correct UploadsAgent for Seminary uploads

2014-04-23 12:44:07 +02:00 · 2014-04-23 12:44:07 +02:00 · 5680d8d68a
commit 5680d8d68a
parent 8209c71dc9
5 changed files with 53 additions and 70 deletions
--- a/configs/AppConfig.inc
+++ b/configs/AppConfig.inc
@ -60,12 +60,13 @@
 		 * @var array
 		 */
 		public static $dirs = array(
-			'locale'	=> 'locale',
-			'media'		=> 'media',
-			'seminarymedia'	=> 'seminarymedia',
-			'questtypes'	=> 'questtypes',
-			'temporary'	=> 'tmp',
-			'uploads'	=> 'uploads'
+			'locale'		=> 'locale',
+			'media'			=> 'media',
+			'seminarymedia'		=> 'seminarymedia',
+			'questtypes'		=> 'questtypes',
+			'temporary'		=> 'tmp',
+			'uploads'		=> 'uploads',
+			'seminaryuploads'	=> 'seminaryuploads'
 		);
 		
 		
@ -159,7 +160,7 @@
 			array('charactergroupsquests/(?!(quest))',			'charactergroupsquests/quest/$1',	true),
 			array('media/(.*)',						'media/$1?layout=binary',		false),
 			array('uploads/(.*)',						'uploads/$1?layout=binary',		false),
-			array('uploads/(?!(index))',					'uploads/index/$1',			true)
+			array('uploads/(?!(index|seminary))',				'uploads/index/$1',			true)
 		);


--- a/controllers/UploadsController.inc
+++ b/controllers/UploadsController.inc
@ -24,7 +24,7 @@
 		 * 
 		 * @var array
 		 */
-		public $models = array('uploads', 'users', 'userroles');
+		public $models = array('uploads', 'users', 'userroles', 'seminaries');
 		/**
 		 * User permissions
 		 * 
@ -56,51 +56,40 @@
 		
 		
 		/**
-		 * Action: index.
+		 * Action: seminary.
 		 * 
-		 * Display an upload.
+		 * Display a Seminary upload.
 		 * 
 		 * @throws	AccessDeniedException
 		 * @throws	IdNotFoundException
+		 * @param	string	$seminaryUrl	URL-title of Seminary
 		 * @param	string	$uploadUrl	URL-name of the upload
 		 */
-		public function index($uploadUrl)
+		public function seminary($seminaryUrl, $uploadUrl)
 		{
+			// Get Seminary
+			$seminary = $this->Seminaries->getSeminaryByUrl($seminaryUrl);
+			
 			// Get Upload
-			$upload = $this->Uploads->getUploadByUrl($uploadUrl);
+			$upload = $this->Uploads->getSeminaryuploadByUrl($seminary['id'], $uploadUrl);
 			
 			// Check permissions
-			$user = $this->Users->getUserById($this->Auth->getUserId());
-			$user['roles'] = array();
-			foreach($this->Userroles->getUserrolesForUserById($user['id']) as $role) {
-				$user['roles'][] = $role['name'];
-			}
 			if(!$upload['public'])
 			{
+				$user = $this->Users->getUserById($this->Auth->getUserId());
+				$user['roles'] = array_map(function($r) { return $r['name']; }, $this->Userroles->getUserrolesForUserById($user['id']));
+				
 				// System roles
 				if(count(array_intersect(array('admin', 'moderator'), $user['roles'])) == 0)
 				{
 					// Owner of file
 					if($upload['created_user_id'] != $user['id'])
 					{
-						if(!is_null($upload['seminary_id'])) {
+						// Seminary roles
+						$userSeminaryRoles = array_map(function($r) { return $r['name']; }, $this->Userseminaryroles->getUserseminaryrolesForUserById($user['id'], $seminary['id']));
+						if(count(array_intersect(array('admin', 'moderator'), $userSeminaryRoles)) == 0) {
 							throw new \nre\exceptions\AccessDeniedException();
 						}
-						else
-						{
-							// Seminary
-							$seminary = $this->Seminaries->getSeminaryById($upload['seminary_id']);
-							
-							// Seminary roles
-							$userSeminaryRoles = array();
-							foreach($this->Userseminaryroles->getUserseminaryrolesForUserById($user['id'], $seminary['id']) as $role) {
-								$userSeminaryRoles[] = $role['name'];
-							}
-							
-							if(count(array_intersect(array('admin', 'moderator'), $userSeminaryRoles)) == 0) {
-								throw new \nre\exceptions\AccessDeniedException();
-							}
-						}
 					}
 				}
 			}
@ -109,7 +98,7 @@
 			$this->response->addHeader("Content-type: ".$upload['mimetype']."");
 			
 			// Set filename
-			$upload['filename'] = ROOT.DS.\nre\configs\AppConfig::$dirs['uploads'].DS.$upload['id'];
+			$upload['filename'] = ROOT.DS.\nre\configs\AppConfig::$dirs['seminaryuploads'].DS.$upload['url'];
 			if(!file_exists($upload['filename'])) {
 				throw new \nre\exceptions\IdNotFoundException($uploadUrl);
 			}
--- a/models/UploadsModel.inc
+++ b/models/UploadsModel.inc
@ -38,45 +38,36 @@
 		 * Upload a file and create a database record.
 		 * 
 		 * @param	int	$userId		ID of user that uploads the file
-		 * @param	string	$filename	Name of file to upload
+		 * @param	int	$seminaryId	ID of Seminary
+		 * @param	string	$name		Name of file to upload
+		 * @param	string	$filename	Filename of file to upload
 		 * @param	string	$tmpFilename	Name of temporary uploaded file
 		 * @param	string	$mimetype	Mimetype of file to upload
-		 * @param	int	$seminaryId	Optional ID of Seminary if the upload is in the context of one
 		 * @return	mixed			ID of database record or false
 		 */
-		public function uploadFile($userId, $filename, $tmpFilename, $mimetype, $seminaryId=null)
+		public function uploadSeminaryFile($userId, $seminaryId, $name, $filename, $tmpFilename, $mimetype)
 		{
 			$uploadId = false;
 			$this->db->setAutocommit(false);
 			
 			try {
 				// Create database record
-				if(is_null($seminaryId))
-				{
-					$this->db->query(
-						'INSERT INTO uploads '.
-						'(created_user_id, name, url, mimetype) '.
-						'VALUES '.
-						'(?, ? ,? ,?)',
-						'isss',
-						$userId, $filename, \nre\core\Linker::createLinkParam($filename), $mimetype
-					);
-				}
-				else
-				{
-					$this->db->query(
-						'INSERT INTO uploads '.
-						'(created_user_id, seminary_id, name, url, mimetype) '.
-						'VALUES '.
-						'(?, ?, ? ,? ,?)',
-						'iisss',
-						$userId, $seminaryId, $filename, \nre\core\Linker::createLinkParam($filename), $mimetype
-					);
-				}
+				$this->db->query(
+					'INSERT INTO seminaryuploads '.
+					'(created_user_id, seminary_id, name, url, mimetype) '.
+					'VALUES '.
+					'(?, ? ,? ,?, ?)',
+					'iisss',
+					$userId,
+					$seminaryId,
+					$name,
+					\nre\core\Linker::createLinkParam($filename),
+					$mimetype
+				);
 				$uploadId = $this->db->getInsertId();
 			
 				// Create filename
-				$filename = ROOT.DS.\nre\configs\AppConfig::$dirs['uploads'].DS.$uploadId;
+				$filename = ROOT.DS.\nre\configs\AppConfig::$dirs['seminaryuploads'].DS.$filename;
 				if(!move_uploaded_file($tmpFilename, $filename))
 				{
 					$this->db->rollback();
@ -101,17 +92,17 @@
 		 * @param	int	$uploadId	ID of the uploaded file
 		 * @return	array			Upload data
 		 */
-		public function getUploadById($uploadId)
+		public function getSeminaryuploadById($seminaryuploadId)
 		{
 			$data = $this->db->query(
 				'SELECT id, created, created_user_id, seminary_id, name, url, mimetype, public '.
-				'FROM uploads '.
+				'FROM seminaryuploads '.
 				'WHERE id = ?',
 				'i',
-				$uploadId
+				$seminaryuploadId
 			);
 			if(empty($data)) {
-				throw new \nre\exceptions\IdNotFoundException($uploadId);
+				throw new \nre\exceptions\IdNotFoundException($seminaryuploadId);
 			}
 			
 			
@ -123,20 +114,22 @@
 		 * Get an upload by its URL.
 		 * 
 		 * @throws	IdNotFoundException
+		 * @param	int	$seminaryId	ID of Seminary
 		 * @param	int	$uploadId	ID of the uploaded file
 		 * @return	array			Upload data
 		 */
-		public function getUploadByUrl($uploadUrl)
+		public function getSeminaryuploadByUrl($seminaryId, $seminaryuploadUrl)
 		{
 			$data = $this->db->query(
 				'SELECT id, created, created_user_id, seminary_id, name, url, mimetype, public '.
-				'FROM uploads '.
-				'WHERE url = ?',
-				's',
-				$uploadUrl
+				'FROM seminaryuploads '.
+				'WHERE seminary_id = ? AND url = ?',
+				'is',
+				$seminaryId,
+				$seminaryuploadUrl
 			);
 			if(empty($data)) {
-				throw new \nre\exceptions\IdNotFoundException($uploadUrl);
+				throw new \nre\exceptions\IdNotFoundException($seminaryuploadUrl);
 			}
 			
 			
--- a/seminaryuploads/empty
+++ b/seminaryuploads/empty
--- a/views/binary/uploads/seminary.tpl
+++ b/views/binary/uploads/seminary.tpl