lib/data/schedule.data.class.php 2011-02-13 17:08:55 +0000
+++ server/lib/data/schedule.data.class.php 2011-08-18 23:36:27 +0000
@@ -44,6 +44,8 @@
44 if (count($displayGroupIDs) == 0)44 if (count($displayGroupIDs) == 0)
45 return $this->SetError(25001, __('No display groups selected'));45 return $this->SetError(25001, __('No display groups selected'));
4646
47 if ($userID == 0)
48 return $this->SetError(25001, __('No User Id Present'));
4749
48 // Cant have a 0 increment as it creates a loop50 // Cant have a 0 increment as it creates a loop
49 if ($recDetail == 0)51 if ($recDetail == 0)
5052
=== added file 'server/lib/data/templategroupsecurity.data.class.php'
--- server/lib/data/templategroupsecurity.data.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/data/templategroupsecurity.data.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,130 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.');
22
23class TemplateGroupSecurity extends Data
24{
25 public function __construct(database $db)
26 {
27 parent::__construct($db);
28 }
29
30 /**
31 * Links a Display Group to a Group
32 * @return
33 * @param $displayGroupID Object
34 * @param $groupID Object
35 */
36 public function Link($templateId, $groupId, $view, $edit, $del)
37 {
38 $db =& $this->db;
39
40 Debug::LogEntry($db, 'audit', 'IN', 'TemplateGroupSecurity', 'Link');
41
42 $SQL = "";
43 $SQL .= "INSERT ";
44 $SQL .= "INTO lktemplategroup ";
45 $SQL .= " ( ";
46 $SQL .= " TemplateID, ";
47 $SQL .= " GroupID, ";
48 $SQL .= " View, ";
49 $SQL .= " Edit, ";
50 $SQL .= " Del ";
51 $SQL .= " ) ";
52 $SQL .= " VALUES ";
53 $SQL .= " ( ";
54 $SQL .= sprintf(" %d, %d, %d, %d, %d ", $templateId, $groupId, $view, $edit, $del);
55 $SQL .= " )";
56
57 if (!$db->query($SQL))
58 {
59 trigger_error($db->error());
60 $this->SetError(25024, __('Could not Link Template to Group'));
61
62 return false;
63 }
64
65 Debug::LogEntry($db, 'audit', 'OUT', 'TemplateGroupSecurity', 'Link');
66
67 return true;
68 }
69
70 /**
71 * Unlinks a display group from a group
72 * @return
73 * @param $displayGroupID Object
74 * @param $groupID Object
75 */
76 public function Unlink($templateId, $groupId)
77 {
78 $db =& $this->db;
79
80 Debug::LogEntry($db, 'audit', 'IN', 'TemplateGroupSecurity', 'Unlink');
81
82 $SQL = "";
83 $SQL .= "DELETE FROM ";
84 $SQL .= " lktemplategroup ";
85 $SQL .= sprintf(" WHERE TemplateID = %d AND GroupID = %d ", $templateId, $groupId);
86
87 if (!$db->query($SQL))
88 {
89 trigger_error($db->error());
90 $this->SetError(25025, __('Could not Unlink Template from Group'));
91
92 return false;
93 }
94
95 Debug::LogEntry($db, 'audit', 'OUT', 'TemplateGroupSecurity', 'Unlink');
96
97 return true;
98 }
99
100 /**
101 * Unlinks a display group from a group
102 * @return
103 * @param $displayGroupID Object
104 * @param $groupID Object
105 */
106 public function UnlinkAll($templateId)
107 {
108 $db =& $this->db;
109
110 Debug::LogEntry($db, 'audit', 'IN', 'TemplateGroupSecurity', 'Unlink');
111
112 $SQL = "";
113 $SQL .= "DELETE FROM ";
114 $SQL .= " lktemplategroup ";
115 $SQL .= sprintf(" WHERE TemplateID = %d ", $templateId);
116
117 if (!$db->query($SQL))
118 {
119 trigger_error($db->error());
120 $this->SetError(25025, __('Could not Unlink Template from Group'));
121
122 return false;
123 }
124
125 Debug::LogEntry($db, 'audit', 'OUT', 'TemplateGroupSecurity', 'Unlink');
126
127 return true;
128 }
129}
130?>
0\ No newline at end of file131\ No newline at end of file
1132
=== modified file 'server/lib/include.php'
--- server/lib/include.php 2011-06-05 16:17:41 +0000
+++ server/lib/include.php 2011-08-18 23:36:27 +0000
@@ -32,6 +32,7 @@
32require_once("lib/app/pagemanager.class.php");32require_once("lib/app/pagemanager.class.php");
33require_once("lib/app/menumanager.class.php");33require_once("lib/app/menumanager.class.php");
34require_once("lib/app/modulemanager.class.php");34require_once("lib/app/modulemanager.class.php");
35require_once("lib/app/permissionmanager.class.php");
35require_once("lib/app/formmanager.class.php");36require_once("lib/app/formmanager.class.php");
36require_once("lib/app/helpmanager.class.php");37require_once("lib/app/helpmanager.class.php");
37require_once("lib/app/responsemanager.class.php");38require_once("lib/app/responsemanager.class.php");
3839
=== modified file 'server/lib/js/core.js'
--- server/lib/js/core.js 2010-08-01 10:45:26 +0000
+++ server/lib/js/core.js 2011-08-18 23:36:27 +0000
@@ -24,7 +24,7 @@
24 $('#system_message').dialog({24 $('#system_message').dialog({
25 title: "Application Message",25 title: "Application Message",
26 width: "320",26 width: "320",
27 height: "120",27 height: "220",
28 draggable: false,28 draggable: false,
29 resizable: false,29 resizable: false,
30 bgiframe: true,30 bgiframe: true,
@@ -299,6 +299,14 @@
299 $('input[type=text]', '#div_dialog').eq(0).focus();299 $('input[type=text]', '#div_dialog').eq(0).focus();
300 }300 }
301301
302 if (response.appendHiddenSubmit) {
303 var hiddenField = '<input type="submit" style="display:none" />';
304
305 if ($("input[type=submit]", "#div_dialog").length == 0) {
306 $("form", "#div_dialog").append('<input type="submit" style="display:none" />');
307 }
308 }
309
302 // Call Xibo Init for this form310 // Call Xibo Init for this form
303 XiboInitialise("#div_dialog");311 XiboInitialise("#div_dialog");
304 }312 }
@@ -410,8 +418,9 @@
410 }418 }
411419
412 // Should we display the message?420 // Should we display the message?
413 if (!response.hideMessage || response.message != '') {421 if (!response.hideMessage) {
414 SystemMessage(response.message);422 if (response.message != '')
423 SystemMessage(response.message);
415 }424 }
416425
417 // Do we need to fire a callback function?426 // Do we need to fire a callback function?
418427
=== added file 'server/lib/js/dataset.js'
--- server/lib/js/dataset.js 1970-01-01 00:00:00 +0000
+++ server/lib/js/dataset.js 2011-08-18 23:36:27 +0000
@@ -0,0 +1,69 @@
1/*
2 * Xibo - Digitial Signage - http://www.xibo.org.uk
3 * Copyright (C) 2011 Daniel Garner
4 *
5 * This file is part of Xibo.
6 *
7 * Xibo is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * any later version.
11 *
12 * Xibo is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
16 *
17 * You should have received a copy of the GNU Affero General Public License
18 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21var dataSetData = function() {
22 $('.XiboDataSetDataForm').submit(function() {
23 return false;
24 });
25
26 $('.XiboDataSetDataForm input').change(XiboDataSetDataFormChange);
27 $('.XiboDataSetDataForm select').change(XiboDataSetDataFormChange);
28}
29
30var XiboDataSetDataFormChange = function() {
31 // Submit this form using AJAX.
32 var url = $(this.form).attr("action") + "&ajax=true";
33
34 $.ajax({
35 type:"post",
36 url:url,
37 cache:false,
38 dataType:"json",
39 data:$(this.form).serialize(),
40 success: XiboDataSetDataFormSubmitResponse
41 });
42
43 return false;
44}
45
46var XiboDataSetDataFormSubmitResponse = function(response) {
47
48 if (response.success) {
49 $('#' + response.uniqueReference).attr("action", response.loadFormUri);
50 }
51 else {
52 // Login Form needed?
53 if (response.login) {
54 LoginBox(response.message);
55 return false;
56 }
57 else {
58 // Just an error we dont know about
59 if (response.message == undefined) {
60 SystemMessage(response);
61 }
62 else {
63 SystemMessage(response.message);
64 }
65 }
66 }
67
68 return false;
69}
0\ No newline at end of file70\ No newline at end of file
171
=== modified file 'server/lib/js/layout.js'
--- server/lib/js/layout.js 2010-08-05 19:09:05 +0000
+++ server/lib/js/layout.js 2011-08-18 23:36:27 +0000
@@ -89,7 +89,7 @@
89 return false; //prevent submit89 return false; //prevent submit
90}90}
9191
92function microblog_callback()92var microblog_callback = function()
93{93{
94 // Conjure up a text editor94 // Conjure up a text editor
95 $("#ta_template").ckeditor();95 $("#ta_template").ckeditor();
@@ -169,7 +169,7 @@
169 var layoutid = $(t).attr("layoutid");169 var layoutid = $(t).attr("layoutid");
170 var regionid = $(t).attr("regionid");170 var regionid = $(t).attr("regionid");
171171
172 XiboFormRender("index.php?p=user&q=SetUserHomepageForm&layoutid="+layoutid+"&regionid="+regionid);172 XiboFormRender("index.php?p=layout&q=RegionPermissionsForm&layoutid="+layoutid+"&regionid="+regionid);
173 }173 }
174 }174 }
175 });175 });
@@ -195,7 +195,7 @@
195 195
196 196
197 // Preview197 // Preview
198 $('.region').each(function(){198 $('.regionPreview').each(function(){
199 new Preview(this);199 new Preview(this);
200 });200 });
201201
202202
=== modified file 'server/lib/js/mediamanager.js'
--- server/lib/js/mediamanager.js 2009-12-31 11:38:50 +0000
+++ server/lib/js/mediamanager.js 2011-08-18 23:36:27 +0000
@@ -1,6 +1,6 @@
1/*1/*
2 * Xibo - Digitial Signage - http://www.xibo.org.uk2 * Xibo - Digitial Signage - http://www.xibo.org.uk
3 * Copyright (C) 2006,2007,2008 Daniel Garner and James Packer3 * Copyright (C) 2011 Daniel Garner
4 *4 *
5 * This file is part of Xibo.5 * This file is part of Xibo.
6 *6 *
@@ -16,121 +16,69 @@
16 *16 *
17 * You should have received a copy of the GNU Affero General Public License17 * You should have received a copy of the GNU Affero General Public License
18 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.18 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
19 */
20$(document).ready(function() {
21
22});
23
24var exec_filter_callback = function() {
25
26}
27
28var submit_form_callback = function(outputDiv) {
29
30 //Just refresh
31 //window.location = window.location.href;
32
33 return false;
34}
35
36var region_options_callback = function(outputDiv)
37{
38 set_form_size(830,450);
39
40 //Get all the tooltip_hidden
41 $(".tooltip_hidden").parent().hover(function()
42 {
43 //Change the hidden div's content
44 $('#tooltip_hover').html($(".tooltip_hidden",this).html()).css("left",$(this).css("left")).show();
45 }, function()
46 {
47 $('#tooltip_hover').hide();
48 });
49
50 //Make the elements draggable
51 $(".timebar_ctl").draggable({
52 containment: document.getElementById("timeline_ctl")
53 });
54
55 $(".mediabreak").droppable({
56 accept: ".timebar_ctl",
57 drop: function(ev, ui) {
58 orderRegion(ui, this);
59 }
60 });
61}
62
63function orderRegion(timeBar, mediaBreak){
64 var layoutid = $(timeBar.element.offsetParent).attr("layoutid");
65 var regionid = $(timeBar.element.offsetParent).attr("regionid");
66 var mediaid = $(timeBar.element).attr("mediaid");
67 var sequence = $(mediaBreak).attr("breakid");
68
69 $.ajax({
70 type: "post",
71 url: "index.php?p=layout&q=RegionOrder&layoutid=" + layoutid + "&callingpage=mediamanager&ajax=true",
72 cache: false,
73 datatype: "html",
74 data: {
75 "mediaid": mediaid,
76 "sequence": sequence,
77 "regionid": regionid
78 },
79 success: function(transport){
80
81 var response = transport.split('|');
82
83 if (response[0] == '0') {
84 //success
85 //Post notice somewhere?
86 }
87 else
88 if (response[0] == '1') //failure
89 {
90
91 alert(response[1]);
92 }
93 else
94 if (response[0] == '2') //login
95 {
96 alert("You need to login");
97 }
98 else
99 if (response[0] == '3') {
100 window.location = response[1]; //redirect
101 }
102 else
103 if (response[0] == '6') //success, load form
104 {
105 //we need: uri, callback, onsubmit
106 var uri = response[1];
107 var callback = response[2];
108 var onsubmit = response[3];
109
110 load_form(uri, $('#div_dialog'), callback, onsubmit);
111 }
112 else {
113 alert("An unknown error occured");
114 }
115
116 return false;
117 }
118 });
119}
120
121function dialog_filter() {
122 exec_filter('stack_filter_form','dialog_grid');
123
124 return false;
125}
126
127/**
128 * Handles the tRegionOptions trigger
129 */19 */
130function tRegionOptions()20var text_callback = function()
131{21{
132 var regionid = gup("regionid");22 // Conjure up a text editor
133 var layoutid = gup("layoutid");23 $("#ta_text").ckeditor();
134 24
135 load_form('index.php?p=layout&layoutid='+layoutid+'&regionid='+regionid+'&q=RegionOptions', $('#div_dialog'),'',region_options_callback);25 // Make sure when we close the dialog we also destroy the editor
26 $("#div_dialog").bind("dialogclose.xibo", function(event, ui){
27 $("#ta_text").ckeditorGet().destroy();
28 $("#div_dialog").unbind("dialogclose.xibo");
29 })
30
31 var regionid = $("#iRegionId").val();
32 var width = $("#region_"+regionid).width();
33 var height = $("#region_"+regionid).height();
34
35 // Min width
36 if (width < 800) width = 800;
37
38 // Adjust the width and height
39 width = width + 80;
40 height = height + 295;
41
42 $('#div_dialog').height(height+"px");
43 $('#div_dialog').dialog('option', 'width', width);
44 $('#div_dialog').dialog('option', 'height', height);
45 $('#div_dialog').dialog('option', 'position', 'center');
46
47 return false; //prevent submit
48}
49
50var microblog_callback = function()
51{
52 // Conjure up a text editor
53 $("#ta_template").ckeditor();
54 $("#ta_nocontent").ckeditor();
55
56 // Make sure when we close the dialog we also destroy the editor
57 $("#div_dialog").bind("dialogclose.xibo", function(event, ui){
58 $("#ta_template").ckeditorGet().destroy();
59 $("#ta_nocontent").ckeditorGet().destroy();
60
61 $("#div_dialog").unbind("dialogclose.xibo");
62 })
63
64 var regionid = $("#iRegionId").val();
65 var width = $("#region_"+regionid).width();
66 var height = $("#region_"+regionid).height();
67
68 //Min width
69 if (width < 800) width = 800;
70 height = height - 170;
71
72 // Min height
73 if (height < 300) height = 300;
74
75 width = width + 80;
76 height = height + 480;
77
78 $('#div_dialog').height(height+"px");
79 $('#div_dialog').dialog('option', 'width', width);
80 $('#div_dialog').dialog('option', 'height', height);
81 $('#div_dialog').dialog('option', 'position', 'center');
82
83 return false; //prevent submit
136}84}
137\ No newline at end of file85\ No newline at end of file
13886
=== modified file 'server/lib/modules/module.class.php'
--- server/lib/modules/module.class.php 2010-08-28 13:20:11 +0000
+++ server/lib/modules/module.class.php 2011-08-18 23:36:27 +0000
@@ -27,13 +27,15 @@
27 protected $user;27 protected $user;
28 protected $region;28 protected $region;
29 protected $response;29 protected $response;
30 public $auth;
31 protected $type;
32 protected $displayType;
3033
31 protected $layoutid;34 protected $layoutid;
32 protected $regionid;35 protected $regionid;
3336
34 protected $mediaid;37 protected $mediaid;
35 protected $name;38 protected $name;
36 protected $type;
37 private $schemaVersion;39 private $schemaVersion;
38 protected $regionSpecific;40 protected $regionSpecific;
39 protected $duration;41 protected $duration;
@@ -45,6 +47,9 @@
4547
46 protected $existingMedia;48 protected $existingMedia;
47 protected $deleteFromRegion;49 protected $deleteFromRegion;
50 protected $showRegionOptions;
51 protected $originalUserId;
52 protected $assignedMedia;
4853
49 /**54 /**
50 * Constructor - sets up this media object with all the available information55 * Constructor - sets up this media object with all the available information
@@ -73,12 +78,13 @@
7378
74 $this->existingMedia = false;79 $this->existingMedia = false;
75 $this->deleteFromRegion = false;80 $this->deleteFromRegion = false;
76 $this->duration = '';81 $this->showRegionOptions = Kit::GetParam('showRegionOptions', _REQUEST, _INT, 1);
82 $this->duration = '';
7783
78 // Determine which type this module is84 // Determine which type this module is
79 $this->SetModuleInformation();85 $this->SetModuleInformation();
8086
81 Debug::LogEntry($db, 'audit', 'New module created with MediaID: ' . $mediaid . ' LayoutID: ' . $layoutid . ' and RegionID: ' . $regionid);87 Debug::LogEntry($db, 'audit', 'Module created with MediaID: ' . $mediaid . ' LayoutID: ' . $layoutid . ' and RegionID: ' . $regionid);
8288
83 // Either the information from the region - or some blanks89 // Either the information from the region - or some blanks
84 $this->SetMediaInformation($this->layoutid, $this->regionid, $this->mediaid, $this->lkid);90 $this->SetMediaInformation($this->layoutid, $this->regionid, $this->mediaid, $this->lkid);
@@ -135,18 +141,20 @@
135 */141 */
136 final private function SetMediaInformation($layoutid, $regionid, $mediaid, $lkid)142 final private function SetMediaInformation($layoutid, $regionid, $mediaid, $lkid)
137 {143 {
138 $db =& $this->db;144 $db =& $this->db;
139 $region =& $this->region;145 $region =& $this->region;
140 $xmlDoc = new DOMDocument();146 $xmlDoc = new DOMDocument();
141147
142 if ($this->mediaid != '' && $this->regionid != '' && $this->layoutid != '')148 if ($this->mediaid != '' && $this->regionid != '' && $this->layoutid != '')
143 {149 {
150 // Existing media that is assigned to a layout
144 $this->existingMedia = true;151 $this->existingMedia = true;
152 $this->assignedMedia = true;
145153
146 // Set the layout Xml154 // Set the layout Xml
147 $layoutXml = $region->GetLayoutXml($layoutid);155 $layoutXml = $region->GetLayoutXml($layoutid);
148156
149 Debug::LogEntry($db, 'audit', 'Layout XML retrieved: ' . $layoutXml);157 //Debug::LogEntry($db, 'audit', 'Layout XML retrieved: ' . $layoutXml);
150158
151 $layoutDoc = new DOMDocument();159 $layoutDoc = new DOMDocument();
152 $layoutDoc->loadXML($layoutXml);160 $layoutDoc->loadXML($layoutXml);
@@ -173,10 +181,17 @@
173 181
174 // Get the LK id if we do not have one provided182 // Get the LK id if we do not have one provided
175 if ($lkid == '')183 if ($lkid == '')
176 $this->lkid = $mediaNode->getAttribute('lkid');184 $this->lkid = $mediaNode->getAttribute('lkid');
185
186 $this->originalUserId = $mediaNode->getAttribute('userId');
187
188 // Make sure we have permissions
189 $this->auth = $this->user->MediaAssignmentAuth($this->originalUserId, $this->layoutid, $this->regionid, $this->mediaid, true);
177190
178 $mediaNode = $xmlDoc->importNode($mediaNode, true);191 $mediaNode = $xmlDoc->importNode($mediaNode, true);
179 $xmlDoc->documentElement->appendChild($mediaNode);192 $xmlDoc->documentElement->appendChild($mediaNode);
193
194 Debug::LogEntry($db, 'audit', 'Existing Assigned Media XML is: \n ' . $xmlDoc->saveXML(), 'module', 'SetMediaInformation');
180 }195 }
181 else196 else
182 {197 {
@@ -186,9 +201,10 @@
186 // But this is some existing media201 // But this is some existing media
187 // Therefore make sure we get the bare minimum!202 // Therefore make sure we get the bare minimum!
188 $this->existingMedia = true;203 $this->existingMedia = true;
204 $this->assignedMedia = false;
189205
190 // Load what we know about this media into the object206 // Load what we know about this media into the object
191 $SQL = "SELECT duration, name FROM media WHERE mediaID = '$mediaid'";207 $SQL = "SELECT duration, name, UserId FROM media WHERE mediaID = '$mediaid'";
192208
193 Debug::LogEntry($db, 'audit', $SQL, 'Module', 'SetMediaInformation');209 Debug::LogEntry($db, 'audit', $SQL, 'Module', 'SetMediaInformation');
194210
@@ -199,15 +215,23 @@
199215
200 if ($db->num_rows($result) != 0)216 if ($db->num_rows($result) != 0)
201 {217 {
202 $row = $db->get_row($result);218 $row = $db->get_row($result);
203 $this->duration = $row[0];219 $this->duration = $row[0];
204 $this->name = $row[1];220 $this->name = $row[1];
221 $this->originalUserId = $row[2];
205 }222 }
223
224 $this->auth = $this->user->MediaAuth($this->mediaid, true);
225 }
226 else
227 {
228 // New assignment, therefore user and permissions are defaulted
229 $this->originalUserId = $this->user->userid;
206 }230 }
207231
208 $xml = <<<XML232 $xml = <<<XML
209 <root>233 <root>
210 <media id="" type="$this->type" duration="" lkid="" schemaVersion="$this->schemaVersion">234 <media id="" type="$this->type" duration="" lkid="" userId="$this->originalUserId" schemaVersion="$this->schemaVersion">
211 <options />235 <options />
212 <raw />236 <raw />
213 </media>237 </media>
@@ -217,9 +241,6 @@
217 }241 }
218242
219 $this->xml = $xmlDoc;243 $this->xml = $xmlDoc;
220
221 Debug::LogEntry($db, 'audit', 'XML is: ' . $this->xml->saveXML());
222
223 return true;244 return true;
224 }245 }
225246
@@ -257,6 +278,7 @@
257 $mediaNode->setAttribute('id', $this->mediaid);278 $mediaNode->setAttribute('id', $this->mediaid);
258 $mediaNode->setAttribute('duration', $this->duration);279 $mediaNode->setAttribute('duration', $this->duration);
259 $mediaNode->setAttribute('type', $this->type);280 $mediaNode->setAttribute('type', $this->type);
281 $mediaNode->setAttribute('userId', $this->originalUserId);
260282
261 return $this->xml->saveXML($mediaNode);283 return $this->xml->saveXML($mediaNode);
262 }284 }
@@ -439,37 +461,150 @@
439 */461 */
440 public function DeleteForm()462 public function DeleteForm()
441 {463 {
442 $db =& $this->db;464 $db =& $this->db;
443465 $helpManager = new HelpManager($db, $this->user);
444 //Parameters466 $this->response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link($this->type, 'Delete') . '")');
445 $layoutid = $this->layoutid;467
446 $regionid = $this->regionid;468 //Parameters
447 $mediaid = $this->mediaid;469 $layoutid = $this->layoutid;
448 470 $regionid = $this->regionid;
449 // Messages471 $mediaid = $this->mediaid;
450 $msgTitle = __('Return to the Region Options');472 $lkid = $this->lkid;
451 $msgWarn = __('Are you sure you want to remove this item from Xibo?');473 $userid = $this->user->userid;
452 $msgWarnLost = __('It will be lost');474
453475 // Can this user delete?
454 //we can delete476 if (!$this->auth->del)
455 $form = <<<END477 {
456 <form class="XiboForm" method="post" action="index.php?p=module&mod=text&q=Exec&method=DeleteMedia">478 $this->response->SetError('You do not have permission to delete this media.');
457 <input type="hidden" name="mediaid" value="$mediaid">479 $this->response->keepOpen = false;
458 <input type="hidden" name="layoutid" value="$layoutid">480 return $this->response;
459 <input type="hidden" name="regionid" value="$regionid">481 }
460 <p>$msgWarn <span class="required">$msgWarnLost</span>.</p>482
461 <input id="btnSave" type="submit" value="Yes" />483 // Messages
462 <input class="XiboFormButton" id="btnCancel" type="button" title="$msgTitle" href="index.php?p=layout&layoutid=$layoutid&regionid=$regionid&q=RegionOptions" value="No" />484 $msgTitle = __('Return to the Region Options');
463 </form>485 $msgWarn = __('Are you sure you want to remove this item from Xibo?');
464END;486 $msgWarnLost = __('It will be lost');
465487 $msgYes = __('Yes');
466 $this->response->html = $form;488 $msgNo = __('No');
467 $this->response->dialogTitle = __('Delete Item');489
468 $this->response->dialogSize = true;490 if ($this->regionSpecific)
469 $this->response->dialogWidth = '450px';491 {
470 $this->response->dialogHeight = '150px';492 $form = <<<END
471493 <form id="MediaDeleteForm" class="XiboForm" method="post" action="index.php?p=module&mod=text&q=Exec&method=DeleteMedia">
472 return $this->response;494 <input type="hidden" name="mediaid" value="$mediaid">
495 <input type="hidden" name="layoutid" value="$layoutid">
496 <input type="hidden" name="regionid" value="$regionid">
497 <p>$msgWarn <span class="required">$msgWarnLost</span>.</p>
498 </form>
499END;
500 $this->response->AddButton(__('No'), 'XiboFormRender("index.php?p=layout&layoutid=' . $layoutid . '&regionid=' . $regionid . '&q=RegionOptions")');
501 $this->response->AddButton(__('Yes'), '$("#MediaDeleteForm").submit()');
502 }
503 else
504 {
505 // This is for library based media
506 $options = '';
507
508 // Always have the abilty to unassign from the region
509 $options .= 'unassign|' . __('Unassign from this region only');
510
511 // Is this user allowed to edit this media?
512 if ($this->auth->edit)
513 {
514 // Load what we know about this media into the object
515 $SQL = "SELECT IFNULL(editedMediaID, 0) AS editedMediaID FROM media WHERE mediaID = $mediaid ";
516 $editedMediaID = $db->GetSingleValue($SQL, 'editedMediaID', _INT);
517
518 if ($editedMediaID === false)
519 {
520 trigger_error($editedMediaID . $db->error());
521 $this->response->SetError(__('Error querying for the Media information'));
522 $this->response->keepOpen = true;
523 return $this->response;
524 }
525
526 $options .= ',retire|' . __('Unassign from this region and retire');
527
528 // Is this media retired?
529 $revised = false;
530 if ($editedMediaID != 0)
531 $revised = true;
532
533 // Is this media being used anywhere else?
534 if ($layoutid == '')
535 {
536 $SQL = sprintf('SELECT layoutID FROM lklayoutmedia WHERE mediaID = %d ', $mediaid);
537 $options = '';
538 }
539 else
540 {
541 $SQL = sprintf("SELECT layoutID FROM lklayoutmedia WHERE mediaID = %d AND layoutid <> %d AND regionID <> '%s' ", $mediaid, $layoutid, $regionid);
542 }
543
544 if (!$results = $db->query($SQL))
545 {
546 trigger_error($db->error());
547
548 $this->response->SetError(__('Cannot determine if this media has been used.'));
549 $this->response->keepOpen = true;
550 return $this->response;
551 }
552
553 if ($db->num_rows($results) == 0 && !$revised)
554 {
555 $options .= ',delete|' . __('Delete this media');
556 }
557 else
558 {
559 $options .= ',retire|' . __('Retire this media');
560 }
561 }
562 else
563 {
564 // If this is the normal content page then say they cant edit, otherwise display the form with only the unassign option
565 if ($layoutid == '')
566 {
567 $this->response->SetError(__('You do not have permission to alter/delete this media.'));
568 $this->response->keepOpen = true;
569 return $this->response;
570 }
571 }
572
573 $options = ltrim($options, ',');
574
575 $deleteOptions = listcontent($options, 'options');
576
577 $msgWarn = __('Are you sure you want to delete this media?');
578 $msgSelect = __('Please select from the following options');
579 $msgCaution = __('Warning! You cannot undo this operation');
580
581 //we can delete
582 $form = <<<END
583 <form id="MediaDeleteForm" class="XiboForm" method="post" action="index.php?p=module&mod=$this->type&q=Exec&method=DeleteMedia">
584 <input type="hidden" name="mediaid" value="$mediaid">
585 <input type="hidden" name="lkid" value="$lkid">
586 <input type="hidden" name="layoutid" value="$layoutid">
587 <input type="hidden" name="regionid" value="$regionid">
588 <p>$msgWarn</p>
589 <p>$msgSelect: $deleteOptions </p>
590 <p>$msgCaution</p>
591 </form>
592END;
593 if ($layoutid == '')
594 $this->response->AddButton(__('No'), 'XiboDialogClose()');
595 else
596 $this->response->AddButton(__('No'), 'XiboFormRender("index.php?p=layout&layoutid=' . $layoutid . '&regionid=' . $regionid . '&q=RegionOptions")');
597
598 $this->response->AddButton(__('Yes'), '$("#MediaDeleteForm").submit()');
599 }
600
601 $this->response->html = $form;
602 $this->response->dialogTitle = __('Delete Media');
603 $this->response->dialogSize = true;
604 $this->response->dialogWidth = '450px';
605 $this->response->dialogHeight = '280px';
606
607 return $this->response;
473 }608 }
474609
475 /**610 /**
@@ -478,21 +613,93 @@
478 */613 */
479 public function DeleteMedia()614 public function DeleteMedia()
480 {615 {
481 $db =& $this->db;616 $db =& $this->db;
482617
483 $layoutid = $this->layoutid;618 $layoutid = $this->layoutid;
484 $regionid = $this->regionid;619 $regionid = $this->regionid;
485620 $mediaid = $this->mediaid;
486 $url = "index.php?p=layout&layoutid=$layoutid&regionid=$regionid&q=RegionOptions";621
487622 $url = "index.php?p=layout&layoutid=$layoutid&regionid=$regionid&q=RegionOptions";
488 $this->deleteFromRegion = true;623
489 $this->UpdateRegion();624 if (!$this->auth->del)
490625 {
491 // We want to load a new form626 $this->response->SetError('You do not have permission to delete this assignment.');
492 $this->response->loadForm = true;627 $this->response->keepOpen = false;
493 $this->response->loadFormUri= $url;628 return $this->response;
494629 }
495 return $this->response;630
631 if ($layoutid != '')
632 {
633 Kit::ClassLoader('layoutmediagroupsecurity');
634 $security = new LayoutMediaGroupSecurity($db);
635
636 if (!$security->UnlinkAll($layoutid, $regionid, $this->mediaid))
637 trigger_error($security->GetErrorMessage(), E_USER_ERROR);
638
639 $this->deleteFromRegion = true;
640 $this->UpdateRegion();
641 }
642
643 // Are we region specific media?
644 if (!$this->regionSpecific)
645 {
646 $options = Kit::GetParam('options', _POST, _WORD);
647
648 // If we are set to retire we retire
649 if ($options == 'retire')
650 {
651 //Update the media record to say it is retired
652 $SQL = sprintf("UPDATE media SET retired = 1 WHERE mediaid = %d ", $mediaid);
653
654 if (!$db->query($SQL))
655 {
656 trigger_error($db->error());
657
658 $this->response->SetError(__('Database error retiring this media record.'));
659 $this->response->keepOpen = true;
660 return $this->response;
661 }
662 }
663
664 // If we are set to delete, we delete
665 if ($options == 'delete')
666 {
667 // Get the file location from the database
668 $storedAs = $db->GetSingleValue(sprintf("SELECT storedAs FROM media WHERE mediaid = %d", $mediaid), 'storedAs', _FILENAME);
669
670 // Remove permission assignments
671 Kit::ClassLoader('mediagroupsecurity');
672
673 $security = new MediaGroupSecurity($db);
674
675 if (!$security->UnlinkAll($mediaid))
676 trigger_error($security->GetErrorMessage(), E_USER_ERROR);
677
678 //Update the media record to say it is retired
679 $SQL = sprintf("DELETE FROM media WHERE mediaid = %d ", $mediaid);
680
681 if (!$db->query($SQL))
682 {
683 trigger_error($db->error());
684
685 $this->response->SetError(__('Database error deleting this media record.'));
686 $this->response->keepOpen = true;
687 return $this->response;
688 }
689
690 $this->DeleteMediaFiles($storedAs);
691 }
692
693 $this->response->message = __('Media Deleted');
694 }
695 else
696 {
697 // We want to load a new form
698 $this->response->loadForm = true;
699 $this->response->loadFormUri= $url;
700 }
701
702 return $this->response;
496 }703 }
497704
498 /**705 /**
@@ -513,6 +720,118 @@
513 return $this->response;720 return $this->response;
514 }721 }
515722
723 protected function AddFormForLibraryMedia()
724 {
725 global $session;
726 $db =& $this->db;
727 $user =& $this->user;
728
729 // Would like to get the regions width / height
730 $layoutid = $this->layoutid;
731 $regionid = $this->regionid;
732
733 // Set the Session / Security information
734 $sessionId = session_id();
735 $securityToken = CreateFormToken();
736 $backgroundImage = Kit::GetParam('backgroundImage', _GET, _BOOL, false);
737
738 $session->setSecurityToken($securityToken);
739
740 //Get the default value for the shared list
741 $default = Config::GetSetting($db, 'defaultMedia');
742 $defaultDuration = Config::GetSetting($db, 'jpg_length');
743
744 // Save button is different depending on if we are on a region or not
745 if ($regionid != '' && $this->showRegionOptions)
746 {
747 setSession('content','mediatype', $this->type);
748
749 $save_button = <<<END
750 <input id="btnSave" type="submit" value="Save" disabled />
751 <input class="XiboFormButton" id="btnCancel" type="button" title="Return to the Region Options" href="index.php?p=layout&layoutid=$layoutid&regionid=$regionid&q=RegionOptions" value="Cancel" />
752 <input class="XiboFormButton" type="button" href="index.php?p=content&q=LibraryAssignForm&layoutid=$layoutid&regionid=$regionid" title="Library" value="Library" />
753END;
754 }
755 elseif ($regionid != '' && !$this->showRegionOptions)
756 {
757 $save_button = <<<END
758 <input id="btnSave" type="submit" value="Save" disabled />
759 <input class="XiboFormButton" id="btnCancel" type="button" title="Close" onclick="$('#div_dialog').dialog('close')" value="Cancel" />
760END;
761 }
762 elseif ($backgroundImage)
763 {
764 // Show the save button, and make cancel go back to the background form
765 $save_button = <<<END
766 <input id="btnSave" type="submit" value="Save" disabled />
767 <input class="XiboFormButton" id="btnCancel" type="button" title="Close" href="index.php?p=layout&q=BackgroundForm&modify=true&layoutid=$layoutid" value="Cancel" />
768END;
769 }
770 else
771 {
772 $save_button = <<<END
773 <input id="btnSave" type="submit" value="Save" disabled />
774 <input class="XiboFormButton" id="btnCancel" type="button" title="Close" href="index.php?p=content&q=displayForms&sp=add" value="Cancel" />
775END;
776 }
777
778 $form = <<<FORM
779 <div style="display:none"><iframe name="fileupload" width="1px" height="1px"></iframe></div>
780 <div>
781 <form id="file_upload" method="post" action="index.php?p=content&q=FileUpload" enctype="multipart/form-data" target="fileupload">
782 <input type="hidden" id="PHPSESSID" value="$sessionId" />
783 <input type="hidden" id="SecurityToken" value="$securityToken" />
784 <input type="hidden" name="MAX_FILE_SIZE" value="$this->maxFileSizeBytes" />
785 <table>
786 <tr>
787 <td><label for="file">$this->displayType File<span class="required">*</span></label></td>
788 <td colspan="3">
789 <input type="file" name="media_file" onchange="fileFormSubmit();this.form.submit();" />
790 </td>
791 </tr>
792 </table>
793 </form>
794 </div>
795 <div id="uploadProgress" style="display:none">
796 <img src="img/loading.gif"><span style="padding-left:10px">You may fill in the form while your file is uploading.</span>
797 </div>
798 <form class="XiboForm" id="AddLibraryBasedMedia" method="post" action="index.php?p=module&mod=$this->type&q=Exec&method=AddMedia">
799 <input type="hidden" name="layoutid" value="$layoutid">
800 <input type="hidden" name="regionid" value="$regionid">
801 <input type="hidden" name="backgroundImage" value="$backgroundImage" />
802 <input type="hidden" name="showRegionOptions" value="$this->showRegionOptions" />
803 <input type="hidden" id="txtFileName" name="txtFileName" readonly="true" />
804 <input type="hidden" name="hidFileID" id="hidFileID" value="" />
805 <table width="100%">
806 <tr>
807 <td><label for="name" title="The name of the $this->type. Leave this blank to use the file name">Name</label></td>
808 <td><input id="name" name="name" type="text"></td>
809 </tr>
810 <tr>
811 <td><label for="duration" title="The duration in seconds this image should be displayed (may be overridden on each layout)">Duration<span class="required">*</span></label></td>
812 <td><input id="duration" name="duration" type="text" value="$defaultDuration"></td>
813 </tr>
814 <tr>
815 <td></td>
816 <td>This form accepts: <span class="required">$this->validExtensionsText</span> files up to a maximum size of <span class="required">$this->maxFileSize</span>.</td>
817 </tr>
818 <tr>
819 <td></td>
820 <td colspan="3">$save_button</td>
821 </tr>
822 </table>
823 </form>
824FORM;
825
826 $this->response->html = $form;
827 $this->response->dialogTitle = 'Add New ' . $this->displayType;
828 $this->response->dialogSize = true;
829 $this->response->dialogWidth = '450px';
830 $this->response->dialogHeight = '280px';
831
832 return $this->response;
833 }
834
516 /**835 /**
517 * Default Edit Form836 * Default Edit Form
518 * @return837 * @return
@@ -530,6 +849,148 @@
530 return $this->response;849 return $this->response;
531 }850 }
532851
852 protected function EditFormForLibraryMedia()
853 {
854 global $session;
855 $db =& $this->db;
856 $user =& $this->user;
857
858 // Would like to get the regions width / height
859 $layoutid = $this->layoutid;
860 $regionid = $this->regionid;
861 $mediaid = $this->mediaid;
862 $lkid = $this->lkid;
863 $userid = $this->user->userid;
864
865 // Can this user delete?
866 if (!$this->auth->edit)
867 {
868 $this->response->SetError('You do not have permission to edit this media.');
869 $this->response->keepOpen = false;
870 return $this->response;
871 }
872
873 // Set the Session / Security information
874 $sessionId = session_id();
875 $securityToken = CreateFormToken();
876
877 $session->setSecurityToken($securityToken);
878
879 // Load what we know about this media into the object
880 $SQL = "SELECT name, originalFilename, userID, retired, storedAs, isEdited, editedMediaID FROM media WHERE mediaID = $mediaid ";
881
882 if (!$row = $db->GetSingleRow($SQL))
883 {
884 trigger_error($db->error()); //log the error
885
886 $this->message = __('Error querying for the Media information');
887 return false;
888 }
889
890 $name = $row['name'];
891 $originalFilename = $row['originalFilename'];
892 $userid = $row['userID'];
893 $retired = $row['retired'];
894 $storedAs = $row['storedAs'];
895 $isEdited = $row['isEdited'];
896 $editedMediaID = $row['editedMediaID'];
897 $ext = strtolower(substr(strrchr($originalFilename, '.'), 1));
898
899 // Save button is different depending on if we are on a region or not
900 if ($regionid != '' && $this->showRegionOptions)
901 {
902 setSession('content', 'mediatype', $this->type);
903
904 $extraNotes = '<em>Note: Uploading a new ' . $this->displayType . ' here will replace it on this layout only.</em>';
905
906 $save_button = <<<END
907 <input id="btnSave" type="submit" value="Save" />
908 <input class="XiboFormButton" id="btnCancel" type="button" title="Return to the Region Options" href="index.php?p=layout&layoutid=$layoutid&regionid=$regionid&q=RegionOptions" value="Cancel" />
909END;
910 }
911 elseif ($regionid != '' && !$this->showRegionOptions)
912 {
913 $extraNotes = '<em>Note: Uploading a new ' . $this->displayType . ' here will replace it on this layout only.</em>';
914
915 $save_button = <<<END
916 <input id="btnSave" type="submit" value="Save" />
917 <input id="btnCancel" type="button" title="Close" onclick="$('#div_dialog').dialog('close')" value="Cancel" />
918END;
919 }
920 else
921 {
922 $extraNotes = '<em>Note: As you are editing from the library uploading a new media item will not replace the old one from any layouts. To do this navigate to the layout and edit the media from there.</em>';
923
924 $save_button = <<<END
925 <input id="btnSave" type="submit" value="Save" />
926 <input id="btnCancel" type="button" title="Close" onclick="$('#div_dialog').dialog('close')" value="Cancel" />
927END;
928 }
929
930 $durationFieldEnabled = ($this->auth->modifyPermissions) ? '' : ' readonly';
931
932 $form = <<<FORM
933 <div style="display:none"><iframe name="fileupload" width="1px" height="1px"></iframe></div>
934 <div>
935 <form id="file_upload" method="post" action="index.php?p=content&q=FileUpload" enctype="multipart/form-data" target="fileupload">
936 <input type="hidden" id="PHPSESSID" value="$sessionId" />
937 <input type="hidden" id="SecurityToken" value="$securityToken" />
938 <input type="hidden" name="MAX_FILE_SIZE" value="$this->maxFileSizeBytes" />
939 <table>
940 <tr>
941 <td><label for="file">New $this->displayType File<span class="required">*</span></label></td>
942 <td colspan="3">
943 <input type="file" name="media_file" onchange="fileFormSubmit();this.form.submit();" />
944 </td>
945 </tr>
946 </table>
947 </form>
948 </div>
949 <div id="uploadProgress" style="display:none">
950 <img src="img/loading.gif"><span style="padding-left:10px">You may fill in the form while your file is uploading.</span>
951 </div>
952 <form class="XiboForm" method="post" action="index.php?p=module&mod=$this->type&q=Exec&method=EditMedia">
953 <input type="hidden" name="hidFileID" id="hidFileID" value="" />
954 <input type="hidden" id="txtFileName" name="txtFileName" readonly="true" />
955 <input type="hidden" name="layoutid" value="$layoutid">
956 <input type="hidden" name="regionid" value="$regionid">
957 <input type="hidden" name="mediaid" value="$mediaid">
958 <input type="hidden" name="lkid" value="$lkid">
959 <input type="hidden" id="PHPSESSID" value="$sessionId" />
960 <input type="hidden" id="SecurityToken" value="$securityToken" />
961 <input type="hidden" name="showRegionOptions" value="$this->showRegionOptions" />
962 <table>
963 <tr>
964 <td><label for="name" title="The name of the $this->displayType. Leave this blank to use the file name">Name</label></td>
965 <td><input id="name" name="name" type="text" value="$name"></td>
966 <td><label for="duration" title="The duration in seconds this media should be displayed (may be overridden on each layout)">Duration<span class="required">*</span></label></td>
967 <td><input id="duration" name="duration" type="text" value="$this->duration" $durationFieldEnabled></td>
968 </tr>
969 <tr>
970 <td></td>
971 <td>This form accepts: <span class="required">$this->validExtensionsText</span> files up to a maximum size of <span class="required">$this->maxFileSize</span>.</td>
972 </tr>
973 <tr>
974 <td></td>
975 <td colspan="2">$extraNotes</td>
976 </tr>
977 <tr>
978 <td></td>
979 <td colspan="3">$save_button</td>
980 </tr>
981 </table>
982 </form>
983FORM;
984
985 $this->response->html = $form;
986 $this->response->dialogTitle = 'Edit ' . $this->displayType;
987 $this->response->dialogSize = true;
988 $this->response->dialogWidth = '450px';
989 $this->response->dialogHeight = '280px';
990
991 return $this->response;
992 }
993
533 /**994 /**
534 * Default Add Media995 * Default Add Media
535 * @return996 * @return
@@ -542,6 +1003,171 @@
542 return $this->response; 1003 return $this->response;
543 }1004 }
5441005
1006 protected function AddLibraryMedia()
1007 {
1008 $db =& $this->db;
1009 $layoutid = $this->layoutid;
1010 $regionid = $this->regionid;
1011 $mediaid = $this->mediaid;
1012 $userid = $this->user->userid;
1013 $backgroundImage = Kit::GetParam('backgroundImage', _POST, _BOOL, false);
1014
1015 // File data
1016 $tmpName = Kit::GetParam('hidFileID', _POST, _STRING);
1017
1018 if ($tmpName == '')
1019 {
1020 $this->response->SetError('Cannot save Image details. <br/> You must have picked a file.');
1021 $this->response->keepOpen = true;
1022 return $this->response;
1023 }
1024
1025 // File name and extension (orignial name)
1026 $fileName = Kit::GetParam('txtFileName', _POST, _STRING);
1027 $fileName = basename($fileName);
1028 $ext = strtolower(substr(strrchr($fileName, "."), 1));
1029
1030 // Other properties
1031 $name = Kit::GetParam('name', _POST, _STRING);
1032 $duration = Kit::GetParam('duration', _POST, _INT, -1);
1033
1034 if ($name == '')
1035 $name = Kit::ValidateParam($fileName, _FILENAME);
1036
1037 // Validation
1038 if (!$this->IsValidExtension($ext))
1039 {
1040 $this->response->SetError(sprintf(__('Your file has an extension not supported by Media Type %s'), $this->displayType));
1041 $this->response->keepOpen = true;
1042 return $this->response;
1043 }
1044
1045 // Make sure the name isnt too long
1046 if (strlen($name) > 100)
1047 {
1048 $this->response->SetError(__('The name cannot be longer than 100 characters'));
1049 $this->response->keepOpen = true;
1050 return $this->response;
1051 }
1052
1053 if ($duration < 0)
1054 {
1055 $this->response->SetError(__('You must enter a duration.'));
1056 $this->response->keepOpen = true;
1057 return $this->response;
1058 }
1059
1060 // Ensure the name is not already in the database
1061 $SQL = sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d", $db->escape_string($name), $userid);
1062
1063 if(!$result = $db->query($SQL))
1064 {
1065 trigger_error($db->error());
1066 $this->response->SetError('Error checking whether the media name is ok. Try choosing a different name.');
1067 $this->response->keepOpen = true;
1068 return $this->response;
1069 }
1070
1071 if ($db->num_rows($result) != 0)
1072 {
1073 $this->response->SetError('Some media you own already has this name. Please choose another.');
1074 $this->response->keepOpen = true;
1075 return $this->response;
1076 }
1077
1078 // All OK to insert this record
1079 $SQL = "INSERT INTO media (name, type, duration, originalFilename, userID, retired ) ";
1080 $SQL .= "VALUES ('%s', '$this->type', '%s', '%s', %d, 0) ";
1081
1082 $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($duration), $db->escape_string($fileName), $userid);
1083
1084 if (!$mediaid = $db->insert_query($SQL))
1085 {
1086 trigger_error($db->error());
1087 $this->response->SetError(__('Database error adding this media record.'));
1088 $this->response->keepOpen = true;
1089 return $this->response;
1090 }
1091
1092 // File upload directory.. get this from the settings object
1093 $databaseDir = Config::GetSetting($db, 'LIBRARY_LOCATION');
1094
1095 // What are we going to store this media as...
1096 $storedAs = $mediaid . '.' . $ext;
1097
1098 // Now we need to move the file
1099 if (!$result = rename($databaseDir . 'temp/' . $tmpName, $databaseDir . $storedAs))
1100 {
1101 // If we couldnt move it - we need to delete the media record we just added
1102 $SQL = sprintf("DELETE FROM media WHERE mediaID = %d ", $mediaid);
1103
1104 if (!$db->query($SQL))
1105 {
1106 trigger_error($db->error());
1107 $this->response->SetError(__('Error storing file'));
1108 $this->response->keepOpen = true;
1109 return $this->response;
1110 }
1111 }
1112
1113 // Calculate the MD5 and the file size
1114 $md5 = md5_file($databaseDir.$storedAs);
1115 $fileSize = filesize($databaseDir.$storedAs);
1116
1117 // Update the media record to include this information
1118 $SQL = sprintf("UPDATE media SET storedAs = '%s', `MD5` = '%s', FileSize = %d WHERE mediaid = %d", $storedAs, $md5, $fileSize, $mediaid);
1119
1120 if (!$db->query($SQL))
1121 {
1122 trigger_error($db->error());
1123 return true;
1124 }
1125
1126 // Required Attributes
1127 $this->mediaid = $mediaid;
1128 $this->duration = $duration;
1129
1130 // Any Options
1131 $this->SetOption('uri', $storedAs);
1132
1133 // Should have built the media object entirely by this time
1134 if ($regionid != '' && $this->showRegionOptions)
1135 {
1136 // This saves the Media Object to the Region
1137 $this->UpdateRegion();
1138 $this->response->loadFormUri = "index.php?p=layout&layoutid=$layoutid&regionid=$regionid&q=RegionOptions";;
1139 }
1140 elseif ($regionid != '' && !$this->showRegionOptions)
1141 {
1142 $this->UpdateRegion();
1143 $this->response->loadForm = false;
1144 }
1145 else
1146 {
1147 $this->response->loadFormUri = "index.php?p=content&q=displayForms&sp=add";
1148 }
1149
1150 // We want to load a new form
1151 $this->response->loadForm = true;
1152
1153 // If we just added a background we should load the background form
1154 if ($backgroundImage)
1155 {
1156 $this->response->loadFormUri = "index.php?p=layout&q=BackgroundForm&modify=true&layoutid=$layoutid&backgroundOveride=$storedAs";
1157 }
1158
1159 // What permissions should we assign this with?
1160 if (Config::GetSetting($db, 'MEDIA_DEFAULT') == 'public')
1161 {
1162 Kit::ClassLoader('mediagroupsecurity');
1163
1164 $security = new MediaGroupSecurity($db);
1165 $security->LinkEveryone($mediaid, 1, 0, 0);
1166 }
1167
1168 return $this->response;
1169 }
1170
545 /**1171 /**
546 * Default EditMedia1172 * Default EditMedia
547 * @return1173 * @return
@@ -554,18 +1180,256 @@
554 return $this->response; 1180 return $this->response;
555 }1181 }
5561182
557 /**1183 protected function EditLibraryMedia()
558 * Default GetName1184 {
559 * @return1185 $db =& $this->db;
560 */1186 $user =& $this->user;
561 public function GetName()1187 $layoutid = $this->layoutid;
562 {1188 $regionid = $this->regionid;
563 $db =& $this->db;1189 $mediaid = $this->mediaid;
5641190 $userid = $this->user->userid;
565 Debug::LogEntry($db, 'audit', sprintf('Module name returned for MediaID: %s is %s', $this->mediaid, $this->name), 'Module', 'GetName');1191
5661192 if (!$this->auth->edit)
567 return $this->name;1193 {
568 }1194 $this->response->SetError('You do not have permission to edit this media.');
1195 $this->response->keepOpen = false;
1196 return $this->response;
1197 }
1198
1199 // Stored As from the XML
1200 $storedAs = $this->GetOption('uri');
1201
1202 // File data
1203 $tmpName = Kit::GetParam('hidFileID', _POST, _STRING);
1204
1205 if ($tmpName == '')
1206 {
1207 $fileRevision = false;
1208 }
1209 else
1210 {
1211 $fileRevision = true;
1212
1213 // File name and extension (orignial name)
1214 $fileName = Kit::GetParam('txtFileName', _POST, _STRING);
1215 $fileName = basename($fileName);
1216 $ext = strtolower(substr(strrchr($fileName, "."), 1));
1217
1218 if (!$this->IsValidExtension($ext))
1219 {
1220 $this->response->SetError('Your file has an extension not supported by this Media Type.');
1221 $this->response->keepOpen = true;
1222 return $this->response;
1223 }
1224 }
1225
1226 // Other properties
1227 $name = Kit::GetParam('name', _POST, _STRING);
1228
1229 if ($this->auth->modifyPermissions)
1230 $this->duration = Kit::GetParam('duration', _POST, _INT, 0);
1231
1232 if ($name == '')
1233 {
1234 if ($fileRevision)
1235 {
1236 $name = Kit::ValidateParam($fileName, _FILENAME);
1237 }
1238 else
1239 {
1240 $this->response->SetError(__('The Name cannot be blank.'));
1241 $this->response->keepOpen = true;
1242 return $this->response;
1243 }
1244 }
1245
1246 // Make sure the name isnt too long
1247 if (strlen($name) > 100)
1248 {
1249 $this->response->SetError(__('The name cannot be longer than 100 characters'));
1250 $this->response->keepOpen = true;
1251 return $this->response;
1252 }
1253
1254 if ($this->duration < 0)
1255 {
1256 $this->response->SetError(__('You must enter a duration.'));
1257 $this->response->keepOpen = true;
1258 return $this->response;
1259 }
1260
1261 // Ensure the name is not already in the database
1262 $SQL = sprintf("SELECT name FROM media WHERE name = '%s' AND userid = %d AND mediaid <> %d AND IsEdited = 0", $db->escape_string($name), $userid, $mediaid);
1263
1264 if(!$result = $db->query($SQL))
1265 {
1266 trigger_error($db->error());
1267 $this->response->SetError(__('Error checking whether the media name is ok. Try choosing a different name.'));
1268 $this->response->keepOpen = true;
1269 return $this->response;
1270 }
1271
1272 if ($db->num_rows($result) != 0)
1273 {
1274 $this->response->SetError(__('Some media you own already has this name. Please choose another.'));
1275 $this->response->keepOpen = true;
1276 return $this->response;
1277 }
1278
1279 //Are we revising this media - or just plain editing
1280 if ($fileRevision)
1281 {
1282 // All OK to insert this record
1283 $SQL = "INSERT INTO media (name, type, duration, originalFilename, userID, retired ) ";
1284 $SQL .= "VALUES ('%s', '$this->type', '%s', '%s', %d, 0) ";
1285
1286 $SQL = sprintf($SQL, $db->escape_string($name), $db->escape_string($this->duration), $db->escape_string($fileName), $userid);
1287
1288 if (!$new_mediaid = $db->insert_query($SQL))
1289 {
1290 trigger_error($db->error());
1291 trigger_error('Error inserting replacement media record.', E_USER_ERROR);
1292 }
1293
1294 //What are we going to store this media as...
1295 $storedAs = $new_mediaid . '.' . $ext;
1296
1297 // File upload directory.. get this from the settings object
1298 $databaseDir = Config::GetSetting($db, 'LIBRARY_LOCATION');
1299
1300 //Now we need to move the file
1301 if (!$result = rename($databaseDir . '/temp/' . $tmpName, $databaseDir . $storedAs))
1302 {
1303 //If we couldnt move it - we need to delete the media record we just added
1304 $SQL = "DELETE FROM media WHERE mediaID = $new_mediaid ";
1305
1306 if (!$db->insert_query($SQL))
1307 {
1308 $this->response->SetError('Error rolling back transcation.');
1309 $this->response->keepOpen = true;
1310 return $this->response;
1311 }
1312 }
1313
1314 // Calculate the MD5 and the file size
1315 $md5 = md5_file($databaseDir.$storedAs);
1316 $fileSize = filesize($databaseDir.$storedAs);
1317
1318 // Update the media record to include this information
1319 $SQL = sprintf("UPDATE media SET storedAs = '%s', `MD5` = '%s', FileSize = %d WHERE mediaid = %d", $storedAs, $md5, $fileSize, $new_mediaid);
1320
1321 if (!$db->query($SQL))
1322 {
1323 trigger_error($db->error());
1324 $this->response->SetError('Error updating media with Library location.');
1325 $this->response->keepOpen = true;
1326 return $this->response;
1327 }
1328
1329 // Update the existing record with the new record's id
1330 $SQL = "UPDATE media SET isEdited = 1, editedMediaID = $new_mediaid ";
1331 $SQL .= " WHERE IFNULL(editedMediaID,0) <> $new_mediaid AND mediaID = $mediaid ";
1332
1333 Debug::LogEntry($db, 'audit', $SQL);
1334
1335 if (!$db->query($SQL))
1336 {
1337 trigger_error($db->error());
1338
1339 $this->response->SetError('Database error editing this media record.');
1340 $this->response->keepOpen = true;
1341 return $this->response;
1342 }
1343
1344 // We need to assign all permissions for the old media id to the new media id
1345 Kit::ClassLoader('mediagroupsecurity');
1346
1347 $security = new MediaGroupSecurity($db);
1348 $security->Copy($mediaid, $new_mediaid);
1349
1350 // Are we on a region
1351 if ($regionid != '')
1352 {
1353 Kit::ClassLoader('layoutmediagroupsecurity');
1354
1355 $security = new LayoutMediaGroupSecurity($db);
1356 $security->Copy($layoutid, $regionid, $mediaid, $new_mediaid);
1357 }
1358 }
1359 else
1360 {
1361 // Editing the existing record
1362 $new_mediaid = $mediaid;
1363
1364 $SQL = "UPDATE media SET name = '%s' ";
1365 $SQL .= " WHERE mediaID = %d ";
1366 $SQL = sprintf($SQL, $db->escape_string($name), $mediaid);
1367
1368 Debug::LogEntry($db, 'audit', $SQL);
1369
1370 if (!$db->query($SQL))
1371 {
1372 trigger_error($db->error());
1373
1374 $this->response->SetError('Database error editing this media record.');
1375 $this->response->keepOpen = true;
1376 return $this->response;
1377 }
1378 }
1379
1380 // Required Attributes
1381 $this->mediaid = $new_mediaid;
1382
1383 // Any Options
1384 $this->SetOption('uri', $storedAs);
1385
1386 // Should have built the media object entirely by this time
1387 if ($regionid != '' && $this->showRegionOptions)
1388 {
1389 // This saves the Media Object to the Region
1390 $this->UpdateRegion();
1391
1392 $this->response->loadForm = true;
1393 $this->response->loadFormUri = "index.php?p=layout&layoutid=$layoutid&regionid=$regionid&q=RegionOptions";;
1394 }
1395 elseif ($regionid != '' && !$this->showRegionOptions)
1396 {
1397 $this->UpdateRegion();
1398 $this->response->loadForm = false;
1399 }
1400 else
1401 {
1402 // We are in the library so we therefore have to update the duration with the new value.
1403 // We could do this in the above code, but it is much simpler here until we rewrite
1404 // these classes to use a data base class.
1405 $db->query(sprintf("UPDATE media SET duration = %d WHERE mediaID = %d", $this->duration, $this->mediaid));
1406
1407 $this->response->message = 'Edited the ' . $this->displayType;
1408 }
1409
1410 return $this->response;
1411 }
1412
1413 /**
1414 * Default GetName
1415 * @return
1416 */
1417 public function GetName()
1418 {
1419 $db =& $this->db;
1420
1421 if ($this->name == '' && !$this->regionSpecific)
1422 {
1423 // Load what we know about this media into the object
1424 $SQL = "SELECT name FROM media WHERE mediaID = %d ";
1425
1426 $this->name = $db->GetSingleValue(sprintf($SQL, $this->mediaid), 'name', _STRING);
1427 }
1428
1429 Debug::LogEntry($db, 'audit', sprintf('Module name returned for MediaID: %s is %s', $this->mediaid, $this->name), 'Module', 'GetName');
1430
1431 return $this->name;
1432 }
5691433
570 /**1434 /**
571 * Preview code for a module1435 * Preview code for a module
@@ -585,5 +1449,231 @@
585 {1449 {
586 return $this->regionSpecific;1450 return $this->regionSpecific;
587 }1451 }
1452
1453 /**
1454 * Permissions form
1455 */
1456 public function PermissionsForm()
1457 {
1458 $db =& $this->db;
1459 $user =& $this->user;
1460 $response = $this->response;
1461 $helpManager = new HelpManager($db, $user);
1462
1463 if (!$this->auth->modifyPermissions)
1464 trigger_error(__('You do not have permissions to edit this media'), E_USER_ERROR);
1465
1466 // Form content
1467 $form = '<form id="LayoutPermissionsForm" class="XiboForm" method="post" action="index.php?p=module&mod=' . $this->type . '&q=Exec&method=Permissions">';
1468 $form .= '<input type="hidden" name="layoutid" value="' . $this->layoutid . '" />';
1469 $form .= '<input type="hidden" name="regionid" value="' . $this->regionid . '" />';
1470 $form .= '<input type="hidden" name="mediaid" value="' . $this->mediaid . '" />';
1471 $form .= '<div class="dialog_table">';
1472 $form .= ' <table style="width:100%">';
1473 $form .= ' <tr>';
1474 $form .= ' <th>' . __('Group') . '</th>';
1475 $form .= ' <th>' . __('View') . '</th>';
1476 $form .= ' <th>' . __('Edit') . '</th>';
1477 $form .= ' <th>' . __('Delete') . '</th>';
1478 $form .= ' </tr>';
1479
1480 // List of all Groups with a view/edit/delete checkbox
1481 $SQL = '';
1482 $SQL .= 'SELECT `group`.GroupID, `group`.`Group`, View, Edit, Del, `group`.IsUserSpecific ';
1483 $SQL .= ' FROM `group` ';
1484
1485 if ($this->assignedMedia)
1486 {
1487 $SQL .= ' LEFT OUTER JOIN lklayoutmediagroup ';
1488 $SQL .= ' ON lklayoutmediagroup.GroupID = group.GroupID ';
1489 $SQL .= sprintf(" AND lklayoutmediagroup.MediaID = '%s' AND lklayoutmediagroup.RegionID = '%s' AND lklayoutmediagroup.LayoutID = %d ", $this->mediaid, $this->regionid, $this->layoutid);
1490 }
1491 else
1492 {
1493 $SQL .= ' LEFT OUTER JOIN lkmediagroup ';
1494 $SQL .= ' ON lkmediagroup.GroupID = group.GroupID ';
1495 $SQL .= sprintf(' AND lkmediagroup.MediaID = %d ', $this->mediaid);
1496 }
1497
1498 $SQL .= ' WHERE `group`.GroupID <> %d ';
1499 $SQL .= 'ORDER BY `group`.IsEveryone DESC, `group`.IsUserSpecific, `group`.`Group` ';
1500
1501 $SQL = sprintf($SQL, $user->getGroupFromId($user->userid, true));
1502
1503 Debug::LogEntry($db, 'audit', $SQL, 'module', 'PermissionsForm');
1504
1505 if (!$results = $db->query($SQL))
1506 {
1507 trigger_error($db->error());
1508 trigger_error(__('Unable to get permissions for this layout'), E_USER_ERROR);
1509 }
1510
1511 while($row = $db->get_assoc_row($results))
1512 {
1513 $groupId = $row['GroupID'];
1514 $group = ($row['IsUserSpecific'] == 0) ? '<strong>' . $row['Group'] . '</strong>' : $row['Group'];
1515
1516 $form .= '<tr>';
1517 $form .= ' <td>' . $group . '</td>';
1518 $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_view" ' . (($row['View'] == 1) ? 'checked' : '') . '></td>';
1519 $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_edit" ' . (($row['Edit'] == 1) ? 'checked' : '') . '></td>';
1520 $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_del" ' . (($row['Del'] == 1) ? 'checked' : '') . '></td>';
1521 $form .= '</tr>';
1522 }
1523
1524 $form .= '</table>';
1525 $form .= '</div>';
1526 $form .= '</form>';
1527
1528 $response->SetFormRequestResponse($form, __('Permissions'), '350px', '500px');
1529 $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Layout', 'Permissions') . '")');
1530 $response->AddButton(__('Cancel'), 'XiboSwapDialog("index.php?p=layout&layoutid=' . $this->layoutid . '&regionid=' . $this->regionid . '&q=RegionOptions")');
1531 $response->AddButton(__('Save'), '$("#LayoutPermissionsForm").submit()');
1532
1533 return $response;
1534 }
1535
1536 /**
1537 * Permissions Edit
1538 */
1539 public function Permissions()
1540 {
1541 $db =& $this->db;
1542 $user =& $this->user;
1543 $response = $this->response;
1544
1545 Kit::ClassLoader('mediagroupsecurity');
1546 Kit::ClassLoader('layoutmediagroupsecurity');
1547
1548 $layoutId = Kit::GetParam('layoutid', _POST, _INT);
1549 $regionId = Kit::GetParam('regionid', _POST, _STRING);
1550 $mediaId = Kit::GetParam('mediaid', _POST, _STRING);
1551 $groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
1552
1553 if (!$this->auth->modifyPermissions)
1554 trigger_error(__('You do not have permissions to edit this layout'), E_USER_ERROR);
1555
1556 // Unlink all
1557 if ($this->assignedMedia)
1558 {
1559 $layoutMediaSecurity = new LayoutMediaGroupSecurity($db);
1560 if (!$layoutMediaSecurity->UnlinkAll($layoutId, $regionId, $mediaId))
1561 trigger_error(__('Unable to set permissions'));
1562 }
1563 else
1564 {
1565 $mediaSecurity = new MediaGroupSecurity($db);
1566 if (!$mediaSecurity->UnlinkAll($mediaId))
1567 trigger_error(__('Unable to set permissions'));
1568 }
1569
1570 // Some assignments for the loop
1571 $lastGroupId = 0;
1572 $first = true;
1573 $view = 0;
1574 $edit = 0;
1575 $del = 0;
1576
1577 // List of groupIds with view, edit and del assignments
1578 foreach($groupIds as $groupPermission)
1579 {
1580 $groupPermission = explode('_', $groupPermission);
1581 $groupId = $groupPermission[0];
1582
1583 if ($first)
1584 {
1585 // First time through
1586 $first = false;
1587 $lastGroupId = $groupId;
1588 }
1589
1590 if ($groupId != $lastGroupId)
1591 {
1592 // The groupId has changed, so we need to write the current settings to the db.
1593 // Link new permissions
1594 if ($this->assignedMedia)
1595 {
1596 if (!$layoutMediaSecurity->Link($layoutId, $regionId, $mediaId, $lastGroupId, $view, $edit, $del))
1597 trigger_error(__('Unable to set permissions'));
1598 }
1599 else
1600 {
1601 if (!$mediaSecurity->Link($mediaId, $lastGroupId, $view, $edit, $del))
1602 trigger_error(__('Unable to set permissions'));
1603 }
1604
1605 // Reset
1606 $lastGroupId = $groupId;
1607 $view = 0;
1608 $edit = 0;
1609 $del = 0;
1610 }
1611
1612 switch ($groupPermission[1])
1613 {
1614 case 'view':
1615 $view = 1;
1616 break;
1617
1618 case 'edit':
1619 $edit = 1;
1620 break;
1621
1622 case 'del':
1623 $del = 1;
1624 break;
1625 }
1626 }
1627
1628 // Need to do the last one
1629 if (!$first)
1630 {
1631 if ($this->assignedMedia)
1632 {
1633 if (!$layoutMediaSecurity->Link($layoutId, $regionId, $mediaId, $lastGroupId, $view, $edit, $del))
1634 trigger_error(__('Unable to set permissions'));
1635 }
1636 else
1637 {
1638 if (!$mediaSecurity->Link($mediaId, $lastGroupId, $view, $edit, $del))
1639 trigger_error(__('Unable to set permissions'));
1640 }
1641 }
1642
1643 $response->SetFormSubmitResponse(__('Permissions Changed'));
1644
1645 return $response;
1646 }
1647
1648 /**
1649 * Deletes the media files associated with this record
1650 * @return
1651 */
1652 private function DeleteMediaFiles($fileName)
1653 {
1654 $db =& $this->db;
1655
1656 //Library location
1657 $databaseDir = Config::GetSetting($db, 'LIBRARY_LOCATION');
1658
1659 //3 things to check for..
1660 //the actual file, the thumbnail, the background
1661 if (file_exists($databaseDir . $fileName))
1662 {
1663 unlink($databaseDir . $fileName);
1664 }
1665
1666 if (file_exists($databaseDir . 'tn_' . $fileName))
1667 {
1668 unlink($databaseDir . 'tn_' . $fileName);
1669 }
1670
1671 if (file_exists($databaseDir . 'bg_' . $fileName))
1672 {
1673 unlink($databaseDir . 'bg_' . $fileName);
1674 }
1675
1676 return true;
1677 }
588}1678}
589?>1679?>
590\ No newline at end of file1680\ No newline at end of file
5911681
=== modified file 'server/lib/pages/content.class.php'
--- server/lib/pages/content.class.php 2011-06-05 16:17:41 +0000
+++ server/lib/pages/content.class.php 2011-08-18 23:36:27 +0000
@@ -70,11 +70,6 @@
70 if (isset($_SESSION['content']['usertype'])) $usertype = $_SESSION['content']['usertype'];70 if (isset($_SESSION['content']['usertype'])) $usertype = $_SESSION['content']['usertype'];
71 if (isset($_SESSION['content']['playlistid'])) $playlistid = $_SESSION['content']['playlistid'];71 if (isset($_SESSION['content']['playlistid'])) $playlistid = $_SESSION['content']['playlistid'];
72 72
73 //shared list
74 $shared = "All";
75 if (isset($_SESSION['content']['shared'])) $shared = $_SESSION['content']['shared'];
76 $shared_list = dropdownlist("SELECT 'all','All' UNION SELECT permissionID, permission FROM permission", "shared", $shared);
77
78 $filter_userid = "";73 $filter_userid = "";
79 if (isset($_SESSION['content']['filter_userid'])) $filter_userid = $_SESSION['content']['filter_userid'];74 if (isset($_SESSION['content']['filter_userid'])) $filter_userid = $_SESSION['content']['filter_userid'];
80 75
@@ -122,8 +117,6 @@
122 <td>$user_list</td>117 <td>$user_list</td>
123 <td></td>118 <td></td>
124 <td></td>119 <td></td>
125 <td>$msgShared</td>
126 <td>$shared_list</td>
127 </tr>120 </tr>
128 </table>121 </table>
129 </form>122 </form>
@@ -174,12 +167,9 @@
174 $SQL .= " media.name, ";167 $SQL .= " media.name, ";
175 $SQL .= " media.type, ";168 $SQL .= " media.type, ";
176 $SQL .= " media.duration, ";169 $SQL .= " media.duration, ";
177 $SQL .= " media.userID, ";170 $SQL .= " media.userID ";
178 $SQL .= " permission.permission, ";
179 $SQL .= " media.permissionID ";
180 $SQL .= "FROM media ";171 $SQL .= "FROM media ";
181 $SQL .= "INNER JOIN permission ON permission.permissionID = media.permissionID ";172 $SQL .= "WHERE isEdited = 0 ";
182 $SQL .= "WHERE 1 = 1 AND isEdited = 0 ";
183 if ($mediatype != "all") 173 if ($mediatype != "all")
184 {174 {
185 $SQL .= sprintf(" AND media.type = '%s'", $db->escape_string($mediatype));175 $SQL .= sprintf(" AND media.type = '%s'", $db->escape_string($mediatype));
@@ -192,10 +182,6 @@
192 {182 {
193 $SQL .= sprintf(" AND media.userid = %d ", $filter_userid);183 $SQL .= sprintf(" AND media.userid = %d ", $filter_userid);
194 }184 }
195 if ($shared != "all")
196 {
197 $SQL .= sprintf(" AND media.permissionID = %d ", $shared);
198 }
199 //retired options185 //retired options
200 if ($filter_retired == '1') 186 if ($filter_retired == '1')
201 {187 {
@@ -220,7 +206,7 @@
220 $msgType = __('Type');206 $msgType = __('Type');
221 $msgRetired = __('Retired');207 $msgRetired = __('Retired');
222 $msgOwner = __('Owner');208 $msgOwner = __('Owner');
223 $msgShared = __('Shared');209 $msgShared = __('Permissions');
224 $msgAction = __('Action');210 $msgAction = __('Action');
225211
226 $output = <<<END212 $output = <<<END
@@ -231,83 +217,86 @@
231 <th>$msgName</th>217 <th>$msgName</th>
232 <th>$msgType</th>218 <th>$msgType</th>
233 <th>h:mi:ss</th> 219 <th>h:mi:ss</th>
220 <th>$msgOwner</th>
234 <th>$msgShared</th> 221 <th>$msgShared</th>
235 <th>$msgOwner</th>
236 <th>$msgAction</th> 222 <th>$msgAction</th>
237 </tr>223 </tr>
238 </thead>224 </thead>
239 <tbody>225 <tbody>
240END;226END;
241 227
242 while ($aRow = $db->get_row($results)) 228 while ($aRow = $db->get_row($results))
243 {229 {
244 $mediaid = Kit::ValidateParam($aRow[0], _INT);230 $mediaid = Kit::ValidateParam($aRow[0], _INT);
245 $media = Kit::ValidateParam($aRow[1], _STRING);231 $media = Kit::ValidateParam($aRow[1], _STRING);
246 $mediatype = Kit::ValidateParam($aRow[2], _WORD);232 $mediatype = Kit::ValidateParam($aRow[2], _WORD);
247 $length = sec2hms(Kit::ValidateParam($aRow[3], _DOUBLE));233 $length = sec2hms(Kit::ValidateParam($aRow[3], _DOUBLE));
248 $ownerid = Kit::ValidateParam($aRow[4], _INT);234 $ownerid = Kit::ValidateParam($aRow[4], _INT);
249 235
250 $permission = Kit::ValidateParam($aRow[5], _STRING);236 //get the username from the userID using the user module
251 $permissionid = Kit::ValidateParam($aRow[6], _INT);237 $username = $user->getNameFromID($ownerid);
252 238
253 //get the username from the userID using the user module239 $group = $this->GroupsForMedia($mediaid);
254 $username = $user->getNameFromID($ownerid);240
255 $group = $user->getGroupFromID($ownerid);241 // Permissions
256 242 $auth = $this->user->MediaAuth($mediaid, true);
257 //get the permissions243
258 list($see_permissions , $edit_permissions) = $user->eval_permission($ownerid, $permissionid);244 if ($auth->view) //is this user allowed to see this
259 245 {
260 if ($see_permissions) //is this user allowed to see this246 if ($auth->edit)
261 { 247 {
262 if ($edit_permissions) 248 //double click action - depends on what type of media we are
263 {249 $output .= <<<END
264 //double click action - depends on what type of media we are250 <tr href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid' ondblclick="XiboFormRender($(this).attr('href'))">
265 $output .= <<<END251END;
266 <tr href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid' ondblclick="XiboFormRender($(this).attr('href'))">252 }
267END;253 else
268 }254 {
269 else 255 $output .= '<tr ondblclick="alert(' . __('You do not have permission to edit this media') . ')">';
270 {256 }
271 $output .= '<tr ondblclick="alert(' . __('You do not have permission to edit this media') . ')">';257
272 }258 $output .= "<td>$media</td>\n";
273 259 $output .= "<td>$mediatype</td>\n";
274 $output .= "<td>$media</td>\n";260 $output .= "<td>$length</td>\n";
275 $output .= "<td>$mediatype</td>\n";261 $output .= "<td>$username</td>";
276 $output .= "<td>$length</td>\n";262 $output .= "<td>$group</td>";
277 $output .= "<td>$permission</td>\n";263
278 $output .= "<td>$username</td>";264 // ACTION buttons
279 265 if ($auth->edit)
280 // ACTION buttons266 {
281 if ($edit_permissions) 267 $msgEdit = __('Edit');
282 {268 $msgDelete = __('Delete');
283 $msgEdit = __('Edit');269
284 $msgDelete = __('Delete');270 $buttons = "<button class='XiboFormButton' title='$msgEdit' href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid'><span>$msgEdit</span></button>";
285 271
286 $buttons = "<button class='XiboFormButton' title='$msgEdit' href='index.php?p=module&mod=$mediatype&q=Exec&method=EditForm&mediaid=$mediaid'><span>$msgEdit</span></button>"; 272 if ($auth->del)
287 $buttons .= "<button class='XiboFormButton' title='$msgDelete' href='index.php?p=module&mod=$mediatype&q=Exec&method=DeleteForm&mediaid=$mediaid'><span>$msgDelete</span></button>";273 $buttons .= "<button class='XiboFormButton' title='$msgDelete' href='index.php?p=module&mod=$mediatype&q=Exec&method=DeleteForm&mediaid=$mediaid'><span>$msgDelete</span></button>";
288 }274
289 else 275 if ($auth->modifyPermissions)
290 {276 $buttons .= "<button class='XiboFormButton' title='$msgShared' href='index.php?p=module&mod=$mediatype&q=Exec&method=PermissionsForm&mediaid=$mediaid'><span>$msgShared</span></button>";
291 $buttons = __("No available actions.");277 }
292 }278 else
293 279 {
294 $output .= <<<END280 $buttons = __("No available actions.");
295 <td>281 }
296 <div class='buttons'>282
297 $buttons283 $output .= <<<END
298 </div>284 <td>
299 </td>285 <div class='buttons'>
300END;286 $buttons
301 287 </div>
302 $output .= "</tr>\n";288 </td>
303 }289END;
304 }290
291 $output .= "</tr>\n";
292 }
293 }
305 294
306 $output .= "</tbody></table>\n</div>\n";295 $output .= "</tbody></table>\n</div>\n";
307296
308 $response->SetGridResponse($output);297 $response->SetGridResponse($output);
309 $response->Respond();298 $response->Respond();
310 }299 }
311 300
312 /**301 /**
313 * Display the forms302 * Display the forms
@@ -501,11 +490,8 @@
501 $SQL .= " media.name, ";490 $SQL .= " media.name, ";
502 $SQL .= " media.type, ";491 $SQL .= " media.type, ";
503 $SQL .= " media.duration, ";492 $SQL .= " media.duration, ";
504 $SQL .= " media.userID, ";493 $SQL .= " media.userID ";
505 $SQL .= " permission.permission, ";
506 $SQL .= " media.permissionID ";
507 $SQL .= "FROM media ";494 $SQL .= "FROM media ";
508 $SQL .= "INNER JOIN permission ON permission.permissionID = media.permissionID ";
509 $SQL .= "WHERE retired = 0 AND isEdited = 0 ";495 $SQL .= "WHERE retired = 0 AND isEdited = 0 ";
510 if($mediatype != "all") 496 if($mediatype != "all")
511 {497 {
@@ -528,7 +514,6 @@
528 $msgType = __('Type');514 $msgType = __('Type');
529 $msgLen = __('Duration');515 $msgLen = __('Duration');
530 $msgOwner = __('Owner');516 $msgOwner = __('Owner');
531 $msgShared = __('Shared');
532 $msgSelect = __('Select');517 $msgSelect = __('Select');
533 518
534 //some table headings519 //some table headings
@@ -543,7 +528,6 @@
543 <th>$msgName</th>528 <th>$msgName</th>
544 <th>$msgType</th>529 <th>$msgType</th>
545 <th>$msgLen</th>530 <th>$msgLen</th>
546 <th>$msgShared</th>
547 <th>$msgSelect</th>531 <th>$msgSelect</th>
548 </tr>532 </tr>
549 </thead>533 </thead>
@@ -559,26 +543,21 @@
559 $length = sec2hms(Kit::ValidateParam($row[3], _DOUBLE));543 $length = sec2hms(Kit::ValidateParam($row[3], _DOUBLE));
560 $ownerid = Kit::ValidateParam($row[4], _INT);544 $ownerid = Kit::ValidateParam($row[4], _INT);
561 545
562 $permission = Kit::ValidateParam($row[5], _STRING);
563 $permissionid = Kit::ValidateParam($row[6], _INT);
564
565 //get the username from the userID using the user module546 //get the username from the userID using the user module
566 $username = $user->getNameFromID($ownerid);547 $username = $user->getNameFromID($ownerid);
567 $group = $user->getGroupFromID($ownerid);548 $group = $user->getGroupFromID($ownerid);
568 549
569 //get the permissions550 // Permissions
570 list($see_permissions , $edit_permissions) = $user->eval_permission($ownerid, $permissionid);551 $auth = $this->user->MediaAuth($mediaid, true);
571
572 if ($see_permissions)
573 { //is this user allowed to see this
574552
575 $form .= "<tr>";553 if ($auth->view) //is this user allowed to see this
576 $form .= "<td>" . $media . "</td>\n";554 {
577 $form .= "<td>" . $mediatype . "</td>\n";555 $form .= "<tr>";
578 $form .= "<td>" . $length . "</td>\n";556 $form .= "<td>" . $media . "</td>\n";
579 $form .= "<td>" . $permission . "</td>\n";557 $form .= "<td>" . $mediatype . "</td>\n";
580 $form .= "<td><input type='checkbox' name='mediaids[]' value='$mediaid'></td>";558 $form .= "<td>" . $length . "</td>\n";
581 $form .= "</tr>";559 $form .= "<td><input type='checkbox' name='mediaids[]' value='$mediaid'></td>";
560 $form .= "</tr>";
582 }561 }
583 }562 }
584563
@@ -674,5 +653,42 @@
674 Debug::LogEntry($db, "audit", "[OUT]", "FileUpload");653 Debug::LogEntry($db, "audit", "[OUT]", "FileUpload");
675 exit;654 exit;
676 }655 }
656
657 /**
658 * Get a list of group names for a layout
659 * @param <type> $layoutId
660 * @return <type>
661 */
662 private function GroupsForMedia($mediaId)
663 {
664 $db =& $this->db;
665
666 $SQL = '';
667 $SQL .= 'SELECT `group`.Group ';
668 $SQL .= ' FROM `group` ';
669 $SQL .= ' INNER JOIN lkmediagroup ';
670 $SQL .= ' ON `group`.GroupID = lkmediagroup.GroupID ';
671 $SQL .= ' WHERE lkmediagroup.MediaID = %d ';
672
673 $SQL = sprintf($SQL, $mediaId);
674
675 if (!$results = $db->query($SQL))
676 {
677 trigger_error($db->error());
678 trigger_error(__('Unable to get group information for media'), E_USER_ERROR);
679 }
680
681 $groups = '';
682
683 while ($row = $db->get_assoc_row($results))
684 {
685 $groups .= $row['Group'] . ', ';
686 }
687
688 $groups = trim($groups);
689 $groups = trim($groups, ',');
690
691 return $groups;
692 }
677}693}
678?>694?>
679\ No newline at end of file695\ No newline at end of file
680696
=== added file 'server/lib/pages/dataset.class.php'
--- server/lib/pages/dataset.class.php 1970-01-01 00:00:00 +0000
+++ server/lib/pages/dataset.class.php 2011-08-18 23:36:27 +0000
@@ -0,0 +1,1022 @@
1<?php
2/*
3 * Xibo - Digitial Signage - http://www.xibo.org.uk
4 * Copyright (C) 2011 Daniel Garner
5 *
6 * This file is part of Xibo.
7 *
8 * Xibo is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * any later version.
12 *
13 * Xibo is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with Xibo. If not, see <http://www.gnu.org/licenses/>.
20 */
21defined('XIBO') or die('Sorry, you are not allowed to directly access this page.<br /> Please press the back button in your browser.');
22
23class datasetDAO
24{
25 private $db;
26 private $user;
27
28 function __construct(database $db, user $user)
29 {
30 $this->db =& $db;
31 $this->user =& $user;
32
33 Kit::ClassLoader('dataset');
34 Kit::ClassLoader('datasetcolumn');
35 Kit::ClassLoader('datasetdata');
36 }
37
38 function on_page_load()
39 {
40 return "";
41 }
42
43 function echo_page_heading()
44 {
45 echo __("Layouts");
46 return true;
47 }
48
49 function displayPage()
50 {
51 require('template/pages/dataset_view.php');
52 }
53
54 public function DataSetFilter()
55 {
56 $id = uniqid();
57
58 $xiboGrid = <<<HTML
59 <div class="XiboGrid" id="$id">
60 <div class="XiboFilter">
61 <form onsubmit="return false">
62 <input type="hidden" name="p" value="dataset">
63 <input type="hidden" name="q" value="DataSetGrid">
64 </form>
65 </div>
66 <div class="XiboData">
67
68 </div>
69 </div>
70HTML;
71 echo $xiboGrid;
72 }
73
74 public function DataSetGrid()
75 {
76 $db =& $this->db;
77 $user =& $this->user;
78 $response = new ResponseManager();
79
80 $msgEdit = __('Edit');
81 $msgDelete = __('Delete');
82 $msgPermissions = __('Permissions');
83
84 $output = <<<END
85 <div class="info_table">
86 <table style="width:100%">
87 <thead>
88 <tr>
89 <th>Name</th>
90 <th>Description</th>
91 <th>Owner</th>
92 <th>$msgPermissions</th>
93 <th>Action</th>
94 </tr>
95 </thead>
96 <tbody>
97END;
98
99 foreach($this->user->DataSetList() as $dataSet)
100 {
101 $auth = $user->DataSetAuth($dataSet['datasetid'], true);
102 $owner = $user->getNameFromID($dataSet['ownerid']);
103 $groups = $this->GroupsForDataSet($dataSet['datasetid']);
104
105 $output .= '<tr>';
106 $output .= ' <td>' . $dataSet['dataset'] . '</td>';
107 $output .= ' <td>' . $dataSet['description'] . '</td>';
108 $output .= ' <td>' . $owner . '</td>';
109 $output .= ' <td>' . $groups . '</td>';
110 $output .= ' <td>';
111
112 if ($auth->edit)
113 {
114 $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=DataSetDataForm&datasetid=' . $dataSet['datasetid'] . '&dataset=' . $dataSet['dataset'] . '"><span>' . __('View Data') . '</span></button>';
115 $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSet['datasetid'] . '&dataset=' . $dataSet['dataset'] . '"><span>' . __('View Columns') . '</span></button>';
116 $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=EditDataSetForm&datasetid=' . $dataSet['datasetid'] . '"><span>' . $msgEdit . '</span></button>';
117 }
118
119 if ($auth->del)
120 $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=DeleteDataSetForm&datasetid=' . $dataSet['datasetid'] . '"><span>' . $msgDelete . '</span></button>';
121
122 if ($auth->modifyPermissions)
123 $output .= '<button class="XiboFormButton" href="index.php?p=dataset&q=PermissionsForm&datasetid=' . $dataSet['datasetid'] . '"><span>' . $msgPermissions . '</span></button>';
124
125 $output .= ' </td>';
126 $output .= '</tr>';
127 }
128
129 $output .= '</tbody></table></div>';
130 $response->SetGridResponse($output);
131 $response->Respond();
132 }
133
134 public function AddDataSetForm()
135 {
136 $db =& $this->db;
137 $user =& $this->user;
138 $response = new ResponseManager();
139
140 $helpManager = new HelpManager($db, $user);
141
142 $msgName = __('Name');
143 $msgDesc = __('Description');
144
145 $form = <<<END
146 <form id="AddDataSetForm" class="XiboForm" method="post" action="index.php?p=dataset&q=AddDataSet">
147 <table>
148 <tr>
149 <td><label for="dataset" accesskey="n">$msgName<span class="required">*</span></label></td>
150 <td><input name="dataset" class="required" type="text" id="dataset" tabindex="1" /></td>
151 </tr>
152 <tr>
153 <td><label for="description" accesskey="d">$msgDesc</label></td>
154 <td><input name="description" type="text" id="description" tabindex="2" /></td>
155 </tr>
156 </table>
157 </form>
158END;
159
160
161 $response->SetFormRequestResponse($form, __('Add DataSet'), '350px', '275px');
162 $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Add') . '")');
163 $response->AddButton(__('Cancel'), 'XiboDialogClose()');
164 $response->AddButton(__('Add'), '$("#AddDataSetForm").submit()');
165 $response->Respond();
166 }
167
168 /**
169 * Add a dataset
170 */
171 public function AddDataSet()
172 {
173 $db =& $this->db;
174 $user =& $this->user;
175 $response = new ResponseManager();
176
177 $dataSet = Kit::GetParam('dataset', _POST, _STRING);
178 $description = Kit::GetParam('description', _POST, _STRING);
179
180 $dataSetObject = new DataSet($db);
181 if (!$dataSetId = $dataSetObject->Add($dataSet, $description, $this->user->userid))
182 trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR);
183
184 // Also add one column
185 $dataSetColumn = new DataSetColumn($db);
186 $dataSetColumn->Add($dataSetId, 'Col1', 1, null, 1);
187
188 $response->SetFormSubmitResponse(__('DataSet Added'));
189 $response->Respond();
190 }
191
192 public function EditDataSetForm()
193 {
194 $db =& $this->db;
195 $user =& $this->user;
196 $response = new ResponseManager();
197
198 $helpManager = new HelpManager($db, $user);
199
200 $dataSetId = Kit::GetParam('datasetid', _GET, _INT);
201
202 $auth = $user->DataSetAuth($dataSetId, true);
203 if (!$auth->edit)
204 trigger_error(__('Access Denied'));
205
206 // Get the information we already know
207 $SQL = sprintf("SELECT DataSet, Description FROM dataset WHERE DataSetID = %d", $dataSetId);
208
209 if (!$row = $db->GetSingleRow($SQL))
210 trigger_error(__('Unable to get DataSet information'));
211
212 $dataSet = $row['DataSet'];
213 $description = $row['Description'];
214
215 $msgName = __('Name');
216 $msgDesc = __('Description');
217
218 $form = <<<END
219 <form id="EditDataSetForm" class="XiboForm" method="post" action="index.php?p=dataset&q=EditDataSet">
220 <input type="hidden" name="datasetid" value="$dataSetId" />
221 <table>
222 <tr>
223 <td><label for="dataset" accesskey="n">$msgName<span class="required">*</span></label></td>
224 <td><input name="dataset" class="required" type="text" id="dataset" tabindex="1" value="$dataSet" /></td>
225 </tr>
226 <tr>
227 <td><label for="description" accesskey="d">$msgDesc</label></td>
228 <td><input name="description" type="text" id="description" tabindex="2" value="$description" /></td>
229 </tr>
230 </table>
231 </form>
232END;
233
234
235 $response->SetFormRequestResponse($form, __('Edit DataSet'), '350px', '275px');
236 $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Add') . '")');
237 $response->AddButton(__('Cancel'), 'XiboDialogClose()');
238 $response->AddButton(__('Edit'), '$("#EditDataSetForm").submit()');
239 $response->Respond();
240 }
241
242 public function EditDataSet()
243 {
244 $db =& $this->db;
245 $user =& $this->user;
246 $response = new ResponseManager();
247
248 $dataSetId = Kit::GetParam('datasetid', _POST, _INT);
249
250 $auth = $user->DataSetAuth($dataSetId, true);
251 if (!$auth->edit)
252 trigger_error(__('Access Denied'));
253
254 $dataSet = Kit::GetParam('dataset', _POST, _STRING);
255 $description = Kit::GetParam('description', _POST, _STRING);
256
257 $dataSetObject = new DataSet($db);
258 if (!$dataSetObject->Edit($dataSetId, $dataSet, $description))
259 trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR);
260
261 $response->SetFormSubmitResponse(__('DataSet Edited'));
262 $response->Respond();
263 }
264
265 /**
266 * Return the Delete Form as HTML
267 * @return
268 */
269 public function DeleteDataSetForm()
270 {
271 $db =& $this->db;
272 $response = new ResponseManager();
273 $helpManager = new HelpManager($db, $this->user);
274
275 $dataSetId = Kit::GetParam('datasetid', _GET, _INT);
276
277 $auth = $this->user->DataSetAuth($dataSetId, true);
278 if (!$auth->del)
279 trigger_error(__('Access Denied'));
280
281 // Translate messages
282 $msgDelete = __('Are you sure you want to delete this DataSet?');
283 $msgYes = __('Yes');
284 $msgNo = __('No');
285
286 //we can delete
287 $form = <<<END
288 <form id="DataSetDeleteForm" class="XiboForm" method="post" action="index.php?p=dataset&q=DeleteDataSet">
289 <input type="hidden" name="datasetid" value="$dataSetId">
290 <p>$msgDelete</p>
291 </form>
292END;
293
294 $response->SetFormRequestResponse($form, __('Delete this DataSet?'), '350px', '200px');
295 $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Delete') . '")');
296 $response->AddButton(__('Cancel'), 'XiboDialogClose()');
297 $response->AddButton(__('Delete'), '$("#DataSetDeleteForm").submit()');
298 $response->Respond();
299 }
300
301 public function DeleteDataSet()
302 {
303 $db =& $this->db;
304 $user =& $this->user;
305 $response = new ResponseManager();
306
307 $dataSetId = Kit::GetParam('datasetid', _POST, _INT);
308
309 $auth = $user->DataSetAuth($dataSetId, true);
310 if (!$auth->del)
311 trigger_error(__('Access Denied'));
312
313 $dataSetObject = new DataSet($db);
314 if (!$dataSetObject->Delete($dataSetId))
315 trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR);
316
317 $response->SetFormSubmitResponse(__('DataSet Deleted'));
318 $response->Respond();
319 }
320
321 public function DataSetColumnsForm()
322 {
323 $db =& $this->db;
324 $response = new ResponseManager();
325 $helpManager = new HelpManager($db, $this->user);
326
327 $dataSetId = Kit::GetParam('datasetid', _GET, _INT);
328 $dataSet = Kit::GetParam('dataset', _GET, _STRING);
329
330 $auth = $this->user->DataSetAuth($dataSetId, true);
331 if (!$auth->edit)
332 trigger_error(__('Access Denied'));
333
334 $msgEdit = __('Edit');
335 $msgDelete = __('Delete');
336
337 $form = <<<END
338 <div class="info_table">
339 <table style="width:100%">
340 <thead>
341 <tr>
342 <th>Heading</th>
343 <th>Data Type</th>
344 <th>List Content</th>
345 <th>Column Order</th>
346 <th>Action</th>
347 </tr>
348 </thead>
349 <tbody>
350END;
351
352 $SQL = "";
353 $SQL .= "SELECT DataSetColumnID, Heading, DataTypeID, ListContent, ColumnOrder ";
354 $SQL .= " FROM datasetcolumn ";
355 $SQL .= sprintf(" WHERE DataSetID = %d ", $dataSetId);
356 $SQL .= "ORDER BY ColumnOrder ";
357
358 if (!$results = $db->query($SQL))
359 trigger_error(__('Unable to get columns for DataSet'));
360
361 while ($row = $db->get_assoc_row($results))
362 {
363 $form .= '<tr>';
364 $form .= ' <td>' . $row['Heading'] . '</td>';
365 $form .= ' <td>String</td>';
366 $form .= ' <td>' . $row['ListContent'] . '</td>';
367 $form .= ' <td>' . $row['ColumnOrder'] . '</td>';
368 $form .= ' <td>';
369 $form .= ' <button class="XiboFormButton" href="index.php?p=dataset&q=EditDataSetColumnForm&datasetid=' . $dataSetId . '&datasetcolumnid=' . $row['DataSetColumnID'] . '&dataset=' . $dataSet . '"><span>' . $msgEdit . '</span></button>';
370
371 if ($auth->del)
372 $form .= ' <button class="XiboFormButton" href="index.php?p=dataset&q=DeleteDataSetColumnForm&datasetid=' . $dataSetId . '&datasetcolumnid=' . $row['DataSetColumnID'] . '&dataset=' . $dataSet . '"><span>' . $msgDelete . '</span></button>';
373
374 $form .= ' </td>';
375 $form .= '</tr>';
376 }
377
378 $form .= '</tbody></table></div>';
379
380 $response->SetFormRequestResponse($form, sprintf(__('Columns for %s'), $dataSet), '550px', '400px');
381 $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'ViewColumns') . '")');
382 $response->AddButton(__('Close'), 'XiboDialogClose()');
383 $response->AddButton(__('Add Column'), 'XiboFormRender("index.php?p=dataset&q=AddDataSetColumnForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")');
384 $response->Respond();
385 }
386
387 public function AddDataSetColumnForm()
388 {
389 $db =& $this->db;
390 $response = new ResponseManager();
391 $helpManager = new HelpManager($db, $this->user);
392
393 $dataSetId = Kit::GetParam('datasetid', _GET, _INT);
394 $dataSet = Kit::GetParam('dataset', _GET, _STRING);
395
396 $auth = $this->user->DataSetAuth($dataSetId, true);
397 if (!$auth->edit)
398 trigger_error(__('Access Denied'));
399
400 $msgHeading = __('Heading');
401 $msgListContent = __('List Content');
402 $msgColumnOrder = __('Column Order');
403
404 $form = <<<END
405 <form id="DataSetColumnEditForm" class="XiboForm" method="post" action="index.php?p=dataset&q=AddDataSetColumn">
406 <input type="hidden" name="dataset" value="$dataSet" />
407 <input type="hidden" name="datasetid" value="$dataSetId" />
408 <table>
409 <tr>
410 <td><label for="heading" accesskey="h">$msgHeading<span class="required">*</span></label></td>
411 <td><input name="heading" class="required" type="text" id="heading" tabindex="1" /></td>
412 </tr>
413 <tr>
414 <td><label for="listcontent" accesskey="l">$msgListContent</label></td>
415 <td><input name="listcontent" type="text" id="listcontent" tabindex="2" /></td>
416 </tr>
417 <tr>
418 <td><label for="columnorder" accesskey="c">$msgColumnOrder</label></td>
419 <td><input name="columnorder" type="text" id="columnorder" tabindex="3" /></td>
420 </tr>
421 </table>
422 </form>
423END;
424
425 $response->SetFormRequestResponse($form, __('Add Column'), '450px', '400px');
426 $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'EditColumn') . '")');
427 $response->AddButton(__('Cancel'), 'XiboFormRender("index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")');
428 $response->AddButton(__('Save'), '$("#DataSetColumnEditForm").submit()');
429 $response->Respond();
430 }
431
432 public function AddDataSetColumn()
433 {
434 $db =& $this->db;
435 $user =& $this->user;
436 $response = new ResponseManager();
437
438 $dataSetId = Kit::GetParam('datasetid', _POST, _INT);
439 $dataSet = Kit::GetParam('dataset', _POST, _STRING);
440
441 $auth = $user->DataSetAuth($dataSetId, true);
442 if (!$auth->edit)
443 trigger_error(__('Access Denied'));
444
445 $heading = Kit::GetParam('heading', _POST, _WORD);
446 $listContent = Kit::GetParam('listcontent', _POST, _STRING);
447 $columnOrder = Kit::GetParam('columnorder', _POST, _INT);
448
449 $dataSetObject = new DataSetColumn($db);
450 if (!$dataSetObject->Add($dataSetId, $heading, 1, $listContent))
451 trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR);
452
453 $response->SetFormSubmitResponse(__('Column Edited'));
454 $response->hideMessage = true;
455 $response->loadForm = true;
456 $response->loadFormUri = 'index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet;
457 $response->Respond();
458 }
459
460 public function EditDataSetColumnForm()
461 {
462 $db =& $this->db;
463 $response = new ResponseManager();
464 $helpManager = new HelpManager($db, $this->user);
465
466 $dataSetId = Kit::GetParam('datasetid', _GET, _INT);
467 $dataSetColumnId = Kit::GetParam('datasetcolumnid', _GET, _INT);
468 $dataSet = Kit::GetParam('dataset', _GET, _STRING);
469
470 $auth = $this->user->DataSetAuth($dataSetId, true);
471 if (!$auth->edit)
472 trigger_error(__('Access Denied'));
473
474 // Get some information about this data set column
475 $SQL = sprintf("SELECT Heading, ListContent, ColumnOrder FROM datasetcolumn WHERE DataSetColumnID = %d", $dataSetColumnId);
476
477 if (!$row = $db->GetSingleRow($SQL))
478 trigger_error(__('Unabled to get Data Column information'), E_USER_ERROR);
479
480 $heading = Kit::ValidateParam($row['Heading'], _WORD);
481 $listContent = Kit::ValidateParam($row['ListContent'], _STRING);
482 $columnOrder = Kit::ValidateParam($row['ColumnOrder'], _INT);
483
484 $msgHeading = __('Heading');
485 $msgListContent = __('List Content');
486 $msgColumnOrder = __('Column Order');
487
488 $form = <<<END
489 <form id="DataSetColumnEditForm" class="XiboForm" method="post" action="index.php?p=dataset&q=EditDataSetColumn">
490 <input type="hidden" name="dataset" value="$dataSet" />
491 <input type="hidden" name="datasetid" value="$dataSetId" />
492 <input type="hidden" name="datasetcolumnid" value="$dataSetColumnId" />
493 <table>
494 <tr>
495 <td><label for="heading" accesskey="h">$msgHeading<span class="required">*</span></label></td>
496 <td><input name="heading" class="required" type="text" id="heading" tabindex="1" value="$heading" /></td>
497 </tr>
498 <tr>
499 <td><label for="listcontent" accesskey="l">$msgListContent</label></td>
500 <td><input name="listcontent" type="text" id="listcontent" tabindex="2" value="$listContent" /></td>
501 </tr>
502 <tr>
503 <td><label for="columnorder" accesskey="c">$msgColumnOrder</label></td>
504 <td><input name="columnorder" type="text" id="columnorder" tabindex="3" value="$columnOrder" /></td>
505 </tr>
506 </table>
507 </form>
508END;
509
510 $response->SetFormRequestResponse($form, __('Edit Column'), '450px', '400px');
511 $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'EditColumn') . '")');
512 $response->AddButton(__('Cancel'), 'XiboFormRender("index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")');
513 $response->AddButton(__('Save'), '$("#DataSetColumnEditForm").submit()');
514 $response->Respond();
515 }
516
517 public function EditDataSetColumn()
518 {
519 $db =& $this->db;
520 $user =& $this->user;
521 $response = new ResponseManager();
522
523 $dataSetId = Kit::GetParam('datasetid', _POST, _INT);
524 $dataSet = Kit::GetParam('dataset', _POST, _STRING);
525
526 $auth = $user->DataSetAuth($dataSetId, true);
527 if (!$auth->edit)
528 trigger_error(__('Access Denied'));
529
530 $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT);
531 $heading = Kit::GetParam('heading', _POST, _WORD);
532 $listContent = Kit::GetParam('listcontent', _POST, _STRING);
533 $columnOrder = Kit::GetParam('columnorder', _POST, _INT);
534
535 $dataSetObject = new DataSetColumn($db);
536 if (!$dataSetObject->Edit($dataSetColumnId, $heading, 1, $listContent, $columnOrder))
537 trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR);
538
539 $response->SetFormSubmitResponse(__('Column Edited'));
540 $response->hideMessage = true;
541 $response->loadForm = true;
542 $response->loadFormUri = 'index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet;
543 $response->Respond();
544 }
545
546 public function DeleteDataSetColumnForm()
547 {
548 $db =& $this->db;
549 $response = new ResponseManager();
550 $helpManager = new HelpManager($db, $this->user);
551
552 $dataSetId = Kit::GetParam('datasetid', _GET, _INT);
553 $dataSet = Kit::GetParam('dataset', _GET, _STRING);
554
555 $auth = $this->user->DataSetAuth($dataSetId, true);
556 if (!$auth->edit)
557 trigger_error(__('Access Denied'));
558
559 $dataSetColumnId = Kit::GetParam('datasetcolumnid', _GET, _INT);
560
561 $auth = $this->user->DataSetAuth($dataSetId, true);
562 if (!$auth->del)
563 trigger_error(__('Access Denied'));
564
565 // Translate messages
566 $msgDelete = __('Are you sure you want to delete this Column?');
567 $msgYes = __('Yes');
568 $msgNo = __('No');
569
570 //we can delete
571 $form = <<<END
572 <form id="DataSetColumnDeleteForm" class="XiboForm" method="post" action="index.php?p=dataset&q=DeleteDataSetColumn">
573 <input type="hidden" name="datasetid" value="$dataSetId">
574 <input type="hidden" name="dataset" value="$dataSet">
575 <input type="hidden" name="datasetcolumnid" value="$dataSetColumnId">
576 <p>$msgDelete</p>
577 </form>
578END;
579
580 $response->SetFormRequestResponse($form, __('Delete this Column?'), '350px', '200px');
581 $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'DeleteColumn') . '")');
582 $response->AddButton(__('Cancel'), 'XiboFormRender("index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")');
583 $response->AddButton(__('Delete'), '$("#DataSetColumnDeleteForm").submit()');
584 $response->Respond();
585 }
586
587 public function DeleteDataSetColumn()
588 {
589 $db =& $this->db;
590 $user =& $this->user;
591 $response = new ResponseManager();
592
593 $dataSetId = Kit::GetParam('datasetid', _POST, _INT);
594 $dataSet = Kit::GetParam('dataset', _POST, _STRING);
595
596 $auth = $this->user->DataSetAuth($dataSetId, true);
597 if (!$auth->edit)
598 trigger_error(__('Access Denied'));
599
600 $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT);
601
602 $dataSetObject = new DataSetColumn($db);
603 if (!$dataSetObject->Delete($dataSetColumnId))
604 trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR);
605
606 $response->SetFormSubmitResponse(__('Column Deleted'));
607 $response->hideMessage = true;
608 $response->loadForm = true;
609 $response->loadFormUri = 'index.php?p=dataset&q=DataSetColumnsForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet;
610 $response->Respond();
611 }
612
613 public function DataSetDataForm()
614 {
615 $db =& $this->db;
616 $response = new ResponseManager();
617 $helpManager = new HelpManager($db, $this->user);
618
619 $dataSetId = Kit::GetParam('datasetid', _GET, _INT);
620 $dataSet = Kit::GetParam('dataset', _GET, _STRING);
621
622 $auth = $this->user->DataSetAuth($dataSetId, true);
623 if (!$auth->edit)
624 trigger_error(__('Access Denied'));
625
626 // Get the max number of rows
627 $SQL = "";
628 $SQL .= "SELECT MAX(RowNumber) AS RowNumber, COUNT(DISTINCT datasetcolumn.DataSetColumnID) AS ColNumber ";
629 $SQL .= " FROM datasetdata ";
630 $SQL .= " RIGHT OUTER JOIN datasetcolumn ";
631 $SQL .= " ON datasetcolumn.DataSetColumnID = datasetdata.DataSetColumnID ";
632 $SQL .= sprintf("WHERE datasetcolumn.DataSetID = %d ", $dataSetId);
633
634 Debug::LogEntry($db, 'audit', $SQL, 'dataset', 'DataSetDataForm');
635
636 if (!$maxResult = $db->GetSingleRow($SQL))
637 {
638 trigger_error($db->error());
639 trigger_error(__('Unable to find the number of data points'), E_USER_ERROR);
640 }
641
642 $maxRows = $maxResult['RowNumber'];
643 $maxCols = $maxResult['ColNumber'];
644
645 // Get some information about the columns in this dataset
646 $SQL = "SELECT Heading, DataSetColumnID, ListContent, ColumnOrder FROM datasetcolumn WHERE DataSetID = %d ";
647 $SQL .= "ORDER BY ColumnOrder ";
648
649 if (!$results = $db->query(sprintf($SQL, $dataSetId)))
650 {
651 trigger_error($db->error());
652 trigger_error(__('Unable to find the column headings'), E_USER_ERROR);
653 }
654
655 $columnDefinition = array();
656
657 $form = '<div class="info_table">';
658 $form .= '<table style="width:100%">';
659 $form .= ' <tr>';
660 $form .= ' <th>' . __('Row Number') . '</th>';
661
662 while ($row = $db->get_assoc_row($results))
663 {
664 $columnDefinition[] = $row;
665 $heading = $row['Heading'];
666
667 $form .= ' <th>' . $heading . '</th>';
668 }
669
670 $form .= '</tr>';
671
672 // Loop through the max rows
673 for ($row = 1; $row <= $maxRows + 2; $row++)
674 {
675 $form .= '<tr>';
676 $form .= ' <td>' . $row . '</td>';
677
678 // $row is the current row
679 for ($col = 0; $col < $maxCols; $col++)
680 {
681 $dataSetColumnId = $columnDefinition[$col]['DataSetColumnID'];
682 $listContent = $columnDefinition[$col]['ListContent'];
683 $columnOrder = $columnDefinition[$col]['ColumnOrder'];
684
685 // Value for this Col/Row
686 $value = '';
687
688 if ($row <= $maxRows)
689 {
690 // This is intended to be a blank row
691 $SQL = "";
692 $SQL .= "SELECT Value ";
693 $SQL .= " FROM datasetdata ";
694 $SQL .= "WHERE datasetdata.RowNumber = %d ";
695 $SQL .= " AND datasetdata.DataSetColumnID = %d ";
696 $SQL = sprintf($SQL, $row, $dataSetColumnId);
697
698 Debug::LogEntry($db, 'audit', $SQL, 'dataset');
699
700 if (!$results = $db->query($SQL))
701 {
702 trigger_error($db->error());
703 trigger_error(__('Can not get the data row/column'), E_USER_ERROR);
704 }
705
706 if ($db->num_rows($results) == 0)
707 {
708 $value = '';
709 }
710 else
711 {
712 $valueRow = $db->get_assoc_row($results);
713 $value = $valueRow['Value'];
714 }
715 }
716
717 // Do we need a select list?
718 if ($listContent != '')
719 {
720 $listItems = explode(',', $listContent);
721 $selected = ($value == '') ? ' selected' : '';
722 $select = '<select name="value">';
723 $select.= ' <option value="" ' . $selected . '></option>';
724
725 for ($i=0; $i < count($listItems); $i++)
726 {
727 $selected = ($listItems[$i] == $value) ? ' selected' : '';
728
729 $select .= '<option value="' . $listItems[$i] . '" ' . $selected . '>' . $listItems[$i] . '</option>';
730 }
731
732 $select .= '</select>';
733 }
734 else
735 {
736 $select = '<input type="text" name="value" value="' . $value . '">';
737 }
738
739 $action = ($value == '') ? 'AddDataSetData' : 'EditDataSetData';
740 $fieldId = uniqid();
741
742 $form .= <<<END
743 <td>
744 <form id="$fieldId" class="XiboDataSetDataForm" action="index.php?p=dataset&q=$action">
745 <input type="hidden" name="fieldid" value="$fieldId">
746 <input type="hidden" name="datasetid" value="$dataSetId">
747 <input type="hidden" name="datasetcolumnid" value="$dataSetColumnId">
748 <input type="hidden" name="rownumber" value="$row">
749 $select
750 </form>
751 </td>
752END;
753
754
755 } //cols loop
756
757 $form .= '</tr>';
758 } //rows loop
759
760 $form .= '</table></div>';
761
762 $response->SetFormRequestResponse($form, $dataSet, '750px', '600px', 'dataSetData');
763 $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('DataSet', 'Data') . '")');
764 $response->AddButton(__('Add Rows'), 'XiboFormRender("index.php?p=dataset&q=DataSetDataForm&datasetid=' . $dataSetId . '&dataset=' . $dataSet . '")');
765 $response->AddButton(__('Done'), 'XiboDialogClose()');
766 $response->Respond();
767 }
768
769 public function AddDataSetData()
770 {
771 $db =& $this->db;
772 $user =& $this->user;
773 $response = new ResponseManager();
774
775 $response->uniqueReference = Kit::GetParam('fieldid', _POST, _WORD);
776 $dataSetId = Kit::GetParam('datasetid', _POST, _INT);
777 $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT);
778 $rowNumber = Kit::GetParam('rownumber', _POST, _INT);
779 $value = Kit::GetParam('value', _POST, _STRING);
780
781 $auth = $user->DataSetAuth($dataSetId, true);
782 if (!$auth->edit)
783 trigger_error(__('Access Denied'));
784
785 $dataSetObject = new DataSetData($db);
786 if (!$dataSetObject->Add($dataSetColumnId, $rowNumber, $value))
787 trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR);
788
789 $response->SetFormSubmitResponse(__('Data Added'));
790 $response->loadFormUri = 'index.php?p=dataset&q=EditDataSetData';
791 $response->hideMessage = true;
792 $response->keepOpen = true;
793 $response->Respond();
794 }
795
796 public function EditDataSetData()
797 {
798 $db =& $this->db;
799 $user =& $this->user;
800 $response = new ResponseManager();
801
802 $response->uniqueReference = Kit::GetParam('fieldid', _POST, _WORD);
803 $dataSetId = Kit::GetParam('datasetid', _POST, _INT);
804 $dataSetColumnId = Kit::GetParam('datasetcolumnid', _POST, _INT);
805 $rowNumber = Kit::GetParam('rownumber', _POST, _INT);
806 $value = Kit::GetParam('value', _POST, _STRING);
807
808 $auth = $user->DataSetAuth($dataSetId, true);
809 if (!$auth->edit)
810 trigger_error(__('Access Denied'));
811
812 if ($value == '')
813 {
814 $dataSetObject = new DataSetData($db);
815 if (!$dataSetObject->Delete($dataSetColumnId, $rowNumber))
816 trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR);
817
818 $response->SetFormSubmitResponse(__('Data Deleted'));
819 $response->loadFormUri = 'index.php?p=dataset&q=AddDataSetData';
820 }
821 else
822 {
823 $dataSetObject = new DataSetData($db);
824 if (!$dataSetObject->Edit($dataSetColumnId, $rowNumber, $value))
825 trigger_error($dataSetObject->GetErrorMessage(), E_USER_ERROR);
826
827 $response->SetFormSubmitResponse(__('Data Edited'));
828 $response->loadFormUri = 'index.php?p=dataset&q=EditDataSetData';
829 }
830
831 $response->hideMessage = true;
832 $response->keepOpen = true;
833 $response->Respond();
834 }
835
836 /**
837 * Get a list of group names for a layout
838 * @param <type> $layoutId
839 * @return <type>
840 */
841 private function GroupsForDataSet($dataSetId)
842 {
843 $db =& $this->db;
844
845 $SQL = '';
846 $SQL .= 'SELECT `group`.Group ';
847 $SQL .= ' FROM `group` ';
848 $SQL .= ' INNER JOIN lkdatasetgroup ';
849 $SQL .= ' ON `group`.GroupID = lkdatasetgroup.GroupID ';
850 $SQL .= ' WHERE lkdatasetgroup.DataSetID = %d ';
851
852 $SQL = sprintf($SQL, $dataSetId);
853
854 if (!$results = $db->query($SQL))
855 {
856 trigger_error($db->error());
857 trigger_error(__('Unable to get group information for dataset'), E_USER_ERROR);
858 }
859
860 $groups = '';
861
862 while ($row = $db->get_assoc_row($results))
863 {
864 $groups .= $row['Group'] . ', ';
865 }
866
867 $groups = trim($groups);
868 $groups = trim($groups, ',');
869
870 return $groups;
871 }
872
873 public function PermissionsForm()
874 {
875 $db =& $this->db;
876 $user =& $this->user;
877 $response = new ResponseManager();
878 $helpManager = new HelpManager($db, $user);
879
880 $dataSetId = Kit::GetParam('datasetid', _GET, _INT);
881
882 $auth = $this->user->DataSetAuth($dataSetId, true);
883
884 if (!$auth->modifyPermissions)
885 trigger_error(__('You do not have permissions to edit this dataset'), E_USER_ERROR);
886
887 // Form content
888 $form = '<form id="DataSetPermissionsForm" class="XiboForm" method="post" action="index.php?p=dataset&q=Permissions">';
889 $form .= '<input type="hidden" name="datasetid" value="' . $dataSetId . '" />';
890 $form .= '<div class="dialog_table">';
891 $form .= ' <table style="width:100%">';
892 $form .= ' <tr>';
893 $form .= ' <th>' . __('Group') . '</th>';
894 $form .= ' <th>' . __('View') . '</th>';
895 $form .= ' <th>' . __('Edit') . '</th>';
896 $form .= ' <th>' . __('Delete') . '</th>';
897 $form .= ' </tr>';
898
899 // List of all Groups with a view/edit/delete checkbox
900 $SQL = '';
901 $SQL .= 'SELECT `group`.GroupID, `group`.`Group`, View, Edit, Del, `group`.IsUserSpecific ';
902 $SQL .= ' FROM `group` ';
903 $SQL .= ' LEFT OUTER JOIN lkdatasetgroup ';
904 $SQL .= ' ON lkdatasetgroup.GroupID = group.GroupID ';
905 $SQL .= ' AND lkdatasetgroup.DataSetID = %d ';
906 $SQL .= ' WHERE `group`.GroupID <> %d ';
907 $SQL .= 'ORDER BY `group`.IsEveryone DESC, `group`.IsUserSpecific, `group`.`Group` ';
908
909 $SQL = sprintf($SQL, $dataSetId, $user->getGroupFromId($user->userid, true));
910
911 if (!$results = $db->query($SQL))
912 {
913 trigger_error($db->error());
914 trigger_error(__('Unable to get permissions for this dataset'), E_USER_ERROR);
915 }
916
917 while($row = $db->get_assoc_row($results))
918 {
919 $groupId = $row['GroupID'];
920 $group = ($row['IsUserSpecific'] == 0) ? '<strong>' . $row['Group'] . '</strong>' : $row['Group'];
921
922 $form .= '<tr>';
923 $form .= ' <td>' . $group . '</td>';
924 $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_view" ' . (($row['View'] == 1) ? 'checked' : '') . '></td>';
925 $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_edit" ' . (($row['Edit'] == 1) ? 'checked' : '') . '></td>';
926 $form .= ' <td><input type="checkbox" name="groupids[]" value="' . $groupId . '_del" ' . (($row['Del'] == 1) ? 'checked' : '') . '></td>';
927 $form .= '</tr>';
928 }
929
930 $form .= '</table>';
931 $form .= '</div>';
932 $form .= '</form>';
933
934 $response->SetFormRequestResponse($form, __('Permissions'), '350px', '500px');
935 $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Layout', 'Permissions') . '")');
936 $response->AddButton(__('Cancel'), 'XiboDialogClose()');
937 $response->AddButton(__('Save'), '$("#DataSetPermissionsForm").submit()');
938 $response->Respond();
939 }
940
941 public function Permissions()
942 {
943 $db =& $this->db;
944 $user =& $this->user;
945 $response = new ResponseManager();
946 Kit::ClassLoader('datasetgroupsecurity');
947
948 $dataSetId = Kit::GetParam('datasetid', _POST, _INT);
949 $groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
950
951 $auth = $this->user->DataSetAuth($dataSetId, true);
952
953 if (!$auth->modifyPermissions)
954 trigger_error(__('You do not have permissions to edit this dataset'), E_USER_ERROR);
955
956 // Unlink all
957 $security = new DataSetGroupSecurity($db);
958 if (!$security->UnlinkAll($dataSetId))
959 trigger_error(__('Unable to set permissions'));
960
961 // Some assignments for the loop
962 $lastGroupId = 0;
963 $first = true;
964 $view = 0;
965 $edit = 0;
966 $del = 0;
967
968 // List of groupIds with view, edit and del assignments
969 foreach($groupIds as $groupPermission)
970 {
971 $groupPermission = explode('_', $groupPermission);
972 $groupId = $groupPermission[0];
973
974 if ($first)
975 {
976 // First time through
977 $first = false;
978 $lastGroupId = $groupId;
979 }
980
981 if ($groupId != $lastGroupId)
982 {
983 // The groupId has changed, so we need to write the current settings to the db.
984 // Link new permissions
985 if (!$security->Link($dataSetId, $groupId, $view, $edit, $del))
986 trigger_error(__('Unable to set permissions'));
987
988 // Reset
989 $lastGroupId = $groupId;
990 $view = 0;
The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches

to status/vote changes: