fix #11964 files show in trash and old revisions

2010-11-16 17:54:08 -06:00 · 2010-11-16 17:54:08 -06:00 · 55920f59e0
commit 55920f59e0
parent 336075784c
5 changed files with 224 additions and 34 deletions
--- a/lib/WebGUI/Asset/File.pm
+++ b/lib/WebGUI/Asset/File.pm
@ -92,6 +92,24 @@ sub setPrivileges {
    );
 }

+#----------------------------------------------------------------------------
+
+=head2 commit ( )
+
+Override commit to remove all privileges for previous revisions' storage 
+locations
+
+=cut
+
+sub commit {
+    my ( $self, @args ) = @_;
+
+    for my $rev ( grep { $_->get("revisionDate") < $self->get("revisionDate") } @{$self->getRevisions} ) {
+        $rev->getStorageLocation->trash;
+    }
+
+    return $self->SUPER::commit( @args );
+}

 #-------------------------------------------------------------------

@ -430,7 +448,6 @@ sub processPropertiesFromFormPost {
    return undef;
 }

-
 #-------------------------------------------------------------------

 =head2 purge 
@ -479,6 +496,20 @@ sub purgeRevision {

 #----------------------------------------------------------------------------

+=head2 restore ( )
+
+Override trash restore to restore storage location
+
+=cut
+
+sub restore {
+    my ( $self, @args ) = @_;
+    $self->setPrivileges;
+    return $self->SUPER::restore( @args );
+}
+
+#----------------------------------------------------------------------------
+
 =head2 setFile ( [pathtofile] )

 Tells the asset to do all the postprocessing on the file (setting privs, thubnails, or whatever).
@ -561,6 +592,23 @@ sub setStorageLocation {
    }
 }

+#----------------------------------------------------------------------------
+
+=head2 trash ( )
+
+Override to put the attached file in the trash too
+
+=cut
+
+sub trash {
+    my ( $self, @args ) = @_;
+    my $return = $self->SUPER::trash( @args );
+
+    $self->getStorageLocation->trash;
+
+    return $return;
+}
+
 #-------------------------------------------------------------------

 =head2 update
--- a/lib/WebGUI/Storage.pm
+++ b/lib/WebGUI/Storage.pm
@ -1706,36 +1706,7 @@ sub setPrivileges {
        }
    }

-    my $public;
-    for my $user (@{ $privs{users} }) {
-        if ($user eq '1') {
-            $public = 1;
-        }
-    }
-    for my $group (@{ $privs{groups} }) {
-        if ($group eq '1' || $group eq '7') {
-            $public = 1;
-        }
-    }
-    my $accessFile = JSON->new->encode( \%privs );
-
-    my $dirObj = $self->getPathClassDir();
-    return undef if ! defined $dirObj;
-    $dirObj->recurse(
-        callback => sub {
-            my $obj = shift;
-            return unless $obj->is_dir;
-            my $rel = $obj->relative($dirObj);
-
-            if ($public) {
-                $self->deleteFile($rel->file('.wgaccess')->stringify);
-            }
-            else {
-                $self->addFileFromScalar($rel->file('.wgaccess')->stringify, $accessFile);
-            }
-        }
-    );
-
+    return $self->writeAccess( %privs );
 }


@ -1810,6 +1781,19 @@ sub tar {
    return $temp;
 }

+#----------------------------------------------------------------------------
+
+=head2 trash ( )
+
+Set this storage location as trashed
+
+=cut
+
+sub trash {
+    my ( $self ) = @_;
+    return $self->writeAccess( state => "trash" );
+}
+
 #-------------------------------------------------------------------

 =head2 untar ( filename [, storage ] )
@ -1869,5 +1853,64 @@ sub getDirectoryId {
    return $self->{_pathParts}[2];
 }

+#----------------------------------------------------------------------------
+
+=head2 writeAccess( pairs )
+
+Write the given pairs to the wgaccess files in this storage location.
+
+If the storage location should be public, will remove all wgaccess files.
+
+Possible keys:
+
+ users      - an arrayref of userIds to allow access to
+ groups     - an arrayref of groupIds to allow access to
+ assets     - an arrayref of assetIds to validate permissions against
+ state      - a string describing a special state.
+                valid values: "trash" - storage location is trashed
+
+
+=cut
+
+sub writeAccess {
+    my ( $self, %privs ) = @_;
+
+    my $public;
+    if ( $privs{users} ) {
+        for my $user (@{ $privs{users} }) {
+            if ($user eq '1') {
+                $public = 1;
+            }
+        }
+    }
+    if ( $privs{groups} ) {
+        for my $group (@{ $privs{groups} }) {
+            if ($group eq '1' || $group eq '7') {
+                $public = 1;
+            }
+        }
+    }
+    my $accessFile = JSON->new->encode( \%privs );
+
+    my $dirObj = $self->getPathClassDir();
+    return undef if ! defined $dirObj;
+    $dirObj->recurse(
+        callback => sub {
+            my $obj = shift;
+            return unless $obj->is_dir;
+            my $rel = $obj->relative($dirObj);
+
+            if ($public) {
+                $self->deleteFile($rel->file('.wgaccess')->stringify);
+            }
+            else {
+                $self->addFileFromScalar($rel->file('.wgaccess')->stringify, $accessFile);
+            }
+        }
+    );
+
+    return;
+}
+
 1;

--- a/lib/WebGUI/URL/Uploads.pm
+++ b/lib/WebGUI/URL/Uploads.pm
@ -15,7 +15,7 @@ package WebGUI::URL::Uploads;
 =cut

 use strict;
-use Apache2::Const -compile => qw(OK DECLINED NOT_FOUND AUTH_REQUIRED);
+use Apache2::Const -compile => qw(OK DECLINED NOT_FOUND AUTH_REQUIRED FORBIDDEN);
 use WebGUI::Session;

 =head1 NAME
@ -61,6 +61,7 @@ sub handler {
        my @users;
        my @groups;
        my @assets;
+        my $state;
        if ($fileContents =~ /\A(?:\d+|[A-Za-z0-9_-]{22})\n(?:\d+|[A-Za-z0-9_-]{22})\n(?:\d+|[A-Za-z0-9_-]{22})/) {
            my @privs = split("\n", $fileContents);
            push @users, $privs[0];
@ -71,8 +72,12 @@ sub handler {
            @users = @{ $privs->{users} };
            @groups = @{ $privs->{groups} };
            @assets = @{ $privs->{assets} };
+            $state  = $privs->{state};
        }

+        return Apache2::Const::FORBIDDEN
+            if $state eq "trash";
+
        return Apache2::Const::OK
            if grep { $_ eq '1' } @users;