correct UploadsAgent for Seminary uploads
This commit is contained in:
parent
2483995e12
commit
458da91a8b
5 changed files with 53 additions and 70 deletions
|
|
@ -60,12 +60,13 @@
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
public static $dirs = array(
|
public static $dirs = array(
|
||||||
'locale' => 'locale',
|
'locale' => 'locale',
|
||||||
'media' => 'media',
|
'media' => 'media',
|
||||||
'seminarymedia' => 'seminarymedia',
|
'seminarymedia' => 'seminarymedia',
|
||||||
'questtypes' => 'questtypes',
|
'questtypes' => 'questtypes',
|
||||||
'temporary' => 'tmp',
|
'temporary' => 'tmp',
|
||||||
'uploads' => 'uploads'
|
'uploads' => 'uploads',
|
||||||
|
'seminaryuploads' => 'seminaryuploads'
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -159,7 +160,7 @@
|
||||||
array('charactergroupsquests/(?!(quest))', 'charactergroupsquests/quest/$1', true),
|
array('charactergroupsquests/(?!(quest))', 'charactergroupsquests/quest/$1', true),
|
||||||
array('media/(.*)', 'media/$1?layout=binary', false),
|
array('media/(.*)', 'media/$1?layout=binary', false),
|
||||||
array('uploads/(.*)', 'uploads/$1?layout=binary', false),
|
array('uploads/(.*)', 'uploads/$1?layout=binary', false),
|
||||||
array('uploads/(?!(index))', 'uploads/index/$1', true)
|
array('uploads/(?!(index|seminary))', 'uploads/index/$1', true)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -24,7 +24,7 @@
|
||||||
*
|
*
|
||||||
* @var array
|
* @var array
|
||||||
*/
|
*/
|
||||||
public $models = array('uploads', 'users', 'userroles');
|
public $models = array('uploads', 'users', 'userroles', 'seminaries');
|
||||||
/**
|
/**
|
||||||
* User permissions
|
* User permissions
|
||||||
*
|
*
|
||||||
|
|
@ -56,51 +56,40 @@
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Action: index.
|
* Action: seminary.
|
||||||
*
|
*
|
||||||
* Display an upload.
|
* Display a Seminary upload.
|
||||||
*
|
*
|
||||||
* @throws AccessDeniedException
|
* @throws AccessDeniedException
|
||||||
* @throws IdNotFoundException
|
* @throws IdNotFoundException
|
||||||
|
* @param string $seminaryUrl URL-title of Seminary
|
||||||
* @param string $uploadUrl URL-name of the upload
|
* @param string $uploadUrl URL-name of the upload
|
||||||
*/
|
*/
|
||||||
public function index($uploadUrl)
|
public function seminary($seminaryUrl, $uploadUrl)
|
||||||
{
|
{
|
||||||
|
// Get Seminary
|
||||||
|
$seminary = $this->Seminaries->getSeminaryByUrl($seminaryUrl);
|
||||||
|
|
||||||
// Get Upload
|
// Get Upload
|
||||||
$upload = $this->Uploads->getUploadByUrl($uploadUrl);
|
$upload = $this->Uploads->getSeminaryuploadByUrl($seminary['id'], $uploadUrl);
|
||||||
|
|
||||||
// Check permissions
|
// Check permissions
|
||||||
$user = $this->Users->getUserById($this->Auth->getUserId());
|
|
||||||
$user['roles'] = array();
|
|
||||||
foreach($this->Userroles->getUserrolesForUserById($user['id']) as $role) {
|
|
||||||
$user['roles'][] = $role['name'];
|
|
||||||
}
|
|
||||||
if(!$upload['public'])
|
if(!$upload['public'])
|
||||||
{
|
{
|
||||||
|
$user = $this->Users->getUserById($this->Auth->getUserId());
|
||||||
|
$user['roles'] = array_map(function($r) { return $r['name']; }, $this->Userroles->getUserrolesForUserById($user['id']));
|
||||||
|
|
||||||
// System roles
|
// System roles
|
||||||
if(count(array_intersect(array('admin', 'moderator'), $user['roles'])) == 0)
|
if(count(array_intersect(array('admin', 'moderator'), $user['roles'])) == 0)
|
||||||
{
|
{
|
||||||
// Owner of file
|
// Owner of file
|
||||||
if($upload['created_user_id'] != $user['id'])
|
if($upload['created_user_id'] != $user['id'])
|
||||||
{
|
{
|
||||||
if(!is_null($upload['seminary_id'])) {
|
// Seminary roles
|
||||||
|
$userSeminaryRoles = array_map(function($r) { return $r['name']; }, $this->Userseminaryroles->getUserseminaryrolesForUserById($user['id'], $seminary['id']));
|
||||||
|
if(count(array_intersect(array('admin', 'moderator'), $userSeminaryRoles)) == 0) {
|
||||||
throw new \nre\exceptions\AccessDeniedException();
|
throw new \nre\exceptions\AccessDeniedException();
|
||||||
}
|
}
|
||||||
else
|
|
||||||
{
|
|
||||||
// Seminary
|
|
||||||
$seminary = $this->Seminaries->getSeminaryById($upload['seminary_id']);
|
|
||||||
|
|
||||||
// Seminary roles
|
|
||||||
$userSeminaryRoles = array();
|
|
||||||
foreach($this->Userseminaryroles->getUserseminaryrolesForUserById($user['id'], $seminary['id']) as $role) {
|
|
||||||
$userSeminaryRoles[] = $role['name'];
|
|
||||||
}
|
|
||||||
|
|
||||||
if(count(array_intersect(array('admin', 'moderator'), $userSeminaryRoles)) == 0) {
|
|
||||||
throw new \nre\exceptions\AccessDeniedException();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -109,7 +98,7 @@
|
||||||
$this->response->addHeader("Content-type: ".$upload['mimetype']."");
|
$this->response->addHeader("Content-type: ".$upload['mimetype']."");
|
||||||
|
|
||||||
// Set filename
|
// Set filename
|
||||||
$upload['filename'] = ROOT.DS.\nre\configs\AppConfig::$dirs['uploads'].DS.$upload['id'];
|
$upload['filename'] = ROOT.DS.\nre\configs\AppConfig::$dirs['seminaryuploads'].DS.$upload['url'];
|
||||||
if(!file_exists($upload['filename'])) {
|
if(!file_exists($upload['filename'])) {
|
||||||
throw new \nre\exceptions\IdNotFoundException($uploadUrl);
|
throw new \nre\exceptions\IdNotFoundException($uploadUrl);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -38,45 +38,36 @@
|
||||||
* Upload a file and create a database record.
|
* Upload a file and create a database record.
|
||||||
*
|
*
|
||||||
* @param int $userId ID of user that uploads the file
|
* @param int $userId ID of user that uploads the file
|
||||||
* @param string $filename Name of file to upload
|
* @param int $seminaryId ID of Seminary
|
||||||
|
* @param string $name Name of file to upload
|
||||||
|
* @param string $filename Filename of file to upload
|
||||||
* @param string $tmpFilename Name of temporary uploaded file
|
* @param string $tmpFilename Name of temporary uploaded file
|
||||||
* @param string $mimetype Mimetype of file to upload
|
* @param string $mimetype Mimetype of file to upload
|
||||||
* @param int $seminaryId Optional ID of Seminary if the upload is in the context of one
|
|
||||||
* @return mixed ID of database record or false
|
* @return mixed ID of database record or false
|
||||||
*/
|
*/
|
||||||
public function uploadFile($userId, $filename, $tmpFilename, $mimetype, $seminaryId=null)
|
public function uploadSeminaryFile($userId, $seminaryId, $name, $filename, $tmpFilename, $mimetype)
|
||||||
{
|
{
|
||||||
$uploadId = false;
|
$uploadId = false;
|
||||||
$this->db->setAutocommit(false);
|
$this->db->setAutocommit(false);
|
||||||
|
|
||||||
try {
|
try {
|
||||||
// Create database record
|
// Create database record
|
||||||
if(is_null($seminaryId))
|
$this->db->query(
|
||||||
{
|
'INSERT INTO seminaryuploads '.
|
||||||
$this->db->query(
|
'(created_user_id, seminary_id, name, url, mimetype) '.
|
||||||
'INSERT INTO uploads '.
|
'VALUES '.
|
||||||
'(created_user_id, name, url, mimetype) '.
|
'(?, ? ,? ,?, ?)',
|
||||||
'VALUES '.
|
'iisss',
|
||||||
'(?, ? ,? ,?)',
|
$userId,
|
||||||
'isss',
|
$seminaryId,
|
||||||
$userId, $filename, \nre\core\Linker::createLinkParam($filename), $mimetype
|
$name,
|
||||||
);
|
\nre\core\Linker::createLinkParam($filename),
|
||||||
}
|
$mimetype
|
||||||
else
|
);
|
||||||
{
|
|
||||||
$this->db->query(
|
|
||||||
'INSERT INTO uploads '.
|
|
||||||
'(created_user_id, seminary_id, name, url, mimetype) '.
|
|
||||||
'VALUES '.
|
|
||||||
'(?, ?, ? ,? ,?)',
|
|
||||||
'iisss',
|
|
||||||
$userId, $seminaryId, $filename, \nre\core\Linker::createLinkParam($filename), $mimetype
|
|
||||||
);
|
|
||||||
}
|
|
||||||
$uploadId = $this->db->getInsertId();
|
$uploadId = $this->db->getInsertId();
|
||||||
|
|
||||||
// Create filename
|
// Create filename
|
||||||
$filename = ROOT.DS.\nre\configs\AppConfig::$dirs['uploads'].DS.$uploadId;
|
$filename = ROOT.DS.\nre\configs\AppConfig::$dirs['seminaryuploads'].DS.$filename;
|
||||||
if(!move_uploaded_file($tmpFilename, $filename))
|
if(!move_uploaded_file($tmpFilename, $filename))
|
||||||
{
|
{
|
||||||
$this->db->rollback();
|
$this->db->rollback();
|
||||||
|
|
@ -101,17 +92,17 @@
|
||||||
* @param int $uploadId ID of the uploaded file
|
* @param int $uploadId ID of the uploaded file
|
||||||
* @return array Upload data
|
* @return array Upload data
|
||||||
*/
|
*/
|
||||||
public function getUploadById($uploadId)
|
public function getSeminaryuploadById($seminaryuploadId)
|
||||||
{
|
{
|
||||||
$data = $this->db->query(
|
$data = $this->db->query(
|
||||||
'SELECT id, created, created_user_id, seminary_id, name, url, mimetype, public '.
|
'SELECT id, created, created_user_id, seminary_id, name, url, mimetype, public '.
|
||||||
'FROM uploads '.
|
'FROM seminaryuploads '.
|
||||||
'WHERE id = ?',
|
'WHERE id = ?',
|
||||||
'i',
|
'i',
|
||||||
$uploadId
|
$seminaryuploadId
|
||||||
);
|
);
|
||||||
if(empty($data)) {
|
if(empty($data)) {
|
||||||
throw new \nre\exceptions\IdNotFoundException($uploadId);
|
throw new \nre\exceptions\IdNotFoundException($seminaryuploadId);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -123,20 +114,22 @@
|
||||||
* Get an upload by its URL.
|
* Get an upload by its URL.
|
||||||
*
|
*
|
||||||
* @throws IdNotFoundException
|
* @throws IdNotFoundException
|
||||||
|
* @param int $seminaryId ID of Seminary
|
||||||
* @param int $uploadId ID of the uploaded file
|
* @param int $uploadId ID of the uploaded file
|
||||||
* @return array Upload data
|
* @return array Upload data
|
||||||
*/
|
*/
|
||||||
public function getUploadByUrl($uploadUrl)
|
public function getSeminaryuploadByUrl($seminaryId, $seminaryuploadUrl)
|
||||||
{
|
{
|
||||||
$data = $this->db->query(
|
$data = $this->db->query(
|
||||||
'SELECT id, created, created_user_id, seminary_id, name, url, mimetype, public '.
|
'SELECT id, created, created_user_id, seminary_id, name, url, mimetype, public '.
|
||||||
'FROM uploads '.
|
'FROM seminaryuploads '.
|
||||||
'WHERE url = ?',
|
'WHERE seminary_id = ? AND url = ?',
|
||||||
's',
|
'is',
|
||||||
$uploadUrl
|
$seminaryId,
|
||||||
|
$seminaryuploadUrl
|
||||||
);
|
);
|
||||||
if(empty($data)) {
|
if(empty($data)) {
|
||||||
throw new \nre\exceptions\IdNotFoundException($uploadUrl);
|
throw new \nre\exceptions\IdNotFoundException($seminaryuploadUrl);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
0
seminaryuploads/empty
Normal file
0
seminaryuploads/empty
Normal file
Loading…
Add table
Add a link
Reference in a new issue