search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
* [Html] You can now only add an HTML block if you have the rights to write HTML...
[pivip.git] / project / modules / html / controllers / IndexController.php
blobeda62e7b0c21473f90bbcb34cdf923b014a7867f
1 <?php
2
3 /**
4 * Pivip
5 * Copyright (C) 2008 Vincent Tunru
6
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; version 2
10
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 *
20 * @license http://www.fsf.org/licensing/licenses/info/GPLv2.html GPL v.2
21 * @category PivipModulesDefault
22 * @package Module_Html
23 * @subpackage Controllers
24 * @copyright (C) 2008 Vincent Tunru
25 * @author Vincent Tunru <email@vincentt.org>
26 */
27
28 /**
29 * Load an HTML block
30 */
31 class Html_IndexController extends Pivip_Controller_Module_Abstract
32 {
33 /**
34 * Load an HTML block
35 */
36 public function mainAction()
37 {
38 $htmlId = $this->_request->getParam('block_id');
39 if(null === $htmlId)
40 {
41 $this->_helper->viewRenderer->setNoRender();
42 return;
43 }
44 $cache = Html_Module::loadCache();
45 if(!$code = $cache->load($htmlId))
46 {
47 $row = Doctrine::getTable('Html')->find($htmlId);
48 $code = $row->html;
49 $cache->save($code, $htmlId, array('html', 'block'));
50 }
51 $filter = new Vogel_Filter_HtmlPurifier();
52 $this->view->setEscape(array($filter, 'filter'));
53 $this->view->code = $code;
54 $this->view->urlParams = array('html_id' => $htmlId);
55 if($this->_isAllowed('edit'))
56 {
57 $this->view->allowEdit = true;
58 }
59 if($this->_isAllowed('delete'))
60 {
61 $this->view->allowDelete = true;
62 }
63 }
64
65 /**
66 * Add an HTML block
67 */
68 public function addAction()
69 {
70 $translate = Zend_Registry::get('Zend_Translate');
71 $location = '/' . $this->_request->getParam('location');
72 if(!$this->_isAllowed('add'))
73 {
74 $this->_flashMessenger->addMessage($translate->_(
75 'You are not allowed to add a new HTML block.'));
76 $this->_redirect($location);
77 }
78 $section = $this->_request->getParam('section');
79 if(empty($section))
80 {
81 $this->_flashMessenger->addMessage($translate->_(
82 'You need to specify a section to add HTML to.'));
83 $this->_redirect($location);
84 }
85 $defaultRequest = Zend_Registry::get('defaultRequest');
86 $this->_helper->actionStack($defaultRequest);
87 $form = $this->_getForm();
88 $this->view->form = $form->render();
89 if(!$this->_request->isPost() ||
90 !$form->isValid($this->_request->getPost()))
91 {
92 return;
93 }
94 try
95 {
96 $block = new Block();
97 $block->location = $location;
98 $block->action = $section;
99 $block->controller = 'index';
100 $block->module = 'html';
101 $block->Html->html = $form->getValue('html');
102 $block->save();
103 $cacheId = Page_Module::urlToCacheId($location);
104 $cache = Page_Module::loadCache();
105 $cache->remove($cacheId);
106 $this->_flashMessenger->addMessage($translate->_('Block added.'));
107 } catch(Exception $e) {die($e->getMessage());
108 $this->_flashMessenger->setNamespace('error')->addMessage($translate
109 ->_('Failed to add the block.'));
110 }
111 $this->_redirect($location);
112 }
113
114 /**
115 * Edit an HTML block
116 */
117 public function editAction()
118 {
119 $translate = Zend_Registry::get('Zend_Translate');
120
121 $htmlId = $this->_request->getParam('html_id');
122
123 if(null === $htmlId)
124 {
125 $this->_flashMessenger->addMessage($translate->_(
126 'No HTML block specified.'));
127 $this->_redirect();
128 }
129
130 $htmlTable = Doctrine::getTable('Html');
131 $html = $htmlTable->find($htmlId);
132
133 if(!$this->_isAllowed('edit'))
134 {
135 $this->_flashMessenger->addMessage($translate->_(
136 'You are not allowed to edit HTML blocks.'));
137 $this->_redirect($html->Block->location);
138 }
139
140 $this->_helper->viewRenderer->setScriptAction('add');
141 $defaultRequest = Zend_Registry::get('defaultRequest');
142 $this->_helper->actionStack($defaultRequest);
143
144 $form = $this->_getForm();
145 $form->submit->setLabel('Edit');
146 $form->block->setLegend('Edit block');
147 $form->populate($html->toArray());
148 $this->view->form = $form->render();
149 if(!$this->_request->isPost() ||
150 !$form->isValid($this->_request->getPost()))
151 {
152 return;
153 }
154 try
155 {
156 $html->html = $form->getValue('html');
157 $html->save();
158 $this->_flashMessenger->addMessage($translate->_('Block updated.'));
159 } catch(Exception $e) {
160 $this->_flashMessenger->setNamespace('error')->addMessage($translate->_(
161 'An error occured while updating the block, please try again.'));
162 $this->_redirect($this->_request->getRequestUri());
163 }
164 $cache = Html_Module::loadCache();
165 $cache->remove($htmlId);
166 $this->_redirect($html->Block->location);
167 }
168
169 /**
170 * Delete an HTML block
171 *
172 * @todo Allow the user to undo this
173 */
174 public function deleteAction()
175 {
176 $htmlId = $this->_request->getParam('html_id');
177 $translate = Zend_Registry::get('Zend_Translate');
178
179 if(null === $htmlId)
180 {
181 $this->_flashMessenger->addMessage($translate->_(
182 'No HTML block specified.'));
183 $this->_redirect();
184 }
185
186 $htmlTable = Doctrine::getTable('Html');
187 $html = $htmlTable->find($htmlId);
188
189 if(!$this->_isAllowed('delete'))
190 {
191 $this->_flashMessenger->addMessage($translate->_(
192 'You are not allowed to delete blocks.'));
193 $this->_redirect($html->Block->location);
194 }
195
196 $location = $html->Block->location;
197 try
198 {
199 $html->Block->delete();
200 $html->delete();
201 $this->_flashMessenger->addMessage($translate->_(
202 'Block deleted.'));
203 $cache = Html_Module::loadCache();
204 $cache->remove($htmlId);
205 $cache = Page_Module::loadCache();
206 $cache->remove(Page_Module::urlToCacheId($location));
207 } catch(Exception $e) {
208 $this->_flashMessenger->setNamespace('error')->addMessage($translate->_(
209 'An error occurred while deleting the block, please try again.'));
210 }
211 $this->_redirect($location);
212 }
213
214 /**
215 * @return Zend_Form The form to add an HTML block
216 */
217 protected function _getForm()
218 {
219 $form = new Zend_Form;
220 $html = new Zend_Form_Element_Textarea('html');
221 $html->setRequired(true)
222 ->setLabel('HTML');
223 $form->addElement($html)
224 ->setMethod('post')
225 ->setAction($this->_request->getRequestUri())
226 ->addDisplayGroup(array('html'), 'block')
227 ->block->setLegend('Add block');
228 $submit = new Zend_Form_Element_Submit('submit');
229 $submit->setLabel('Add')
230 ->addDecorator('HtmlTag', array('tag' => 'dd'))
231 ->removeDecorator('DtDdWrapper');
232 $form->addElement($submit);
233 return $form;
234 }
235
236 /**
237 * @param $privileges What the user needs to be allowed to do to blocks
238 * @return bool Whether the user has sufficient rights
239 */
240 protected function _isAllowed($privileges = null)
241 {
242 $auth = Pivip_Auth::getInstance();
243 $acl = Zend_Registry::get('acl');
244 $identity = $auth->getIdentityProperties();
245 if('edit' == $privileges || 'add' == $privileges)
246 {
247 if(!$acl->isAllowed('guest', 'html', 'write') && !$auth->hasIdentity())
248 {
249 return false;
250 }
251 if(!$acl->isAllowed($identity->aclRole, 'html', 'write'))
252 {
253 return false;
254 }
255 }
256 if(!$acl->isAllowed('guest', 'block', $privileges) &&
257 !$auth->hasIdentity())
258 {
259 return false;
260 }
261 return $acl->isAllowed($identity->aclRole, 'block', $privileges);
262 }
263 }
Extremely easy and extensible Content Management System