diff --git a/docs/upgrades/upgrade_5.3.3-5.4.0.sql b/docs/upgrades/upgrade_5.3.3-5.4.0.sql
index 37cf0ec55..1b75331ef 100644
--- a/docs/upgrades/upgrade_5.3.3-5.4.0.sql
+++ b/docs/upgrades/upgrade_5.3.3-5.4.0.sql
@@ -48,3 +48,13 @@ insert into help (helpId, namespace, titleId, bodyId, seeAlso) VALUES ('70', 'We
+delete from international where languageId=1 and namespace='WebGUI' and internationalId=979;
+insert into international (internationalId,languageId,namespace,message,lastUpdated,context) values (979,1,'WebGUI','Wobject Privileges', 1056041703,'Would you like Wobject Privileges to be enabled?');
+delete from international where languageId=1 and namespace='WebGUI' and internationalId=116;
+insert into international (internationalId,languageId,namespace,message,lastUpdated,context) values (116,1,'WebGUI','Select \"Yes\" to change the privileges of all pages and wobjects under this page to these privileges.', 1056054674,NULL);
+delete from international where languageId=1 and namespace='WebGUI' and internationalId=632;
+insert into international (internationalId,languageId,namespace,message,lastUpdated,context) values (632,1,'WebGUI','You can add wobjects by selecting from the Add Content pulldown menu. You can edit them by clicking on the \"Edit\" button that appears directly above an instance of a particular wobject. \r\nAlmost all wobjects share some properties. Those properties are: \r\n
Wobject ID
This is the unique identifier WebGUI uses to keep track of this wobject instance. Normal users should never need to be concerned with the Wobject ID, but some advanced users may need to know it for things like SQL Reports. \r\n
Title The title of the wobject. This is typically displayed at the top of each wobject. \r\n
Note: You should always specify a title even if you are going to turn it off (with the next property). This is because the title shows up in the trash and clipboard and you\'ll want to be able to distinguish which wobject is which. \r\n
Display title?
Do you wish to display the title you specified? On some sites, displaying the title is not necessary. \r\n
Process macros?
Do you wish to process macros in the content of this wobject? Sometimes you\'ll want to do this, but more often than not you\'ll want to say \"no\" to this question. By disabling the processing of macros on the wobjects that don\'t use them, you\'ll speed up your web server slightly. \r\n
Template Position
Template positions range from 0 (zero) to any number. How many are available depends upon the Template associated with this page. The default template has only one template position, others may have more. By selecting a template position, you\'re specifying where this wobject should be placed within the template. \r\n
Start Date
On what date should this wobject become visible? Before this date, the wobject will only be displayed to Content Managers. \r\n
End Date
On what date should this wobject become invisible? After this date, the wobject will only be displayed to Content Managers.
Owner
The owner of a wobject is usually the person who created the wobject. This user has full edit and viewing rights on the wobject unless privileges to edit the page the wobject apears on are taken away. \r\n
NOTE: The owner can only be changed by an administrator. \r\n
Who can view?
Choose which group can view this wobject. If you want both visitors and registered users to be able to view the wobject then you should choose the \"Everybody\" group. \r\n
Who can edit?
Choose the group that can edit this wobject. The group assigned editing rights can also always view the wobject.
\r\nDescription
A content area in which you can place as much content as you wish. For instance, even before an FAQ there is usually a paragraph describing what is contained in the FAQ. \r\n
', 1056055106,NULL);
+delete from international where languageId=1 and namespace='WebGUI' and internationalId=634;
+insert into international (internationalId,languageId,namespace,message,lastUpdated,context) values (634,1,'WebGUI','Default Home Page
Some really small sites don\'t have a home page, but instead like to use one of their internal pages like \"About Us\" or \"Company Information\" as their home page. For that reason, you can set the default page of your site to any page in the site. That page will be the one people go to if they type in just your URL http://www.mywebguisite.com, or if they click on the Home link generated by the ^H; macro. \r\nNot Found Page
If a page that a user requests is not found in the system, the user can be redirected to the home page or to an error page where they can attempt to find what they were looking for. You decide which is better for your users. \r\n
Document Type Declaration
These days it is very common to have a wide array of browsers accessing your site, including automated browsers like search engine spiders. Many of those browsers want to know what kind of content you are serving. The doctype tag allows you to specify that. By default WebGUI generates HTML 4.0 compliant content. \r\n
Favicon
An icon that appears on Internet Explorer short cuts such as your \"Favorites\". To learn more about Favicon click here. \r\n
Site Icon
An icon that appears in the URL bar of most modern browsers. It may also appear in the bookmarks of the browser. The image must be 16x16 pixels. \r\n
Add edit stamp to posts?
Typically if a user edits a post on a discussion, a stamp is added to that post to identify who made the edit, and at what time. On some sites that information is not necessary, therefore you can turn it off here. \r\n
Filter Contributed HTML
Especially when running a public site where anybody can post to your message boards or user submission systems, it is often a good idea to filter their content for malicious code that can harm the viewing experience of your visitors; And in some circumstances, it can even cause security problems. Use this setting to select the level of filtering you wish to apply. \r\n
Maximum Attachment Size
The size (in kilobytes) of the maximum allowable attachment to be uploaded to your system. \r\n
Max Image Size
If images are uploaded to your system that are bigger than the max image size, then they will be resized to the max image size. The max image size is measured in pixels and will use the size of the longest side of the image to determine if the limit has been reached. \r\n
Thumbnail Size
When images are uploaded to your system, they will automatically have thumbnails generated at the size specified here (unless overridden on a case-by-case basis). Thumbnail size is measured in pixels. \r\n
Snippet Preview Length
How many characters of a snippet should be displayed in the collateral management system main listing. \r\n
Text Area Rows
Some sites wish to control the size of the forms that WebGUI generates. With this setting you can specify how many rows of characters will be displayed in textareas on the site. \r\n
Text Area Columns
Some sites wish to control the size of the forms that WebGUI generates. With this setting you can specify how many columns of characters will be displayed in textareas on the site. \r\n
Text Box Size
Some sites wish to control the size of the forms that WebGUI generates. With this setting you can specify how characters can be displayed at once in text boxes on the site. \r\n
Page Cache Timeout
The amount of time pages should remain cached for registered users. \r\n
Page Cache Timeout (Visitors)
The amount of time pages should remain cached for visitors. \r\n
NOTE: Page caching is only available if your administrator has installed the Cache::FileCache Perl module. Using page caching can improve site performance by as much as 1000%.
Wobject Privileges
Choose \'Yes\' to enable privileges at the Wobject level. By default, Wobjects are set to inherit page level privileges
', 1056055394,NULL);
+delete from settings where name='wobjectPrivileges';
+insert into settings (name,value) values ('wobjectPrivileges','0');
diff --git a/lib/WebGUI.pm b/lib/WebGUI.pm
index 5cb8595f5..01db12506 100644
--- a/lib/WebGUI.pm
+++ b/lib/WebGUI.pm
@@ -1,281 +1,296 @@
-package WebGUI;
-our $VERSION = "5.4.0";
-
-#-------------------------------------------------------------------
-# WebGUI is Copyright 2001-2003 Plain Black LLC.
-#-------------------------------------------------------------------
-# Please read the legal notices (docs/legal.txt) and the license
-# (docs/license.txt) that came with this distribution before using
-# this software.
-#-------------------------------------------------------------------
-# http://www.plainblack.com info@plainblack.com
-#-------------------------------------------------------------------
-
-use strict qw(vars subs);
-use Tie::CPHash;
-use WebGUI::Cache;
-use WebGUI::ErrorHandler;
-use WebGUI::Icon;
-use WebGUI::International;
-use WebGUI::Macro;
-use WebGUI::Operation;
-use WebGUI::Privilege;
-use WebGUI::Session;
-use WebGUI::SQL;
-use WebGUI::Style;
-use WebGUI::Page;
-use WebGUI::Template;
-use WebGUI::URL;
-use WebGUI::Utility;
-
-
-#-------------------------------------------------------------------
-sub _generateDebug {
- if ($session{setting}{showDebug} || ($session{form}{debug}==1 && WebGUI::Privilege::isInGroup(3))) {
- return WebGUI::ErrorHandler::showDebug();
- }
- return "";
-}
-
-#-------------------------------------------------------------------
-sub _generatePage {
- my ($canEdit, $pageEdit, $sth, $wobject, %contentHash, $originalWobject, $sql, $extra, %hash, $cmd, $w, $template);
- if (WebGUI::Privilege::canViewPage()) {
- if ($session{var}{adminOn}) {
- $canEdit = WebGUI::Privilege::canEditPage();
- if ($canEdit) {
- $pageEdit = "\n
"
- .pageIcon()
- .deleteIcon('op=deletePage')
- .editIcon('op=editPage')
- .moveUpIcon('op=movePageUp')
- .moveDownIcon('op=movePageDown')
- .cutIcon('op=cutPage')
- ."\n";
- }
- }
- $sth = WebGUI::SQL->read("select * from wobject where pageId=$session{page}{pageId}
- order by sequenceNumber, wobjectId");
- while ($wobject = $sth->hashRef) {
- if ($session{var}{adminOn} && $canEdit) {
- $contentHash{"page.position".${$wobject}{templatePosition}} .= "\n
"
- .wobjectIcon()
- .deleteIcon('func=delete&wid='.${$wobject}{wobjectId})
- .editIcon('func=edit&wid='.${$wobject}{wobjectId})
- .moveUpIcon('func=moveUp&wid='.${$wobject}{wobjectId})
- .moveDownIcon('func=moveDown&wid='.${$wobject}{wobjectId})
- .moveTopIcon('func=moveTop&wid='.${$wobject}{wobjectId})
- .moveBottomIcon('func=moveBottom&wid='.${$wobject}{wobjectId})
- .cutIcon('func=cut&wid='.${$wobject}{wobjectId})
- .copyIcon('func=copy&wid='.${$wobject}{wobjectId});
- if (${$wobject}{namespace} ne "WobjectProxy" && isIn("WobjectProxy",@{$session{config}{wobjects}})) {
- $contentHash{"page.position".${$wobject}{templatePosition}} .=
- shortcutIcon('func=createShortcut&wid='.${$wobject}{wobjectId})
- }
- $contentHash{"page.position".${$wobject}{templatePosition}} .= '
';
- }
- if (${$wobject}{namespace} eq "WobjectProxy") {
- $originalWobject = $wobject;
- my ($wobjectProxy) = WebGUI::SQL->quickHashRef("select * from WobjectProxy where wobjectId=".${$wobject}{wobjectId});
- $wobject = WebGUI::SQL->quickHashRef("select * from wobject where wobject.wobjectId=".$wobjectProxy->{proxiedWobjectId});
- if (${$wobject}{namespace} eq "") {
- $wobject = $originalWobject;
- } else {
- ${$wobject}{startDate} = ${$originalWobject}{startDate};
- ${$wobject}{endDate} = ${$originalWobject}{endDate};
- ${$wobject}{templatePosition} = ${$originalWobject}{templatePosition};
- ${$wobject}{_WobjectProxy} = ${$originalWobject}{wobjectId};
- if ($wobjectProxy->{overrideTitle}) {
- ${$wobject}{title} = ${$originalWobject}{title};
- }
- if ($wobjectProxy->{overrideDisplayTitle}) {
- ${$wobject}{displayTitle} = ${$originalWobject}{displayTitle};
- }
- if ($wobjectProxy->{overrideDescription}) {
- ${$wobject}{description} = ${$originalWobject}{description};
- }
- if ($wobjectProxy->{overrideTemplate}) {
- ${$wobject}{templateId} = $wobjectProxy->{proxiedTemplateId};
- }
- }
- }
- my $sql = "select * from ".$wobject->{namespace}." where wobjectId=".$wobject->{wobjectId};
- $extra = WebGUI::SQL->quickHashRef("select * from ".$wobject->{namespace}."
- where wobjectId=".$wobject->{wobjectId});
- tie %hash, 'Tie::CPHash';
- %hash = (%{$wobject},%{$extra});
- $wobject = \%hash;
- $cmd = "WebGUI::Wobject::".${$wobject}{namespace};
- $w = eval{$cmd->new($wobject)};
- WebGUI::ErrorHandler::fatalError("Couldn't instanciate wobject: ${$wobject}{namespace}. Root cause: ".$@) if($@);
- if ($w->inDateRange) {
- $contentHash{"page.position".${$wobject}{templatePosition}} .= '';
- $contentHash{"page.position".${$wobject}{templatePosition}} .= '
';
- $contentHash{"page.position".${$wobject}{templatePosition}} .= eval{$w->www_view};
- WebGUI::ErrorHandler::fatalError("Wobject runtime error: ${$wobject}{namespace}. Root cause: ".$@) if($@);
- $contentHash{"page.position".${$wobject}{templatePosition}} .= "
"
+ .pageIcon()
+ .deleteIcon('op=deletePage')
+ .editIcon('op=editPage')
+ .moveUpIcon('op=movePageUp')
+ .moveDownIcon('op=movePageDown')
+ .cutIcon('op=cutPage')
+ ."\n";
+ }
+ }
+ $sth = WebGUI::SQL->read("select * from wobject where pageId=$session{page}{pageId}
+ order by sequenceNumber, wobjectId");
+ while ($wobject = $sth->hashRef) {
+
+ #-- Added by Frank Dillon. Includes WebGUI::Privilege::canEditWobject() as part of the checksum of $canEdit
+ $canEditWobject = $canEdit && WebGUI::Privilege::canEditWobject($wobject->{wobjectId});
+ #-- End Changes
+ if ($session{var}{adminOn} && $canEditWobject) {
+ $contentHash{"page.position".${$wobject}{templatePosition}} .= "\n
"
+ .wobjectIcon()
+ .deleteIcon('func=delete&wid='.${$wobject}{wobjectId})
+ .editIcon('func=edit&wid='.${$wobject}{wobjectId})
+ .moveUpIcon('func=moveUp&wid='.${$wobject}{wobjectId})
+ .moveDownIcon('func=moveDown&wid='.${$wobject}{wobjectId})
+ .moveTopIcon('func=moveTop&wid='.${$wobject}{wobjectId})
+ .moveBottomIcon('func=moveBottom&wid='.${$wobject}{wobjectId})
+ .cutIcon('func=cut&wid='.${$wobject}{wobjectId})
+ .copyIcon('func=copy&wid='.${$wobject}{wobjectId});
+ if (${$wobject}{namespace} ne "WobjectProxy" && isIn("WobjectProxy",@{$session{config}{wobjects}})) {
+ $contentHash{"page.position".${$wobject}{templatePosition}} .=
+ shortcutIcon('func=createShortcut&wid='.${$wobject}{wobjectId})
+ }
+ $contentHash{"page.position".${$wobject}{templatePosition}} .= '
';
+ }
+
+ #-- Added by Frank Dillon. Checks if user has privilege to view the wobject
+ if(!WebGUI::Privilege::canViewWobject($wobject->{wobjectId})){ next; }
+ #-- End Changes
+
+ if (${$wobject}{namespace} eq "WobjectProxy") {
+ $originalWobject = $wobject;
+ my ($wobjectProxy) = WebGUI::SQL->quickHashRef("select * from WobjectProxy where wobjectId=".${$wobject}{wobjectId});
+ $wobject = WebGUI::SQL->quickHashRef("select * from wobject where wobject.wobjectId=".$wobjectProxy->{proxiedWobjectId});
+ if (${$wobject}{namespace} eq "") {
+ $wobject = $originalWobject;
+ } else {
+ ${$wobject}{startDate} = ${$originalWobject}{startDate};
+ ${$wobject}{endDate} = ${$originalWobject}{endDate};
+ ${$wobject}{templatePosition} = ${$originalWobject}{templatePosition};
+ ${$wobject}{_WobjectProxy} = ${$originalWobject}{wobjectId};
+ if ($wobjectProxy->{overrideTitle}) {
+ ${$wobject}{title} = ${$originalWobject}{title};
+ }
+ if ($wobjectProxy->{overrideDisplayTitle}) {
+ ${$wobject}{displayTitle} = ${$originalWobject}{displayTitle};
+ }
+ if ($wobjectProxy->{overrideDescription}) {
+ ${$wobject}{description} = ${$originalWobject}{description};
+ }
+ if ($wobjectProxy->{overrideTemplate}) {
+ ${$wobject}{templateId} = $wobjectProxy->{proxiedTemplateId};
+ }
+ }
+ }
+ #-- Removed by Frank Dillon. Statement repeated below
+ #my $sql = "select * from ".$wobject->{namespace}." where wobjectId=".$wobject->{wobjectId};
+ #-- End Changes
+ $extra = WebGUI::SQL->quickHashRef("select * from ".$wobject->{namespace}."
+ where wobjectId=".$wobject->{wobjectId});
+ tie %hash, 'Tie::CPHash';
+ %hash = (%{$wobject},%{$extra});
+ $wobject = \%hash;
+ $cmd = "WebGUI::Wobject::".${$wobject}{namespace};
+ $w = eval{$cmd->new($wobject)};
+ WebGUI::ErrorHandler::fatalError("Couldn't instanciate wobject: ${$wobject}{namespace}. Root cause: ".$@) if($@);
+ #-- Changes by Frank Dillon. Check for date range done in WebGUI::Privilege::canViewWobject()
+ #if ($w->inDateRange) {
+ #-- End Changes
+ $contentHash{"page.position".${$wobject}{templatePosition}} .= '';
+ $contentHash{"page.position".${$wobject}{templatePosition}} .= '
';
+ $contentHash{"page.position".${$wobject}{templatePosition}} .= eval{$w->www_view};
+ WebGUI::ErrorHandler::fatalError("Wobject runtime error: ${$wobject}{namespace}. Root cause: ".$@) if($@);
+ $contentHash{"page.position".${$wobject}{templatePosition}} .= "
'.WebGUI::International::get(35).'
';
- $output .= WebGUI::International::get(36);
- $output .= '';
- $sth = WebGUI::SQL->read("select users.username,users.userId from users,groupings where users.userId=groupings.userId and groupings.groupId=3 order by users.username");
- while (@data = $sth->array) {
- $output .= '- '.$data[0].'';
- }
- $sth->finish;
- $output .= '
';
- return $output;
-}
-
-#-------------------------------------------------------------------
-
-=head2 canEditPage ( [ pageId ] )
-
-Returns a boolean (0|1) value signifying that the user has the required privileges.
-
-=over
-
-=item pageId
-
-The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id.
-
-=back
-
-=cut
-
-sub canEditPage {
- my (%page);
- tie %page, 'Tie::CPHash';
- if ($_[0] ne "") {
- %page = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from page where pageId=$_[0]");
- } else {
- %page = %{$session{page}};
- }
- if ($session{user}{userId} == $page{ownerId}) {
- return 1;
- } elsif (isInGroup($page{groupIdEdit})) {
- return 1;
- } else {
- return 0;
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 canViewPage ( [ pageId ] )
-
-Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins and users that have the rights to edit this page.
-
-=over
-
-=item pageId
-
-The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id.
-
-=back
-
-=cut
-
-sub canViewPage {
- my (%page, $inDateRange);
- tie %page, 'Tie::CPHash';
- if ($_[0] eq "") {
- %page = %{$session{page}};
- } else {
- %page = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from page where pageId=$_[0]");
- }
- if ($page{startDate} < time() && $page{endDate} > time()) {
- $inDateRange = 1;
- }
- if ($session{user}{userId} == $page{ownerId}) {
- return 1;
- } elsif (isInGroup($page{groupIdView}) && $inDateRange) {
- return 1;
- } elsif (canEditPage($_[0])) {
- return 1;
- } else {
- return 0;
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 insufficient ( )
-
-Returns a message stating that the user does not have the required privileges to perform the operation they requested. This method also sets the HTTP header status to 401.
-
-=cut
-
-sub insufficient {
- if($session{env}{MOD_PERL}) {
- my $r = Apache->request;
- if(defined($r)) {
- $r->custom_response(401, '' );
- $r->status(401);
- }
- } else {
- $session{header}{status} = 401;
- }
- my ($output);
- $output = '
'.WebGUI::International::get(37).'
';
- $output .= WebGUI::International::get(38);
- $output .= '';
- return $output;
-}
-
-#-------------------------------------------------------------------
-
-=head2 isInGroup ( groupId [ , userId ] )
-
-Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins.
-
-=over
-
-=item groupId
-
-The group that you wish to verify against the user.
-
-=item userId
-
-The user that you wish to verify against the group. Defaults to the currently logged in user.
-
-=back
-
-=cut
-
-sub isInGroup {
- my ($gid, $uid, @data, %group, $groupId);
- ($gid, $uid) = @_;
- $uid = $session{user}{userId} if ($uid eq "");
- ### The "Everyone" group automatically returns true.
- if ($gid == 7) {
- return 1;
- }
- ### The "Visitor" group returns false, unless the user is visitor.
- if ($gid == 1) {
- if ($uid == 1) {
- return 1;
- } else {
- return 0;
- }
- }
- ### The "Registered Users" group returns true if user is not visitor.
- if ($gid==2 && $uid != 1) {
- return 1;
- }
- ### Use session to cache multiple lookups of the same group.
- if ($session{isInGroup}{$gid}{$uid} || $session{isInGroup}{3}{$uid}) {
- return 1;
- } elsif ($session{isInGroup}{$gid}{$uid} eq "0") {
- return 0;
- }
- ### Lookup the actual groupings.
- my $groups = WebGUI::Grouping::getGroupsForUser($uid,1);
- foreach (@{$groups}) {
- $session{isInGroup}{$_}{$uid} = 1;
- }
- if ($session{isInGroup}{$gid}{$uid} || $session{isInGroup}{3}{$uid}) {
- return 1;
- }
- ### Get data for auxillary checks.
- tie %group, 'Tie::CPHash';
- %group = WebGUI::SQL->quickHash("select karmaThreshold,ipFilter,scratchFilter from groups where groupId='$gid'");
- ### Check IP Address
- if ($group{ipFilter} ne "") {
- $group{ipFilter} =~ s/\t//g;
- $group{ipFilter} =~ s/\r//g;
- $group{ipFilter} =~ s/\n//g;
- $group{ipFilter} =~ s/\s//g;
- $group{ipFilter} =~ s/\./\\\./g;
- my @ips = split(";",$group{ipFilter});
- foreach my $ip (@ips) {
- if ($session{env}{REMOTE_ADDR} =~ /^$ip/) {
- $session{isInGroup}{$gid}{$uid} = 1;
- return 1;
- }
- }
- }
- ### Check Scratch Variables
- if ($group{scratchFilter} ne "") {
- $group{scratchFilter} =~ s/\t//g;
- $group{scratchFilter} =~ s/\r//g;
- $group{scratchFilter} =~ s/\n//g;
- $group{scratchFilter} =~ s/\s//g;
- my @vars = split(";",$group{scratchFilter});
- foreach my $var (@vars) {
- my ($name, $value) = split(/\=/,$var);
- if ($session{scratch}{$name} eq $value) {
- $session{isInGroup}{$gid}{$uid} = 1;
- return 1;
- }
- }
- }
- ### Check karma levels.
- if ($session{setting}{useKarma}) {
- my $karma;
- if ($uid == $session{user}{userId}) {
- $karma = $session{user}{karma};
- } else {
- ($karma) = WebGUI::SQL->quickHash("select karma from users where userId='$uid'");
- }
- if ($karma >= $group{karmaThreshold}) {
- $session{isInGroup}{$gid}{$uid} = 1;
- return 1;
- }
- }
- ### Check for groups of groups.
- $groups = WebGUI::Grouping::getGroupsInGroup($gid,1);
- foreach (@{$groups}) {
- $session{isInGroup}{$_}{$uid} = isInGroup($_, $uid);
- if ($session{isInGroup}{$_}{$uid}) {
- $session{isInGroup}{$gid}{$uid} = 1;
- return 1;
- }
- }
- $session{isInGroup}{$gid}{$uid} = 0;
- return 0;
-}
-
-#-------------------------------------------------------------------
-
-=head2 noAccess ( )
-
-Returns a message stating that the user does not have the privileges necessary to access this page. This method also sets the HTTP header status to 401.
-
-=cut
-
-sub noAccess {
- if($session{env}{MOD_PERL}) {
- my $r = Apache->request;
- if(defined($r)) {
- $r->custom_response(401, '' );
- $r->status(401);
- }
- } else {
- $session{header}{status} = 401;
- }
- my ($output);
- if ($session{user}{userId} <= 1) {
- $output = WebGUI::Operation::Account::www_displayAccount();
- } else {
- $output = '
'.WebGUI::International::get(37).'
';
- $output .= WebGUI::International::get(39);
- $output .= '';
- }
- return $output;
-}
-
-#-------------------------------------------------------------------
-
-=head2 notMember ( )
-
-Returns a message stating that the user they requested information about is no longer active on this server. This method also sets the HTTP header status to 400.
-
-=cut
-
-sub notMember {
- if($session{env}{MOD_PERL}) {
- my $r = Apache->request;
- if(defined($r)) {
- $r->custom_response(400, '' );
- $r->status(400);
- }
- } else {
- $session{header}{status} = 400;
- }
- my ($output);
- $output = '
'.WebGUI::International::get(345).'
';
- $output .= WebGUI::International::get(346);
- $output .= '';
- return $output;
-}
-
-#-------------------------------------------------------------------
-
-=head2 vitalComponent ( )
-
-Returns a message stating that the user made a request to delete something that should never delete. This method also sets the HTTP header status to 403.
-
-=cut
-
-sub vitalComponent {
- if($session{env}{MOD_PERL}) {
- my $r = Apache->request;
- if(defined($r)) {
- $r->custom_response(403, '' );
- $r->status(403);
- }
- } else {
- $session{header}{status} = 403;
- }
- my ($output);
- $output = '
'.WebGUI::International::get(40).'
';
- $output .= WebGUI::International::get(41);
- $output .= '';
- return $output;
-}
-
-
-
-
-
-
-1;
-
+package WebGUI::Privilege;
+
+=head1 LEGAL
+
+ -------------------------------------------------------------------
+ WebGUI is Copyright 2001-2003 Plain Black LLC.
+ -------------------------------------------------------------------
+ Please read the legal notices (docs/legal.txt) and the license
+ (docs/license.txt) that came with this distribution before using
+ this software.
+ -------------------------------------------------------------------
+ http://www.plainblack.com info@plainblack.com
+ -------------------------------------------------------------------
+
+=cut
+
+use strict;
+use Tie::CPHash;
+use WebGUI::DateTime;
+use WebGUI::Group;
+use WebGUI::Grouping;
+use WebGUI::International;
+use WebGUI::Operation::Account ();
+use WebGUI::Session;
+use WebGUI::SQL;
+use WebGUI::URL;
+
+=head1 NAME
+
+Package WebGUI::Privilege
+
+=head1 DESCRIPTION
+
+This package provides access to the WebGUI security system and security messages.
+
+=head1 SYNOPSIS
+
+ use WebGUI::Privilege;
+ $html = WebGUI::Privilege::adminOnly();
+ $boolean = WebGUI::Privilege::canEditPage();
+ $boolean = WebGUI::Privilege::canViewPage();
+ $html = WebGUI::Privilege::insufficient();
+ $boolean = WebGUI::Privilege::isInGroup($groupId);
+ $html = WebGUI::Privilege::noAccess();
+ $html = WebGUI::Privilege::notMember();
+ $html = WebGUI::Privilege::vitalComponent();
+
+=head1 METHODS
+
+These functions are available from this package:
+
+=cut
+
+#-------------------------------------------------------------------
+
+=head2 adminOnly ( )
+
+Returns a message stating that this functionality can only be used by administrators. This method also sets the HTTP header status to 401.
+
+=cut
+
+sub adminOnly {
+ if($session{env}{MOD_PERL}) {
+ my $r = Apache->request;
+ if(defined($r)) {
+ $r->custom_response(401, '' );
+ $r->status(401);
+ }
+ } else {
+ $session{header}{status} = 401;
+ }
+ my ($output, $sth, @data);
+ $output = '
'.WebGUI::International::get(35).'
';
+ $output .= WebGUI::International::get(36);
+ $output .= '';
+ $sth = WebGUI::SQL->read("select users.username,users.userId from users,groupings where users.userId=groupings.userId and groupings.groupId=3 order by users.username");
+ while (@data = $sth->array) {
+ $output .= '- '.$data[0].'';
+ }
+ $sth->finish;
+ $output .= '
';
+ return $output;
+}
+
+#-------------------------------------------------------------------
+
+=head2 canEditPage ( [ pageId ] )
+
+Returns a boolean (0|1) value signifying that the user has the required privileges.
+
+=over
+
+=item pageId
+
+The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id.
+
+=back
+
+=cut
+
+sub canEditPage {
+ my (%page);
+ tie %page, 'Tie::CPHash';
+ if ($_[0] ne "") {
+ %page = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from page where pageId=$_[0]");
+ } else {
+ %page = %{$session{page}};
+ }
+ if ($session{user}{userId} == $page{ownerId}) {
+ return 1;
+ } elsif (isInGroup($page{groupIdEdit})) {
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+#Added by Frank Dillon. Wobject API not used due to possible performance issues
+#-------------------------------------------------------------------
+
+=head2 canEditWobject ( wobjectId )
+
+Returns a boolean (0|1) value signifying that the user has the required privileges.
+
+=over
+
+=item wobjectId
+
+The unique identifier for the wobject that you wish to check the privileges on.
+
+=back
+
+=cut
+
+sub canEditWobject {
+ my (%wobject);
+ tie %wobject, 'Tie::CPHash';
+ return canEditPage() unless ($session{setting}{wobjectPrivileges} == 1);
+ %wobject = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from wobject where wobjectId=".quote($_[0]));
+ if ($session{user}{userId} == $wobject{ownerId}) {
+ return 1;
+ } elsif (isInGroup($wobject{groupIdEdit})) {
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 canViewPage ( [ pageId ] )
+
+Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins and users that have the rights to edit this page.
+
+=over
+
+=item pageId
+
+The unique identifier for the page that you wish to check the privileges on. Defaults to the current page id.
+
+=back
+
+=cut
+
+sub canViewPage {
+ my (%page, $inDateRange);
+ tie %page, 'Tie::CPHash';
+ if ($_[0] eq "") {
+ %page = %{$session{page}};
+ } else {
+ %page = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from page where pageId=$_[0]");
+ }
+ if ($page{startDate} < time() && $page{endDate} > time()) {
+ $inDateRange = 1;
+ }
+ if ($session{user}{userId} == $page{ownerId}) {
+ return 1;
+ } elsif (isInGroup($page{groupIdView}) && $inDateRange) {
+ return 1;
+ } elsif (canEditPage($_[0])) {
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+#Added by Frank Dillon. Wobject API not used due to possible performance issues
+#-------------------------------------------------------------------
+
+=head2 canViewWobject ( wobjectId )
+
+Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins and users that have the rights to edit this wobject.
+
+=over
+
+=item wobjectId
+
+The unique identifier for the wobject that you wish to check the privileges on.
+
+=back
+
+=cut
+
+sub canViewWobject {
+ my (%wobject);
+ tie %wobject, 'Tie::CPHash';
+ return canViewPage() unless ($session{setting}{wobjectPrivileges} == 1);
+ %wobject = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from wobject where wobjectId=".quote($_[0]));
+ if ($wobject{startDate} < time() && $wobject{endDate} > time()) {
+ if ($session{user}{userId} == $wobject{ownerId}) {
+ return 1;
+ } elsif (isInGroup($wobject{groupIdView})) {
+ return 1;
+ } elsif (canEditWobject($_[0])) {
+ return 1;
+ } else {
+ return 0;
+ }
+ }else{
+ return 0;
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 insufficient ( )
+
+Returns a message stating that the user does not have the required privileges to perform the operation they requested. This method also sets the HTTP header status to 401.
+
+=cut
+
+sub insufficient {
+ if($session{env}{MOD_PERL}) {
+ my $r = Apache->request;
+ if(defined($r)) {
+ $r->custom_response(401, '' );
+ $r->status(401);
+ }
+ } else {
+ $session{header}{status} = 401;
+ }
+ my ($output);
+ $output = '
'.WebGUI::International::get(37).'
';
+ $output .= WebGUI::International::get(38);
+ $output .= '';
+ return $output;
+}
+
+#-------------------------------------------------------------------
+
+=head2 isInGroup ( groupId [ , userId ] )
+
+Returns a boolean (0|1) value signifying that the user has the required privileges. Always returns true for Admins.
+
+=over
+
+=item groupId
+
+The group that you wish to verify against the user.
+
+=item userId
+
+The user that you wish to verify against the group. Defaults to the currently logged in user.
+
+=back
+
+=cut
+
+sub isInGroup {
+ my ($gid, $uid, @data, %group, $groupId);
+ ($gid, $uid) = @_;
+ $uid = $session{user}{userId} if ($uid eq "");
+ ### The "Everyone" group automatically returns true.
+ if ($gid == 7) {
+ return 1;
+ }
+ ### The "Visitor" group returns false, unless the user is visitor.
+ if ($gid == 1) {
+ if ($uid == 1) {
+ return 1;
+ } else {
+ return 0;
+ }
+ }
+ ### The "Registered Users" group returns true if user is not visitor.
+ if ($gid==2 && $uid != 1) {
+ return 1;
+ }
+ ### Use session to cache multiple lookups of the same group.
+ if ($session{isInGroup}{$gid}{$uid} || $session{isInGroup}{3}{$uid}) {
+ return 1;
+ } elsif ($session{isInGroup}{$gid}{$uid} eq "0") {
+ return 0;
+ }
+ ### Lookup the actual groupings.
+ my $groups = WebGUI::Grouping::getGroupsForUser($uid,1);
+ foreach (@{$groups}) {
+ $session{isInGroup}{$_}{$uid} = 1;
+ }
+ if ($session{isInGroup}{$gid}{$uid} || $session{isInGroup}{3}{$uid}) {
+ return 1;
+ }
+ ### Get data for auxillary checks.
+ tie %group, 'Tie::CPHash';
+ %group = WebGUI::SQL->quickHash("select karmaThreshold,ipFilter,scratchFilter from groups where groupId='$gid'");
+ ### Check IP Address
+ if ($group{ipFilter} ne "") {
+ $group{ipFilter} =~ s/\t//g;
+ $group{ipFilter} =~ s/\r//g;
+ $group{ipFilter} =~ s/\n//g;
+ $group{ipFilter} =~ s/\s//g;
+ $group{ipFilter} =~ s/\./\\\./g;
+ my @ips = split(";",$group{ipFilter});
+ foreach my $ip (@ips) {
+ if ($session{env}{REMOTE_ADDR} =~ /^$ip/) {
+ $session{isInGroup}{$gid}{$uid} = 1;
+ return 1;
+ }
+ }
+ }
+ ### Check Scratch Variables
+ if ($group{scratchFilter} ne "") {
+ $group{scratchFilter} =~ s/\t//g;
+ $group{scratchFilter} =~ s/\r//g;
+ $group{scratchFilter} =~ s/\n//g;
+ $group{scratchFilter} =~ s/\s//g;
+ my @vars = split(";",$group{scratchFilter});
+ foreach my $var (@vars) {
+ my ($name, $value) = split(/\=/,$var);
+ if ($session{scratch}{$name} eq $value) {
+ $session{isInGroup}{$gid}{$uid} = 1;
+ return 1;
+ }
+ }
+ }
+ ### Check karma levels.
+ if ($session{setting}{useKarma}) {
+ my $karma;
+ if ($uid == $session{user}{userId}) {
+ $karma = $session{user}{karma};
+ } else {
+ ($karma) = WebGUI::SQL->quickHash("select karma from users where userId='$uid'");
+ }
+ if ($karma >= $group{karmaThreshold}) {
+ $session{isInGroup}{$gid}{$uid} = 1;
+ return 1;
+ }
+ }
+ ### Check for groups of groups.
+ $groups = WebGUI::Grouping::getGroupsInGroup($gid,1);
+ foreach (@{$groups}) {
+ $session{isInGroup}{$_}{$uid} = isInGroup($_, $uid);
+ if ($session{isInGroup}{$_}{$uid}) {
+ $session{isInGroup}{$gid}{$uid} = 1;
+ return 1;
+ }
+ }
+ $session{isInGroup}{$gid}{$uid} = 0;
+ return 0;
+}
+
+#-------------------------------------------------------------------
+
+=head2 noAccess ( )
+
+Returns a message stating that the user does not have the privileges necessary to access this page. This method also sets the HTTP header status to 401.
+
+=cut
+
+sub noAccess {
+ if($session{env}{MOD_PERL}) {
+ my $r = Apache->request;
+ if(defined($r)) {
+ $r->custom_response(401, '' );
+ $r->status(401);
+ }
+ } else {
+ $session{header}{status} = 401;
+ }
+ my ($output);
+ if ($session{user}{userId} <= 1) {
+ $output = WebGUI::Operation::Account::www_displayAccount();
+ } else {
+ $output = '
'.WebGUI::International::get(37).'
';
+ $output .= WebGUI::International::get(39);
+ $output .= '';
+ }
+ return $output;
+}
+
+#-------------------------------------------------------------------
+
+=head2 notMember ( )
+
+Returns a message stating that the user they requested information about is no longer active on this server. This method also sets the HTTP header status to 400.
+
+=cut
+
+sub notMember {
+ if($session{env}{MOD_PERL}) {
+ my $r = Apache->request;
+ if(defined($r)) {
+ $r->custom_response(400, '' );
+ $r->status(400);
+ }
+ } else {
+ $session{header}{status} = 400;
+ }
+ my ($output);
+ $output = '
'.WebGUI::International::get(345).'
';
+ $output .= WebGUI::International::get(346);
+ $output .= '';
+ return $output;
+}
+
+#-------------------------------------------------------------------
+
+=head2 vitalComponent ( )
+
+Returns a message stating that the user made a request to delete something that should never delete. This method also sets the HTTP header status to 403.
+
+=cut
+
+sub vitalComponent {
+ if($session{env}{MOD_PERL}) {
+ my $r = Apache->request;
+ if(defined($r)) {
+ $r->custom_response(403, '' );
+ $r->status(403);
+ }
+ } else {
+ $session{header}{status} = 403;
+ }
+ my ($output);
+ $output = '
'.WebGUI::International::get(40).'
';
+ $output .= WebGUI::International::get(41);
+ $output .= '';
+ return $output;
+}
+
+
+
+
+
+
+1;
+
diff --git a/lib/WebGUI/Wobject.pm b/lib/WebGUI/Wobject.pm
index 2dc11137a..077d5dd34 100644
--- a/lib/WebGUI/Wobject.pm
+++ b/lib/WebGUI/Wobject.pm
@@ -1,1698 +1,1757 @@
-package WebGUI::Wobject;
-
-=head1 LEGAL
-
- -------------------------------------------------------------------
- WebGUI is Copyright 2001-2003 Plain Black LLC.
- -------------------------------------------------------------------
- Please read the legal notices (docs/legal.txt) and the license
- (docs/license.txt) that came with this distribution before using
- this software.
- -------------------------------------------------------------------
- http://www.plainblack.com info@plainblack.com
- -------------------------------------------------------------------
-
-=cut
-
-use CGI::Util qw(rearrange);
-use DBI;
-use strict qw(subs vars);
-use Tie::IxHash;
-use WebGUI::DateTime;
-use WebGUI::Discussion;
-use WebGUI::FormProcessor;
-use WebGUI::HTML;
-use WebGUI::HTMLForm;
-use WebGUI::Icon;
-use WebGUI::International;
-use WebGUI::Macro;
-use WebGUI::Node;
-use WebGUI::Page;
-use WebGUI::Session;
-use WebGUI::SQL;
-use WebGUI::TabForm;
-use WebGUI::Template;
-use WebGUI::URL;
-use WebGUI::Utility;
-
-=head1 NAME
-
-Package WebGUI::Wobject
-
-=head1 DESCRIPTION
-
-An abstract class for all other wobjects to extend.
-
-=head1 SYNOPSIS
-
- use WebGUI::Wobject;
- our @ISA = qw(WebGUI::Wobject);
-
-See the subclasses in lib/WebGUI/Wobjects for details.
-
-=head1 METHODS
-
-These methods are available from this class:
-
-=cut
-
-#-------------------------------------------------------------------
-sub _reorderWobjects {
- my ($sth, $i, $wid);
- $sth = WebGUI::SQL->read("select wobjectId from wobject where pageId=$_[0] order by templatePosition,sequenceNumber");
- while (($wid) = $sth->array) {
- $i++;
- WebGUI::SQL->write("update wobject set sequenceNumber='$i' where wobjectId=$wid");
- }
- $sth->finish;
-}
-
-
-#-------------------------------------------------------------------
-sub _getNextSequenceNumber {
- my ($sequenceNumber);
- ($sequenceNumber) = WebGUI::SQL->quickArray("select max(sequenceNumber) from wobject where pageId='$_[0]'");
- return ($sequenceNumber+1);
-}
-
-#-------------------------------------------------------------------
-
-=head2 confirm ( message, yesURL, [ , noURL, vitalComparison ] )
-
-=over
-
-=item message
-
-A string containing the message to prompt the user for this action.
-
-=item yesURL
-
-A URL to the web method to execute if the user confirms the action.
-
-=item noURL
-
-A URL to the web method to execute if the user denies the action. Defaults back to the current page.
-
-=item vitalComparison
-
-A comparison expression to be used when checking whether the action should be allowed to continue. Typically this is used when the action is a delete of some sort.
-
-=back
-
-=cut
-
-sub confirm {
- return WebGUI::Privilege::vitalComponent() if ($_[4]);
- my $noURL = $_[3] || WebGUI::URL::page();
- my $output = '
'.WebGUI::International::get(42).'
';
- $output .= $_[1].'';
- $output .= '
';
- return $output;
-}
-
-
-#-------------------------------------------------------------------
-
-=head2 deleteCollateral ( tableName, keyName, keyValue )
-
-Deletes a row of collateral data.
-
-=over
-
-=item tableName
-
-The name of the table you wish to delete the data from.
-
-=item keyName
-
-The name of the column that is the primary key in the table.
-
-=item keyValue
-
-An integer containing the key value.
-
-=back
-
-=cut
-
-sub deleteCollateral {
- WebGUI::SQL->write("delete from $_[1] where $_[2]=".quote($_[3]));
- WebGUI::ErrorHandler::audit("deleted ".$_[2]." ".$_[3]);
-}
-
-
-#-------------------------------------------------------------------
-
-=head2 description ( )
-
-Returns this instance's description if it exists.
-
-=cut
-
-sub description {
- if ($_[0]->get("description")) {
- return $_[0]->get("description").'';
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 discussionProperties ( )
-
-Returns a formRow list of discussion properties, which may be attached to any Wobject.
-
-=cut
-
-sub discussionProperties {
- my ($f,$editTimeout,$interval, $units, $groupToModerate,%moderationType,$moderationType);
- %moderationType = (before=>WebGUI::International::get(567),after=>WebGUI::International::get(568));
- $f = WebGUI::HTMLForm->new;
- if ($_[0]->get("wobjectId") eq "new") {
- $editTimeout = 3600;
- $moderationType = 'after';
- } else {
- $editTimeout = $_[0]->get("editTimeout");
- $moderationType = $_[0]->get("moderationType");
- }
- my $filterPost = $_[0]->get("filterPost") || "most";
- $f->filterContent(
- -name=>"filterPost",
- -value=>$filterPost,
- -label=>WebGUI::International::get(1,"Discussion"),
- -uiLevel=>7
- );
- $groupToModerate = $_[0]->get("groupToModerate") || 4;
- $f->group(
- -name=>"groupToPost",
- -label=>WebGUI::International::get(564),
- -value=>[$_[0]->get("groupToPost")],
- -uiLevel=>7
- );
- ($interval, $units) = WebGUI::DateTime::secondsToInterval($editTimeout);
- $f->interval(
- -name=>"editTimeout",
- -label=>WebGUI::International::get(566),
- -intervalValue=>$interval,
- -unitsValue=>$units,
- -uiLevel=>7
- );
- if ($session{setting}{useKarma} && $session{user}{uiLevel} >= 7) {
- $f->integer("karmaPerPost",WebGUI::International::get(541),$_[0]->get("karmaPerPost"));
- } else {
- $f->hidden("karmaPerPost",$_[0]->get("karmaPerPost"));
- }
- $f->group(
- -name=>"groupToModerate",
- -label=>WebGUI::International::get(565),
- -value=>[$groupToModerate],
- -uiLevel=>7
- );
- $f->select(
- -name=>"moderationType",
- -options=>\%moderationType,
- -label=>WebGUI::International::get(569),
- -value=>[$moderationType],
- -uiLevel=>7
- );
- $f->yesNo(
- -name=>"addEditStampToPosts",
- -label=>WebGUI::International::get(524,"Discussion"),
- -value=>$_[0]->get("addEditStampToPosts"),
- -uiLevel=>9
- );
- return $f->printRowsOnly;
-}
-
-#-------------------------------------------------------------------
-
-=head2 displayTitle ( )
-
-Returns this instance's title if displayTitle is set to yes.
-
-=cut
-
-sub displayTitle {
- if ($_[0]->get("displayTitle")) {
- return "
".$_[0]->get("title")."
";
- } else {
- return "";
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 duplicate ( [ pageId ] )
-
-Duplicates this wobject with a new wobject ID. Returns the new wobject Id.
-
-NOTE: This method is meant to be extended by all sub-classes.
-
-=over
-
-=item pageId
-
-If specified the wobject will be duplicated to this pageId, otherwise it will be duplicated to the clipboard.
-
-=back
-
-=cut
-
-sub duplicate {
- my %properties;
- tie %properties, 'Tie::CPHash';
- %properties = %{$_[0]->get};
- $properties{pageId} = $_[1] || 2;
- if ($properties{pageId} == 2) {
- $properties{bufferUserId} = $session{user}{userId};
- $properties{bufferDate} = time();
- $properties{bufferPrevId} = {};
- }
- delete $properties{wobjectId};
- my $cmd = "WebGUI::Wobject::".$properties{namespace};
- my $w = eval{$cmd->new({namespace=>$properties{namespace},wobjectId=>"new"})};
- if ($@) {
- WebGUI::ErrorHandler::warn("Couldn't duplicate wobject ".$properties{namespace}." because: ".$@);
- }
- $w->set(\%properties);
- WebGUI::Discussion::duplicate($_[0]->get("wobjectId"),$w->get("wobjectId")) unless ($_[2]);
- return $w->get("wobjectId");
-}
-
-#-------------------------------------------------------------------
-
-=head2 fileProperty ( name, labelId )
-
-Returns a file property form row which can be used in any Wobject properties page.
-
-NOTE: This method is meant for use with www_deleteFile.
-
-=over
-
-=item name
-
-The name of the property that stores the filename.
-
-=item labelId
-
-The internationalId of the form label for this file.
-
-=back
-
-=cut
-
-sub fileProperty {
- my ($self, $f, $labelId, $name);
- $self = shift;
- $name = shift;
- $labelId = shift;
- $f = WebGUI::HTMLForm->new;
- if ($self->get($name) ne "") {
- $f->readOnly(''.
- WebGUI::International::get(391).'',
- WebGUI::International::get($labelId,$self->get("namespace")));
- } else {
- $f->file($name,WebGUI::International::get($labelId,$self->get("namespace")));
- }
- return $f->printRowsOnly;
-}
-
-#-------------------------------------------------------------------
-
-=head2 get ( [ propertyName ] )
-
-Returns a hash reference containing all of the properties of this wobject instance.
-
-=over
-
-=item propertyName
-
-If an individual propertyName is specified, then only that property value is returned as a scalar.
-
-=back
-
-=cut
-
-sub get {
- if ($_[1] ne "") {
- return $_[0]->{_property}{$_[1]};
- } else {
- return $_[0]->{_property};
- }
-}
-
-
-#-------------------------------------------------------------------
-
-=head2 getCollateral ( tableName, keyName, keyValue )
-
-Returns a hash reference containing a row of collateral data.
-
-=over
-
-=item tableName
-
-The name of the table you wish to retrieve the data from.
-
-=item keyName
-
-The name of the column that is the primary key in the table.
-
-=item keyValue
-
-An integer containing the key value. If key value is equal to "new" or null, then an empty hashRef containing only keyName=>"new" will be returned to avoid strict errors.
-
-=back
-
-=cut
-
-sub getCollateral {
- my ($class, $tableName, $keyName, $keyValue) = @_;
- if ($keyValue eq "new" || $keyValue eq "") {
- return {$keyName=>"new"};
- } else {
- return WebGUI::SQL->quickHashRef("select * from $tableName where $keyName=".quote($keyValue));
- }
-}
-
-
-#-------------------------------------------------------------------
-
-=head2 getDefaultValue ( propertyName )
-
-Returns the default value for a wobject property.
-
-=over
-
-=item propertyName
-
-The name of the property to retrieve the default value for.
-
-=back
-
-=cut
-
-sub getDefaultValue {
- if (exists $_[0]->{_extendedProperties}{$_[1]}{defaultValue}) {
- return $_[0]->{_extendedProperties}{$_[1]}{defaultValue};
- } elsif (exists $_[0]->{_wobjectProperties}{$_[1]}{defaultValue}) {
- return $_[0]->{_wobjectProperties}{$_[1]}{defaultValue};
- } else {
- return undef;
- }
-}
-
-
-#-------------------------------------------------------------------
-
-=head2 getValue ( propertyName )
-
-Returns a value for a wobject property however possible. It first looks in form variables for the property, then looks to the value stored in the wobject instance, and if all else fails it returns the default value for the property.
-
-=over
-
-=item propertyName
-
-The name of the property to retrieve the value for.
-
-=back
-
-=cut
-
-sub getValue {
- my $currentValue = $_[0]->get($_[1]);
- if (exists $session{form}{$_[1]}) {
- return $session{form}{$_[1]};
- } elsif (defined $currentValue) {
- return $_[0]->get($_[1]);
- } else {
- return $_[0]->getDefaultValue($_[1]);
- }
-}
-
-
-
-#-------------------------------------------------------------------
-
-=head2 inDateRange ( )
-
-Returns a boolean value of whether the wobject should be displayed based upon it's start and end dates.
-
-=cut
-
-sub inDateRange {
- if ($_[0]->get("startDate") < time() && $_[0]->get("endDate") > time()) {
- return 1;
- } else {
- return 0;
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 moveCollateralDown ( tableName, idName, id [ , setName, setValue ] )
-
-Moves a collateral data item down one position. This assumes that the collateral data table has a column called "wobjectId" that identifies the wobject, and a column called "sequenceNumber" that determines the position of the data item.
-
-=over
-
-=item tableName
-
-A string indicating the table that contains the collateral data.
-
-=item idName
-
-A string indicating the name of the column that uniquely identifies this collateral data item.
-
-=item id
-
-An integer that uniquely identifies this collateral data item.
-
-=item setName
-
-By default this method assumes that the collateral will have a wobject id in the table. However, since there is not always a wobject id to separate one data set from another, you may specify another field to do that.
-
-=item setValue
-
-The value of the column defined by "setName" to select a data set from.
-
-=back
-
-=cut
-
-### NOTE: There is a redundant use of wobjectId in some of these statements on purpose to support
-### two different types of collateral data.
-
-sub moveCollateralDown {
- my ($id, $seq, $setName, $setValue);
- $setName = $_[4] || "wobjectId";
- $setValue = $_[5] || $_[0]->get($setName);
- ($seq) = WebGUI::SQL->quickArray("select sequenceNumber from $_[1] where $_[2]=$_[3] and $setName=".quote($setValue));
- ($id) = WebGUI::SQL->quickArray("select $_[2] from $_[1] where $setName=".quote($setValue)
- ." and sequenceNumber=$seq+1");
- if ($id ne "") {
- WebGUI::SQL->write("update $_[1] set sequenceNumber=sequenceNumber+1 where $_[2]=$_[3] and $setName="
- .quote($setValue));
- WebGUI::SQL->write("update $_[1] set sequenceNumber=sequenceNumber-1 where $_[2]=$id and $setName="
- .quote($setValue));
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 moveCollateralUp ( tableName, idName, id [ , setName, setValue ] )
-
-Moves a collateral data item up one position. This assumes that the collateral data table has a column called "wobjectId" that identifies the wobject, and a column called "sequenceNumber" that determines the position of the data item.
-
-=over
-
-=item tableName
-
-A string indicating the table that contains the collateral data.
-
-=item idName
-
-A string indicating the name of the column that uniquely identifies this collateral data item.
-
-=item id
-
-An integer that uniquely identifies this collateral data item.
-
-=item setName
-
-By default this method assumes that the collateral will have a wobject id in the table. However, since there is not always a wobject id to separate one data set from another, you may specify another field to do that.
-
-=item setValue
-
-The value of the column defined by "setName" to select a data set from.
-
-=back
-
-=cut
-
-### NOTE: There is a redundant use of wobjectId in some of these statements on purpose to support
-### two different types of collateral data.
-
-sub moveCollateralUp {
- my ($id, $seq, $setValue, $setName);
- $setName = $_[4] || "wobjectId";
- $setValue = $_[5] || $_[0]->get($setName);
- ($seq) = WebGUI::SQL->quickArray("select sequenceNumber from $_[1] where $_[2]=$_[3] and $setName=".quote($setValue));
- ($id) = WebGUI::SQL->quickArray("select $_[2] from $_[1] where $setName=".quote($setValue)
- ." and sequenceNumber=$seq-1");
- if ($id ne "") {
- WebGUI::SQL->write("update $_[1] set sequenceNumber=sequenceNumber-1 where $_[2]=$_[3] and $setName="
- .quote($setValue));
- WebGUI::SQL->write("update $_[1] set sequenceNumber=sequenceNumber+1 where $_[2]=$id and $setName="
- .quote($setValue));
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 name ( )
-
-This method should be overridden by all wobjects and should return an internationalized human friendly name for the wobject. This method only exists in the super class for reverse compatibility and will try to look up the name based on the old name definition.
-
-=cut
-
-sub name {
- my $namespace = $_[0]->get("namespace");
- if ($namespace eq "") {
- WebGUI::ErrorHandler::warn("No namespace available in this wobject instance.");
- return "! Unknown Wobject !";
- } else {
- my $cmd = "\$WebGUI::Wobject::".$namespace."::name";
- my $name = eval($cmd);
- if ($name eq "") {
- WebGUI::ErrorHandler::warn($namespace." does not appear to have any sort of name definition at all.");
- return $namespace;
- }
- return $name;
- }
-}
-
-
-#-------------------------------------------------------------------
-
-=head2 new ( -properties, -extendedProperties [, -useDiscussion ] )
-
-Constructor.
-
-NOTE: This method should never need to be overridden or extended.
-
-=over
-
-=item -properties
-
-A hash reference containing at minimum "wobjectId" and "namespace". wobjectId may be set to "new" if you're creating a new instance. This hash reference should be the one created by WebGUI.pm and passed to the wobject subclass.
-
-NOTE: It may seem a little weird that the initial data for the wobject instance is coming from WebGUI.pm, but this was done to lessen database traffic thus increasing the speed of all wobjects.
-
-=item -extendedProperties
-
-A hash reference containing the properties that extend the wobject class. They should match the properties that are added to this wobject's namespace table in the database. So if this wobject has a namespace of "MyWobject" and a table definition that looks like this:
-
- create MyWobject (
- wobjectId int not null primary key,
- something varchar(25),
- isCool int not null default 0,
- foo int not null default 1,
- bar text
- );
-
-Then the extended property list would be:
- {
- something=>{
- fieldType=>"text"
- },
- isCool=>{
- fieldType=>"yesNo",
- defaultValue=>1
- },
- foo=>{
- fieldType=>"integer",
- defaultValue=>1
- },
- bar=>{
- fieldType=>"textarea"
- }
- }
-
-NOTE: This is used to define the wobject and should only be passed in by a wobject subclass.
-
-=item -useDiscussion
-
-Defaults to "0". If set to "1" this will add a discussion properties tab to this wobject to enable content managers to set the properties of a discussion attached to this wobject.
-
-NOTE: This is used to define the wobject and should only be passed in by a wobject subclass.
-
-=item -useTemplate
-
-Defaults to "0". If set to "1" this will add a template field to the wobject to enable content managers to select a template to layout this wobject.
-
-NOTE: This is used to define the wobject and should only be passed in by a wobject subclass.
-
-=back
-
-=cut
-
-sub new {
- my ($self, @p) = @_;
- my ($properties, $extendedProperties, $useTemplate, $useDiscussion);
- if (ref $_[1] eq "HASH") {
- $properties = $_[1]; # reverse compatibility prior to 5.2
- } else {
- ($properties, $extendedProperties, $useDiscussion, $useTemplate) =
- rearrange([qw(properties extendedProperties useDiscussion useTemplate)], @p);
- }
- $useDiscussion = 0 unless ($useDiscussion);
- $useTemplate = 0 unless ($useTemplate);
- my $wobjectProperties = {
- userDefined1=>{
- fieldType=>"text"
- },
- userDefined2=>{
- fieldType=>"text"
- },
- userDefined3=>{
- fieldType=>"text"
- },
- userDefined4=>{
- fieldType=>"text"
- },
- userDefined5=>{
- fieldType=>"text"
- },
- bufferUserId=>{
- fieldType=>"hidden"
- },
- bufferDate=>{
- fieldType=>"hidden"
- },
- bufferPrevId=>{
- fieldType=>"hidden"
- },
- allowDiscussion=>{
- fieldType=>"yesNo",
- defaultValue=>0
- },
- moderationType=>{
- fieldType=>"selectList",
- defaultValue=>"after"
- },
- groupToModerate=>{
- fieldType=>"group",
- defaultValue=>4
- },
- groupToPost=>{
- fieldType=>"group",
- defaultValue=>2
- },
- karmaPerPost=>{
- fieldType=>"integer",
- defaultValue=>0
- } ,
- editTimeout=>{
- defaultValue=>1,
- fieldType=>"interval"
- },
- filterPost=>{
- fieldType=>"filter",
- defaultValue=>"javascript",
- },
- addEditStampToPosts=>{
- fieldType=>"yesNo",
- defaultValue=>1,
- },
- title=>{
- fieldType=>"text",
- defaultValue=>$_[0]->get("namespace")
- },
- templateId=>{
- fieldType=>"template",
- defaultValue=>1
- },
- displayTitle=>{
- fieldType=>"yesNo",
- defaultValue=>1
- },
- description=>{
- fieldType=>"textarea",
- fieldType=>"HTMLArea"
- },
- pageId=>{
- fieldType=>"hidden",
- defaultValue=>$session{page}{pageId}
- },
- templatePosition=>{
- fieldType=>"selectList",
- defaultValue=>1
- },
- startDate=>{
- defaultValue=>$session{page}{startDate},
- fieldType=>"dateTime"
- },
- endDate=>{
- defaultValue=>$session{page}{endDate},
- fieldType=>"dateTime"
- },
- sequenceNumber=>{
- fieldType=>"hidden"
- }
- };
- bless({
- _property=>$properties,
- _useTemplate=>$useTemplate,
- _useDiscussion=>$useDiscussion,
- _wobjectProperties=>$wobjectProperties,
- _extendedProperties=>$extendedProperties
- },
- $self);
-}
-
-#-------------------------------------------------------------------
-
-=head2 processMacros ( output )
-
- Decides whether or not macros should be processed and returns the
- appropriate output.
-
-=over
-
-=item output
-
- An HTML blob to be processed for macros.
-
-=back
-
-=cut
-
-sub processMacros {
- return WebGUI::Macro::process($_[1]);
-}
-
-#-------------------------------------------------------------------
-
-=head2 processTemplate ( templateId, vars [ , namespace ] )
-
-Returns the content generated from this template.
-
-NOTE: Only for use in wobjects that support templates.
-
-=over
-
-=item templateId
-
-An id referring to a particular template in the templates table.
-
-=item hashRef
-
-A hash reference containing variables and loops to pass to the template engine.
-
-=item namespace
-
-A namespace to use for the template. Defaults to the wobject's namespace.
-
-=back
-
-=cut
-
-sub processTemplate {
- my %vars = (
- %{$_[0]->{_property}},
- %{$_[2]}
- );
- if (defined $_[0]->get("_WobjectProxy")) {
- $vars{isShortcut} = 1;
- my ($originalPageURL) = WebGUI::SQL->quickArray("select urlizedTitle from page where pageId=".$_[0]->get("pageId"));
- $vars{originalURL} = WebGUI::URL::gateway($originalPageURL."#".$_[0]->get("wobjectId"));
- }
- my $namespace = $_[3] || $_[0]->get("namespace");
- return WebGUI::Template::process(WebGUI::Template::get($_[1],$namespace), \%vars);
-}
-
-#-------------------------------------------------------------------
-
-=head2 purge ( )
-
-Removes this wobject from the database and all it's attachments from the filesystem.
-
-NOTE: This method is meant to be extended by all sub-classes.
-
-=cut
-
-sub purge {
- my ($node);
- WebGUI::SQL->write("delete from ".$_[0]->get("namespace")." where wobjectId=".$_[0]->get("wobjectId"));
- WebGUI::SQL->write("delete from wobject where wobjectId=".$_[0]->get("wobjectId"));
- $node = WebGUI::Node->new($_[0]->get("wobjectId"));
- $node->delete;
- WebGUI::Discussion::purge($_[0]->get("wobjectId"));
-}
-
-
-#-------------------------------------------------------------------
-
-=head2 reorderCollateral ( tableName, keyName [ , setName, setValue ] )
-
-Resequences collateral data. Typically useful after deleting a collateral item to remove the gap created by the deletion.
-
-=over
-
-=item tableName
-
-The name of the table to resequence.
-
-=item keyName
-
-The key column name used to determine which data needs sorting within the table.
-
-=item setName
-
-Defaults to "wobjectId". This is used to define which data set to reorder.
-
-=item setValue
-
-Used to define which data set to reorder. Defaults to the wobjectId for this instance. Defaults to the value of "setName" in the wobject properties.
-
-=back
-
-=cut
-
-sub reorderCollateral {
- my ($sth, $i, $id, $setName, $setValue);
- $i = 1;
- $setName = $_[3] || "wobjectId";
- $setValue = $_[4] || $_[0]->get($setName);
- $sth = WebGUI::SQL->read("select $_[2] from $_[1] where $setName=".quote($setValue)." order by sequenceNumber");
- while (($id) = $sth->array) {
- WebGUI::SQL->write("update $_[1] set sequenceNumber=$i where $setName=".quote($setValue)." and $_[2]=$id");
- $i++;
- }
- $sth->finish;
-}
-
-
-
-#-------------------------------------------------------------------
-
-=head2 set ( [ hashRef ] )
-
-Stores the values specified in hashRef to the database.
-
-=over
-
-=item hashRef
-
-A hash reference of the properties to set for this wobject instance.
-
-=back
-
-=cut
-
-sub set {
- my ($key, $sql, @update, $i);
- my $self = shift;
- my $properties = shift;
- my $extendedProperties = shift; # shift for backward compatibility.
- unless (defined $extendedProperties) {
- my @temp;
- foreach (keys %{$self->{_extendedProperties}}) {
- push(@temp,$_);
- }
- $extendedProperties = \@temp;
- }
- my @temp;
- foreach (keys %{$self->{_wobjectProperties}}) {
- push(@temp,$_);
- }
- my $wobjectProperties = \@temp;
- if ($self->{_property}{wobjectId} eq "new") {
- $self->{_property}{wobjectId} = getNextId("wobjectId");
- $self->{_property}{pageId} = ${$_[1]}{pageId} || $session{page}{pageId};
- $self->{_property}{sequenceNumber} = _getNextSequenceNumber($self->{_property}{pageId});
- $self->{_property}{addedBy} = $session{user}{userId};
- $self->{_property}{dateAdded} = time();
- WebGUI::SQL->write("insert into wobject
- (wobjectId, namespace, dateAdded, addedBy, sequenceNumber, pageId)
- values (
- ".$self->{_property}{wobjectId}.",
- ".quote($self->{_property}{namespace}).",
- ".$self->{_property}{dateAdded}.",
- ".$self->{_property}{addedBy}.",
- ".$self->{_property}{sequenceNumber}.",
- ".$self->{_property}{pageId}."
- )");
- WebGUI::SQL->write("insert into ".$self->{_property}{namespace}." (wobjectId)
- values (".$self->{_property}{wobjectId}.")");
- }
- $self->{_property}{lastEdited} = time();
- $self->{_property}{editedBy} = $session{user}{userId};
- $sql = "update wobject set";
- foreach $key (keys %{$properties}) {
- $self->{_property}{$key} = ${$properties}{$key};
- if (isIn($key, @{$wobjectProperties})) {
- $sql .= " ".$key."=".quote(${$properties}{$key}).",";
- }
- if (isIn($key, @{$extendedProperties})) {
- $update[$i] .= " ".$key."=".quote($properties->{$key});
- $i++;
- }
- }
- $sql .= " lastEdited=".$self->{_property}{lastEdited}.",
- editedBy=".$self->{_property}{editedBy}."
- where wobjectId=".$self->{_property}{wobjectId};
- WebGUI::SQL->write($sql);
- if (@update) {
- WebGUI::SQL->write("update ".$self->{_property}{namespace}." set ".join(",",@update)."
- where wobjectId=".$self->{_property}{wobjectId});
- }
- WebGUI::ErrorHandler::audit("edited Wobject ".$self->{_property}{wobjectId});
-}
-
-
-#-----------------------------------------------------------------
-
-=head2 setCollateral ( tableName, keyName, properties [ , useSequenceNumber, useWobjectId, setName, setValue ] )
-
-Performs and insert/update of collateral data for any wobject's collateral data. Returns the primary key value for that row of data.
-
-=over
-
-=item tableName
-
-The name of the table to insert the data.
-
-=item keyName
-
-The column name of the primary key in the table specified above. This must also be an incrementerId in the incrementer table.
-
-=item properties
-
-A hash reference containing the name/value pairs to be inserted into the database where the name is the column name. Note that the primary key should be specified in this list, and if it's value is "new" or null a new row will be created.
-
-=item useSequenceNumber
-
-If set to "1", a new sequenceNumber will be generated and inserted into the row. Note that this means you must have a sequenceNumber column in the table. Also note that this requires the presence of the wobjectId column. Defaults to "1".
-
-=item useWobjectId
-
-If set to "1", the current wobjectId will be inserted into the table upon creation of a new row. Note that this means the table better have a wobjectId column. Defaults to "1".
-
-=item setName
-
-If this collateral data set is not grouped by wobjectId, but by another column then specify that column here. The useSequenceNumber parameter will then use this column name instead of wobjectId to generate the sequenceNumber.
-
-=item setValue
-
-If you've specified a setName you may also set a value for that set. Defaults to the value for this id from the wobject properties.
-
-=back
-
-=cut
-
-sub setCollateral {
- my ($key, $sql, $seq, $dbkeys, $dbvalues, $counter);
- my ($class, $table, $keyName, $properties, $useSequence, $useWobjectId, $setName, $setValue) = @_;
- $counter = 0;
- $setName = $setName || "wobjectId";
- $setValue = $setValue || $_[0]->get($setName);
- if ($properties->{$keyName} eq "new" || $properties->{$keyName} eq "") {
- $properties->{$keyName} = getNextId($keyName);
- $sql = "insert into $table (";
- $dbkeys = "";
- $dbvalues = "";
- unless ($useSequence eq "0") {
- unless (exists $properties->{sequenceNumber}) {
- ($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from $table
- where $setName=".quote($setValue));
- $properties->{sequenceNumber} = $seq+1;
- }
- }
- unless ($useWobjectId eq "0") {
- $properties->{wobjectId} = $_[0]->get("wobjectId");
- }
- foreach $key (keys %{$properties}) {
- if ($counter++ > 0) {
- $dbkeys .= ',';
- $dbvalues .= ',';
- }
- $dbkeys .= $key;
- $dbvalues .= quote($properties->{$key});
- }
- $sql .= $dbkeys.') values ('.$dbvalues.')';
- WebGUI::ErrorHandler::audit("added ".$table." ".$properties->{$keyName});
- } else {
- $sql = "update $table set ";
- foreach $key (keys %{$properties}) {
- unless ($key eq "sequenceNumber") {
- $sql .= ',' if ($counter++ > 0);
- $sql .= $key."=".quote($properties->{$key});
- }
- }
- $sql .= " where $keyName='".$properties->{$keyName}."'";
- WebGUI::ErrorHandler::audit("edited ".$table." ".$properties->{$keyName});
- }
- WebGUI::SQL->write($sql);
- $_[0]->{_property}{lastEdited} = time();
- $_[0]->{_property}{editedBy} = $session{user}{userId};
- WebGUI::SQL->write("update wobject set lastEdited=".$_[0]->{_property}{lastEdited}
- .", editedBy=".$_[0]->{_property}{editedBy}." where wobjectId=".$_[0]->get("wobjectId"));
- $_[0]->reorderCollateral($table,$keyName,$setName,$setValue) if ($properties->{sequenceNumber} < 0);
- return $properties->{$keyName};
-}
-
-
-#-------------------------------------------------------------------
-
-=head2 uiLevel
-
-Returns the UI Level of a wobject. Defaults to "0" for all wobjects. Override to set the UI Level higher for a given wobject.
-
-=cut
-
-sub uiLevel {
- return 0;
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_approvePost ( )
-
-Sets the status flag on a discussion message to "approved".
-
-=cut
-
-sub www_approvePost {
- if (WebGUI::Privilege::isInGroup($_[0]->get("groupToModerate"))) {
- return WebGUI::Discussion::approvePost();
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-
-#-------------------------------------------------------------------
-
-=head2 www_copy ( )
-
-Copies this instance to the clipboard.
-
-NOTE: Should never need to be overridden or extended.
-
-=cut
-
-sub www_copy {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
- $_[0]->duplicate;
- return "";
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_createShortcut ( )
-
-Creates a shortcut (using the wobject proxy) of this wobject on the clipboard.
-
-NOTE: Should never need to be overridden or extended.
-
-=cut
-
-sub www_createShortcut {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
- my $w = WebGUI::Wobject::WobjectProxy->new({wobjectId=>"new",namespace=>"WobjectProxy"});
- $w->set({
- pageId=>2,
- templatePosition=>1,
- title=>$_[0]->getValue("title"),
- proxiedNamespace=>$_[0]->get("namespace"),
- proxiedWobjectId=>$_[0]->get("wobjectId"),
- bufferUserId=>$session{user}{userId},
- bufferDate=>time(),
- bufferPrevId=>$session{page}{pageId}
- });
- return "";
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_cut ( )
-
-Moves this instance to the clipboard.
-
-=cut
-
-sub www_cut {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
- $_[0]->set({
- pageId=>2,
- templatePosition=>1,
- bufferUserId=>$session{user}{userId},
- bufferDate=>time(),
- bufferPrevId=>$session{page}{pageId}
- });
- _reorderWobjects($session{page}{pageId});
- return "";
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_delete ( )
-
-Prompts a user to confirm whether they wish to delete this instance.
-
-=cut
-
-sub www_delete {
- my ($output);
- if (WebGUI::Privilege::canEditPage()) {
- $output = helpIcon(14);
- $output .= ''.WebGUI::International::get(42).'
';
- $output .= WebGUI::International::get(43);
- $output .= '';
- $output .= '
';
- return $output;
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_deleteConfirm ( )
-
-Moves this instance to the trash.
-
-=cut
-
-sub www_deleteConfirm {
- if (WebGUI::Privilege::canEditPage()) {
- $_[0]->set({pageId=>3, templatePosition=>1,
- bufferUserId=>$session{user}{userId},
- bufferDate=>time(),
- bufferPrevId=>$session{page}{pageId}});
- WebGUI::ErrorHandler::audit("moved Wobject ".$_[0]->{_property}{wobjectId}." to the trash.");
- _reorderWobjects($_[0]->get("pageId"));
- return "";
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_deleteFile ( )
-
-Displays a confirmation message relating to the deletion of a file.
-
-=cut
-
-sub www_deleteFile {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
- return $_[0]->confirm(WebGUI::International::get(728),
- WebGUI::URL::page('func=deleteFileConfirm&wid='.$_[0]->get("wobjectId").'&file='.$session{form}{file}),
- WebGUI::URL::page('func=edit&wid='.$_[0]->get("wobjectId"))
- );
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_deleteFileConfirm ( )
-
-Deletes a file from this instance.
-
-=cut
-
-sub www_deleteFileConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
- $_[0]->set({$session{form}{file}=>''});
- return $_[0]->www_edit();
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_deleteMessage ( )
-
-Displays a message asking for confirmation to delete a message from a discussion.
-
-=cut
-
-sub www_deleteMessage {
- if (WebGUI::Discussion::canEditMessage($_[0],$session{form}{mid})) {
- return WebGUI::Discussion::deleteMessage();
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_deleteMessageConfirm ( )
-
-Deletes a message from a discussion.
-
-=cut
-
-sub www_deleteMessageConfirm {
- if (WebGUI::Discussion::canEditMessage($_[0],$session{form}{mid})) {
- return WebGUI::Discussion::deleteMessageConfirm();
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_denyPost ( )
-
-Sets the status flag on a discussion message to "denied".
-
-=cut
-
-sub www_denyPost {
- if (WebGUI::Privilege::isInGroup($_[0]->get("groupToModerate"))) {
- return WebGUI::Discussion::denyPost();
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_edit ( [ -properties, -layout, -privileges, -helpId, -heading, -headingId ] )
-
-Displays the common properties of any/all wobjects.
-
-=over
-
-=item -properties, -layout, -privileges
-
-WebGUI::HTMLForm objects that extend these tabs.
-
-=item -helpId
-
-An id in this namespace in the WebGUI help system for this edit page. If specified a help link will be created on the edit page.
-
-=item -heading
-
-A text string to put in the heading of this page.
-
-=item -headingId
-
-An id this namespace of the WebGUI international system. This message will be retrieved and displayed in the heading of this edit page.
-
-=back
-
-=cut
-
-sub www_edit {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
- my ($self, @p) = @_;
- my ($properties, $layout, $privileges, $heading, $helpId, $headingId) =
- rearrange([qw(properties layout privileges heading helpId headingId)], @p);
- my ($f, $startDate, $displayTitle, $templatePosition, $endDate);
- if ($_[0]->get("wobjectId") eq "new") {
- $displayTitle = 1;
- } else {
- $displayTitle = $_[0]->get("displayTitle");
- }
- my $title = $_[0]->get("title") || $_[0]->name;
- $templatePosition = $_[0]->get("templatePosition") || 1;
- $startDate = $_[0]->get("startDate") || $session{page}{startDate};
- $endDate = $_[0]->get("endDate") || $session{page}{endDate};
- my %tabs;
- tie %tabs, 'Tie::IxHash';
- %tabs = (
- properties=>{
- label=>WebGUI::International::get(893)
- },
- layout=>{
- label=>WebGUI::International::get(105),
- uiLevel=>5
- },
- privileges=>{
- label=>WebGUI::International::get(107),
- uiLevel=>6
- }
- );
- if ($_[0]->{_useDiscussion}) {
- $tabs{discussion} = {
- label=>WebGUI::International::get(892),
- uiLevel=>7
- };
- }
- $f = WebGUI::TabForm->new(\%tabs);
- $f->hidden({name=>"wid",value=>$_[0]->get("wobjectId")});
- $f->hidden({name=>"namespace",value=>$_[0]->get("namespace")}) if ($_[0]->get("wobjectId") eq "new");
- $f->hidden({name=>"func",value=>"editSave"});
- $f->getTab("properties")->readOnly(
- -value=>$_[0]->get("wobjectId"),
- -label=>WebGUI::International::get(499),
- -uiLevel=>3
- );
- $f->getTab("properties")->text("title",WebGUI::International::get(99),$title);
- $f->getTab("layout")->yesNo(
- -name=>"displayTitle",
- -label=>WebGUI::International::get(174),
- -value=>$displayTitle,
- -uiLevel=>5
- );
- if ($_[0]->{_useTemplate}) {
- $f->getTab("layout")->template(
- -value=>$_[0]->getValue("templateId"),
- -namespace=>$_[0]->get("namespace"),
- -afterEdit=>'func=edit&wid='.$_[0]->get("wobjectId")
- );
- }
- $f->getTab("layout")->select(
- -name=>"templatePosition",
- -label=>WebGUI::International::get(363),
- -value=>[$templatePosition],
- -uiLevel=>5,
- -options=>WebGUI::Page::getTemplatePositions($session{page}{templateId}),
- -subtext=>WebGUI::Page::drawTemplate($session{page}{templateId})
- );
- $f->getTab("privileges")->dateTime(
- -name=>"startDate",
- -label=>WebGUI::International::get(497),
- -value=>$startDate,
- -uiLevel=>6
- );
- $f->getTab("privileges")->dateTime(
- -name=>"endDate",
- -label=>WebGUI::International::get(498),
- -value=>$endDate,
- -uiLevel=>6
- );
- $f->getTab("properties")->HTMLArea(
- -name=>"description",
- -label=>WebGUI::International::get(85),
- -value=>$_[0]->get("description")
- );
- $f->getTab("properties")->raw($properties);
- $f->getTab("layout")->raw($layout);
- $f->getTab("privileges")->raw($privileges);
- if ($_[0]->{_useDiscussion}) {
- $f->getTab("discussion")->yesNo(
- -name=>"allowDiscussion",
- -label=>WebGUI::International::get(894),
- -value=>$_[0]->get("allowDiscussion"),
- -uiLevel=>5
- );
- $f->getTab("discussion")->raw($_[0]->discussionProperties);
- }
- my $output;
- $output = helpIcon($helpId,$_[0]->get("namespace")) if ($helpId);
- $heading = WebGUI::International::get($headingId,$_[0]->get("namespace")) if ($headingId);
- $output .= ''.$heading.'
' if ($heading);
- return $output.$f->print;
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_editSave ( [ hashRef ] )
-
-Saves the default properties of any/all wobjects.
-
-NOTE: This method should only need to be extended if you need to do some special validation.
-
-=over
-
-=item hashRef
-
-A hash reference of extra properties to set.
-
-=back
-
-=cut
-
-sub www_editSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
- my %set;
- foreach my $key (keys %{$_[0]->{_wobjectProperties}}) {
- my $temp = WebGUI::FormProcessor::process(
- $key,
- $_[0]->{_wobjectProperties}{$key}{fieldType},
- $_[0]->{_wobjectProperties}{$key}{defaultValue}
- );
- $set{$key} = $temp if (defined $temp);
- }
- $set{title} = $session{form}{title} || $_[0]->name;
- foreach my $key (keys %{$_[0]->{_extendedProperties}}) {
- my $temp = WebGUI::FormProcessor::process(
- $key,
- $_[0]->{_extendedProperties}{$key}{fieldType},
- $_[0]->{_extendedProperties}{$key}{defaultValue}
- );
- $set{$key} = $temp if (defined $temp);
- }
- %set = (%set, %{$_[1]});
- $_[0]->set(\%set);
- return "";
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_lockThread ( )
-
-Locks a discussion thread from the current message down.
-
-=cut
-
-sub www_lockThread {
- if (WebGUI::Privilege::isInGroup($_[0]->get("groupToModerate"))) {
- WebGUI::Discussion::lockThread();
- return $_[0]->www_showMessage;
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_moveBottom ( )
-
-Moves this instance to the bottom of the page.
-
-=cut
-
-sub www_moveBottom {
- if (WebGUI::Privilege::canEditPage()) {
- $_[0]->set({sequenceNumber=>99999});
- _reorderWobjects($_[0]->get("pageId"));
- return "";
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_moveDown ( )
-
-Moves this instance down one spot on the page.
-
-=cut
-
-sub www_moveDown {
- my ($wid, $thisSeq);
- if (WebGUI::Privilege::canEditPage()) {
- ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$_[0]->get("wobjectId"));
- ($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$_[0]->get("pageId")
- ." and sequenceNumber=".($thisSeq+1));
- if ($wid ne "") {
- WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=".$_[0]->get("wobjectId"));
- WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=$wid");
- _reorderWobjects($_[0]->get("pageId"));
- }
- return "";
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_moveTop ( )
-
-Moves this instance to the top of the page.
-
-=cut
-
-sub www_moveTop {
- if (WebGUI::Privilege::canEditPage()) {
- $_[0]->set({sequenceNumber=>0});
- _reorderWobjects($_[0]->get("pageId"));
- return "";
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_moveUp ( )
-
-Moves this instance up one spot on the page.
-
-=cut
-
-sub www_moveUp {
- my ($wid, $thisSeq);
- if (WebGUI::Privilege::canEditPage()) {
- ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$_[0]->get("wobjectId"));
- ($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$_[0]->get("pageId")
- ." and sequenceNumber=".($thisSeq-1));
- if ($wid ne "") {
- WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=".$_[0]->get("wobjectId"));
- WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=$wid");
- _reorderWobjects($_[0]->get("pageId"));
- }
- return "";
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_paste ( )
-
-Moves this instance from the clipboard to the current page.
-
-=cut
-
-sub www_paste {
- my ($output, $nextSeq);
- if (WebGUI::Privilege::canEditPage()) {
- ($nextSeq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from wobject where pageId=$session{page}{pageId}");
- $nextSeq += 1;
- WebGUI::SQL->write("UPDATE wobject SET "
- ."pageId=". $session{page}{pageId} .", "
- ."templatePosition=1, "
- ."sequenceNumber=". $nextSeq .", "
- ."bufferUserId=NULL, bufferDate=NULL, bufferPrevId=NULL "
- ."WHERE wobjectId=". $session{form}{wid} );
- return "";
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_post ( )
-
-Displays a discussion message post form.
-
-=cut
-
-sub www_post {
- if (WebGUI::Privilege::isInGroup($_[0]->get("groupToPost"))) {
- return WebGUI::Discussion::post($_[0]);
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_post ( )
-
-Saves a message post to a discussion.
-
-=cut
-
-sub www_postSave {
- if (WebGUI::Privilege::isInGroup($_[0]->get("groupToPost"))) {
- WebGUI::Discussion::postSave($_[0]);
- return $_[0]->www_showMessage();
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_search ( )
-
-Searches an attached discussion.
-
-=cut
-
-sub www_search {
- return WebGUI::Discussion::search();
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_showMessage ( [menuItem] )
-
-Shows a message from a discussion.
-
-=over
-
-=item menuItem
-
-You can optionally extend this method by passing in an HTML string of menu items to be added to the menu of this display.
-
-=back
-
-=cut
-
-sub www_showMessage {
- my ($output, $defaultMid);
- ($defaultMid) = WebGUI::SQL->quickArray("select min(messageId) from discussion where wobjectId=".$_[0]->get("wobjectId"));
- $session{form}{mid} = $session{form}{mid} || $defaultMid || 0;
- $output = WebGUI::Discussion::showMessage($_[1],$_[0]);
- $output .= WebGUI::Discussion::showReplyTree($_[0]);
- return $output;
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_subscribeToThread ( )
-
-Subscribes the current user to a specified discussion thread.
-
-=cut
-
-sub www_subscribeToThread {
- WebGUI::Discussion::subscribeToThread();
- return $_[0]->www_showMessage();
-}
-
-
-#-------------------------------------------------------------------
-
-=head2 www_unlockThread ( )
-
-Unlocks a discussion thread from the current message on down.
-
-=cut
-
-sub www_unlockThread {
- if (WebGUI::Privilege::isInGroup($_[0]->get("groupToModerate"))) {
- WebGUI::Discussion::unlockThread();
- return $_[0]->www_showMessage;
- } else {
- return WebGUI::Privilege::insufficient();
- }
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_subscribeToThread ( )
-
-Unsubscribes the current user from a specified discussion thread.
-
-=cut
-
-sub www_unsubscribeFromThread {
- WebGUI::Discussion::unsubscribeFromThread();
- return $_[0]->www_showMessage();
-}
-
-#-------------------------------------------------------------------
-
-=head2 www_view ( )
-
-The default display mechanism for any wobject. This web method MUST be overridden.
-
-=cut
-
-sub www_view {
- my ($output);
- $output = $_[0]->displayTitle;
- $output .= $_[0]->description;
- return $output;
-}
-
-1;
+package WebGUI::Wobject;
+
+=head1 LEGAL
+
+ -------------------------------------------------------------------
+ WebGUI is Copyright 2001-2003 Plain Black LLC.
+ -------------------------------------------------------------------
+ Please read the legal notices (docs/legal.txt) and the license
+ (docs/license.txt) that came with this distribution before using
+ this software.
+ -------------------------------------------------------------------
+ http://www.plainblack.com info@plainblack.com
+ -------------------------------------------------------------------
+
+=cut
+
+use CGI::Util qw(rearrange);
+use DBI;
+use strict qw(subs vars);
+use Tie::IxHash;
+use WebGUI::DateTime;
+use WebGUI::Discussion;
+use WebGUI::FormProcessor;
+use WebGUI::HTML;
+use WebGUI::HTMLForm;
+use WebGUI::Icon;
+use WebGUI::International;
+use WebGUI::Macro;
+use WebGUI::Node;
+use WebGUI::Page;
+use WebGUI::Session;
+use WebGUI::SQL;
+use WebGUI::TabForm;
+use WebGUI::Template;
+use WebGUI::URL;
+use WebGUI::Utility;
+
+=head1 NAME
+
+Package WebGUI::Wobject
+
+=head1 DESCRIPTION
+
+An abstract class for all other wobjects to extend.
+
+=head1 SYNOPSIS
+
+ use WebGUI::Wobject;
+ our @ISA = qw(WebGUI::Wobject);
+
+See the subclasses in lib/WebGUI/Wobjects for details.
+
+=head1 METHODS
+
+These methods are available from this class:
+
+=cut
+
+#-------------------------------------------------------------------
+sub _reorderWobjects {
+ my ($sth, $i, $wid);
+ $sth = WebGUI::SQL->read("select wobjectId from wobject where pageId=$_[0] order by templatePosition,sequenceNumber");
+ while (($wid) = $sth->array) {
+ $i++;
+ WebGUI::SQL->write("update wobject set sequenceNumber='$i' where wobjectId=$wid");
+ }
+ $sth->finish;
+}
+
+
+#-------------------------------------------------------------------
+sub _getNextSequenceNumber {
+ my ($sequenceNumber);
+ ($sequenceNumber) = WebGUI::SQL->quickArray("select max(sequenceNumber) from wobject where pageId='$_[0]'");
+ return ($sequenceNumber+1);
+}
+
+#-------------------------------------------------------------------
+
+=head2 confirm ( message, yesURL, [ , noURL, vitalComparison ] )
+
+=over
+
+=item message
+
+A string containing the message to prompt the user for this action.
+
+=item yesURL
+
+A URL to the web method to execute if the user confirms the action.
+
+=item noURL
+
+A URL to the web method to execute if the user denies the action. Defaults back to the current page.
+
+=item vitalComparison
+
+A comparison expression to be used when checking whether the action should be allowed to continue. Typically this is used when the action is a delete of some sort.
+
+=back
+
+=cut
+
+sub confirm {
+ return WebGUI::Privilege::vitalComponent() if ($_[4]);
+ my $noURL = $_[3] || WebGUI::URL::page();
+ my $output = ''.WebGUI::International::get(42).'
';
+ $output .= $_[1].'';
+ $output .= '
';
+ return $output;
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 deleteCollateral ( tableName, keyName, keyValue )
+
+Deletes a row of collateral data.
+
+=over
+
+=item tableName
+
+The name of the table you wish to delete the data from.
+
+=item keyName
+
+The name of the column that is the primary key in the table.
+
+=item keyValue
+
+An integer containing the key value.
+
+=back
+
+=cut
+
+sub deleteCollateral {
+ WebGUI::SQL->write("delete from $_[1] where $_[2]=".quote($_[3]));
+ WebGUI::ErrorHandler::audit("deleted ".$_[2]." ".$_[3]);
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 description ( )
+
+Returns this instance's description if it exists.
+
+=cut
+
+sub description {
+ if ($_[0]->get("description")) {
+ return $_[0]->get("description").'';
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 discussionProperties ( )
+
+Returns a formRow list of discussion properties, which may be attached to any Wobject.
+
+=cut
+
+sub discussionProperties {
+ my ($f,$editTimeout,$interval, $units, $groupToModerate,%moderationType,$moderationType);
+ %moderationType = (before=>WebGUI::International::get(567),after=>WebGUI::International::get(568));
+ $f = WebGUI::HTMLForm->new;
+ if ($_[0]->get("wobjectId") eq "new") {
+ $editTimeout = 3600;
+ $moderationType = 'after';
+ } else {
+ $editTimeout = $_[0]->get("editTimeout");
+ $moderationType = $_[0]->get("moderationType");
+ }
+ my $filterPost = $_[0]->get("filterPost") || "most";
+ $f->filterContent(
+ -name=>"filterPost",
+ -value=>$filterPost,
+ -label=>WebGUI::International::get(1,"Discussion"),
+ -uiLevel=>7
+ );
+ $groupToModerate = $_[0]->get("groupToModerate") || 4;
+ $f->group(
+ -name=>"groupToPost",
+ -label=>WebGUI::International::get(564),
+ -value=>[$_[0]->get("groupToPost")],
+ -uiLevel=>7
+ );
+ ($interval, $units) = WebGUI::DateTime::secondsToInterval($editTimeout);
+ $f->interval(
+ -name=>"editTimeout",
+ -label=>WebGUI::International::get(566),
+ -intervalValue=>$interval,
+ -unitsValue=>$units,
+ -uiLevel=>7
+ );
+ if ($session{setting}{useKarma} && $session{user}{uiLevel} >= 7) {
+ $f->integer("karmaPerPost",WebGUI::International::get(541),$_[0]->get("karmaPerPost"));
+ } else {
+ $f->hidden("karmaPerPost",$_[0]->get("karmaPerPost"));
+ }
+ $f->group(
+ -name=>"groupToModerate",
+ -label=>WebGUI::International::get(565),
+ -value=>[$groupToModerate],
+ -uiLevel=>7
+ );
+ $f->select(
+ -name=>"moderationType",
+ -options=>\%moderationType,
+ -label=>WebGUI::International::get(569),
+ -value=>[$moderationType],
+ -uiLevel=>7
+ );
+ $f->yesNo(
+ -name=>"addEditStampToPosts",
+ -label=>WebGUI::International::get(524,"Discussion"),
+ -value=>$_[0]->get("addEditStampToPosts"),
+ -uiLevel=>9
+ );
+ return $f->printRowsOnly;
+}
+
+#-------------------------------------------------------------------
+
+=head2 displayTitle ( )
+
+Returns this instance's title if displayTitle is set to yes.
+
+=cut
+
+sub displayTitle {
+ if ($_[0]->get("displayTitle")) {
+ return "
".$_[0]->get("title")."
";
+ } else {
+ return "";
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 duplicate ( [ pageId ] )
+
+Duplicates this wobject with a new wobject ID. Returns the new wobject Id.
+
+NOTE: This method is meant to be extended by all sub-classes.
+
+=over
+
+=item pageId
+
+If specified the wobject will be duplicated to this pageId, otherwise it will be duplicated to the clipboard.
+
+=back
+
+=cut
+
+sub duplicate {
+ my %properties;
+ tie %properties, 'Tie::CPHash';
+ %properties = %{$_[0]->get};
+ $properties{pageId} = $_[1] || 2;
+ if ($properties{pageId} == 2) {
+ $properties{bufferUserId} = $session{user}{userId};
+ $properties{bufferDate} = time();
+ $properties{bufferPrevId} = {};
+ }
+ delete $properties{wobjectId};
+ my $cmd = "WebGUI::Wobject::".$properties{namespace};
+ my $w = eval{$cmd->new({namespace=>$properties{namespace},wobjectId=>"new"})};
+ if ($@) {
+ WebGUI::ErrorHandler::warn("Couldn't duplicate wobject ".$properties{namespace}." because: ".$@);
+ }
+ $w->set(\%properties);
+ WebGUI::Discussion::duplicate($_[0]->get("wobjectId"),$w->get("wobjectId")) unless ($_[2]);
+ return $w->get("wobjectId");
+}
+
+#-------------------------------------------------------------------
+
+=head2 fileProperty ( name, labelId )
+
+Returns a file property form row which can be used in any Wobject properties page.
+
+NOTE: This method is meant for use with www_deleteFile.
+
+=over
+
+=item name
+
+The name of the property that stores the filename.
+
+=item labelId
+
+The internationalId of the form label for this file.
+
+=back
+
+=cut
+
+sub fileProperty {
+ my ($self, $f, $labelId, $name);
+ $self = shift;
+ $name = shift;
+ $labelId = shift;
+ $f = WebGUI::HTMLForm->new;
+ if ($self->get($name) ne "") {
+ $f->readOnly(''.
+ WebGUI::International::get(391).'',
+ WebGUI::International::get($labelId,$self->get("namespace")));
+ } else {
+ $f->file($name,WebGUI::International::get($labelId,$self->get("namespace")));
+ }
+ return $f->printRowsOnly;
+}
+
+#-------------------------------------------------------------------
+
+=head2 get ( [ propertyName ] )
+
+Returns a hash reference containing all of the properties of this wobject instance.
+
+=over
+
+=item propertyName
+
+If an individual propertyName is specified, then only that property value is returned as a scalar.
+
+=back
+
+=cut
+
+sub get {
+ if ($_[1] ne "") {
+ return $_[0]->{_property}{$_[1]};
+ } else {
+ return $_[0]->{_property};
+ }
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 getCollateral ( tableName, keyName, keyValue )
+
+Returns a hash reference containing a row of collateral data.
+
+=over
+
+=item tableName
+
+The name of the table you wish to retrieve the data from.
+
+=item keyName
+
+The name of the column that is the primary key in the table.
+
+=item keyValue
+
+An integer containing the key value. If key value is equal to "new" or null, then an empty hashRef containing only keyName=>"new" will be returned to avoid strict errors.
+
+=back
+
+=cut
+
+sub getCollateral {
+ my ($class, $tableName, $keyName, $keyValue) = @_;
+ if ($keyValue eq "new" || $keyValue eq "") {
+ return {$keyName=>"new"};
+ } else {
+ return WebGUI::SQL->quickHashRef("select * from $tableName where $keyName=".quote($keyValue));
+ }
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 getDefaultValue ( propertyName )
+
+Returns the default value for a wobject property.
+
+=over
+
+=item propertyName
+
+The name of the property to retrieve the default value for.
+
+=back
+
+=cut
+
+sub getDefaultValue {
+ if (exists $_[0]->{_extendedProperties}{$_[1]}{defaultValue}) {
+ return $_[0]->{_extendedProperties}{$_[1]}{defaultValue};
+ } elsif (exists $_[0]->{_wobjectProperties}{$_[1]}{defaultValue}) {
+ return $_[0]->{_wobjectProperties}{$_[1]}{defaultValue};
+ } else {
+ return undef;
+ }
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 getValue ( propertyName )
+
+Returns a value for a wobject property however possible. It first looks in form variables for the property, then looks to the value stored in the wobject instance, and if all else fails it returns the default value for the property.
+
+=over
+
+=item propertyName
+
+The name of the property to retrieve the value for.
+
+=back
+
+=cut
+
+sub getValue {
+ my $currentValue = $_[0]->get($_[1]);
+ if (exists $session{form}{$_[1]}) {
+ return $session{form}{$_[1]};
+ } elsif (defined $currentValue) {
+ return $_[0]->get($_[1]);
+ } else {
+ return $_[0]->getDefaultValue($_[1]);
+ }
+}
+
+
+
+#-------------------------------------------------------------------
+
+=head2 inDateRange ( )
+
+Returns a boolean value of whether the wobject should be displayed based upon it's start and end dates.
+
+=cut
+
+sub inDateRange {
+ if ($_[0]->get("startDate") < time() && $_[0]->get("endDate") > time()) {
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 moveCollateralDown ( tableName, idName, id [ , setName, setValue ] )
+
+Moves a collateral data item down one position. This assumes that the collateral data table has a column called "wobjectId" that identifies the wobject, and a column called "sequenceNumber" that determines the position of the data item.
+
+=over
+
+=item tableName
+
+A string indicating the table that contains the collateral data.
+
+=item idName
+
+A string indicating the name of the column that uniquely identifies this collateral data item.
+
+=item id
+
+An integer that uniquely identifies this collateral data item.
+
+=item setName
+
+By default this method assumes that the collateral will have a wobject id in the table. However, since there is not always a wobject id to separate one data set from another, you may specify another field to do that.
+
+=item setValue
+
+The value of the column defined by "setName" to select a data set from.
+
+=back
+
+=cut
+
+### NOTE: There is a redundant use of wobjectId in some of these statements on purpose to support
+### two different types of collateral data.
+
+sub moveCollateralDown {
+ my ($id, $seq, $setName, $setValue);
+ $setName = $_[4] || "wobjectId";
+ $setValue = $_[5] || $_[0]->get($setName);
+ ($seq) = WebGUI::SQL->quickArray("select sequenceNumber from $_[1] where $_[2]=$_[3] and $setName=".quote($setValue));
+ ($id) = WebGUI::SQL->quickArray("select $_[2] from $_[1] where $setName=".quote($setValue)
+ ." and sequenceNumber=$seq+1");
+ if ($id ne "") {
+ WebGUI::SQL->write("update $_[1] set sequenceNumber=sequenceNumber+1 where $_[2]=$_[3] and $setName="
+ .quote($setValue));
+ WebGUI::SQL->write("update $_[1] set sequenceNumber=sequenceNumber-1 where $_[2]=$id and $setName="
+ .quote($setValue));
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 moveCollateralUp ( tableName, idName, id [ , setName, setValue ] )
+
+Moves a collateral data item up one position. This assumes that the collateral data table has a column called "wobjectId" that identifies the wobject, and a column called "sequenceNumber" that determines the position of the data item.
+
+=over
+
+=item tableName
+
+A string indicating the table that contains the collateral data.
+
+=item idName
+
+A string indicating the name of the column that uniquely identifies this collateral data item.
+
+=item id
+
+An integer that uniquely identifies this collateral data item.
+
+=item setName
+
+By default this method assumes that the collateral will have a wobject id in the table. However, since there is not always a wobject id to separate one data set from another, you may specify another field to do that.
+
+=item setValue
+
+The value of the column defined by "setName" to select a data set from.
+
+=back
+
+=cut
+
+### NOTE: There is a redundant use of wobjectId in some of these statements on purpose to support
+### two different types of collateral data.
+
+sub moveCollateralUp {
+ my ($id, $seq, $setValue, $setName);
+ $setName = $_[4] || "wobjectId";
+ $setValue = $_[5] || $_[0]->get($setName);
+ ($seq) = WebGUI::SQL->quickArray("select sequenceNumber from $_[1] where $_[2]=$_[3] and $setName=".quote($setValue));
+ ($id) = WebGUI::SQL->quickArray("select $_[2] from $_[1] where $setName=".quote($setValue)
+ ." and sequenceNumber=$seq-1");
+ if ($id ne "") {
+ WebGUI::SQL->write("update $_[1] set sequenceNumber=sequenceNumber-1 where $_[2]=$_[3] and $setName="
+ .quote($setValue));
+ WebGUI::SQL->write("update $_[1] set sequenceNumber=sequenceNumber+1 where $_[2]=$id and $setName="
+ .quote($setValue));
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 name ( )
+
+This method should be overridden by all wobjects and should return an internationalized human friendly name for the wobject. This method only exists in the super class for reverse compatibility and will try to look up the name based on the old name definition.
+
+=cut
+
+sub name {
+ my $namespace = $_[0]->get("namespace");
+ if ($namespace eq "") {
+ WebGUI::ErrorHandler::warn("No namespace available in this wobject instance.");
+ return "! Unknown Wobject !";
+ } else {
+ my $cmd = "\$WebGUI::Wobject::".$namespace."::name";
+ my $name = eval($cmd);
+ if ($name eq "") {
+ WebGUI::ErrorHandler::warn($namespace." does not appear to have any sort of name definition at all.");
+ return $namespace;
+ }
+ return $name;
+ }
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 new ( -properties, -extendedProperties [, -useDiscussion ] )
+
+Constructor.
+
+NOTE: This method should never need to be overridden or extended.
+
+=over
+
+=item -properties
+
+A hash reference containing at minimum "wobjectId" and "namespace". wobjectId may be set to "new" if you're creating a new instance. This hash reference should be the one created by WebGUI.pm and passed to the wobject subclass.
+
+NOTE: It may seem a little weird that the initial data for the wobject instance is coming from WebGUI.pm, but this was done to lessen database traffic thus increasing the speed of all wobjects.
+
+=item -extendedProperties
+
+A hash reference containing the properties that extend the wobject class. They should match the properties that are added to this wobject's namespace table in the database. So if this wobject has a namespace of "MyWobject" and a table definition that looks like this:
+
+ create MyWobject (
+ wobjectId int not null primary key,
+ something varchar(25),
+ isCool int not null default 0,
+ foo int not null default 1,
+ bar text
+ );
+
+Then the extended property list would be:
+ {
+ something=>{
+ fieldType=>"text"
+ },
+ isCool=>{
+ fieldType=>"yesNo",
+ defaultValue=>1
+ },
+ foo=>{
+ fieldType=>"integer",
+ defaultValue=>1
+ },
+ bar=>{
+ fieldType=>"textarea"
+ }
+ }
+
+NOTE: This is used to define the wobject and should only be passed in by a wobject subclass.
+
+=item -useDiscussion
+
+Defaults to "0". If set to "1" this will add a discussion properties tab to this wobject to enable content managers to set the properties of a discussion attached to this wobject.
+
+NOTE: This is used to define the wobject and should only be passed in by a wobject subclass.
+
+=item -useTemplate
+
+Defaults to "0". If set to "1" this will add a template field to the wobject to enable content managers to select a template to layout this wobject.
+
+NOTE: This is used to define the wobject and should only be passed in by a wobject subclass.
+
+=back
+
+=cut
+
+sub new {
+ my ($self, @p) = @_;
+ my ($properties, $extendedProperties, $useTemplate, $useDiscussion);
+ if (ref $_[1] eq "HASH") {
+ $properties = $_[1]; # reverse compatibility prior to 5.2
+ } else {
+ ($properties, $extendedProperties, $useDiscussion, $useTemplate) =
+ rearrange([qw(properties extendedProperties useDiscussion useTemplate)], @p);
+ }
+ $useDiscussion = 0 unless ($useDiscussion);
+ $useTemplate = 0 unless ($useTemplate);
+ my $wobjectProperties = {
+ userDefined1=>{
+ fieldType=>"text"
+ },
+ userDefined2=>{
+ fieldType=>"text"
+ },
+ userDefined3=>{
+ fieldType=>"text"
+ },
+ userDefined4=>{
+ fieldType=>"text"
+ },
+ userDefined5=>{
+ fieldType=>"text"
+ },
+ bufferUserId=>{
+ fieldType=>"hidden"
+ },
+ bufferDate=>{
+ fieldType=>"hidden"
+ },
+ bufferPrevId=>{
+ fieldType=>"hidden"
+ },
+ allowDiscussion=>{
+ fieldType=>"yesNo",
+ defaultValue=>0
+ },
+ moderationType=>{
+ fieldType=>"selectList",
+ defaultValue=>"after"
+ },
+ groupToModerate=>{
+ fieldType=>"group",
+ defaultValue=>4
+ },
+ groupToPost=>{
+ fieldType=>"group",
+ defaultValue=>2
+ },
+ karmaPerPost=>{
+ fieldType=>"integer",
+ defaultValue=>0
+ } ,
+ editTimeout=>{
+ defaultValue=>1,
+ fieldType=>"interval"
+ },
+ filterPost=>{
+ fieldType=>"filter",
+ defaultValue=>"javascript",
+ },
+ addEditStampToPosts=>{
+ fieldType=>"yesNo",
+ defaultValue=>1,
+ },
+ title=>{
+ fieldType=>"text",
+ defaultValue=>$_[0]->get("namespace")
+ },
+ templateId=>{
+ fieldType=>"template",
+ defaultValue=>1
+ },
+ displayTitle=>{
+ fieldType=>"yesNo",
+ defaultValue=>1
+ },
+ description=>{
+ fieldType=>"textarea",
+ fieldType=>"HTMLArea"
+ },
+ pageId=>{
+ fieldType=>"hidden",
+ defaultValue=>$session{page}{pageId}
+ },
+ templatePosition=>{
+ fieldType=>"selectList",
+ defaultValue=>1
+ },
+ startDate=>{
+ defaultValue=>$session{page}{startDate},
+ fieldType=>"dateTime"
+ },
+ endDate=>{
+ defaultValue=>$session{page}{endDate},
+ fieldType=>"dateTime"
+ },
+ ownerId=>{
+ defaultValue=>$session{page}{ownerId},
+ fieldType=>"group"
+ },
+ groupIdView=>{
+ defaultValue=>$session{page}{groupIdView},
+ fieldType=>"group"
+ },
+ groupIdEdit=>{
+ defaultValue=>$session{page}{groupIdEdit},
+ fieldType=>"group"
+ },
+ sequenceNumber=>{
+ fieldType=>"hidden"
+ }
+ };
+ bless({
+ _property=>$properties,
+ _useTemplate=>$useTemplate,
+ _useDiscussion=>$useDiscussion,
+ _wobjectProperties=>$wobjectProperties,
+ _extendedProperties=>$extendedProperties
+ },
+ $self);
+}
+
+#-------------------------------------------------------------------
+
+=head2 processMacros ( output )
+
+ Decides whether or not macros should be processed and returns the
+ appropriate output.
+
+=over
+
+=item output
+
+ An HTML blob to be processed for macros.
+
+=back
+
+=cut
+
+sub processMacros {
+ return WebGUI::Macro::process($_[1]);
+}
+
+#-------------------------------------------------------------------
+
+=head2 processTemplate ( templateId, vars [ , namespace ] )
+
+Returns the content generated from this template.
+
+NOTE: Only for use in wobjects that support templates.
+
+=over
+
+=item templateId
+
+An id referring to a particular template in the templates table.
+
+=item hashRef
+
+A hash reference containing variables and loops to pass to the template engine.
+
+=item namespace
+
+A namespace to use for the template. Defaults to the wobject's namespace.
+
+=back
+
+=cut
+
+sub processTemplate {
+ my %vars = (
+ %{$_[0]->{_property}},
+ %{$_[2]}
+ );
+ if (defined $_[0]->get("_WobjectProxy")) {
+ $vars{isShortcut} = 1;
+ my ($originalPageURL) = WebGUI::SQL->quickArray("select urlizedTitle from page where pageId=".$_[0]->get("pageId"));
+ $vars{originalURL} = WebGUI::URL::gateway($originalPageURL."#".$_[0]->get("wobjectId"));
+ }
+ my $namespace = $_[3] || $_[0]->get("namespace");
+ return WebGUI::Template::process(WebGUI::Template::get($_[1],$namespace), \%vars);
+}
+
+#-------------------------------------------------------------------
+
+=head2 purge ( )
+
+Removes this wobject from the database and all it's attachments from the filesystem.
+
+NOTE: This method is meant to be extended by all sub-classes.
+
+=cut
+
+sub purge {
+ my ($node);
+ WebGUI::SQL->write("delete from ".$_[0]->get("namespace")." where wobjectId=".$_[0]->get("wobjectId"));
+ WebGUI::SQL->write("delete from wobject where wobjectId=".$_[0]->get("wobjectId"));
+ $node = WebGUI::Node->new($_[0]->get("wobjectId"));
+ $node->delete;
+ WebGUI::Discussion::purge($_[0]->get("wobjectId"));
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 reorderCollateral ( tableName, keyName [ , setName, setValue ] )
+
+Resequences collateral data. Typically useful after deleting a collateral item to remove the gap created by the deletion.
+
+=over
+
+=item tableName
+
+The name of the table to resequence.
+
+=item keyName
+
+The key column name used to determine which data needs sorting within the table.
+
+=item setName
+
+Defaults to "wobjectId". This is used to define which data set to reorder.
+
+=item setValue
+
+Used to define which data set to reorder. Defaults to the wobjectId for this instance. Defaults to the value of "setName" in the wobject properties.
+
+=back
+
+=cut
+
+sub reorderCollateral {
+ my ($sth, $i, $id, $setName, $setValue);
+ $i = 1;
+ $setName = $_[3] || "wobjectId";
+ $setValue = $_[4] || $_[0]->get($setName);
+ $sth = WebGUI::SQL->read("select $_[2] from $_[1] where $setName=".quote($setValue)." order by sequenceNumber");
+ while (($id) = $sth->array) {
+ WebGUI::SQL->write("update $_[1] set sequenceNumber=$i where $setName=".quote($setValue)." and $_[2]=$id");
+ $i++;
+ }
+ $sth->finish;
+}
+
+
+
+#-------------------------------------------------------------------
+
+=head2 set ( [ hashRef ] )
+
+Stores the values specified in hashRef to the database.
+
+=over
+
+=item hashRef
+
+A hash reference of the properties to set for this wobject instance.
+
+=back
+
+=cut
+
+sub set {
+ my ($key, $sql, @update, $i);
+ my $self = shift;
+ my $properties = shift;
+ my $extendedProperties = shift; # shift for backward compatibility.
+ unless (defined $extendedProperties) {
+ my @temp;
+ foreach (keys %{$self->{_extendedProperties}}) {
+ push(@temp,$_);
+ }
+ $extendedProperties = \@temp;
+ }
+ my @temp;
+ foreach (keys %{$self->{_wobjectProperties}}) {
+ push(@temp,$_);
+ }
+ my $wobjectProperties = \@temp;
+ if ($self->{_property}{wobjectId} eq "new") {
+ $self->{_property}{wobjectId} = getNextId("wobjectId");
+ $self->{_property}{pageId} = ${$_[1]}{pageId} || $session{page}{pageId};
+ $self->{_property}{sequenceNumber} = _getNextSequenceNumber($self->{_property}{pageId});
+ $self->{_property}{addedBy} = $session{user}{userId};
+ $self->{_property}{dateAdded} = time();
+ WebGUI::SQL->write("insert into wobject
+ (wobjectId, namespace, dateAdded, addedBy, sequenceNumber, pageId)
+ values (
+ ".$self->{_property}{wobjectId}.",
+ ".quote($self->{_property}{namespace}).",
+ ".$self->{_property}{dateAdded}.",
+ ".$self->{_property}{addedBy}.",
+ ".$self->{_property}{sequenceNumber}.",
+ ".$self->{_property}{pageId}."
+ )");
+ WebGUI::SQL->write("insert into ".$self->{_property}{namespace}." (wobjectId)
+ values (".$self->{_property}{wobjectId}.")");
+ }
+ $self->{_property}{lastEdited} = time();
+ $self->{_property}{editedBy} = $session{user}{userId};
+ $sql = "update wobject set";
+ foreach $key (keys %{$properties}) {
+ $self->{_property}{$key} = ${$properties}{$key};
+ if (isIn($key, @{$wobjectProperties})) {
+ $sql .= " ".$key."=".quote(${$properties}{$key}).",";
+ }
+ if (isIn($key, @{$extendedProperties})) {
+ $update[$i] .= " ".$key."=".quote($properties->{$key});
+ $i++;
+ }
+ }
+ $sql .= " lastEdited=".$self->{_property}{lastEdited}.",
+ editedBy=".$self->{_property}{editedBy}."
+ where wobjectId=".$self->{_property}{wobjectId};
+ WebGUI::SQL->write($sql);
+ if (@update) {
+ WebGUI::SQL->write("update ".$self->{_property}{namespace}." set ".join(",",@update)."
+ where wobjectId=".$self->{_property}{wobjectId});
+ }
+ WebGUI::ErrorHandler::audit("edited Wobject ".$self->{_property}{wobjectId});
+}
+
+
+#-----------------------------------------------------------------
+
+=head2 setCollateral ( tableName, keyName, properties [ , useSequenceNumber, useWobjectId, setName, setValue ] )
+
+Performs and insert/update of collateral data for any wobject's collateral data. Returns the primary key value for that row of data.
+
+=over
+
+=item tableName
+
+The name of the table to insert the data.
+
+=item keyName
+
+The column name of the primary key in the table specified above. This must also be an incrementerId in the incrementer table.
+
+=item properties
+
+A hash reference containing the name/value pairs to be inserted into the database where the name is the column name. Note that the primary key should be specified in this list, and if it's value is "new" or null a new row will be created.
+
+=item useSequenceNumber
+
+If set to "1", a new sequenceNumber will be generated and inserted into the row. Note that this means you must have a sequenceNumber column in the table. Also note that this requires the presence of the wobjectId column. Defaults to "1".
+
+=item useWobjectId
+
+If set to "1", the current wobjectId will be inserted into the table upon creation of a new row. Note that this means the table better have a wobjectId column. Defaults to "1".
+
+=item setName
+
+If this collateral data set is not grouped by wobjectId, but by another column then specify that column here. The useSequenceNumber parameter will then use this column name instead of wobjectId to generate the sequenceNumber.
+
+=item setValue
+
+If you've specified a setName you may also set a value for that set. Defaults to the value for this id from the wobject properties.
+
+=back
+
+=cut
+
+sub setCollateral {
+ my ($key, $sql, $seq, $dbkeys, $dbvalues, $counter);
+ my ($class, $table, $keyName, $properties, $useSequence, $useWobjectId, $setName, $setValue) = @_;
+ $counter = 0;
+ $setName = $setName || "wobjectId";
+ $setValue = $setValue || $_[0]->get($setName);
+ if ($properties->{$keyName} eq "new" || $properties->{$keyName} eq "") {
+ $properties->{$keyName} = getNextId($keyName);
+ $sql = "insert into $table (";
+ $dbkeys = "";
+ $dbvalues = "";
+ unless ($useSequence eq "0") {
+ unless (exists $properties->{sequenceNumber}) {
+ ($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from $table
+ where $setName=".quote($setValue));
+ $properties->{sequenceNumber} = $seq+1;
+ }
+ }
+ unless ($useWobjectId eq "0") {
+ $properties->{wobjectId} = $_[0]->get("wobjectId");
+ }
+ foreach $key (keys %{$properties}) {
+ if ($counter++ > 0) {
+ $dbkeys .= ',';
+ $dbvalues .= ',';
+ }
+ $dbkeys .= $key;
+ $dbvalues .= quote($properties->{$key});
+ }
+ $sql .= $dbkeys.') values ('.$dbvalues.')';
+ WebGUI::ErrorHandler::audit("added ".$table." ".$properties->{$keyName});
+ } else {
+ $sql = "update $table set ";
+ foreach $key (keys %{$properties}) {
+ unless ($key eq "sequenceNumber") {
+ $sql .= ',' if ($counter++ > 0);
+ $sql .= $key."=".quote($properties->{$key});
+ }
+ }
+ $sql .= " where $keyName='".$properties->{$keyName}."'";
+ WebGUI::ErrorHandler::audit("edited ".$table." ".$properties->{$keyName});
+ }
+ WebGUI::SQL->write($sql);
+ $_[0]->{_property}{lastEdited} = time();
+ $_[0]->{_property}{editedBy} = $session{user}{userId};
+ WebGUI::SQL->write("update wobject set lastEdited=".$_[0]->{_property}{lastEdited}
+ .", editedBy=".$_[0]->{_property}{editedBy}." where wobjectId=".$_[0]->get("wobjectId"));
+ $_[0]->reorderCollateral($table,$keyName,$setName,$setValue) if ($properties->{sequenceNumber} < 0);
+ return $properties->{$keyName};
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 uiLevel
+
+Returns the UI Level of a wobject. Defaults to "0" for all wobjects. Override to set the UI Level higher for a given wobject.
+
+=cut
+
+sub uiLevel {
+ return 0;
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_approvePost ( )
+
+Sets the status flag on a discussion message to "approved".
+
+=cut
+
+sub www_approvePost {
+ if (WebGUI::Privilege::isInGroup($_[0]->get("groupToModerate"))) {
+ return WebGUI::Discussion::approvePost();
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 www_copy ( )
+
+Copies this instance to the clipboard.
+
+NOTE: Should never need to be overridden or extended.
+
+=cut
+
+sub www_copy {
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ $_[0]->duplicate;
+ return "";
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_createShortcut ( )
+
+Creates a shortcut (using the wobject proxy) of this wobject on the clipboard.
+
+NOTE: Should never need to be overridden or extended.
+
+=cut
+
+sub www_createShortcut {
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ my $w = WebGUI::Wobject::WobjectProxy->new({wobjectId=>"new",namespace=>"WobjectProxy"});
+ $w->set({
+ pageId=>2,
+ templatePosition=>1,
+ title=>$_[0]->getValue("title"),
+ proxiedNamespace=>$_[0]->get("namespace"),
+ proxiedWobjectId=>$_[0]->get("wobjectId"),
+ bufferUserId=>$session{user}{userId},
+ bufferDate=>time(),
+ bufferPrevId=>$session{page}{pageId}
+ });
+ return "";
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_cut ( )
+
+Moves this instance to the clipboard.
+
+=cut
+
+sub www_cut {
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ $_[0]->set({
+ pageId=>2,
+ templatePosition=>1,
+ bufferUserId=>$session{user}{userId},
+ bufferDate=>time(),
+ bufferPrevId=>$session{page}{pageId}
+ });
+ _reorderWobjects($session{page}{pageId});
+ return "";
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_delete ( )
+
+Prompts a user to confirm whether they wish to delete this instance.
+
+=cut
+
+sub www_delete {
+ my ($output);
+ if (WebGUI::Privilege::canEditPage()) {
+ $output = helpIcon(14);
+ $output .= ''.WebGUI::International::get(42).'
';
+ $output .= WebGUI::International::get(43);
+ $output .= '';
+ $output .= '
';
+ return $output;
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_deleteConfirm ( )
+
+Moves this instance to the trash.
+
+=cut
+
+sub www_deleteConfirm {
+ if (WebGUI::Privilege::canEditPage()) {
+ $_[0]->set({pageId=>3, templatePosition=>1,
+ bufferUserId=>$session{user}{userId},
+ bufferDate=>time(),
+ bufferPrevId=>$session{page}{pageId}});
+ WebGUI::ErrorHandler::audit("moved Wobject ".$_[0]->{_property}{wobjectId}." to the trash.");
+ _reorderWobjects($_[0]->get("pageId"));
+ return "";
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_deleteFile ( )
+
+Displays a confirmation message relating to the deletion of a file.
+
+=cut
+
+sub www_deleteFile {
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return $_[0]->confirm(WebGUI::International::get(728),
+ WebGUI::URL::page('func=deleteFileConfirm&wid='.$_[0]->get("wobjectId").'&file='.$session{form}{file}),
+ WebGUI::URL::page('func=edit&wid='.$_[0]->get("wobjectId"))
+ );
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_deleteFileConfirm ( )
+
+Deletes a file from this instance.
+
+=cut
+
+sub www_deleteFileConfirm {
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ $_[0]->set({$session{form}{file}=>''});
+ return $_[0]->www_edit();
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_deleteMessage ( )
+
+Displays a message asking for confirmation to delete a message from a discussion.
+
+=cut
+
+sub www_deleteMessage {
+ if (WebGUI::Discussion::canEditMessage($_[0],$session{form}{mid})) {
+ return WebGUI::Discussion::deleteMessage();
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_deleteMessageConfirm ( )
+
+Deletes a message from a discussion.
+
+=cut
+
+sub www_deleteMessageConfirm {
+ if (WebGUI::Discussion::canEditMessage($_[0],$session{form}{mid})) {
+ return WebGUI::Discussion::deleteMessageConfirm();
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_denyPost ( )
+
+Sets the status flag on a discussion message to "denied".
+
+=cut
+
+sub www_denyPost {
+ if (WebGUI::Privilege::isInGroup($_[0]->get("groupToModerate"))) {
+ return WebGUI::Discussion::denyPost();
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_edit ( [ -properties, -layout, -privileges, -helpId, -heading, -headingId ] )
+
+Displays the common properties of any/all wobjects.
+
+=over
+
+=item -properties, -layout, -privileges
+
+WebGUI::HTMLForm objects that extend these tabs.
+
+=item -helpId
+
+An id in this namespace in the WebGUI help system for this edit page. If specified a help link will be created on the edit page.
+
+=item -heading
+
+A text string to put in the heading of this page.
+
+=item -headingId
+
+An id this namespace of the WebGUI international system. This message will be retrieved and displayed in the heading of this edit page.
+
+=back
+
+=cut
+
+sub www_edit {
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ my ($self, @p) = @_;
+ my ($properties, $layout, $privileges, $heading, $helpId, $headingId) =
+ rearrange([qw(properties layout privileges heading helpId headingId)], @p);
+ my ($f, $startDate, $displayTitle, $templatePosition, $endDate);
+ if ($_[0]->get("wobjectId") eq "new") {
+ $displayTitle = 1;
+ } else {
+ $displayTitle = $_[0]->get("displayTitle");
+ }
+ my $title = $_[0]->get("title") || $_[0]->name;
+ $templatePosition = $_[0]->get("templatePosition") || 1;
+ $startDate = $_[0]->get("startDate") || $session{page}{startDate};
+ $endDate = $_[0]->get("endDate") || $session{page}{endDate};
+ my %tabs;
+ tie %tabs, 'Tie::IxHash';
+ %tabs = (
+ properties=>{
+ label=>WebGUI::International::get(893)
+ },
+ layout=>{
+ label=>WebGUI::International::get(105),
+ uiLevel=>5
+ },
+ privileges=>{
+ label=>WebGUI::International::get(107),
+ uiLevel=>6
+ }
+ );
+ if ($_[0]->{_useDiscussion}) {
+ $tabs{discussion} = {
+ label=>WebGUI::International::get(892),
+ uiLevel=>7
+ };
+ }
+ $f = WebGUI::TabForm->new(\%tabs);
+ $f->hidden({name=>"wid",value=>$_[0]->get("wobjectId")});
+ $f->hidden({name=>"namespace",value=>$_[0]->get("namespace")}) if ($_[0]->get("wobjectId") eq "new");
+ $f->hidden({name=>"func",value=>"editSave"});
+ $f->getTab("properties")->readOnly(
+ -value=>$_[0]->get("wobjectId"),
+ -label=>WebGUI::International::get(499),
+ -uiLevel=>3
+ );
+ $f->getTab("properties")->text("title",WebGUI::International::get(99),$title);
+ $f->getTab("layout")->yesNo(
+ -name=>"displayTitle",
+ -label=>WebGUI::International::get(174),
+ -value=>$displayTitle,
+ -uiLevel=>5
+ );
+ if ($_[0]->{_useTemplate}) {
+ $f->getTab("layout")->template(
+ -value=>$_[0]->getValue("templateId"),
+ -namespace=>$_[0]->get("namespace"),
+ -afterEdit=>'func=edit&wid='.$_[0]->get("wobjectId")
+ );
+ }
+ $f->getTab("layout")->select(
+ -name=>"templatePosition",
+ -label=>WebGUI::International::get(363),
+ -value=>[$templatePosition],
+ -uiLevel=>5,
+ -options=>WebGUI::Page::getTemplatePositions($session{page}{templateId}),
+ -subtext=>WebGUI::Page::drawTemplate($session{page}{templateId})
+ );
+ $f->getTab("privileges")->dateTime(
+ -name=>"startDate",
+ -label=>WebGUI::International::get(497),
+ -value=>$startDate,
+ -uiLevel=>6
+ );
+ $f->getTab("privileges")->dateTime(
+ -name=>"endDate",
+ -label=>WebGUI::International::get(498),
+ -value=>$endDate,
+ -uiLevel=>6
+ );
+ #Added By Frank Dillon - Wobject Privilege
+ my $subtext;
+ if (WebGUI::Privilege::isInGroup(3)) {
+ $subtext = ' '.WebGUI::International::get(7).'';
+ } else {
+ $subtext = "";
+ }
+
+ my $clause;
+ if (WebGUI::Privilege::isInGroup(3)) {
+ my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1);
+ push (@$contentManagers, $session{user}{userId});
+ $clause = "userId in (".join(",",@$contentManagers).")";
+ } else {
+ $clause = "userId=".$_[0]->get("ownerId");
+ }
+ my $users = WebGUI::SQL->buildHashRef("select userId,username from users where $clause order by username");
+ $f->getTab("privileges")->select(
+ -name=>"ownerId",
+ -options=>$users,
+ -label=>WebGUI::International::get(108),
+ -value=>[$_[0]->getValue("ownerId")],
+ -subtext=>$subtext,
+ -uiLevel=>6
+ );
+ if (WebGUI::Privilege::isInGroup(3)) {
+ $subtext = ' '.WebGUI::International::get(5).'';
+ } else {
+ $subtext = "";
+ }
+ $f->getTab("privileges")->group(
+ -name=>"groupIdView",
+ -label=>WebGUI::International::get(872),
+ -value=>[$_[0]->getValue("groupIdView")],
+ -subtext=>$subtext,
+ -uiLevel=>6
+ );
+ $f->getTab("privileges")->group(
+ -name=>"groupIdEdit",
+ -label=>WebGUI::International::get(871),
+ -value=>[$_[0]->getValue("groupIdEdit")],
+ -subtext=>$subtext,
+ -excludeGroups=>[1,7],
+ -uiLevel=>6
+ );
+ #End Frank Dillon Changes
+
+ $f->getTab("properties")->HTMLArea(
+ -name=>"description",
+ -label=>WebGUI::International::get(85),
+ -value=>$_[0]->get("description")
+ );
+ $f->getTab("properties")->raw($properties);
+ $f->getTab("layout")->raw($layout);
+ $f->getTab("privileges")->raw($privileges);
+ if ($_[0]->{_useDiscussion}) {
+ $f->getTab("discussion")->yesNo(
+ -name=>"allowDiscussion",
+ -label=>WebGUI::International::get(894),
+ -value=>$_[0]->get("allowDiscussion"),
+ -uiLevel=>5
+ );
+ $f->getTab("discussion")->raw($_[0]->discussionProperties);
+ }
+ my $output;
+ $output = helpIcon($helpId,$_[0]->get("namespace")) if ($helpId);
+ $heading = WebGUI::International::get($headingId,$_[0]->get("namespace")) if ($headingId);
+ $output .= ''.$heading.'
' if ($heading);
+ return $output.$f->print;
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_editSave ( [ hashRef ] )
+
+Saves the default properties of any/all wobjects.
+
+NOTE: This method should only need to be extended if you need to do some special validation.
+
+=over
+
+=item hashRef
+
+A hash reference of extra properties to set.
+
+=back
+
+=cut
+
+sub www_editSave {
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ my %set;
+ foreach my $key (keys %{$_[0]->{_wobjectProperties}}) {
+ my $temp = WebGUI::FormProcessor::process(
+ $key,
+ $_[0]->{_wobjectProperties}{$key}{fieldType},
+ $_[0]->{_wobjectProperties}{$key}{defaultValue}
+ );
+ $set{$key} = $temp if (defined $temp);
+ }
+ $set{title} = $session{form}{title} || $_[0]->name;
+ foreach my $key (keys %{$_[0]->{_extendedProperties}}) {
+ my $temp = WebGUI::FormProcessor::process(
+ $key,
+ $_[0]->{_extendedProperties}{$key}{fieldType},
+ $_[0]->{_extendedProperties}{$key}{defaultValue}
+ );
+ $set{$key} = $temp if (defined $temp);
+ }
+ %set = (%set, %{$_[1]});
+ $_[0]->set(\%set);
+ return "";
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_lockThread ( )
+
+Locks a discussion thread from the current message down.
+
+=cut
+
+sub www_lockThread {
+ if (WebGUI::Privilege::isInGroup($_[0]->get("groupToModerate"))) {
+ WebGUI::Discussion::lockThread();
+ return $_[0]->www_showMessage;
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_moveBottom ( )
+
+Moves this instance to the bottom of the page.
+
+=cut
+
+sub www_moveBottom {
+ if (WebGUI::Privilege::canEditPage()) {
+ $_[0]->set({sequenceNumber=>99999});
+ _reorderWobjects($_[0]->get("pageId"));
+ return "";
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_moveDown ( )
+
+Moves this instance down one spot on the page.
+
+=cut
+
+sub www_moveDown {
+ my ($wid, $thisSeq);
+ if (WebGUI::Privilege::canEditPage()) {
+ ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$_[0]->get("wobjectId"));
+ ($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$_[0]->get("pageId")
+ ." and sequenceNumber=".($thisSeq+1));
+ if ($wid ne "") {
+ WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=".$_[0]->get("wobjectId"));
+ WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=$wid");
+ _reorderWobjects($_[0]->get("pageId"));
+ }
+ return "";
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_moveTop ( )
+
+Moves this instance to the top of the page.
+
+=cut
+
+sub www_moveTop {
+ if (WebGUI::Privilege::canEditPage()) {
+ $_[0]->set({sequenceNumber=>0});
+ _reorderWobjects($_[0]->get("pageId"));
+ return "";
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_moveUp ( )
+
+Moves this instance up one spot on the page.
+
+=cut
+
+sub www_moveUp {
+ my ($wid, $thisSeq);
+ if (WebGUI::Privilege::canEditPage()) {
+ ($thisSeq) = WebGUI::SQL->quickArray("select sequenceNumber from wobject where wobjectId=".$_[0]->get("wobjectId"));
+ ($wid) = WebGUI::SQL->quickArray("select wobjectId from wobject where pageId=".$_[0]->get("pageId")
+ ." and sequenceNumber=".($thisSeq-1));
+ if ($wid ne "") {
+ WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber-1 where wobjectId=".$_[0]->get("wobjectId"));
+ WebGUI::SQL->write("update wobject set sequenceNumber=sequenceNumber+1 where wobjectId=$wid");
+ _reorderWobjects($_[0]->get("pageId"));
+ }
+ return "";
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_paste ( )
+
+Moves this instance from the clipboard to the current page.
+
+=cut
+
+sub www_paste {
+ my ($output, $nextSeq);
+ if (WebGUI::Privilege::canEditPage()) {
+ ($nextSeq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from wobject where pageId=$session{page}{pageId}");
+ $nextSeq += 1;
+ WebGUI::SQL->write("UPDATE wobject SET "
+ ."pageId=". $session{page}{pageId} .", "
+ ."templatePosition=1, "
+ ."sequenceNumber=". $nextSeq .", "
+ ."bufferUserId=NULL, bufferDate=NULL, bufferPrevId=NULL "
+ ."WHERE wobjectId=". $session{form}{wid} );
+ return "";
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_post ( )
+
+Displays a discussion message post form.
+
+=cut
+
+sub www_post {
+ if (WebGUI::Privilege::isInGroup($_[0]->get("groupToPost"))) {
+ return WebGUI::Discussion::post($_[0]);
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_post ( )
+
+Saves a message post to a discussion.
+
+=cut
+
+sub www_postSave {
+ if (WebGUI::Privilege::isInGroup($_[0]->get("groupToPost"))) {
+ WebGUI::Discussion::postSave($_[0]);
+ return $_[0]->www_showMessage();
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_search ( )
+
+Searches an attached discussion.
+
+=cut
+
+sub www_search {
+ return WebGUI::Discussion::search();
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_showMessage ( [menuItem] )
+
+Shows a message from a discussion.
+
+=over
+
+=item menuItem
+
+You can optionally extend this method by passing in an HTML string of menu items to be added to the menu of this display.
+
+=back
+
+=cut
+
+sub www_showMessage {
+ my ($output, $defaultMid);
+ ($defaultMid) = WebGUI::SQL->quickArray("select min(messageId) from discussion where wobjectId=".$_[0]->get("wobjectId"));
+ $session{form}{mid} = $session{form}{mid} || $defaultMid || 0;
+ $output = WebGUI::Discussion::showMessage($_[1],$_[0]);
+ $output .= WebGUI::Discussion::showReplyTree($_[0]);
+ return $output;
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_subscribeToThread ( )
+
+Subscribes the current user to a specified discussion thread.
+
+=cut
+
+sub www_subscribeToThread {
+ WebGUI::Discussion::subscribeToThread();
+ return $_[0]->www_showMessage();
+}
+
+
+#-------------------------------------------------------------------
+
+=head2 www_unlockThread ( )
+
+Unlocks a discussion thread from the current message on down.
+
+=cut
+
+sub www_unlockThread {
+ if (WebGUI::Privilege::isInGroup($_[0]->get("groupToModerate"))) {
+ WebGUI::Discussion::unlockThread();
+ return $_[0]->www_showMessage;
+ } else {
+ return WebGUI::Privilege::insufficient();
+ }
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_subscribeToThread ( )
+
+Unsubscribes the current user from a specified discussion thread.
+
+=cut
+
+sub www_unsubscribeFromThread {
+ WebGUI::Discussion::unsubscribeFromThread();
+ return $_[0]->www_showMessage();
+}
+
+#-------------------------------------------------------------------
+
+=head2 www_view ( )
+
+The default display mechanism for any wobject. This web method MUST be overridden.
+
+=cut
+
+sub www_view {
+ my ($output);
+ $output = $_[0]->displayTitle;
+ $output .= $_[0]->description;
+ return $output;
+}
+
+1;
diff --git a/lib/WebGUI/Wobject/DataForm.pm b/lib/WebGUI/Wobject/DataForm.pm
index 759af3506..ad9e4654e 100644
--- a/lib/WebGUI/Wobject/DataForm.pm
+++ b/lib/WebGUI/Wobject/DataForm.pm
@@ -161,7 +161,7 @@ sub getRecordTemplateVars {
my $self = shift;
my $var = shift;
$var->{error_loop} = [] unless (exists $var->{error_loop});
- $var->{canEdit} = (WebGUI::Privilege::canEditPage());
+ $var->{canEdit} = (WebGUI::Privilege::canEditWobject($self->get("wobjectId")));
$var->{"entryList.url"} = WebGUI::URL::page('func=view&entryId=list&wid='.$self->get("wobjectId"));
$var->{"entryList.label"} = WebGUI::International::get(86,$self->get("namespace"));
$var->{"export.tab.url"} = WebGUI::URL::page('func=exportTab&wid='.$self->get("wobjectId"));
@@ -311,14 +311,14 @@ sub uiLevel {
#-------------------------------------------------------------------
sub www_deleteField {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(WebGUI::International::get(19,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteFieldConfirm&wid='.$_[0]->get("wobjectId").'&fid='.$session{form}{fid}));
}
#-------------------------------------------------------------------
sub www_deleteFieldConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->deleteCollateral("DataForm_field","DataForm_fieldId",$session{form}{fid});
$_[0]->reorderCollateral("DataForm_field","DataForm_fieldId");
return "";
@@ -378,7 +378,7 @@ sub www_edit {
#-------------------------------------------------------------------
sub www_editSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->SUPER::www_editSave();
if ($session{form}{wid} eq "new") {
$_[0]->setCollateral("DataForm_field","DataForm_fieldId",{
@@ -437,7 +437,7 @@ sub www_editSave {
#-------------------------------------------------------------------
sub www_editField {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, %field, $f, %fieldStatus);
tie %field, 'Tie::CPHash';
tie %fieldStatus, 'Tie::IxHash';
@@ -523,7 +523,7 @@ sub www_editField {
#-------------------------------------------------------------------
sub www_editFieldSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$session{form}{name} = $session{form}{label} if ($session{form}{name} eq "");
$_[0]->setCollateral("DataForm_field","DataForm_fieldId",{
DataForm_fieldId=>$session{form}{fid},
@@ -546,7 +546,7 @@ sub www_editFieldSave {
#-------------------------------------------------------------------
sub www_exportTab {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$session{header}{filename} = WebGUI::URL::urlize($_[0]->get("title")).".tab";
$session{header}{mimetype} = "text/plain";
my @fields = WebGUI::SQL->buildArray("select name from DataForm_field where wobjectId=".$_[0]->get("wobjectId")." order by sequenceNumber");
@@ -569,14 +569,14 @@ sub www_exportTab {
#-------------------------------------------------------------------
sub www_moveFieldDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralDown("DataForm_field","DataForm_fieldId",$session{form}{fid});
return "";
}
#-------------------------------------------------------------------
sub www_moveFieldUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralUp("DataForm_field","DataForm_fieldId",$session{form}{fid});
return "";
}
@@ -640,7 +640,7 @@ sub www_process {
sub www_view {
my $var;
$var->{entryId} = $session{form}{entryId};
- if ($var->{entryId} eq "list" && WebGUI::Privilege::canEditPage()) {
+ if ($var->{entryId} eq "list" && WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"))) {
return $_[0]->processTemplate($_[0]->get("listTemplateId"),$_[0]->getListTemplateVars,"DataForm/List");
}
$var = $_[1] || $_[0]->getRecordTemplateVars($var);
diff --git a/lib/WebGUI/Wobject/EventsCalendar.pm b/lib/WebGUI/Wobject/EventsCalendar.pm
index d3bc8e734..2738913d7 100644
--- a/lib/WebGUI/Wobject/EventsCalendar.pm
+++ b/lib/WebGUI/Wobject/EventsCalendar.pm
@@ -51,7 +51,7 @@ sub _drawBigCalendar {
$calendar->monthname(WebGUI::DateTime::getMonthName($calendar->month));
$calendar->header(''.$calendar->monthname.' '.$calendar->year.'
');
($start,$end) = monthStartEnd($_[1]);
- my $canEdit = ($session{var}{adminOn} && WebGUI::Privilege::canEditPage());
+ my $canEdit = ($session{var}{adminOn} && WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$sth = WebGUI::SQL->read("select * from EventsCalendar_event where wobjectId="
.$_[0]->get("wobjectId")." order by startDate,endDate");
while (%event = $sth->hash) {
@@ -195,7 +195,7 @@ sub purge {
#-------------------------------------------------------------------
sub www_deleteEvent {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output);
$output = ''.WebGUI::International::get(42).'
';
$output .= WebGUI::International::get(75,$_[0]->get("namespace")).'';
@@ -212,7 +212,7 @@ sub www_deleteEvent {
#-------------------------------------------------------------------
sub www_deleteEventConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
if ($session{form}{rid} > 0) {
$_[0]->deleteCollateral("EventsCalendar_event","EventsCalendar_recurringId",$session{form}{rid});
} else {
@@ -305,7 +305,7 @@ sub www_editSave {
#-------------------------------------------------------------------
sub www_editEvent {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my (%recursEvery, $special, $output, $f, %event);
tie %event, 'Tie::CPHash';
tie %recursEvery, 'Tie::IxHash';
@@ -369,7 +369,7 @@ sub www_editEvent {
#-------------------------------------------------------------------
sub www_editEventSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my (@startDate, @endDate, $until, @eventId, $i, $recurringEventId);
$startDate[0] = WebGUI::FormProcessor::dateTime("startDate");
$startDate[0] = time() unless ($startDate[0] > 0);
@@ -542,7 +542,7 @@ sub www_viewEvent {
$var{"start.date"} = epochToHuman($event{startDate},"%z");
$var{"end.label"} = WebGUI::International::get(15,$_[0]->get("namespace"));
$var{"end.date"} = epochToHuman($event{endDate},"%z");
- $var{canEdit} = WebGUI::Privilege::canEditPage();
+ $var{canEdit} = WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"));
$var{"edit.url"} = WebGUI::URL::page('func=editEvent&eid='.$session{form}{eid}.'&wid='.$session{form}{wid});
$var{"edit.label"} = WebGUI::International::get(575);
$var{"delete.url"} = WebGUI::URL::page('func=deleteEvent&eid='.$session{form}{eid}.'&wid='
diff --git a/lib/WebGUI/Wobject/ExtraColumn.pm b/lib/WebGUI/Wobject/ExtraColumn.pm
index 406bdda51..ad8f41d5c 100644
--- a/lib/WebGUI/Wobject/ExtraColumn.pm
+++ b/lib/WebGUI/Wobject/ExtraColumn.pm
@@ -60,7 +60,7 @@ sub uiLevel {
#-------------------------------------------------------------------
sub www_edit {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, $f);
$output = helpIcon(1,$_[0]->get("namespace"));
$output .= ''.WebGUI::International::get(6,$_[0]->get("namespace")).'
';
diff --git a/lib/WebGUI/Wobject/FAQ.pm b/lib/WebGUI/Wobject/FAQ.pm
index 4c8ee7ba3..4233721cc 100644
--- a/lib/WebGUI/Wobject/FAQ.pm
+++ b/lib/WebGUI/Wobject/FAQ.pm
@@ -63,14 +63,14 @@ sub purge {
#-------------------------------------------------------------------
sub www_deleteQuestion {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(WebGUI::International::get(7,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteQuestionConfirm&wid='.$_[0]->get("wobjectId").'&qid='.$session{form}{qid}));
}
#-------------------------------------------------------------------
sub www_deleteQuestionConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->deleteCollateral("FAQ_question","FAQ_questionId",$session{form}{qid});
$_[0]->reorderCollateral("FAQ_question","FAQ_questionId");
return "";
@@ -107,7 +107,7 @@ sub www_editSave {
#-------------------------------------------------------------------
sub www_editQuestion {
my ($output, $question, $f);
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$question = $_[0]->getCollateral("FAQ_question","FAQ_questionId",$session{form}{qid});
$output = helpIcon(2,$_[0]->get("namespace"));
$output .= ''.WebGUI::International::get(10,$_[0]->get("namespace")).'
';
@@ -141,7 +141,7 @@ sub www_editQuestion {
#-------------------------------------------------------------------
sub www_editQuestionSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->setCollateral("FAQ_question", "FAQ_questionId", {
FAQ_questionId => $session{form}{qid},
question => $session{form}{question},
@@ -156,14 +156,14 @@ sub www_editQuestionSave {
#-------------------------------------------------------------------
sub www_moveQuestionDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralDown("FAQ_question","FAQ_questionId",$session{form}{qid});
return "";
}
#-------------------------------------------------------------------
sub www_moveQuestionUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralUp("FAQ_question","FAQ_questionId",$session{form}{qid});
return "";
}
diff --git a/lib/WebGUI/Wobject/FileManager.pm b/lib/WebGUI/Wobject/FileManager.pm
index ff6927e68..563c92700 100644
--- a/lib/WebGUI/Wobject/FileManager.pm
+++ b/lib/WebGUI/Wobject/FileManager.pm
@@ -93,7 +93,7 @@ sub uiLevel {
#-------------------------------------------------------------------
sub www_deleteFile {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->setCollateral("FileManager_file","FileManager_fileId",
{$session{form}{file}=>'',FileManager_fileId=>$session{form}{did}},0,0);
return $_[0]->www_editDownload();
@@ -101,14 +101,14 @@ sub www_deleteFile {
#-------------------------------------------------------------------
sub www_deleteDownload {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(WebGUI::International::get(12,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteDownloadConfirm&wid='.$session{form}{wid}.'&did='.$session{form}{did}));
}
#-------------------------------------------------------------------
sub www_deleteDownloadConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, $file);
$file = WebGUI::Attachment->new("",$session{form}{wid},$session{form}{did});
$file->deleteNode;
@@ -171,7 +171,7 @@ sub www_edit {
#-------------------------------------------------------------------
sub www_editSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->SUPER::www_editSave();
if ($session{form}{proceed} eq "addFile") {
$session{form}{did} = "new";
@@ -183,7 +183,7 @@ sub www_editSave {
#-------------------------------------------------------------------
sub www_editDownload {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, $file, $f);
$file = $_[0]->getCollateral("FileManager_file","FileManager_fileId",$session{form}{did});
$output .= helpIcon(2,$_[0]->get("namespace"));
@@ -232,7 +232,7 @@ sub www_editDownload {
#-------------------------------------------------------------------
sub www_editDownloadSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($file, %files);
$files{FileManager_fileId} = $_[0]->setCollateral("FileManager_file", "FileManager_fileId", {
FileManager_fileId => $session{form}{did},
@@ -269,7 +269,7 @@ sub www_editDownloadSave {
#-------------------------------------------------------------------
sub www_moveDownloadDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sortDirection","-delete-");
WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sort","-delete-");
$_[0]->moveCollateralUp("FileManager_file","FileManager_fileId",$session{form}{did});
@@ -278,7 +278,7 @@ sub www_moveDownloadDown {
#-------------------------------------------------------------------
sub www_moveDownloadUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sortDirection","-delete-");
WebGUI::Session::setScratch($_[0]->get("namespace").".".$_[0]->get("wobjectId").".sort","-delete-");
$_[0]->moveCollateralDown("FileManager_file","FileManager_fileId",$session{form}{did});
diff --git a/lib/WebGUI/Wobject/Item.pm b/lib/WebGUI/Wobject/Item.pm
index f5ca735af..14d773b3f 100644
--- a/lib/WebGUI/Wobject/Item.pm
+++ b/lib/WebGUI/Wobject/Item.pm
@@ -70,7 +70,7 @@ sub www_edit {
#-------------------------------------------------------------------
sub www_editSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($attachment, $property);
$_[0]->SUPER::www_editSave() if ($_[0]->get("wobjectId") eq "new");
$attachment = WebGUI::Attachment->new("",$_[0]->get("wobjectId"));
diff --git a/lib/WebGUI/Wobject/LinkList.pm b/lib/WebGUI/Wobject/LinkList.pm
index e000125b2..4d1882ef3 100644
--- a/lib/WebGUI/Wobject/LinkList.pm
+++ b/lib/WebGUI/Wobject/LinkList.pm
@@ -64,14 +64,14 @@ sub purge {
#-------------------------------------------------------------------
sub www_deleteLink {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(WebGUI::International::get(9,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteLinkConfirm&wid='.$session{form}{wid}.'&lid='.$session{form}{lid}));
}
#-------------------------------------------------------------------
sub www_deleteLinkConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->deleteCollateral("LinkList_link","LinkList_linkId",$session{form}{lid});
$_[0]->reorderCollateral("LinkList_link","LinkList_linkId");
return "";
@@ -98,7 +98,7 @@ sub www_edit {
#-------------------------------------------------------------------
sub www_editSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->SUPER::www_editSave();
if ($session{form}{proceed} eq "addLink") {
$session{form}{lid} = "new";
@@ -110,7 +110,7 @@ sub www_editSave {
#-------------------------------------------------------------------
sub www_editLink {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, $link, $f, $linkId, $newWindow);
$link = $_[0]->getCollateral("LinkList_link", "LinkList_linkId",$session{form}{lid});
if ($link->{LinkList_linkId} eq "new") {
@@ -145,7 +145,7 @@ sub www_editLink {
#-------------------------------------------------------------------
sub www_editLinkSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->setCollateral("LinkList_link", "LinkList_linkId", {
LinkList_linkId => $session{form}{lid},
description => $session{form}{description},
@@ -164,14 +164,14 @@ sub www_editLinkSave {
#-------------------------------------------------------------------
sub www_moveLinkDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralDown("LinkList_link","LinkList_linkId",$session{form}{lid});
return "";
}
#-------------------------------------------------------------------
sub www_moveLinkUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralUp("LinkList_link","LinkList_linkId",$session{form}{lid});
return "";
}
@@ -181,7 +181,7 @@ sub www_view {
my (%var, @linkloop, $controls, $link, $sth);
$var{"addlink.url"} = WebGUI::URL::page('func=editLink&lid=new&wid='.$_[0]->get("wobjectId"));
$var{"addlink.label"} = WebGUI::International::get(13,$_[0]->get("namespace"));
- $var{canEdit} = WebGUI::Privilege::canEditPage();
+ $var{canEdit} = WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId"));
$sth = WebGUI::SQL->read("select * from LinkList_link where wobjectId=".$_[0]->get("wobjectId")."
order by sequenceNumber");
while ($link = $sth->hashRef) {
diff --git a/lib/WebGUI/Wobject/Poll.pm b/lib/WebGUI/Wobject/Poll.pm
index 3a8ff6b82..dd334f657 100644
--- a/lib/WebGUI/Wobject/Poll.pm
+++ b/lib/WebGUI/Wobject/Poll.pm
@@ -185,7 +185,7 @@ sub www_editSave {
#-------------------------------------------------------------------
sub www_resetVotes {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->deleteCollateral("Poll_answer","wobjectId",$_[0]->get("wobjectId"));
return "";
}
diff --git a/lib/WebGUI/Wobject/Product.pm b/lib/WebGUI/Wobject/Product.pm
index d518dff90..2e640b7ec 100644
--- a/lib/WebGUI/Wobject/Product.pm
+++ b/lib/WebGUI/Wobject/Product.pm
@@ -115,7 +115,7 @@ sub purge {
#-------------------------------------------------------------------
sub www_addAccessory {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, $f, $accessory, @usedAccessories);
$output = helpIcon(4,$_[0]->get("namespace"));
$output .= ''.WebGUI::International::get(16,$_[0]->get("namespace")).'
';
@@ -136,7 +136,7 @@ sub www_addAccessory {
#-------------------------------------------------------------------
sub www_addAccessorySave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($seq);
($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from Product_accessory
where wobjectId=".$_[0]->get("wobjectId"));
@@ -151,7 +151,7 @@ sub www_addAccessorySave {
#-------------------------------------------------------------------
sub www_addRelated {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, $f, $related, @usedRelated);
$output = helpIcon(5,$_[0]->get("namespace"));
$output .= ''.WebGUI::International::get(19,$_[0]->get("namespace")).'
';
@@ -172,7 +172,7 @@ sub www_addRelated {
#-------------------------------------------------------------------
sub www_addRelatedSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($seq);
($seq) = WebGUI::SQL->quickArray("select max(sequenceNumber) from Product_related
where wobjectId=".$_[0]->get("wobjectId"));
@@ -187,7 +187,7 @@ sub www_addRelatedSave {
#-------------------------------------------------------------------
sub www_deleteAccessory {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(
WebGUI::International::get(2,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteAccessoryConfirm&wid='.$_[0]->get("wobjectId").'&aid='.$session{form}{aid})
@@ -196,7 +196,7 @@ sub www_deleteAccessory {
#-------------------------------------------------------------------
sub www_deleteAccessoryConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
WebGUI::SQL->write("delete from Product_accessory where wobjectId=$session{form}{wid} and accessoryWobjectId=$session{form}{aid}");
$_[0]->reorderCollateral("Product_accessory","accessoryWobjectId");
return "";
@@ -204,7 +204,7 @@ sub www_deleteAccessoryConfirm {
#-------------------------------------------------------------------
sub www_deleteBenefit {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(
WebGUI::International::get(48,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteBenefitConfirm&wid='.$_[0]->get("wobjectId").'&bid='.$session{form}{bid})
@@ -213,7 +213,7 @@ sub www_deleteBenefit {
#-------------------------------------------------------------------
sub www_deleteBenefitConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->deleteCollateral("Product_benefit","Product_benefitId",$session{form}{bid});
$_[0]->reorderCollateral("Product_benefit","Product_benefitId");
return "";
@@ -221,7 +221,7 @@ sub www_deleteBenefitConfirm {
#-------------------------------------------------------------------
sub www_deleteFeature {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(
WebGUI::International::get(3,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteFeatureConfirm&wid='.$_[0]->get("wobjectId").'&fid='.$session{form}{fid})
@@ -230,7 +230,7 @@ sub www_deleteFeature {
#-------------------------------------------------------------------
sub www_deleteFeatureConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->deleteCollateral("Product_feature","Product_featureId",$session{form}{fid});
$_[0]->reorderCollateral("Product_feature","Product_featureId");
return "";
@@ -238,7 +238,7 @@ sub www_deleteFeatureConfirm {
#-------------------------------------------------------------------
sub www_deleteRelated {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(
WebGUI::International::get(4,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteRelatedConfirm&wid='.$_[0]->get("wobjectId").'&rid='.$session{form}{rid})
@@ -247,7 +247,7 @@ sub www_deleteRelated {
#-------------------------------------------------------------------
sub www_deleteRelatedConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
WebGUI::SQL->write("delete from Product_related where wobjectId=$session{form}{wid} and relatedWobjectId=$session{form}{rid}");
$_[0]->reorderCollateral("Product_related","relatedWobjectId");
return "";
@@ -255,7 +255,7 @@ sub www_deleteRelatedConfirm {
#-------------------------------------------------------------------
sub www_deleteSpecification {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(
WebGUI::International::get(5,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteSpecificationConfirm&wid='.$_[0]->get("wobjectId").'&sid='.$session{form}{sid})
@@ -264,7 +264,7 @@ sub www_deleteSpecification {
#-------------------------------------------------------------------
sub www_deleteSpecificationConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->deleteCollateral("Product_specification","Product_specificationId",$session{form}{sid});
$_[0]->reorderCollateral("Product_specification","Product_specificationId");
return "";
@@ -298,7 +298,7 @@ sub www_edit {
#-------------------------------------------------------------------
sub www_editSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($file, %property);
$_[0]->SUPER::www_editSave() if ($_[0]->get("wobjectId") eq "new");
$file = WebGUI::Attachment->new("",$_[0]->get("wobjectId"));
@@ -325,7 +325,7 @@ sub www_editSave {
#-------------------------------------------------------------------
sub www_editBenefit {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, $data, $f, $benefits);
$data = $_[0]->getCollateral("Product_benefit","Product_benefitId",$session{form}{bid});
$output = helpIcon(6,$_[0]->get("namespace"));
@@ -344,7 +344,7 @@ sub www_editBenefit {
#-------------------------------------------------------------------
sub www_editBenefitSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$session{form}{benefit} = $session{form}{benefit_new} if ($session{form}{benefit_new} ne "");
$_[0]->setCollateral("Product_benefit", "Product_benefitId", {
Product_benefitId => $session{form}{bid},
@@ -360,7 +360,7 @@ sub www_editBenefitSave {
#-------------------------------------------------------------------
sub www_editFeature {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, $data, $f, $features);
$data = $_[0]->getCollateral("Product_feature","Product_featureId",$session{form}{fid});
$output = helpIcon(2,$_[0]->get("namespace"));
@@ -379,7 +379,7 @@ sub www_editFeature {
#-------------------------------------------------------------------
sub www_editFeatureSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$session{form}{feature} = $session{form}{feature_new} if ($session{form}{feature_new} ne "");
$_[0]->setCollateral("Product_feature", "Product_featureId", {
Product_featureId => $session{form}{fid},
@@ -395,7 +395,7 @@ sub www_editFeatureSave {
#-------------------------------------------------------------------
sub www_editSpecification {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, $data, $f, $hashRef);
$data = $_[0]->getCollateral("Product_specification","Product_specificationId",$session{form}{sid});
$output = helpIcon(3,$_[0]->get("namespace"));
@@ -417,7 +417,7 @@ sub www_editSpecification {
#-------------------------------------------------------------------
sub www_editSpecificationSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$session{form}{name} = $session{form}{name_new} if ($session{form}{name_new} ne "");
$session{form}{units} = $session{form}{units_new} if ($session{form}{units_new} ne "");
$_[0]->setCollateral("Product_specification", "Product_specificationId", {
@@ -436,70 +436,70 @@ sub www_editSpecificationSave {
#-------------------------------------------------------------------
sub www_moveAccessoryDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralDown("Product_related","accessoryWobjectId",$session{form}{aid});
return "";
}
#-------------------------------------------------------------------
sub www_moveAccessoryUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralUp("Product_accessory","accessoryWobjectId",$session{form}{aid});
return "";
}
#-------------------------------------------------------------------
sub www_moveBenefitDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralDown("Product_benefit","Product_benefitId",$session{form}{bid});
return "";
}
#-------------------------------------------------------------------
sub www_moveBenefitUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralUp("Product_benefit","Product_benefitId",$session{form}{bid});
return "";
}
#-------------------------------------------------------------------
sub www_moveFeatureDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralDown("Product_feature","Product_featureId",$session{form}{fid});
return "";
}
#-------------------------------------------------------------------
sub www_moveFeatureUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralUp("Product_feature","Product_featureId",$session{form}{fid});
return "";
}
#-------------------------------------------------------------------
sub www_moveRelatedDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralDown("Product_related","relatedWobjectId",$session{form}{rid});
return "";
}
#-------------------------------------------------------------------
sub www_moveRelatedUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralUp("Product_related","relatedWobjectId",$session{form}{rid});
return "";
}
#-------------------------------------------------------------------
sub www_moveSpecificationDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralDown("Product_specification","Product_specificationId",$session{form}{sid});
return "";
}
#-------------------------------------------------------------------
sub www_moveSpecificationUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralUp("Product_specification","Product_specificationId",$session{form}{sid});
return "";
}
diff --git a/lib/WebGUI/Wobject/Survey.pm b/lib/WebGUI/Wobject/Survey.pm
index 8a2ff28a7..1ef80068b 100644
--- a/lib/WebGUI/Wobject/Survey.pm
+++ b/lib/WebGUI/Wobject/Survey.pm
@@ -151,7 +151,7 @@ sub uiLevel {
#-------------------------------------------------------------------
sub www_deleteAnswer {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(WebGUI::International::get(45,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteAnswerConfirm&wid='.$_[0]->get("wobjectId").'&aid='
.$session{form}{aid}.'&qid='.$session{form}{qid}));
@@ -159,7 +159,7 @@ sub www_deleteAnswer {
#-------------------------------------------------------------------
sub www_deleteAnswerConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
WebGUI::SQL->write("delete from Survey_response where Survey_answerId=$session{form}{aid}");
$_[0]->deleteCollateral("Survey_answer","Survey_answerId",$session{form}{aid});
$_[0]->reorderCollateral("Survey_answer","Survey_answerId","Survey_id");
@@ -168,14 +168,14 @@ sub www_deleteAnswerConfirm {
#-------------------------------------------------------------------
sub www_deleteQuestion {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
return $_[0]->confirm(WebGUI::International::get(44,$_[0]->get("namespace")),
WebGUI::URL::page('func=deleteQuestionConfirm&wid='.$_[0]->get("wobjectId").'&qid='.$session{form}{qid}));
}
#-------------------------------------------------------------------
sub www_deleteQuestionConfirm {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
WebGUI::SQL->write("delete from Survey_answer where Survey_questionId=$session{form}{qid}");
WebGUI::SQL->write("delete from Survey_response where Survey_questionId=$session{form}{qid}");
$_[0]->deleteCollateral("Survey_question","Survey_questionId",$session{form}{qid});
@@ -285,7 +285,7 @@ sub www_edit {
#-------------------------------------------------------------------
sub www_editSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->SUPER::www_editSave();
if ($session{form}{proceed} eq "addQuestion") {
$session{form}{qid} = "new";
@@ -296,7 +296,7 @@ sub www_editSave {
#-------------------------------------------------------------------
sub www_editAnswer {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($question, $output, $f, $answer);
$answer = $_[0]->getCollateral("Survey_answer","Survey_answerId",$session{form}{aid});
$output = ''.WebGUI::International::get(18,$_[0]->get("namespace")).'
';
@@ -350,7 +350,7 @@ sub www_editAnswer {
#-------------------------------------------------------------------
sub www_editAnswerSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->setCollateral("Survey_answer", "Survey_answerId", {
Survey_answerId => $session{form}{aid},
Survey_questionId => $session{form}{qid},
@@ -372,7 +372,7 @@ sub www_editAnswerSave {
#-------------------------------------------------------------------
sub www_editQuestion {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
my ($output, $f, $question, $answerFieldType, $sth, %data);
tie %data, 'Tie::CPHash';
$question = $_[0]->getCollateral("Survey_question","Survey_questionId",$session{form}{qid});
@@ -440,7 +440,7 @@ sub www_editQuestion {
#-------------------------------------------------------------------
sub www_editQuestionSave {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$session{form}{qid} = $_[0]->setCollateral("Survey_question", "Survey_questionId", {
question=>$session{form}{question},
Survey_questionId=>$session{form}{qid},
@@ -520,28 +520,28 @@ sub www_exportResponses {
#-------------------------------------------------------------------
sub www_moveAnswerDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralDown("Survey_answer","Survey_answerId",$session{form}{aid},"Survey_id");
return $_[0]->www_editQuestion;
}
#-------------------------------------------------------------------
sub www_moveAnswerUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralUp("Survey_answer","Survey_answerId",$session{form}{aid},"Survey_id");
return $_[0]->www_editQuestion;
}
#-------------------------------------------------------------------
sub www_moveQuestionDown {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralDown("Survey_question","Survey_questionId",$session{form}{qid},"Survey_id");
return $_[0]->www_edit;
}
#-------------------------------------------------------------------
sub www_moveQuestionUp {
- return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditPage());
+ return WebGUI::Privilege::insufficient() unless (WebGUI::Privilege::canEditWobject($_[0]->get("wobjectId")));
$_[0]->moveCollateralUp("Survey_question","Survey_questionId",$session{form}{qid},"Survey_id");
return $_[0]->www_edit;
}