1 | <?php |
||
2 | |||
3 | /* |
||
4 | * @copyright 2016 Mautic Contributors. All rights reserved |
||
5 | * @author Mautic, Inc. |
||
6 | * |
||
7 | * @link https://mautic.org |
||
8 | * |
||
9 | * @license GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html |
||
10 | */ |
||
11 | |||
12 | namespace Mautic\CoreBundle\Controller; |
||
13 | |||
14 | use Symfony\Component\Form\Form; |
||
15 | |||
16 | abstract class AbstractFormController extends CommonController |
||
17 | { |
||
18 | use FormThemeTrait; |
||
19 | |||
20 | protected $permissionBase; |
||
21 | |||
22 | /** |
||
23 | * @param $id |
||
24 | * @param $modelName |
||
25 | * |
||
26 | * @return mixed |
||
27 | */ |
||
28 | public function unlockAction($id, $modelName) |
||
29 | { |
||
30 | $model = $this->getModel($modelName); |
||
31 | $entity = $model->getEntity($id); |
||
32 | $this->permissionBase = $model->getPermissionBase(); |
||
33 | |||
34 | if ($this->canEdit($entity)) { |
||
35 | if (null !== $entity && null !== $entity->getCheckedOutBy()) { |
||
36 | $model->unlockEntity($entity); |
||
37 | } |
||
38 | $returnUrl = urldecode($this->request->get('returnUrl')); |
||
39 | if (empty($returnUrl)) { |
||
40 | $returnUrl = $this->generateUrl('mautic_dashboard_index'); |
||
41 | } |
||
42 | |||
43 | $this->addFlash( |
||
44 | 'mautic.core.action.entity.unlocked', |
||
45 | [ |
||
46 | '%name%' => urldecode($this->request->get('name')), |
||
47 | ] |
||
48 | ); |
||
49 | |||
50 | return $this->redirect($returnUrl); |
||
51 | } |
||
52 | |||
53 | return $this->accessDenied(); |
||
54 | } |
||
55 | |||
56 | /** |
||
57 | * Returns view to index with a locked out message. |
||
58 | * |
||
59 | * @param array $postActionVars |
||
60 | * @param object $entity |
||
61 | * @param string $model |
||
62 | * @param bool $batch Flag if a batch action is being performed |
||
63 | * |
||
64 | * @return \Symfony\Component\HttpFoundation\JsonResponse|\Symfony\Component\HttpFoundation\RedirectResponse|array |
||
65 | */ |
||
66 | protected function isLocked($postActionVars, $entity, $model, $batch = false) |
||
67 | { |
||
68 | $date = $entity->getCheckedOut(); |
||
69 | $postActionVars = $this->refererPostActionVars($postActionVars); |
||
70 | $returnUrl = $postActionVars['returnUrl']; |
||
71 | $override = ''; |
||
72 | |||
73 | $modelClass = $this->getModel($model); |
||
74 | $nameFunction = $modelClass->getNameGetter(); |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
75 | $this->permissionBase = $modelClass->getPermissionBase(); |
||
76 | |||
77 | if ($this->canEdit($entity)) { |
||
78 | $override = $this->get('translator')->trans( |
||
79 | 'mautic.core.override.lock', |
||
80 | [ |
||
81 | '%url%' => $this->generateUrl( |
||
82 | 'mautic_core_form_action', |
||
83 | [ |
||
84 | 'objectAction' => 'unlock', |
||
85 | 'objectModel' => $model, |
||
86 | 'objectId' => $entity->getId(), |
||
87 | 'returnUrl' => $returnUrl, |
||
88 | 'name' => urlencode($entity->$nameFunction()), |
||
89 | ] |
||
90 | ), |
||
91 | ] |
||
92 | ); |
||
93 | } |
||
94 | |||
95 | $flash = [ |
||
96 | 'type' => 'error', |
||
97 | 'msg' => 'mautic.core.error.locked', |
||
98 | 'msgVars' => [ |
||
99 | '%name%' => $entity->$nameFunction(), |
||
100 | '%user%' => $entity->getCheckedOutByUser(), |
||
101 | '%contactUrl%' => $this->generateUrl( |
||
102 | 'mautic_user_action', |
||
103 | [ |
||
104 | 'objectAction' => 'contact', |
||
105 | 'objectId' => $entity->getCheckedOutBy(), |
||
106 | 'entity' => $model, |
||
107 | 'id' => $entity->getId(), |
||
108 | 'subject' => 'locked', |
||
109 | 'returnUrl' => $returnUrl, |
||
110 | ] |
||
111 | ), |
||
112 | '%date%' => $date->format($this->coreParametersHelper->get('date_format_dateonly')), |
||
113 | '%time%' => $date->format($this->coreParametersHelper->get('date_format_timeonly')), |
||
114 | '%datetime%' => $date->format($this->coreParametersHelper->get('date_format_full')), |
||
115 | '%override%' => $override, |
||
116 | ], |
||
117 | ]; |
||
118 | |||
119 | if ($batch) { |
||
120 | return $flash; |
||
121 | } |
||
122 | |||
123 | return $this->postActionRedirect( |
||
124 | array_merge( |
||
125 | $postActionVars, |
||
126 | [ |
||
127 | 'flashes' => [$flash], |
||
128 | ] |
||
129 | ) |
||
130 | ); |
||
131 | } |
||
132 | |||
133 | /** |
||
134 | * Checks to see if the form was cancelled. |
||
135 | * |
||
136 | * @return bool |
||
137 | */ |
||
138 | protected function isFormCancelled(Form $form) |
||
139 | { |
||
140 | $formData = $this->request->request->get($form->getName()); |
||
141 | |||
142 | return is_array($formData) && array_key_exists('buttons', $formData) && array_key_exists('cancel', $formData['buttons']); |
||
143 | } |
||
144 | |||
145 | /** |
||
146 | * Checks to see if the form was applied or saved. |
||
147 | * |
||
148 | * @return bool |
||
149 | */ |
||
150 | protected function isFormApplied(Form $form) |
||
151 | { |
||
152 | $formData = $this->request->request->get($form->getName()); |
||
153 | |||
154 | return array_key_exists('buttons', $formData) && array_key_exists('apply', $formData['buttons']); |
||
155 | } |
||
156 | |||
157 | /** |
||
158 | * Binds form data, checks validity, and determines cancel request. |
||
159 | * |
||
160 | * @param array $data |
||
161 | * |
||
162 | * @return bool |
||
163 | */ |
||
164 | protected function isFormValid(Form $form, array $data = null) |
||
165 | { |
||
166 | //bind request to the form |
||
167 | $form->handleRequest($this->request); |
||
168 | |||
169 | return $form->isValid(); |
||
170 | } |
||
171 | |||
172 | /** |
||
173 | * Decide if current user can edit or can edit specific entity if entity is provided |
||
174 | * For BC, if permissionBase property is not set, it allow to edit only to administrators. |
||
175 | * |
||
176 | * @param object $entity |
||
177 | * |
||
178 | * @return bool |
||
179 | */ |
||
180 | protected function canEdit($entity = null) |
||
181 | { |
||
182 | $security = $this->get('mautic.security'); |
||
183 | |||
184 | if ($this->permissionBase) { |
||
185 | $permissionBase = $this->permissionBase; |
||
186 | } else { |
||
187 | $permissionBase = $this->getPermissionBase(); |
||
188 | } |
||
189 | |||
190 | if ($permissionBase) { |
||
191 | if ($entity && $security->checkPermissionExists($permissionBase.':editown')) { |
||
192 | return $security->hasEntityAccess( |
||
193 | $permissionBase.':editown', |
||
194 | $permissionBase.':editother', |
||
195 | $entity->getCreatedBy() |
||
196 | ); |
||
197 | } elseif ($security->checkPermissionExists($permissionBase.':edit')) { |
||
198 | return $security->isGranted( |
||
199 | $permissionBase.':edit' |
||
200 | ); |
||
201 | } |
||
202 | } |
||
203 | |||
204 | return $this->get('mautic.helper.user')->getUser()->isAdmin(); |
||
205 | } |
||
206 | |||
207 | protected function copyErrorsRecursively(Form $copyFrom, Form $copyTo) |
||
208 | { |
||
209 | /** @var $error FormError */ |
||
210 | foreach ($copyFrom->getErrors() as $error) { |
||
211 | $copyTo->addError($error); |
||
212 | } |
||
213 | |||
214 | foreach ($copyFrom->all() as $key => $child) { |
||
215 | if ($child instanceof Form && $copyTo->has($key)) { |
||
216 | $childTo = $copyTo->get($key); |
||
217 | $this->copyErrorsRecursively($child, $childTo); |
||
218 | } |
||
219 | } |
||
220 | } |
||
221 | |||
222 | /** |
||
223 | * generate $postActionVars with respect to available referer. |
||
224 | * |
||
225 | * @return array $postActionVars |
||
226 | */ |
||
227 | protected function refererPostActionVars($vars) |
||
228 | { |
||
229 | if (empty($this->request->server->get('HTTP_REFERER'))) { |
||
230 | return $vars; |
||
231 | } |
||
232 | |||
233 | $returnUrl = !empty($this->request->server->get('HTTP_REFERER')) ? $this->request->server->get('HTTP_REFERER') : ''; |
||
234 | $vars['returnUrl'] = $returnUrl; |
||
235 | |||
236 | $urlMatcher = explode('/s/', $returnUrl); |
||
237 | $actionRoute = $this->get('router')->match('/s/'.$urlMatcher[1]); |
||
238 | $objAction = isset($actionRoute['objectAction']) ? $actionRoute['objectAction'] : 'index'; |
||
239 | $routeCtrlr = explode('\\', $actionRoute['_controller']); |
||
240 | |||
241 | $defaultContentTemplate = $routeCtrlr[0].$routeCtrlr[1].':'.ucfirst(str_replace('Bundle', '', $routeCtrlr[1])).':'.$objAction; |
||
242 | $vars['contentTemplate'] = isset($vars['contentTemplate']) ? $vars['contentTemplate'] : $defaultContentTemplate; |
||
243 | |||
244 | $vars['passthroughVars']['activeLink'] = '#'.str_replace('_action', '_'.$objAction, $actionRoute['_route']); |
||
245 | |||
246 | if (isset($actionRoute['objectId']) && $actionRoute['objectId'] > 0) { |
||
247 | $vars['viewParameters']['objectId'] = $actionRoute['objectId']; |
||
248 | } |
||
249 | |||
250 | return $vars; |
||
251 | } |
||
252 | } |
||
253 |