[FEATURE] Add two hooks to tx_sysaction_task
[Packages/TYPO3.CMS.git] / typo3 / sysext / sys_action / task / class.tx_sysaction_task.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 1999-2011 Kasper Skårhøj (kasperYYYY@typo3.com)
6 * (c) 2010-2011 Georg Ringer <typo3@ringerge.org>
7 * All rights reserved
8 *
9 * This script is part of the TYPO3 project. The TYPO3 project is
10 * free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * The GNU General Public License can be found at
16 * http://www.gnu.org/copyleft/gpl.html.
17 *
18 * This script is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU General Public License for more details.
22 *
23 * This copyright notice MUST APPEAR in all copies of the script!
24 ***************************************************************/
25
26
27 /**
28 * This class provides a task for the taskcenter
29 *
30 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
31 * @author Georg Ringer <typo3@ringerge.org>
32 * @package TYPO3
33 * @subpackage tx_sysaction
34 *
35 */
36 class tx_sysaction_task implements tx_taskcenter_Task {
37
38 protected $taskObject;
39 var $t3lib_TCEforms;
40
41 /**
42 * All hook objects get registered here for later use
43 *
44 * @var array
45 */
46 protected $hookObjects = array();
47
48 /**
49 * Constructor
50 */
51 public function __construct(SC_mod_user_task_index $taskObject) {
52 $this->taskObject = $taskObject;
53 $GLOBALS['LANG']->includeLLFile('EXT:sys_action/locallang.xml');
54
55 if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['sys_action']['tx_sysaction_task'])) {
56 foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['sys_action']['tx_sysaction_task'] as $classRef) {
57 $this->hookObjects[] = t3lib_div::getUserObj($classRef);
58 }
59 }
60 }
61
62
63 /**
64 * This method renders the task
65 *
66 * @return string The task as HTML
67 */
68 public function getTask() {
69 $content = '';
70 $show = intval(t3lib_div::_GP('show'));
71
72 foreach ($this->hookObjects as $hookObject) {
73 if (method_exists($hookObject, 'getTask')) {
74 $show = $hookObject->getTask($show, $this);
75 }
76 }
77
78 // if no task selected, render the menu
79 if ($show == 0) {
80 $content .= $this->taskObject->description(
81 $GLOBALS['LANG']->getLL('sys_action'),
82 $GLOBALS['LANG']->getLL('description')
83 );
84
85 $content .= $this->renderActionList();
86 } else {
87 $record = t3lib_BEfunc::getRecord('sys_action', $show);
88
89 // if the action is not found
90 if (count($record) == 0) {
91 $flashMessage = t3lib_div::makeInstance(
92 't3lib_FlashMessage',
93 $GLOBALS['LANG']->getLL('action_error-not-found', TRUE),
94 $GLOBALS['LANG']->getLL('action_error'),
95 t3lib_FlashMessage::ERROR
96 );
97 $content .= $flashMessage->render();
98 } else {
99 // render the task
100 $content .= $this->taskObject->description($record['title'], $record['description']);
101
102 // output depends on the type
103 switch ($record['type']) {
104 case 1:
105 $content .= $this->viewNewBackendUser($record);
106 break;
107 case 2:
108 $content .= $this->viewSqlQuery($record);
109 break;
110 case 3:
111 $content .= $this->viewRecordList($record);
112 break;
113 case 4:
114 $content .= $this->viewEditRecord($record);
115 break;
116 case 5:
117 $content .= $this->viewNewRecord($record);
118 break;
119 default:
120 $flashMessage = t3lib_div::makeInstance(
121 't3lib_FlashMessage',
122 $GLOBALS['LANG']->getLL('action_noType', TRUE),
123 $GLOBALS['LANG']->getLL('action_error'),
124 t3lib_FlashMessage::ERROR
125 );
126 $content .= '<br />' . $flashMessage->render();
127 }
128 }
129 }
130
131 return $content;
132 }
133
134 /**
135 * Gemeral overview over the task in the taskcenter menu
136 *
137 * @return string Overview as HTML
138 */
139 public function getOverview() {
140 $content = '<p>' . $GLOBALS['LANG']->getLL('description') . '</p>';
141
142 // get the actions
143 $actionList = $this->getActions();
144 if (count($actionList) > 0) {
145 $items = '';
146
147 // render a single action menu item
148 foreach ($actionList as $action) {
149 $active = (t3lib_div::_GP('show') === $action['uid']) ? ' class="active" ' : '';
150 $items .= '<li' . $active . '>
151 <a href="' . $action['link'] . '" title="' . htmlspecialchars($action['description']) . '">' .
152 htmlspecialchars($action['title']) .
153 '</a>
154 </li>';
155 }
156 $content .= '<ul>' . $items . '</ul>';
157 }
158
159 return $content;
160 }
161
162 /**
163 * Get all actions of an user. Admins can see any action, all others only those
164 * whic are allowed in sys_action record itself.
165 *
166 * @param boolean $toOverview: If TRUE, the link redirects to the taskcenter
167 * @return array Array holding every needed information of a sys_action
168 */
169 protected function getActions() {
170 $actionList = array();
171
172 // admins can see any record
173 if ($GLOBALS['BE_USER']->isAdmin()) {
174 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
175 '*',
176 'sys_action',
177 '',
178 '',
179 'sys_action.sorting'
180 );
181 } else {
182 // editors can only see the actions which are assigned to a usergroup they belong to
183 $additionalWhere = 'be_groups.uid IN (' . ($GLOBALS['BE_USER']->groupList ? $GLOBALS['BE_USER']->groupList : 0) . ')';
184
185 $res = $GLOBALS['TYPO3_DB']->exec_SELECT_mm_query(
186 'sys_action.*',
187 'sys_action',
188 'sys_action_asgr_mm',
189 'be_groups',
190 ' AND sys_action.hidden=0 AND ' . $additionalWhere,
191 'sys_action.uid',
192 'sys_action.sorting'
193 );
194 }
195
196 while($actionRow = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
197 $editActionLink = '';
198
199 // admins are allowed to edit sys_action records
200 if ($GLOBALS['BE_USER']->isAdmin()) {
201 $returnUrl = rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI'));
202 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl . '&edit[sys_action][' . $actionRow['uid'] . ']=edit';
203
204 $editActionLink = '<a class="edit" href="' . $link . '">' .
205 '<img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/edit2.gif') . ' title="' . $GLOBALS['LANG']->getLL('edit-sys_action') . '" alt="" />' .
206 $GLOBALS['LANG']->getLL('edit-sys_action') .
207 '</a>';
208 }
209
210 $actionList[] = array(
211 'uid' => $actionRow['uid'],
212 'title' => $actionRow['title'],
213 'description' => $actionRow['description'],
214 'descriptionHtml' => nl2br(htmlspecialchars($actionRow['description'])) . $editActionLink,
215 'link' => 'mod.php?M=user_task&SET[function]=sys_action.tx_sysaction_task&show=' . $actionRow['uid'],
216 'icon' => 'EXT:sys_action/sys_action.gif'
217 );
218 }
219 $GLOBALS['TYPO3_DB']->sql_free_result($res);
220
221 return $actionList;
222 }
223
224 /**
225 * Render the menu of sys_actions
226 *
227 * @return string list of sys_actions as HTML
228 */
229 protected function renderActionList() {
230 $content = '';
231
232 // get the sys_action records
233 $actionList = $this->getActions();
234
235 // if any actions are found for the current users
236 if (count($actionList) > 0) {
237 $content .= $this->taskObject->renderListMenu($actionList);
238 } else {
239 $flashMessage = t3lib_div::makeInstance (
240 't3lib_FlashMessage',
241 $GLOBALS['LANG']->getLL('action_not-found-description', TRUE),
242 $GLOBALS['LANG']->getLL('action_not-found'),
243 t3lib_FlashMessage::INFO
244 );
245 $content .= $flashMessage->render();
246 }
247
248 // Admin users can create a new action
249 if ($GLOBALS['BE_USER']->isAdmin()) {
250 $returnUrl = rawurlencode('mod.php?M=user_task');
251 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl. '&edit[sys_action][0]=new';
252
253 $content .= '<br />
254 <a href="' . $link . '" title="' . $GLOBALS['LANG']->getLL('new-sys_action') . '">' .
255 '<img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/new_record.gif') . ' title="' . $GLOBALS['LANG']->getLL('new-sys_action') . '" alt="" /> ' .
256 $GLOBALS['LANG']->getLL('new-sys_action') .
257 '</a>';
258 }
259
260 return $content;
261 }
262
263 /**
264 * Action to create a new BE user
265 *
266 * @param array $record: sys_action record
267 * @return string form to create a new user
268 */
269 protected function viewNewBackendUser($record) {
270 $content = '';
271
272 $beRec = t3lib_BEfunc::getRecord('be_users', intval($record['t1_copy_of_user']));
273 // a record is neeed which is used as copy for the new user
274 if (!is_array($beRec)) {
275 $flashMessage = t3lib_div::makeInstance(
276 't3lib_FlashMessage',
277 $GLOBALS['LANG']->getLL('action_notReady', TRUE),
278 $GLOBALS['LANG']->getLL('action_error'),
279 t3lib_FlashMessage::ERROR
280 );
281 $content .= $flashMessage->render();
282
283 return $content;
284 }
285
286 $vars = t3lib_div::_POST('data');
287 $key = 'NEW';
288
289 if ($vars['sent'] == 1) {
290 $errors = array();
291
292 // basic error checks
293 if (!empty($vars['email']) && !t3lib_div::validEmail($vars['email'])) {
294 $errors[] = $GLOBALS['LANG']->getLL('error-wrong-email');
295 }
296 if (empty($vars['username'])) {
297 $errors[] = $GLOBALS['LANG']->getLL('error-username-empty');
298 }
299 if (empty($vars['password'])) {
300 $errors[] = $GLOBALS['LANG']->getLL('error-password-empty');
301 }
302 if ($vars['key'] !== 'NEW' && !$this->isCreatedByUser($vars['key'], $record)) {
303 $errors[] = $GLOBALS['LANG']->getLL('error-wrong-user');
304 }
305
306 foreach ($this->hookObjects as $hookObject) {
307 if (method_exists($hookObject, 'viewNewBackendUser_Error')) {
308 $errors = $hookObject->viewNewBackendUser_Error($vars, $errors, $this);
309 }
310 }
311
312 // show errors if there are any
313 if (count($errors) > 0) {
314 $flashMessage = t3lib_div::makeInstance (
315 't3lib_FlashMessage',
316 implode('<br />', $errors),
317 $GLOBALS['LANG']->getLL('action_error'),
318 t3lib_FlashMessage::ERROR
319 );
320 $content .= $flashMessage->render() . '<br />';
321 } else {
322 // save user
323 $key = $this->saveNewBackendUser($record, $vars);
324
325 // success messsage
326 $flashMessage = t3lib_div::makeInstance (
327 't3lib_FlashMessage',
328 ($vars['key'] === 'NEW' ? $GLOBALS['LANG']->getLL('success-user-created') : $GLOBALS['LANG']->getLL('success-user-updated')),
329 $GLOBALS['LANG']->getLL('success'),
330 t3lib_FlashMessage::OK
331 );
332 $content .= $flashMessage->render() . '<br />' ;
333 }
334
335 }
336
337 // load BE user to edit
338 if (intval(t3lib_div::_GP('be_users_uid')) > 0) {
339 $tmpUserId = intval(t3lib_div::_GP('be_users_uid'));
340
341 // check if the selected user is created by the current user
342 $rawRecord = $this->isCreatedByUser($tmpUserId, $record);
343 if ($rawRecord) {
344 // delete user
345 if (t3lib_div::_GP('delete') == 1) {
346 $this->deleteUser($tmpUserId, $record['uid']);
347 }
348
349 $key = $tmpUserId;
350 $vars = $rawRecord;
351 }
352 }
353
354 $this->JScode();
355 $loadDB = t3lib_div::makeInstance('t3lib_loadDBGroup');
356 $loadDB->start($vars['db_mountpoints'], 'pages');
357
358 $content .= '<form action="" method="post" enctype="multipart/form-data">
359 <fieldset class="fields">
360 <legend>General fields</legend>
361 <div class="row">
362 <label for="field_disable">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.disable') . '</label>
363 <input type="checkbox" id="field_disable" name="data[disable]" value="1" class="checkbox" ' . ($vars['disable'] == 1 ? ' checked="checked" ' : '') . ' />
364 </div>
365 <div class="row">
366 <label for="field_realname">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.name') . '</label>
367 <input type="text" id="field_realname" name="data[realName]" value="' . htmlspecialchars($vars['realName']) .'" />
368 </div>
369 <div class="row">
370 <label for="field_username">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.username') . '</label>
371 <input type="text" id="field_username" name="data[username]" value="' . htmlspecialchars($vars['username']) .'" />
372 </div>
373 <div class="row">
374 <label for="field_password">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.password') . '</label>
375 <input type="password" id="field_password" name="data[password]" value="" />
376 </div>
377 <div class="row">
378 <label for="field_email">' .$GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_general.xml:LGL.email') . '</label>
379 <input type="text" id="field_email" name="data[email]" value="' . htmlspecialchars($vars['email']) .'" />
380 </div>
381 </fieldset>
382 <fieldset class="fields">
383 <legend>Configuration</legend>
384
385 <div class="row">
386 <label for="field_usergroup">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.usergroup') . '</label>
387 <select id="field_usergroup" name="data[usergroup][]" multiple="multiple">
388 ' . $this->getUsergroups($record, $vars) . '
389 </select>
390 </div>
391 <div class="row">
392 <label for="field_db_mountpoints">' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_tca.xml:be_users.options_db_mounts') . '</label>
393 ' . $this->t3lib_TCEforms->dbFileIcons('data[db_mountpoints]', 'db', 'pages', $loadDB->itemArray, '', array('size' => 3)) . '
394 </div>
395 <div class="row">
396 <input type="hidden" name="data[key]" value="' . $key . '" />
397 <input type="hidden" name="data[sent]" value="1" />
398 <input type="submit" value="' . ($key === 'NEW' ? $GLOBALS['LANG']->getLL('action_Create') : $GLOBALS['LANG']->getLL('action_Update')) . '" />
399 </div>
400 </fieldset>
401 </form>';
402
403 $content .= $this->getCreatedUsers($record, $key);
404
405 return $content;
406 }
407
408 /**
409 * Delete a BE user and redirect to the action by its id
410 *
411 * @param int $userId: Id of the BE user
412 * @param int $actionId: Id of the action
413 * @return void
414 */
415 protected function deleteUser($userId, $actionId) {
416 $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
417 'be_users',
418 'uid=' . $userId,
419 array (
420 'deleted' => 1,
421 'tstamp' => $GLOBALS['ACCESS_TIME']
422 )
423 );
424
425 // redirect to the original task
426 $redirectUrl = 'mod.php?M=user_task&show=' . $actionId;
427 t3lib_utility_Http::redirect($redirectUrl);
428 }
429
430 /**
431 * Check if a BE user is created by the current user
432 *
433 * @param int $id: Id of the BE user
434 * @param array $action: sys_action record.
435 * @return mixed the record of the BE user if found, otherwise FALSE
436 */
437 protected function isCreatedByUser($id, $action) {
438 $record = t3lib_BEfunc::getRecord(
439 'be_users',
440 $id,
441 '*',
442 ' AND cruser_id=' . $GLOBALS['BE_USER']->user['uid'] . ' AND createdByAction=' . $action['uid']
443 );
444
445 if (is_array($record)) {
446 return $record;
447 } else {
448 return FALSE;
449 }
450 }
451
452
453 /**
454 * Render all users who are created by the current BE user including a link to edit the record
455 *
456 * @param array $action: sys_action record.
457 * @param int $selectedUser: Id of a selected user
458 * @return html list of users
459 */
460 protected function getCreatedUsers($action, $selectedUser) {
461 $content = '';
462 $userList = array();
463
464 // List of users
465 $res = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
466 '*',
467 'be_users',
468 'cruser_id=' . $GLOBALS['BE_USER']->user['uid'] . ' AND createdByAction=' . intval($action['uid']) . t3lib_BEfunc::deleteClause('be_users'),
469 '',
470 'username'
471 );
472
473 // render the user records
474 while($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
475 $icon = t3lib_iconworks::getSpriteIconForRecord('be_users', $row, array('title' => 'uid=' . $row['uid']));
476 $line = $icon . $this->action_linkUserName($row['username'], $row['realName'], $action['uid'], $row['uid']);
477
478 // selected user
479 if ($row['uid'] == $selectedUser) {
480 $line = '<strong>' . $line . '</strong>';
481 }
482
483 $userList[] = $line;
484 }
485 $GLOBALS['TYPO3_DB']->sql_free_result($res);
486
487 // if any records found
488 if (count($userList)) {
489 $content .= '<br />' . $this->taskObject->doc->section($GLOBALS['LANG']->getLL('action_t1_listOfUsers'), implode('<br />', $userList));
490 }
491
492 return $content;
493 }
494
495
496 /**
497 * Create a link to edit a user
498 *
499 * @param string $username: Username
500 * @param string $realName: Real name of the user
501 * @param int $sysActionUid: Id of the sys_action record
502 * @param int $userId: Id of the user
503 * @return html link
504 */
505 protected function action_linkUserName($username, $realName, $sysActionUid, $userId) {
506 if (!empty($realName)) {
507 $username .= ' (' . $realName . ')';
508 }
509
510 // link to update the user record
511 $href = 'mod.php?M=user_task&SET[function]=sys_action.tx_sysaction_task&show=' . intval($sysActionUid) . '&be_users_uid=' . intval($userId);
512 $link = '<a href="' . htmlspecialchars($href) . '">' . htmlspecialchars($username) . '</a>';
513
514 // link to delete the user record
515 $onClick = ' onClick="return confirm('.$GLOBALS['LANG']->JScharCode($GLOBALS['LANG']->getLL("lDelete_warning")).');"';
516 $link .= '
517 <a href="' . htmlspecialchars($href . '&delete=1') . '" ' . $onClick . '>
518 <img' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/delete_record.gif') . ' alt="" />
519 </a>';
520 return $link;
521 }
522
523 /**
524 * Save/Update a BE user
525 *
526 * @param array $record: Current action record
527 * @param array $vars: POST vars
528 * @return int Id of the new/updated user
529 */
530 protected function saveNewBackendUser($record, $vars) {
531 // check if the db mount is a page the current user is allowed to.);
532 $vars['db_mountpoints'] = $this->fixDbMount($vars['db_mountpoints']);
533 // check if the usergroup is allowed
534 $vars['usergroup'] = $this->fixUserGroup($vars['usergroup'], $record);
535 // check if md5 is used as password encryption
536 if (strpos($GLOBALS['TCA']['be_users']['columns']['password']['config']['eval'], 'md5') !== FALSE) {
537 $vars['password'] = md5($vars['password']);
538 }
539
540 $key = $vars['key'];
541 $data = '';
542 $newUserId = 0;
543
544 if ($key === 'NEW') {
545 $beRec = t3lib_BEfunc::getRecord('be_users', intval($record['t1_copy_of_user']));
546 if (is_array($beRec)) {
547 $data = array();
548 $data['be_users'][$key] = $beRec;
549 $data['be_users'][$key]['username'] = $this->fixUsername($vars['username'], $record['t1_userprefix']);
550 $data['be_users'][$key]['password'] = (trim($vars['password']));
551 $data['be_users'][$key]['realName'] = $vars['realName'];
552 $data['be_users'][$key]['email'] = $vars['email'];
553 $data['be_users'][$key]['disable'] = intval($vars['disable']);
554 $data['be_users'][$key]['admin'] = 0;
555 $data['be_users'][$key]['usergroup'] = $vars['usergroup'];
556 $data['be_users'][$key]['db_mountpoints'] = $vars['db_mountpoints'];
557 $data['be_users'][$key]['createdByAction'] = $record['uid'];
558 }
559 } else {
560 // check ownership
561 $beRec = t3lib_BEfunc::getRecord('be_users', intval($key));
562 if (is_array($beRec) && $beRec['cruser_id'] == $GLOBALS['BE_USER']->user['uid']) {
563 $data=array();
564 $data['be_users'][$key]['username'] = $this->fixUsername($vars['username'], $record['t1_userprefix']);
565 if (trim($vars['password'])) {
566 $data['be_users'][$key]['password'] = (trim($vars['password']));
567 }
568
569 $data['be_users'][$key]['realName'] = $vars['realName'];
570 $data['be_users'][$key]['email'] = $vars['email'];
571 $data['be_users'][$key]['disable'] = intval($vars['disable']);
572 $data['be_users'][$key]['admin'] = 0;
573 $data['be_users'][$key]['usergroup'] = $vars['usergroup'];
574 $data['be_users'][$key]['db_mountpoints'] = $vars['db_mountpoints'];
575 $newUserId = $key;
576 }
577 }
578
579 // save/update user by using TCEmain
580 if (is_array($data)) {
581 $tce = t3lib_div::makeInstance("t3lib_TCEmain");
582 $tce->stripslashes_values = 0;
583 $tce->start($data, array(), $GLOBALS['BE_USER']);
584 $tce->admin = 1;
585 $tce->process_datamap();
586 $newUserId = intval($tce->substNEWwithIDs['NEW']);
587
588 if ($newUserId) {
589 // Create
590 $this->action_createDir($newUserId);
591 } else {
592 // update
593 $newUserId = intval($key);
594 }
595 unset($tce);
596 }
597 return $newUserId;
598 }
599
600 /**
601 * Create the username based on the given username and the prefix
602 *
603 * @param string $username: username
604 * @param string $prefix: prefix
605 * @return string Combined username
606 */
607 protected function fixUsername($username, $prefix) {
608 return trim($prefix) . trim($username);
609 }
610
611 /**
612 * Clean the to be applied usergroups from not allowed ones
613 *
614 * @param array $appliedUsergroups: array of to be applied user groups
615 * @return array Cleaned array
616 */
617 protected function fixUserGroup($appliedUsergroups, $actionRecord) {
618 if (is_array($appliedUsergroups)) {
619 $cleanGroupList = array();
620
621 // create an array from the allowed usergroups using the uid as key
622 $allowedUsergroups = array_flip(explode(',', $actionRecord['t1_allowed_groups']));
623
624 // walk through the array and check every uid if it is undder the allowed ines
625 foreach ($appliedUsergroups as $group) {
626 if (isset($allowedUsergroups[$group])) {
627 $cleanGroupList[] = $group;
628 }
629 }
630 $appliedUsergroups = $cleanGroupList;
631 }
632
633 return $appliedUsergroups;
634 }
635
636 /**
637 * Clean the to be applied DB-Mounts from not allowed ones
638 *
639 * @param string $appliedDbMounts: List of pages like pages_123,pages456
640 * @return string Cleaned list
641 */
642 protected function fixDbMount($appliedDbMounts) {
643 // Admins can see any page, no need to check there
644 if (!empty($appliedDbMounts) && !$GLOBALS['BE_USER']->isAdmin()) {
645 $cleanDbMountList = array();
646 $dbMounts = t3lib_div::trimExplode(',', $appliedDbMounts, 1);
647
648 // walk through every wanted DB-Mount and check if it allowed for the current user
649 foreach ($dbMounts as $dbMount) {
650 $uid = intval(substr($dbMount, (strrpos($dbMount, '_') + 1)));
651 $page = t3lib_BEfunc::getRecord('pages', $uid);
652
653 // check rootline and access rights
654 if ($this->checkRootline($uid) && $GLOBALS['BE_USER']->calcPerms($page)) {
655 $cleanDbMountList[] = 'pages_' . $uid;
656 }
657 }
658 // build the clean list
659 $appliedDbMounts = implode(',', $cleanDbMountList);
660 }
661
662 return $appliedDbMounts;
663 }
664
665 /**
666 * Check if a page is inside the rootline the current user can see
667 *
668 * @param int $pageId: Id of the the page to be checked
669 * @return boolean Access to the page
670 */
671 protected function checkRootline($pageId) {
672 $access = FALSE;
673
674 $dbMounts = array_flip(explode(',', trim($GLOBALS['BE_USER']->dataLists['webmount_list'], ',')));
675 $rootline = t3lib_BEfunc::BEgetRootLine($pageId);
676 foreach ($rootline as $page) {
677 if (isset($dbMounts[$page['uid']]) && !$access) {
678 $access = TRUE;
679 }
680 }
681 return $access;
682 }
683
684 /**
685 * Add additional JavaScript to use the tceform select box
686 *
687 * @param int $uid: Id of the user record
688 * @return void
689 */
690 protected function JScode() {
691 $this->t3lib_TCEforms = t3lib_div::makeInstance("t3lib_TCEforms");
692 $this->t3lib_TCEforms->backPath = $GLOBALS['BACK_PATH'];
693 $js = $this->t3lib_TCEforms->dbFileCon();
694 $this->taskObject->doc->JScodeArray[] = $js;
695
696 return $js;
697 }
698
699 /**
700 * Create a user directory if defined
701 *
702 * @param int $uid: Id of the user record
703 * @return void
704 */
705 protected function action_createDir($uid) {
706 $path = $this->action_getUserMainDir();
707 if ($path) {
708 t3lib_div::mkdir($path . $uid);
709 t3lib_div::mkdir($path . $uid . '/_temp_/');
710 }
711 }
712
713 /**
714 * Get the path to the user home directory which is set in the localconf.php
715 *
716 * @return string path
717 */
718 protected function action_getUserMainDir() {
719 $path = $GLOBALS['TYPO3_CONF_VARS']['BE']['userHomePath'];
720
721 // if path is set and a valid directory
722 if ($path && @is_dir($path) &&
723 $GLOBALS['TYPO3_CONF_VARS']['BE']['lockRootPath'] &&
724 t3lib_div::isFirstPartOfStr($path, $GLOBALS['TYPO3_CONF_VARS']['BE']['lockRootPath']) &&
725 substr($path,-1) == '/'
726 ) {
727 return $path;
728 }
729 }
730
731 /**
732 * Get all allowed usergroups which can be applied to a user record
733 *
734 * @param array $record sys_action record
735 * @param array $vars Selected be_user record
736 * @return string rendered user groups
737 */
738 protected function getUsergroups($record, $vars) {
739 $content = '';
740 // do nothing if no groups are allowed
741 if (empty($record['t1_allowed_groups'])) {
742 return $content;
743 }
744
745 $content .= '<option value=""></option>';
746 $grList = t3lib_div::trimExplode(',', $record['t1_allowed_groups'], 1);
747 foreach($grList as $group) {
748 $checkGroup = t3lib_BEfunc::getRecord('be_groups', $group);
749 if (is_array($checkGroup)) {
750 $selected = (is_array($vars['usergroup']) && t3lib_div::inList(implode(',', $vars['usergroup']), $checkGroup['uid'])) ? ' selected="selected" ' : '';
751 $content .= '<option ' . $selected . 'value="' . $checkGroup['uid'] . '">' . htmlspecialchars($checkGroup['title']) . '</option>';
752 }
753 }
754
755 return $content;
756 }
757
758
759 /**
760 * Action to create a new record
761 *
762 * @param array $record: sys_action record
763 * @return redirect to form to create a record
764 */
765 protected function viewNewRecord($record) {
766 $returnUrl = rawurlencode('mod.php?M=user_task');
767 $link = t3lib_div::getIndpEnv('TYPO3_REQUEST_DIR') . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . $returnUrl. '&edit[' . $record['t3_tables'] . '][' . intval($record['t3_listPid']) . ']=new';
768 t3lib_utility_Http::redirect($link);
769 }
770
771 /**
772 * Action to edit records
773 *
774 * @param array $record: sys_action record
775 * @return string list of records
776 */
777 protected function viewEditRecord($record) {
778 $content = '';
779 $actionList = array();
780
781 $dbAnalysis = t3lib_div::makeInstance('t3lib_loadDBGroup');
782 $dbAnalysis->fromTC = 0;
783 $dbAnalysis->start($record['t4_recordsToEdit'], '*');
784 $dbAnalysis->getFromDB();
785
786 // collect the records
787 foreach ($dbAnalysis->itemArray as $el) {
788 $path = t3lib_BEfunc::getRecordPath ($el['id'], $this->taskObject->perms_clause, $GLOBALS['BE_USER']->uc['titleLen']);
789 $record = t3lib_BEfunc::getRecord($el['table'], $dbAnalysis->results[$el['table']][$el['id']]);
790 $title = t3lib_BEfunc::getRecordTitle($el['table'], $dbAnalysis->results[$el['table']][$el['id']]);
791 $description = $GLOBALS['LANG']->sL($GLOBALS['TCA'][$el['table']]['ctrl']['title'], 1);
792 if (isset($record['crdate'])) { // @todo: which information could be needfull
793 $description .= ' - ' . t3lib_BEfunc::dateTimeAge($record['crdate']);
794 }
795
796 $actionList[$el['id']] = array(
797 'title' => $title,
798 'description' => t3lib_BEfunc::getRecordTitle($el['table'], $dbAnalysis->results[$el['table']][$el['id']]),
799 'descriptionHtml' => $description,
800 'link' => $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . rawurlencode(t3lib_div::getIndpEnv("REQUEST_URI")) . '&edit[' . $el['table'] . '][' . $el['id'] . ']=edit',
801 'icon' => t3lib_iconworks::getSpriteIconForRecord($el['table'], $dbAnalysis->results[$el['table']][$el['id']], array('title' => htmlspecialchars($path)))
802 );
803 }
804
805 // render the record list
806 $content .= $this->taskObject->renderListMenu($actionList);
807
808 return $content;
809 }
810
811 /**
812 * Action to view the result of a SQL query
813 *
814 * @param array $record: sys_action record
815 * @return string result of the query
816 */
817 protected function viewSqlQuery($record) {
818 $content = '';
819
820 if (t3lib_extMgm::isLoaded('lowlevel')) {
821 $sql_query = unserialize($record['t2_data']);
822
823 if (!is_array($sql_query) ||
824 (is_array($sql_query) && strtoupper(substr(trim($sql_query['qSelect']), 0, 6)) === 'SELECT')) {
825
826 $actionContent = '';
827
828 $fullsearch = t3lib_div::makeInstance('t3lib_fullsearch');
829 $fullsearch->formW = 40;
830 $fullsearch->noDownloadB = 1;
831
832 $type = $sql_query['qC']['search_query_makeQuery'];
833 if ($sql_query['qC']['labels_noprefix'] === 'on') {
834 $GLOBALS['SOBE']->MOD_SETTINGS['labels_noprefix'] = 'on';
835 }
836 $sqlQuery = $sql_query['qSelect'];
837 $queryIsEmpty = FALSE;
838
839 if ($sqlQuery) {
840 $res = $GLOBALS['TYPO3_DB']->sql_query($sqlQuery);
841
842 if (!$GLOBALS['TYPO3_DB']->sql_error()) {
843 $fullsearch->formW = 48;
844 // additional configuration
845 $GLOBALS['SOBE']->MOD_SETTINGS['search_result_labels'] = 1;
846 $cP = $fullsearch->getQueryResultCode($type, $res, $sql_query['qC']['queryTable']);
847 $actionContent = $cP['content'];
848
849 // if the result is rendered as csv or xml, show a download link
850 if ($type === 'csv' || $type === 'xml') {
851 $actionContent .= '<br /><br /><a href="' . t3lib_div::getIndpEnv('REQUEST_URI') . '&download_file=1"><strong>' . $GLOBALS['LANG']->getLL('action_download_file') . '</strong></a>';
852 }
853 } else {
854 $actionContent .= $GLOBALS['TYPO3_DB']->sql_error();
855 }
856 } else {
857 // query is empty (not built)
858 $queryIsEmpty = TRUE;
859 $flashMessage = t3lib_div::makeInstance (
860 't3lib_FlashMessage',
861 $GLOBALS['LANG']->getLL('action_emptyQuery', TRUE),
862 $GLOBALS['LANG']->getLL('action_error'),
863 t3lib_FlashMessage::ERROR
864 );
865 $content .= '<br />' . $flashMessage->render();
866 }
867 // Admin users are allowed to see and edit the query
868 if ($GLOBALS['BE_USER']->isAdmin()) {
869 if (!$queryIsEmpty) {
870 $actionContent .= '<hr /> ' . $fullsearch->tableWrap($sql_query['qSelect']);
871 }
872 $actionContent .= '<br /><a title="' . $GLOBALS['LANG']->getLL('action_editQuery') . '" href="' . $GLOBALS['BACK_PATH'] . t3lib_extMgm::extRelPath('lowlevel') . 'dbint/index.php?id=' .
873 '&SET[function]=search' .
874 '&SET[search]=query' .
875 '&storeControl[STORE]=-' . $record['uid'] .
876 '&storeControl[LOAD]=1' .
877 '">
878 <img class="icon"' . t3lib_iconWorks::skinImg($GLOBALS['BACK_PATH'], 'gfx/edit2.gif') . ' alt="" />' .
879 $GLOBALS['LANG']->getLL($queryIsEmpty ? 'action_createQuery' : 'action_editQuery') . '</a><br /><br />';
880 }
881
882 $content .= $this->taskObject->doc->section($GLOBALS['LANG']->getLL('action_t2_result'), $actionContent, 0, 1);
883 } else {
884 // query is not configured
885 $flashMessage = t3lib_div::makeInstance (
886 't3lib_FlashMessage',
887 $GLOBALS['LANG']->getLL('action_notReady', TRUE),
888 $GLOBALS['LANG']->getLL('action_error'),
889 t3lib_FlashMessage::ERROR
890 );
891 $content .= '<br />' . $flashMessage->render();
892 }
893 } else {
894 // required sysext lowlevel is not installed
895 $flashMessage = t3lib_div::makeInstance (
896 't3lib_FlashMessage',
897 $GLOBALS['LANG']->getLL('action_lowlevelMissing', TRUE),
898 $GLOBALS['LANG']->getLL('action_error'),
899 t3lib_FlashMessage::ERROR
900 );
901 $content .= '<br />' . $flashMessage->render();
902 }
903 return $content;
904 }
905
906 /**
907 * Action to create a list of records of a specific table and pid
908 *
909 * @param array $record: sys_action record
910 * @return string list of records
911 */
912 protected function viewRecordList($record) {
913 $content = '';
914
915 $this->id = intval($record['t3_listPid']);
916 $this->table = $record['t3_tables'];
917
918 if ($this->id == 0 || $this->table == '') {
919 $flashMessage = t3lib_div::makeInstance(
920 't3lib_FlashMessage',
921 $GLOBALS['LANG']->getLL('action_notReady', TRUE),
922 $GLOBALS['LANG']->getLL('action_error'),
923 t3lib_FlashMessage::ERROR
924 );
925 $content .= '<br />' . $flashMessage->render();
926
927 return $content;
928 }
929
930 require_once($GLOBALS['BACK_PATH'] . 'class.db_list.inc');
931 require_once($GLOBALS['BACK_PATH'] . 'class.db_list_extra.inc');
932
933 // Loading current page record and checking access:
934 $this->pageinfo = t3lib_BEfunc::readPageAccess($this->id,$this->taskObject->perms_clause);
935 $access = is_array($this->pageinfo) ? 1 : 0;
936
937 // If there is access to the page, then render the list contents and set up the document template object:
938 if ($access) {
939 // Initialize the dblist object:
940 $dblist = t3lib_div::makeInstance('tx_sysaction_list');
941 $dblist->script = t3lib_div::getIndpEnv('REQUEST_URI');
942 $dblist->backPath = $GLOBALS['BACK_PATH'];
943 $dblist->calcPerms = $GLOBALS['BE_USER']->calcPerms($this->pageinfo);
944 $dblist->thumbs = $GLOBALS['BE_USER']->uc['thumbnailsByDefault'];
945 $dblist->returnUrl=$this->taskObject->returnUrl;
946 $dblist->allFields = 1;
947 $dblist->localizationView = 1;
948 $dblist->showClipboard = 0;
949 $dblist->disableSingleTableView = 1;
950 $dblist->pageRow = $this->pageinfo;
951 $dblist->counter++;
952 $dblist->MOD_MENU = array('bigControlPanel' => '', 'clipBoard' => '', 'localization' => '');
953 $dblist->modTSconfig = $this->taskObject->modTSconfig;
954 $dblist->dontShowClipControlPanels = $CLIENT['FORMSTYLE'] && !$this->taskObject->MOD_SETTINGS['bigControlPanel'] && $dblist->clipObj->current=='normal' && !$GLOBALS['BE_USER']->uc['disableCMlayers'] && !$this->modTSconfig['properties']['showClipControlPanelsDespiteOfCMlayers'];
955
956 // Initialize the listing object, dblist, for rendering the list:
957 $this->pointer = t3lib_utility_Math::forceIntegerInRange(t3lib_div::_GP('pointer'), 0, 100000);
958 $dblist->start($this->id,$this->table,$this->pointer,$this->taskObject->search_field,$this->taskObject->search_levels,$this->taskObject->showLimit);
959 $dblist->setDispFields();
960
961 // Render the list of tables:
962 $dblist->generateList();
963
964 // Add JavaScript functions to the page:
965 $this->taskObject->doc->JScode=$this->taskObject->doc->wrapScriptTags('
966
967 function jumpToUrl(URL) {
968 window.location.href = URL;
969 return false;
970 }
971 function jumpExt(URL,anchor) {
972 var anc = anchor?anchor:"";
973 window.location.href = URL+(T3_THIS_LOCATION?"&returnUrl="+T3_THIS_LOCATION:"")+anc;
974 return false;
975 }
976 function jumpSelf(URL) {
977 window.location.href = URL+(T3_RETURN_URL?"&returnUrl="+T3_RETURN_URL:"");
978 return false;
979 }
980
981 function setHighlight(id) {
982 top.fsMod.recentIds["web"]=id;
983 top.fsMod.navFrameHighlightedID["web"]="pages"+id+"_"+top.fsMod.currentBank; // For highlighting
984
985 if (top.content && top.content.nav_frame && top.content.nav_frame.refresh_nav) {
986 top.content.nav_frame.refresh_nav();
987 }
988 }
989
990 ' . $dblist->CBfunctions() . '
991 function editRecords(table,idList,addParams,CBflag) {
992 window.location.href="' . $GLOBALS['BACK_PATH'] . 'alt_doc.php?returnUrl=' . rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')) .
993 '&edit["+table+"]["+idList+"]=edit"+addParams;
994 }
995 function editList(table,idList) {
996 var list="";
997
998 // Checking how many is checked, how many is not
999 var pointer=0;
1000 var pos = idList.indexOf(",");
1001 while (pos!=-1) {
1002 if (cbValue(table+"|"+idList.substr(pointer,pos-pointer))) {
1003 list+=idList.substr(pointer,pos-pointer)+",";
1004 }
1005 pointer=pos+1;
1006 pos = idList.indexOf(",",pointer);
1007 }
1008 if (cbValue(table+"|"+idList.substr(pointer))) {
1009 list+=idList.substr(pointer)+",";
1010 }
1011
1012 return list ? list : idList;
1013 }
1014 T3_THIS_LOCATION = "' . rawurlencode(t3lib_div::getIndpEnv('REQUEST_URI')) . '";
1015
1016 if (top.fsMod) top.fsMod.recentIds["web"] = ' . intval($this->id) . ';
1017 ');
1018
1019 // Setting up the context sensitive menu:
1020 $this->taskObject->doc->getContextMenuCode();
1021
1022 // Begin to compile the whole page
1023 $content .= '<form action="'.htmlspecialchars($dblist->listURL()).'" method="post" name="dblistForm">' .
1024 $dblist->HTMLcode .
1025 '<input type="hidden" name="cmd_table" /><input type="hidden" name="cmd" />
1026 </form>';
1027
1028 // If a listing was produced, create the page footer with search form etc:
1029 if ($dblist->HTMLcode) {
1030 // Making field select box (when extended view for a single table is enabled):
1031 if ($dblist->table) {
1032 $tmpBackpath = $GLOBALS['BACK_PATH'];
1033 $GLOBALS['BACK_PATH'] = '';
1034 $content .= $dblist->fieldSelectBox($dblist->table);
1035 $GLOBALS['BACK_PATH'] = $tmpBackpath;
1036 }
1037 }
1038 } else {
1039 // not enough rights to access the list view or the page
1040 $flashMessage = t3lib_div::makeInstance(
1041 't3lib_FlashMessage',
1042 $GLOBALS['LANG']->getLL('action_error-access', TRUE),
1043 $GLOBALS['LANG']->getLL('action_error'),
1044 t3lib_FlashMessage::ERROR
1045 );
1046 $content .= $flashMessage->render();
1047 }
1048
1049 return $content;
1050 }
1051
1052 }
1053
1054
1055 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sys_action/task/class.tx_sysaction_task.php'])) {
1056 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/sys_action/task/class.tx_sysaction_task.php']);
1057 }
1058
1059 ?>