PageRenderTime 67ms CodeModel.GetById 37ms RepoModel.GetById 1ms app.codeStats 0ms

/Controller/GroupsController.php

https://github.com/xemle/phtagr
PHP | 340 lines | 291 code | 30 blank | 19 comment | 58 complexity | e2e9e485c623f1bdb57a8512991aaa72 MD5 | raw file
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * PHP versions 5
    4. 

  4.  *
    5. 

  5.  * phTagr : Organize, Browse, and Share Your Photos.
    6. 

  6.  * Copyright 2006-2013, Sebastian Felis (sebastian@phtagr.org)
    7. 

  7.  *
    8. 

  8.  * Licensed under The GPL-2.0 License
    9. 

  9.  * Redistributions of files must retain the above copyright notice.
    10. 

  10.  *
    11. 

  11.  * @copyright     Copyright 2006-2013, Sebastian Felis (sebastian@phtagr.org)
    12. 

  12.  * @link          http://www.phtagr.org phTagr
    13. 

  13.  * @package       Phtagr
    14. 

  14.  * @since         phTagr 2.2b3
    15. 

  15.  * @license       GPL-2.0 (http://www.opensource.org/licenses/GPL-2.0)
    16. 

  16.  */
    17. 

  17. App::uses('CakeEmail', 'Network/Email');
    18. 

  18. 

  19. class GroupsController extends AppController {
    20. 

  20.   var $name = 'Groups';
    21. 

  21.   var $uses = array('Group', 'User', 'Media');
    22. 

  22.   var $components = array('RequestHandler', 'Security', 'Search');
    23. 

  23.   var $helpers = array('Form', 'ImageData', 'Text', 'Autocomplete');
    24. 

  24.   var $subMenu = false;
    25. 

  25. 

  26.   public function beforeFilter() {
    27. 

  27.     parent::beforeFilter();
    28. 

  28.     $this->subMenu = array(
    29. 

  29.       'index' => __("My Groups"),
    30. 

  30.       'members' => __("My Memberships"),
    31. 

  31.       'all' => __("All Groups"),
    32. 

  32.       'create' => __("Create Group"),
    33. 

  33.       );
    34. 

  34.     $this->requireRole(ROLE_USER);
    35. 

  35.     $this->Security->blackHoleCallback = 'fail';
    36. 

  36.     $this->Security->requirePost = array('addMember', 'autocomplete');
    37. 

  37.     if ($this->action == 'addMember' || $this->action == 'autocomplete') {
    38. 

  38.       $this->Security->validatePost = false;
    39. 

  39.       $this->Security->csrfCheck = false;
    40. 

  40.       $this->Security->disabledFields = array('User.username', 'Member.new');
    41. 

  41.     }
    42. 

  42.     $this->layout = 'backend';
    43. 

  43.   }
    44. 

  44. 

  45.   public function fail($type) {
    46. 

  46.     CakeLog::error("The security component denied action {$this->action}. Reason: $type");
    47. 

  47.     CakeLog::debug(print_r($this->request->data, true));
    48. 

  48.     $this->redirect(null, '404');
    49. 

  49.   }
    50. 

  50. 

  51.   public function index() {
    52. 

  52.     $userId = $this->getUserId();
    53. 

  53.     $this->request->data = $this->Group->find('all', array('conditions' => array('User.id' => $userId), 'order' => 'Group.name'));
    54. 

  54.   }
    55. 

  55. 

  56.   public function members() {
    57. 

  57.     $userId = $this->getUserId();
    58. 

  58.     $this->Group->bindModel(array('hasOne' => array('GroupsUser' => array())));
    59. 

  59.     $this->request->data = $this->Group->find('all', array('conditions' => array('GroupsUser.user_id' => $userId)));
    60. 

  60.     CakeLog::debug(print_r($this->request->data, true));
    61. 

  61.   }
    62. 

  62. 

  63.   public function all() {
    64. 

  64.     $userId = $this->getUserId();
    65. 

  65.     if ($this->hasRole(ROLE_ADMIN)) {
    66. 

  66.       $this->request->data = $this->Group->find('all', array('order' => 'Group.name'));
    67. 

  67.     } else {
    68. 

  68.       $this->request->data = $this->Group->find('all', array('conditions' => (array('OR' => array('User.id' => $userId, 'Group.is_hidden' => false))), 'order' => 'Group.name'));
    69. 

  69.     }
    70. 

  70.   }
    71. 

  71. 

  72. 	function autocomplete() {
    73. 

  73.     if (!$this->RequestHandler->isAjax() || !$this->RequestHandler->isPost()) {
    74. 

  74.       CakeLog::debug("Decline wrong ajax request");
    75. 

  75.       $this->redirect(null, '404');
    76. 

  76.     }
    77. 

  77.     $user = $this->getUser();
    78. 

  78.     $users = $this->User->findVisibleUsers($user, $this->request->data['User']['username'], true);
    79. 

  79.     $this->request->data = $users;
    80. 

  80.     $this->layout = "xml";
    81. 

  81.   }
    82. 

  82. 

  83.   public function view($name) {
    84. 

  84.     $this->request->data = $this->Group->findByName($name);
    85. 

  85.     if (!$this->request->data) {
    86. 

  86.       $this->Session->setFlash(__("%s not found", true, __("Group")));
    87. 

  87.       $this->redirect('index');
    88. 

  88.     }
    89. 

  89.     $this->Group->setAdmin($this->request->data, $this->getUser());
    90. 

  90.     $this->set('mediaCount', $this->Media->countByGroupId($this->request->data['Group']['id']));
    91. 

  91. 

  92.     $this->Search->addGroup($name);
    93. 

  93.     $this->Search->setShow(6);
    94. 

  94.     $this->set('media', $this->Search->paginate());
    95. 

  95.   }
    96. 

  96. 

  97.   public function create() {
    98. 

  98.     if (!empty($this->request->data)) {
    99. 

  99.       $user = $this->getUser();
    100. 

  100.       $this->request->data['Group']['user_id'] = $user['User']['id'];
    101. 

  101.       if (!$this->Group->isNameUnique($this->request->data)) {
    102. 

  102.         $this->Session->setFlash(__("%s already exists", true, __('Group')));
    103. 

  103.       } elseif ($this->Group->save($this->request->data)) {
    104. 

  104.         $groupId = $this->Group->getLastInsertID();
    105. 

  105.         $group = $this->Group->findById($groupId);
    106. 

  106.         $user = $this->getUser();
    107. 

  107.         CakeLog::info("User '{$user['User']['username']}' ({$user['User']['id']}) created group '{$group['Group']['name']}' ({$group['Group']['id']})");
    108. 

  108.         $this->Session->setFlash(__("Add successfully group '%s'", $this->request->data['Group']['name']));
    109. 

  109.         $this->redirect("view/{$group['Group']['name']}");
    110. 

  110.       } else {
    111. 

  111.         $this->Session->setFlash(__("Could not create group '%s'", $this->request->data['Group']['name']));
    112. 

  112.       }
    113. 

  113.     }
    114. 

  114.   }
    115. 

  115. 

  116.   private function __createEmail() {
    117. 

  117.     $Email = new CakeEmail('default');
    118. 

  118.     $Email->helpers('Html');
    119. 

  119.     return $Email;
    120. 

  120.   }
    121. 

  121. 

  122.   private function __sendSubscribtionRequest($group) {
    123. 

  123.     $user = $this->getUser();
    124. 

  124. 

  125.     $email = $this->__createEmail();
    126. 

  126.     $email->template('group_subscribtion_request')
    127. 

  127.       ->to(array($group['User']['email'] => $group['User']['username']))
    128. 

  128.       ->subject("Group {$group['Group']['name']}: Subscription request for user {$user['User']['username']}")
    129. 

  129.       ->viewVars(array('group' => $group, 'user' => $user));
    130. 

  130. 

  131.     try {
    132. 

  132.       $email->send();
    133. 

  133.       CakeLog::info("Sent group subscribe request of user {$user['User']['username']} for group {$group['Group']['name']} to {$group['User']['username']}");
    134. 

  134.       $this->Session->setFlash(__("Group subscription request was sent to the group owner"));
    135. 

  135.       return true;
    136. 

  136.     } catch (Exception $e) {
    137. 

  137.       CakeLog::error(sprintf("Could not send group subscription request to {$group['User']['username']} <{$group['User']['email']}>"));
    138. 

  138.       $this->Session->setFlash(__('Mail could not be sent'));
    139. 

  139.       return false;
    140. 

  140.     }
    141. 

  141.   }
    142. 

  142. 

  143.   private function __sendConfirmation($group, $user) {
    144. 

  144.     $email = $this->__createEmail();
    145. 

  145.     $email->template('group_confirmation')
    146. 

  146.       ->to(array($user['User']['email'] => $user['User']['username']))
    147. 

  147.       ->subject("Group {$group['Group']['name']}: Your subscription was accepted")
    148. 

  148.       ->viewVars(array('group' => $group, 'user' => $user));
    149. 

  149. 

  150.     try {
    151. 

  151.       $email->send();
    152. 

  152.       CakeLog::info("Sent group confirmation to user {$user['User']['username']} for group {$group['Group']['name']}");
    153. 

  153.       return true;
    154. 

  154.     } catch (Exception $e) {
    155. 

  155.       CakeLog::error(sprintf("Could not send group confirmation to {$user['User']['username']} <{$user['User']['email']}>"));
    156. 

  156.       return false;
    157. 

  157.     }
    158. 

  158.   }
    159. 

  159. 

  160.   private function __sendSubscribtion($group) {
    161. 

  161.     $user = $this->getUser();
    162. 

  162. 

  163.     $email = $this->__createEmail();
    164. 

  164.     $email->template('group_subscribtion')
    165. 

  165.       ->to(array($group['User']['email'] => $group['User']['username']))
    166. 

  166.       ->subject("Group {$group['Group']['name']}: Subscription request for user {$user['User']['username']}")
    167. 

  167.       ->viewVars(array('group' => $group, 'user' => $user));
    168. 

  168. 

  169.     try {
    170. 

  170.       $email->send();
    171. 

  171.       CakeLog::info("Sent new group subscribtion of user {$user['User']['username']} for group {$group['Group']['name']} to {$group['User']['username']}");
    172. 

  172.       return true;
    173. 

  173.     } catch (Exception $e) {
    174. 

  174.       CakeLog::error(sprintf("Could not send new group subscription to {$group['User']['username']} <{$group['User']['email']}>"));
    175. 

  175.       return false;
    176. 

  176.     }
    177. 

  177.   }
    178. 

  178. 

  179.   public function _sendUnsubscribtion($group) {
    180. 

  180.     $user = $this->getUser();
    181. 

  181. 

  182.     $email = $this->__createEmail();
    183. 

  183.     $email->template('group_unsubscribtion')
    184. 

  184.       ->to(array($group['User']['email'] => $group['User']['username']))
    185. 

  185.       ->subject("Group {$group['Group']['name']}: Subscription request for user {$user['User']['username']}")
    186. 

  186.       ->viewVars(array('group' => $group, 'user' => $user));
    187. 

  187. 

  188.     try {
    189. 

  189.       $email->send();
    190. 

  190.       CakeLog::info("Sent new group subscribtion of user {$user['User']['username']} for group {$group['Group']['name']} to {$group['User']['username']}");
    191. 

  191.       return true;
    192. 

  192.     } catch (Exception $e) {
    193. 

  193.       CakeLog::error(sprintf("Could not send new group subscription to {$group['User']['username']} <{$group['User']['email']}>"));
    194. 

  194.       return false;
    195. 

  195.     }
    196. 

  196.   }
    197. 

  197. 

  198.   public function subscribe($name) {
    199. 

  199.     $group = $this->Group->findByName($name);
    200. 

  200.     if (!$group) {
    201. 

  201.       $this->Session->setFlash(__("%s not found", true, __("Group")));
    202. 

  202.       $this->redirect('index');
    203. 

  203.     }
    204. 

  204.     if ($group['Group']['is_moderated']) {
    205. 

  205.       $this->__sendSubscribtionRequest($group);
    206. 

  206.       $this->redirect("view/$name");
    207. 

  207.     } else {
    208. 

  208.       $result = $this->Group->subscribe($group, $this->getUserId());
    209. 

  209.       $this->Session->setFlash($result['message']);
    210. 

  210.       if ($result['code'] >= 400 && $result['code'] < 500) {
    211. 

  211.         $this->redirect("index");
    212. 

  212.       } else {
    213. 

  213.         if ($result['code'] == 201) {
    214. 

  214.           $this->__sendSubscribtion($group);
    215. 

  215.         }
    216. 

  216.         $this->redirect("view/$name");
    217. 

  217.       }
    218. 

  218.     }
    219. 

  219.   }
    220. 

  220. 

  221.   public function confirm($groupName, $userName) {
    222. 

  222.     $conditions = array('Group.name' => $groupName);
    223. 

  223.     if ($this->getUserRole() < ROLE_ADMIN) {
    224. 

  224.       $conditions['Group.user_id'] = $this->getUserId();
    225. 

  225.     }
    226. 

  226.     $group = $this->Group->find('first', array('conditions' => $conditions));
    227. 

  227.     $user = $this->User->findByUsername($userName);
    228. 

  228.     $userId = ($user) ? $user['User']['id'] : false;
    229. 

  229.     $result = $this->Group->subscribe($group, $userId);
    230. 

  230.     $this->Session->setFlash($result['message']);
    231. 

  231.     if ($result['code'] >= 400 && $result['code'] < 500) {
    232. 

  232.       $this->redirect("index");
    233. 

  233.     } else {
    234. 

  234.       $this->__sendConfirmation($group, $user);
    235. 

  235.       $this->Session->setFlash("Confirmed subscription of {$user['User']['username']}");
    236. 

  236.       $this->redirect("view/$groupName");
    237. 

  237.     }
    238. 

  238.   }
    239. 

  239. 

  240.   public function unsubscribe($name) {
    241. 

  241.     $group = $this->Group->findByName($name);
    242. 

  242.     $result = $this->Group->unsubscribe($group, $this->getUserId());
    243. 

  243.     $this->Session->setFlash($result['message']);
    244. 

  244.     if ($result['code'] >= 400 && $result['code'] < 500) {
    245. 

  245.       $this->redirect("index");
    246. 

  246.     } else {
    247. 

  247.       if ($result['code'] == 201) {
    248. 

  248.         $this->_sendUnsubscribtion($group);
    249. 

  249.       }
    250. 

  250.       $this->redirect("view/$name");
    251. 

  251.     }
    252. 

  252.   }
    253. 

  253. 

  254.   public function addMember($id) {
    255. 

  255.     $group = $this->Group->findById($id);
    256. 

  256.     if (!$this->Group->isAdmin($group, $this->getUser())) {
    257. 

  257.       $this->Session->setFlash(__("You are not authorized to perform this action"));
    258. 

  258.       $this->redirect("view/{$group['Group']['name']}");
    259. 

  259.     }
    260. 

  260.     $user = $this->User->findByUsername($this->request->data['Member']['new']);
    261. 

  261.     if (!$user) {
    262. 

  262.       $this->Session->setFlash(__("%s not found", true), __("User"));
    263. 

  263.       $this->redirect("view/{$group['Group']['name']}");
    264. 

  264.     }
    265. 

  265.     $result = $this->Group->subscribe($group, $user['User']['id']);
    266. 

  266.     if ($result['code'] >= 400 && $result['code'] < 500) {
    267. 

  267.       $this->redirect("index");
    268. 

  268.     } elseif ($result['code'] == 201) {
    269. 

  269.       $this->Session->setFlash(__("User %s is now subscribe to this group", $this->request->data['Member']['new']));
    270. 

  270.     }
    271. 

  271.     $this->redirect("view/{$group['Group']['name']}");
    272. 

  272.   }
    273. 

  273. 

  274.   public function deleteMember($groupName, $userName) {
    275. 

  275.     $group = $this->Group->findByName($groupName);
    276. 

  276.     if (!$this->Group->isAdmin($group, $this->getUser())) {
    277. 

  277.       $this->Session->setFlash(__("You are not authorized to perform this action"));
    278. 

  278.       $this->redirect("view/{$group['Group']['name']}");
    279. 

  279.     }
    280. 

  280.     $user = $this->User->findByUsername($userName);
    281. 

  281.     if (!$user) {
    282. 

  282.       $this->Session->setFlash(__("%s not found", true), __("User"));
    283. 

  283.       $this->redirect("view/{$group['Group']['name']}");
    284. 

  284.     }
    285. 

  285.     $result = $this->Group->unsubscribe($group, $user['User']['id']);
    286. 

  286.     if ($result['code'] >= 400 && $result['code'] < 500) {
    287. 

  287.       $this->redirect("index");
    288. 

  288.     } elseif ($result['code'] == 201) {
    289. 

  289.       $this->Session->setFlash(__("User %s is now unsubscribe from this group", $userName));
    290. 

  290.     }
    291. 

  291.     $this->redirect("view/{$group['Group']['name']}");
    292. 

  292.   }
    293. 

  293. 

  294.   public function edit($groupName) {
    295. 

  295.     if (!empty($this->request->data)) {
    296. 

  296.       if ($this->request->data['Group']['name'] != $groupName && !$this->Group->isNameUnique($this->request->data)) {
    297. 

  297.         $this->Session->setFlash(__("%s already exists", true, __('Group')));
    298. 

  298.       } elseif (!$this->Group->save($this->request->data)) {
    299. 

  299.         $this->Session->setFlash(__("Could not save %s", true, __('Group')));
    300. 

  300.       } else {
    301. 

  301.         $this->Session->setFlash(__("%s updated", true, __('Group')));
    302. 

  302.         if ($groupName != $this->request->data['Group']['name']) {
    303. 

  303.           $this->redirect("edit/{$this->request->data['Group']['name']}");
    304. 

  304.         }
    305. 

  305.       }
    306. 

  306.     }
    307. 

  307.     $conditions = array('Group.name' => $groupName);
    308. 

  308.     if ($this->getUserRole() < ROLE_ADMIN) {
    309. 

  309.       $conditions['Group.user_id'] = $this->getUserId();
    310. 

  310.     }
    311. 

  311.     $this->request->data = $this->Group->find('first', array('conditions' => $conditions));
    312. 

  312.     if (!$this->request->data) {
    313. 

  313.       $this->Session->setFlash(__("Could not find group"));
    314. 

  314.       $this->redirect("index");
    315. 

  315.     }
    316. 

  316.   }
    317. 

  317. 

  318.   /**
    319. 

  319.    * @todo Reset all group information of image
    320. 

  320.    * @todo Check for permission!
    321. 

  321.    */
    322. 

  322.   public function delete($groupId) {
    323. 

  323.     $conditions = array('Group.id' => $groupId);
    324. 

  324.     if ($this->getUserRole() < ROLE_ADMIN) {
    325. 

  325.       $conditions['Group.user_id'] = $this->getUserId();
    326. 

  326.     }
    327. 

  327.     $group = $this->Group->find('first', array('conditions' => $conditions));
    328. 

  328.     if ($group) {
    329. 

  329.       $this->Group->delete($groupId);
    330. 

  330.       $user = $this->getUser();
    331. 

  331.       CakeLog::info("User '{$user['User']['username']}' ({$user['User']['id']}) deleted group '{$group['Group']['name']}' ({$group['Group']['id']})");
    332. 

  332.       $this->Session->setFlash(__("Successfully deleted group '%s'", $group['Group']['name']));
    333. 

  333.     } else {
    334. 

  334.       $this->Session->setFlash(__("Could not find group"));
    335. 

  335.     }
    336. 

  336.     $this->redirect("index");
    337. 

  337.   }
    338. 

  338. 

  339. }
    340. 

  340. ?>
    341. 

  341.