[TASK] Replace sprite icon "status-warning-lock" with the new IconFactory
[Packages/TYPO3.CMS.git] / typo3 / sysext / beuser / Classes / Controller / PermissionAjaxController.php
1 <?php
2 namespace TYPO3\CMS\Beuser\Controller;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Backend\Utility\BackendUtility;
18 use TYPO3\CMS\Backend\Utility\IconUtility;
19 use TYPO3\CMS\Core\DataHandling\DataHandler;
20 use TYPO3\CMS\Core\Http\AjaxRequestHandler;
21 use TYPO3\CMS\Core\Imaging\Icon;
22 use TYPO3\CMS\Core\Imaging\IconFactory;
23 use TYPO3\CMS\Core\Utility\GeneralUtility;
24 use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
25 use TYPO3\CMS\Fluid\View\StandaloneView;
26
27 /**
28 * This class extends the permissions module in the TYPO3 Backend to provide
29 * convenient methods of editing of page permissions (including page ownership
30 * (user and group)) via new AjaxRequestHandler facility
31 */
32 class PermissionAjaxController {
33
34 /**
35 * The local configuration array
36 *
37 * @var array
38 */
39 protected $conf = array();
40
41 /**
42 * @var IconFactory
43 */
44 protected $iconFactory;
45
46 /**
47 * The constructor of this class
48 */
49 public function __construct() {
50 $this->iconFactory = GeneralUtility::makeInstance(IconFactory::class);
51 $this->getLanguageService()->includeLLFile('EXT:lang/locallang_mod_web_perm.xlf');
52 // Configuration, variable assignment
53 $this->conf['page'] = GeneralUtility::_POST('page');
54 $this->conf['who'] = GeneralUtility::_POST('who');
55 $this->conf['mode'] = GeneralUtility::_POST('mode');
56 $this->conf['bits'] = (int)GeneralUtility::_POST('bits');
57 $this->conf['permissions'] = (int)GeneralUtility::_POST('permissions');
58 $this->conf['action'] = GeneralUtility::_POST('action');
59 $this->conf['ownerUid'] = (int)GeneralUtility::_POST('ownerUid');
60 $this->conf['username'] = GeneralUtility::_POST('username');
61 $this->conf['groupUid'] = (int)GeneralUtility::_POST('groupUid');
62 $this->conf['groupname'] = GeneralUtility::_POST('groupname');
63 $this->conf['editLockState'] = (int)GeneralUtility::_POST('editLockState');
64 $this->conf['new_owner_uid'] = (int)GeneralUtility::_POST('newOwnerUid');
65 $this->conf['new_group_uid'] = (int)GeneralUtility::_POST('newGroupUid');
66 }
67
68 /**
69 * The main dispatcher function. Collect data and prepare HTML output.
70 *
71 * @param array $params array of parameters from the AJAX interface, currently unused
72 * @param AjaxRequestHandler $ajaxObj object of type AjaxRequestHandler
73 * @return void
74 */
75 public function dispatch($params = array(), AjaxRequestHandler $ajaxObj = NULL) {
76 $extPath = ExtensionManagementUtility::extPath('beuser');
77
78 $view = GeneralUtility::makeInstance(StandaloneView::class);
79 $view->setPartialRootPaths(array('default' => ExtensionManagementUtility::extPath('beuser') . 'Resources/Private/Partials'));
80 $view->assign('pageId', $this->conf['page']);
81
82 $content = '';
83 // Basic test for required value
84 if ($this->conf['page'] > 0) {
85 // Init TCE for execution of update
86 /** @var $tce DataHandler */
87 $tce = GeneralUtility::makeInstance(DataHandler::class);
88 $tce->stripslashes_values = FALSE;
89 // Determine the scripts to execute
90 switch ($this->conf['action']) {
91 case 'show_change_owner_selector':
92 $content = $this->renderUserSelector($this->conf['page'], $this->conf['ownerUid'], $this->conf['username']);
93 break;
94 case 'change_owner':
95 $userId = $this->conf['new_owner_uid'];
96 if (is_int($userId)) {
97 // Prepare data to change
98 $data = array();
99 $data['pages'][$this->conf['page']]['perms_userid'] = $userId;
100 // Execute TCE Update
101 $tce->start($data, array());
102 $tce->process_datamap();
103
104 $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangeOwner.html');
105 $view->assign('userId', $userId);
106 $usernameArray = BackendUtility::getUserNames('username', ' AND uid = ' . $userId);
107 $view->assign('username', $usernameArray[$userId]['username']);
108 $content = $view->render();
109 } else {
110 $ajaxObj->setError('An error occurred: No page owner uid specified.');
111 }
112 break;
113 case 'show_change_group_selector':
114 $content = $this->renderGroupSelector($this->conf['page'], $this->conf['groupUid'], $this->conf['groupname']);
115 break;
116 case 'change_group':
117 $groupId = $this->conf['new_group_uid'];
118 if (is_int($groupId)) {
119 // Prepare data to change
120 $data = array();
121 $data['pages'][$this->conf['page']]['perms_groupid'] = $groupId;
122 // Execute TCE Update
123 $tce->start($data, array());
124 $tce->process_datamap();
125
126 $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangeGroup.html');
127 $view->assign('groupId', $groupId);
128 $groupnameArray = BackendUtility::getGroupNames('title', ' AND uid = ' . $groupId);
129 $view->assign('groupname', $groupnameArray[$groupId]['title']);
130 $content = $view->render();
131 } else {
132 $ajaxObj->setError('An error occurred: No page group uid specified.');
133 }
134 break;
135 case 'toggle_edit_lock':
136 // Prepare data to change
137 $data = array();
138 $data['pages'][$this->conf['page']]['editlock'] = $this->conf['editLockState'] === 1 ? 0 : 1;
139 // Execute TCE Update
140 $tce->start($data, array());
141 $tce->process_datamap();
142 $content = $this->renderToggleEditLock($this->conf['page'], $data['pages'][$this->conf['page']]['editlock']);
143 break;
144 default:
145 if ($this->conf['mode'] === 'delete') {
146 $this->conf['permissions'] = (int)($this->conf['permissions'] - $this->conf['bits']);
147 } else {
148 $this->conf['permissions'] = (int)($this->conf['permissions'] + $this->conf['bits']);
149 }
150 // Prepare data to change
151 $data = array();
152 $data['pages'][$this->conf['page']]['perms_' . $this->conf['who']] = $this->conf['permissions'];
153 // Execute TCE Update
154 $tce->start($data, array());
155 $tce->process_datamap();
156
157 $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangePermission.html');
158 $view->assign('permission', $this->conf['permissions']);
159 $view->assign('scope', $this->conf['who']);
160 $content = $view->render();
161 }
162 } else {
163 $ajaxObj->setError('This script cannot be called directly.');
164 }
165 $ajaxObj->addContent($this->conf['page'] . '_' . $this->conf['who'], $content);
166 }
167
168 /**
169 * Generate the user selector element
170 *
171 * @param int $page The page id to change the user for
172 * @param int $ownerUid The page owner uid
173 * @param string $username The username to display
174 * @return string The html select element
175 */
176 protected function renderUserSelector($page, $ownerUid, $username = '') {
177 $page = (int)$page;
178 $ownerUid = (int)$ownerUid;
179 // Get usernames
180 $beUsers = BackendUtility::getUserNames();
181 // Owner selector:
182 $options = '';
183 // Loop through the users
184 foreach ($beUsers as $uid => $row) {
185 $uid = (int)$uid;
186 $selected = $uid === $ownerUid ? ' selected="selected"' : '';
187 $options .= '<option value="' . $uid . '"' . $selected . '>' . htmlspecialchars($row['username']) . '</option>';
188 }
189 $elementId = 'o_' . $page;
190 $options = '<option value="0"></option>' . $options;
191 $selector = '<select name="new_page_owner" id="new_page_owner">' . $options . '</select>';
192 $saveButton = '<a class="saveowner" data-page="' . $page . '" data-owner="' . $ownerUid . '" data-element-id="' . $elementId . '" title="Change owner">' . $this->iconFactory->getIcon('actions-document-save', Icon::SIZE_SMALL) . '</a>';
193 $cancelButton = '<a class="restoreowner" data-page="' . $page . '" data-owner="' . $ownerUid . '" data-element-id="' . $elementId . '"' . (!empty($username) ? ' data-username="' . htmlspecialchars($username) . '"' : '') . ' title="Cancel">' . $this->iconFactory->getIcon('actions-document-close', Icon::SIZE_SMALL) . '</a>';
194 return '<span id="' . $elementId . '">' . $selector . $saveButton . $cancelButton . '</span>';
195 }
196
197 /**
198 * Generate the group selector element
199 *
200 * @param int $page The page id to change the user for
201 * @param int $groupUid The page group uid
202 * @param string $groupname The groupname to display
203 * @return string The html select element
204 */
205 protected function renderGroupSelector($page, $groupUid, $groupname = '') {
206 $page = (int)$page;
207 $groupUid = (int)$groupUid;
208
209 // Get usernames
210 $beGroupsO = $beGroups = BackendUtility::getGroupNames();
211 // Group selector:
212 $options = '';
213 // flag: is set if the page-groupid equals one from the group-list
214 $userset = 0;
215 // Loop through the groups
216 foreach ($beGroups as $uid => $row) {
217 $uid = (int)$uid;
218 if ($uid === $groupUid) {
219 $userset = 1;
220 $selected = ' selected="selected"';
221 } else {
222 $selected = '';
223 }
224 $options .= '<option value="' . $uid . '"' . $selected . '>' . htmlspecialchars($row['title']) . '</option>';
225 }
226 // If the group was not set AND there is a group for the page
227 if (!$userset && $groupUid) {
228 $options = '<option value="' . $groupUid . '" selected="selected">' .
229 htmlspecialchars($beGroupsO[$groupUid]['title']) . '</option>' . $options;
230 }
231 $elementId = 'g_' . $page;
232 $options = '<option value="0"></option>' . $options;
233 $selector = '<select name="new_page_group" id="new_page_group">' . $options . '</select>';
234 $saveButton = '<a class="savegroup" data-page="' . $page . '" data-group="' . $groupUid . '" data-element-id="' . $elementId . '" title="Change group">' . $this->iconFactory->getIcon('actions-document-save', Icon::SIZE_SMALL) . '</a>';
235 $cancelButton = '<a class="restoregroup" data-page="' . $page . '" data-group="' . $groupUid . '" data-element-id="' . $elementId . '"' . (!empty($groupname) ? ' data-groupname="' . htmlspecialchars($groupname) . '"' : '') . ' title="Cancel">' . $this->iconFactory->getIcon('actions-document-close', Icon::SIZE_SMALL) . '</a>';
236 return '<span id="' . $elementId . '">' . $selector . $saveButton . $cancelButton . '</span>';
237 }
238
239 /**
240 * Print the string with the new owner of a page record
241 *
242 * @param int $page The TYPO3 page id
243 * @param int $ownerUid The new page user uid
244 * @param string $username The TYPO3 BE username (used to display in the element)
245 * @param bool $validUser Must be set to FALSE, if the user has no name or is deleted
246 * @return string The new group wrapped in HTML
247 * @deprecated since TYPO3 CMS 7, will be removed in TYPO3 CMS 8. This is now solved with fluid.
248 */
249 static public function renderOwnername($page, $ownerUid, $username, $validUser = TRUE) {
250 GeneralUtility::logDeprecatedFunction();
251 $elementId = 'o_' . $page;
252 return '<span id="' . $elementId . '"><a class="ug_selector changeowner" data-page="' . $page . '" data-owner="' . $ownerUid . '" data-username="' . htmlspecialchars($username) . '">' . ($validUser ? ($username == '' ? '<span class=not_set>[' . $GLOBALS['LANG']->getLL('notSet') . ']</span>' : htmlspecialchars(GeneralUtility::fixed_lgd_cs($username, 20))) : '<span class=not_set title="' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($username, 20)) . '">[' . $GLOBALS['LANG']->getLL('deleted') . ']</span>') . '</a></span>';
253 }
254
255 /**
256 * Print the string with the new group of a page record
257 *
258 * @param int $page The TYPO3 page id
259 * @param int $groupUid The new page group uid
260 * @param string $groupname The TYPO3 BE groupname (used to display in the element)
261 * @param bool $validGroup Must be set to FALSE, if the group has no name or is deleted
262 * @return string The new group wrapped in HTML
263 * @deprecated since TYPO3 CMS 7, will be removed in TYPO3 CMS 8. This is now solved with fluid.
264 */
265 static public function renderGroupname($page, $groupUid, $groupname, $validGroup = TRUE) {
266 GeneralUtility::logDeprecatedFunction();
267 $elementId = 'g_' . $page;
268 return '<span id="' . $elementId . '"><a class="ug_selector changegroup" data-page="' . $page . '" data-group="' . $groupUid . '" data-groupname="' . htmlspecialchars($groupname) . '">' . ($validGroup ? ($groupname == '' ? '<span class=not_set>[' . $GLOBALS['LANG']->getLL('notSet') . ']</span>' : htmlspecialchars(GeneralUtility::fixed_lgd_cs($groupname, 20))) : '<span class=not_set title="' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($groupname, 20)) . '">[' . $GLOBALS['LANG']->getLL('deleted') . ']</span>') . '</a></span>';
269 }
270
271 /**
272 * Print the string with the new edit lock state of a page record
273 *
274 * @param int $page The TYPO3 page id
275 * @param string $editLockState The state of the TYPO3 page (locked, unlocked)
276 * @return string The new edit lock string wrapped in HTML
277 */
278 protected function renderToggleEditLock($page, $editLockState) {
279 $page = (int)$page;
280 if ($editLockState === 1) {
281 $ret = '<span id="el_' . $page . '"><a class="editlock" data-page="' . $page . '" data-lockstate="1" title="The page and all content is locked for editing by all non-Admin users.">' . $this->iconFactory->getIcon('status-warning-lock', Icon::SIZE_SMALL) . '</a></span>';
282 } else {
283 $ret = '<span id="el_' . $page . '"><a class="editlock" data-page="' . $page . '" data-lockstate="0" title="Enable the &raquo;Admin-only&laquo; edit lock for this page">[+]</a></span>';
284 }
285 return $ret;
286 }
287
288 /**
289 * Print a set of permissions. Also used in index.php
290 *
291 * @param int $int Permission integer (bits)
292 * @param int $pageId The TYPO3 page id
293 * @param string $who The scope (user, group or everybody)
294 * @return string HTML marked up x/* indications.
295 * @deprecated since TYPO3 CMS 7, will be removed in TYPO3 CMS 8. This is now solved with fluid.
296 */
297 static public function renderPermissions($int, $pageId = 0, $who = 'user') {
298 GeneralUtility::logDeprecatedFunction();
299 $str = '';
300 $permissions = array(1, 16, 2, 4, 8);
301 foreach ($permissions as $permission) {
302 if ($int & $permission) {
303 $str .= IconUtility::getSpriteIcon('status-status-permission-granted', array(
304 'title' => $GLOBALS['LANG']->getLL($permission, TRUE),
305 'class' => 'change-permission text-success',
306 'data-page' => $pageId,
307 'data-permissions' => $int,
308 'data-mode' => 'delete',
309 'data-who' => $who,
310 'data-bits' => $permission,
311 'style' => 'cursor:pointer'
312 ));
313 } else {
314 $str .= IconUtility::getSpriteIcon('status-status-permission-denied', array(
315 'title' => $GLOBALS['LANG']->getLL($permission, TRUE),
316 'class' => 'change-permission text-danger',
317 'data-page' => $pageId,
318 'data-permissions' => $int,
319 'data-mode' => 'add',
320 'data-who' => $who,
321 'data-bits' => $permission,
322 'style' => 'cursor:pointer'
323 ));
324 }
325 }
326 return '<span id="' . $pageId . '_' . $who . '">' . $str . '</span>';
327 }
328
329 /**
330 * @return \TYPO3\CMS\Lang\LanguageService
331 */
332 protected function getLanguageService() {
333 return $GLOBALS['LANG'];
334 }
335
336 /**
337 * @return \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
338 */
339 protected function getBackendUser() {
340 return $GLOBALS['BE_USER'];
341 }
342
343 }