action.php 22 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581
  1. <?php
  2. global $_,$conf;
  3. //Récuperation d'une liste de element
  4. Action::register('document_element_search',function(&$response){
  5. global $myUser,$_,$conf;
  6. User::check_access('document','read');
  7. require_once(__DIR__.SLASH.'Element.class.php');
  8. //recherche par libellé
  9. if(!empty($_['keyword'])){
  10. $query = 'SELECT * FROM {{table}} WHERE 1';
  11. $data = $elements = array();
  12. $query .= ' AND label LIKE ?';
  13. $data[] = '%'.$_['keyword'].'%';
  14. $folder = isset($_['folder']) && !empty($_['folder']) ? $_['folder'] : '.';
  15. if(isset($_['folder']) && !empty($_['folder']))
  16. $query .= ' AND `path` LIKE "'.$_['folder'].'%'.'"';
  17. //Tri des colonnes
  18. if(isset($_['sort']))
  19. sort_secure_query($_['sort'],array('label','creator','size'),$query,$data);
  20. foreach (Element::staticQuery($query,$data,true) as $element){
  21. // Check des partages sur l'élément
  22. if(!Element::hasRight($element,'read')) continue;
  23. // Check pour ne pas faire ressortir le dossier lui même
  24. if($element->path == $folder) continue;
  25. $elemPath =str_replace(SLASH.'.'.SLASH,SLASH,Element::root().$element->path) ;
  26. $line = Element::fromPath($elemPath);
  27. $line->path = rtrim($line->path, SLASH);
  28. $osPath = Element::root().str_replace('/',SLASH,$line->path);
  29. if(!file_exists($osPath)){
  30. Element::deleteById($line->id);
  31. continue;
  32. }
  33. $row = $line->toArray();
  34. $row['updatedRelative'] = relative_time($line->updated);
  35. $row['sizeReadable'] = $row['type'] == 'directory' ? $line->childNumber.' élements' : readable_size($line->size);
  36. $row['updatedReadable'] = day_name(date('N',$line->updated)).' '. date('d ',$line->updated).month_name(date('m',$line->updated)).date(' Y à H:i',$line->updated);
  37. $row['thumbnail'] = $line->thumbnail();
  38. $row['link'] = $line->link;
  39. $row['icon'] = $line->icon();
  40. $row['childNumber'] = $line->childNumber;
  41. $elements[] = $row;
  42. }
  43. $response['rows'] = $elements;
  44. //recherche par arborescence
  45. }else{
  46. if(isset($_['folder']) && !empty($_['folder'])){
  47. $folder = str_replace('/',SLASH,$_['folder']);
  48. }else {
  49. $folder = '.';
  50. if(isset($_['root'])) $folder = str_replace('/',SLASH,$_['root']);
  51. }
  52. $response['rows'] = array();
  53. $scanned = Element::root().$folder.SLASH.'*';
  54. //L'ui ne traite que les / quel que soit l'os
  55. foreach (Element::browse($scanned) as $line) {
  56. $line->path = str_replace('\\', '/', $line->path);
  57. $row = $line->toArray();
  58. $row['updatedRelative'] = relative_time($line->updated);
  59. $row['sizeReadable'] = $row['type'] == 'directory' ? $line->childNumber.' élements' : readable_size($line->size);
  60. $row['updatedReadable'] = day_name(date('N',$line->updated)).' '. date('d ',$line->updated).month_name(date('m',$line->updated)).date(' Y à H:i',$line->updated);
  61. $row['thumbnail'] = $line->thumbnail();
  62. $row['icon'] = $line->icon();
  63. $row['link'] = $line->link;
  64. $row['childNumber'] = $line->childNumber;
  65. $response['rows'][] = $row;
  66. }
  67. //tri du résultat si demandé
  68. if(isset($_['sort'])){
  69. $direction = $_['sort']['sort'] == 'asc' ? 1:-1 ;
  70. //le in_array permet de s'assurer qu'une colonne triable est spécifiée
  71. $attribute = in_array($_['sort']['sortable'],array('label','size','creator','updated'))? $_['sort']['sortable']: 'label';
  72. usort($response['rows'],function($a,$b) use($attribute,$direction){
  73. if($a[$attribute] > $b[$attribute]) return 1*$direction;
  74. if($a[$attribute] < $b[$attribute]) return -1*$direction;
  75. if($a[$attribute] == $b[$attribute]) return 0;
  76. });
  77. }
  78. if($conf->get('document_enable_logs_verbose')) Log::put('Ouverture du dossier '.str_replace(array('/','\\',SLASH.'.'.SLASH.'*'),array(SLASH,SLASH,''),$scanned).' ','document');
  79. }
  80. });
  81. Action::register('document_element_tree_search',function(&$response){
  82. global $_,$myUser;
  83. if(!$myUser->can('document','read')) return;
  84. require_once(__DIR__.SLASH.'Element.class.php');
  85. if(isset($_['folder']) && !empty($_['folder'])){
  86. $folder = str_replace('/',SLASH,$_['folder']);
  87. }else{
  88. $folder = '.';
  89. if(isset($_['root'])) $folder = str_replace('/',SLASH,$_['root']);
  90. }
  91. if(strlen($folder)>=2 && substr($folder, 0,2)=='./') $folder = substr($folder,2);
  92. //Récuperation de tous les dossiers pour l'arborescence
  93. $response['tree'] = array();
  94. $parentFolder = dirname($folder);
  95. $parentFolder = $parentFolder == '.' ? '' : $parentFolder;
  96. $level = count(explode('/',$folder));
  97. $parentLevel = $level-1 < 0 ? 0 : $level-1;
  98. $parts = explode('/',$folder);
  99. $path = '';
  100. $level = 0;
  101. $query = 'SELECT * FROM {{table}} WHERE type = ? ';
  102. $data = array('directory');
  103. $query .=' AND ( ';
  104. $query .= ' (`path` LIKE ? AND LENGTH(`path`) - LENGTH(REPLACE(`path`, \'/\', \'\')) = ?) ';
  105. $data[] = '%';
  106. $data[] = 0;
  107. foreach($parts as $part){
  108. $level++;
  109. $path.= ($level==1?'':'/').$part;
  110. $query .=' OR ';
  111. $query .= ' (`path` LIKE ? AND LENGTH(`path`) - LENGTH(REPLACE(`path`, \'/\', \'\')) = ?) ';
  112. $data[] = $path.'/%';
  113. $data[] = $level;
  114. }
  115. $query .=' ) ORDER BY `path`';
  116. $elements = Element::staticQuery($query,$data,true);
  117. foreach($elements as $directory){
  118. $osPath = Element::root().str_replace('/',SLASH,$directory->path);
  119. //limitation a la root si existante
  120. if(!empty($_['root']) && strpos($directory->path,$_['root']) === false) continue;
  121. if(!file_exists($osPath)){
  122. Element::deleteById($directory->id);
  123. continue;
  124. }
  125. $response['tree'][] =$directory->path;
  126. }
  127. });
  128. Action::register('document_load_template',function(&$response){
  129. global $myUser,$_;
  130. User::check_access('document','read');
  131. require_once(__DIR__.SLASH.'template.document.php');
  132. exit();
  133. });
  134. Action::register('document_widget_load',function(&$response){
  135. global $myUser;
  136. User::check_access('document','read');
  137. require_once(PLUGIN_PATH.'dashboard'.SLASH.'DashboardWidget.class.php');
  138. $widget = DashboardWidget::current();
  139. $root = $widget->data('widget-document-root');
  140. $root = !empty($root) ? ': <strong>'.$root.'</strong>':'';
  141. $widget->title = 'Mes documents'.$root;
  142. ob_start();
  143. require_once(__DIR__.SLASH.'widget.php');
  144. $widget->content = ob_get_clean();
  145. echo json_encode($widget);
  146. exit();
  147. });
  148. Action::register('document_widget_configure_save',function(&$response){
  149. global $myUser,$_;
  150. require_once(PLUGIN_PATH.'dashboard'.SLASH.'DashboardWidget.class.php');
  151. User::check_access('document','configure');
  152. $widget = DashboardWidget::getById($_['id']);
  153. $widget->data('widget-document-tree',$_['widget-document-tree']);
  154. $widget->data('widget-document-detail',$_['widget-document-detail']);
  155. $widget->data('widget-document-search',$_['widget-document-search']);
  156. $root = str_replace(array('./','../'),'',$_['widget-document-root']);
  157. $widget->data('widget-document-root',$root);
  158. $widget->save();
  159. });
  160. Action::register('document_widget_configure',function(&$response){
  161. global $myUser;
  162. require_once(PLUGIN_PATH.'dashboard'.SLASH.'DashboardWidget.class.php');
  163. User::check_access('document_widget_configure','read');
  164. $widget = DashboardWidget::current();
  165. ob_start();
  166. require_once(__DIR__.SLASH.'widget.configure.php');
  167. $content = ob_get_clean();
  168. echo $content ;
  169. exit();
  170. });
  171. Action::register('document_embedded',function(&$response){
  172. User::check_access('document','read');
  173. Plugin::addCss("/css/main.css");
  174. Plugin::addJs("/js/main.js");
  175. ob_start();
  176. global $myUser,$_;
  177. $embedded = true;
  178. //l'ui de la ged prend en entrée / quel que soit l'os
  179. if(isset($_['data']['root'])) $_['data']['root'] = str_replace('\\', '/', $_['data']['root']);
  180. require_once(__DIR__.SLASH.'page.list.php');
  181. $response['html'] = ob_get_clean();
  182. });
  183. Action::register('document_folder_create',function(&$response){
  184. global $myUser,$_,$conf;
  185. User::check_access('document','edit');
  186. require_once(__DIR__.SLASH.'Element.class.php');
  187. $path = str_replace('/',SLASH,$_['path']);
  188. $path = Element::root().$path;
  189. $char = document_check_element_name(htmlspecialchars_decode(html_entity_decode($_['folder']), ENT_QUOTES));
  190. if(!empty($char)) throw new Exception("Caractères interdits : ".$char);
  191. if(strlen($_['folder']) > 80) throw new Exception("Taille maximale autorisée de 80 caractères.");
  192. Element::addFolder($path);
  193. if($conf->get('document_enable_logs')) Log::put("Création d'un dossier : ".$path,'document');
  194. });
  195. Action::register('document_element_preview',function(&$response){
  196. global $myUser,$_;
  197. User::check_access('document','read');
  198. require_once(__DIR__.SLASH.'Element.class.php');
  199. //l'ui ne renvois que les /, on les convertis par le separateur de l'os
  200. $_['path'] = str_replace('/', SLASH, $_['path']);
  201. $path = str_replace(SLASH.'.'.SLASH,SLASH,Element::root().$_['path']);
  202. $osPath = File::convert_decoding($path);
  203. if(!file_exists($osPath)) throw new Exception('Cet élément a peut-être été modifié ou déplacé par quelqu\'un d\'autre. Rafraîchissez la page et réessayez.');
  204. $element = Element::fromPath($path);
  205. //L'ui ne traite que les / quel que soit l'os
  206. $element->path = str_replace('\\', '/', $element->path);
  207. $row = $element->toArray();
  208. $row['updatedRelative'] = relative_time($element->updated);
  209. $row['sizeReadable'] = readable_size($element->size);
  210. $row['updatedReadable'] = day_name(date('N',$element->updated)).' '. date('d ',$element->updated).month_name(date('m',$element->updated)).date(' Y à H:i',$element->updated);
  211. $row['thumbnail'] = $element->thumbnail();
  212. $row['icon'] = $element->icon();
  213. $row['childNumber'] = $element->childNumber;
  214. $response['row'] = $row;
  215. });
  216. Action::register('document_properties_show',function(&$response){
  217. global $myUser,$_;
  218. User::check_access('document','read');
  219. require_once(__DIR__.SLASH.'Element.class.php');
  220. $element = Element::provide();
  221. $element->path = str_replace('\\', '/', $element->path);
  222. $row = $element->toArray();
  223. $filePath = Element::root().$element->path;
  224. $row['updatedLabel'] = date('d/m/Y H:i',filemtime($filePath));
  225. $bundle = base64_encode(json_encode(array(
  226. 'root' => $element->path,
  227. 'folder' => '',
  228. )));
  229. $row['rootUrl'] = ROOT_URL.'/index.php?module=document&data='.$bundle;
  230. $response['row'] = $row;
  231. });
  232. Action::register('document_element_execute',function(&$response){
  233. global $myUser,$_,$conf;
  234. User::check_access('document','read');
  235. require_once(__DIR__.SLASH.'Element.class.php');
  236. $isopath = Element::root().base64_decode(rawurldecode($_['path']));
  237. $utf8Path = utf8_encode($isopath);
  238. $osPath = get_OS() === 'WIN' ? $isopath : $utf8Path;
  239. $stream = Element::download($utf8Path);
  240. $name = mt_basename($utf8Path);
  241. $mime = 'application/octet-stream';
  242. if(is_dir($osPath)){
  243. $mime = 'application/zip';
  244. $name .= '.zip';
  245. }
  246. if($conf->get('document_enable_logs_verbose')) Log::put('Téléchargement de '.$utf8Path,'document');
  247. File::downloadStream($stream, $name, $mime);
  248. exit();
  249. });
  250. Action::register('document_element_move',function(&$response){
  251. global $myUser,$_,$conf;
  252. User::check_access('document','edit');
  253. require_once(__DIR__.SLASH.'Element.class.php');
  254. //l'ui ne renvois que les /, on les convertis par le separateur de l'os
  255. $_['from'] = str_replace('/', SLASH, $_['from']);
  256. $_['to'] = str_replace('/', SLASH, $_['to']);
  257. $from = Element::root().$_['from'];
  258. $osFrom = File::convert_decoding($from);
  259. if(!file_exists($osFrom)) throw new Exception('Cet élément a peut-être été modifié ou déplacé par quelqu\'un d\'autre. Rafraîchissez la page et réessayez.');
  260. /*
  261. nb: cette ligne permet d'eviter d'ajouter un ./ devant le path de la bdd pour ce fichier lorsqu'il est déplacé
  262. si le ./ est présent, la méthode browse (qui retourne le cehmin sans le ./) ne match pas avec la ligne en bdd et créé
  263. une nouvelle ligne, ce qui rend le proprietaire du fichier anonymous
  264. */
  265. if($_['to']=='.') $_['to'] = '';
  266. $to = Element::root().$_['to'];
  267. $osTo = File::convert_decoding($to);
  268. if(!is_dir($osTo)) return;
  269. $char = document_check_element_name(basename(htmlspecialchars_decode(html_entity_decode($to), ENT_QUOTES)));
  270. if(!empty($char)) throw new Exception("Caractères interdits : ".$char);
  271. $to .= SLASH.basename($from);
  272. $element = Element::move($from,$to);
  273. $response['element'] = $element;
  274. if($conf->get('document_enable_logs')) Log::put('Déplacement de '.$from.' dans '.$to,'document');
  275. });
  276. Action::register('document_element_rename',function(&$response){
  277. global $myUser,$_,$conf;
  278. User::check_access('document','edit');
  279. require_once(__DIR__.SLASH.'Element.class.php');
  280. //les exception vides reset le champ de l'ui sans afficher d'erreur
  281. if(!isset($_['label']) || empty($_['label'])) throw new Exception("Le nom ne doit pas être vide");
  282. if(strlen($_['label']) > 80) throw new Exception("Taille maximale autorisée de 80 caractères.");
  283. //l'ui ne renvois que les /, on les convertis par le separateur de l'os
  284. $_['path'] = str_replace('/', SLASH, $_['path']);
  285. $from = Element::root().$_['path'];
  286. $fromOs = File::convert_decoding($from);
  287. if(!file_exists($fromOs)) throw new Exception('Cet élément a peut-être été modifié ou déplacé par quelqu\'un d\'autre. Rafraîchissez la page et réessayez.');
  288. if(is_dir($fromOs) && substr($_['label'], -1,1)=='.') throw new Exception("Les dossiers ne peuvent pas se terminer par un '.'");
  289. $to = dirname($from).SLASH.$_['label'];
  290. if(file_exists($to)) throw new Exception('Action impossible, un élément existe déjà avec ce nom.');
  291. $char = document_check_element_name(htmlspecialchars_decode(html_entity_decode($_['label']), ENT_QUOTES));
  292. if(!empty($char)) throw new Exception("Caractères interdits : ".$char);
  293. $element = Element::move($from,$to);
  294. if(!$element) throw new Exception("Erreur lors de la récupération de l'élément renommé", 500);
  295. $element->path = str_replace('\\', '/', $element->path);
  296. $response['element'] = $element;
  297. if($conf->get('document_enable_logs') ) Log::put('Renommage de l\'élément : '.$from.' en '.$to,'document');
  298. });
  299. Action::register('document_element_delete',function(&$response){
  300. global $myUser,$_,$conf;
  301. User::check_access('document','delete');
  302. require_once(__DIR__.SLASH.'Element.class.php');
  303. //l'ui ne renvois que les /, on les convertis par le separateur de l'os
  304. $path = Element::root().str_replace('/', SLASH,$_['path']);
  305. $osPath = File::convert_decoding($path);
  306. if(!file_exists($osPath)) throw new Exception('Cet élément a peut-être été modifié ou déplacé par quelqu\'un d\'autre. Rafraîchissez la page et réessayez.');
  307. Element::remove($path);
  308. $extension = getExt($path);
  309. if(in_array($extension, array('jpg','jpeg','png','gif','bmp'))) {
  310. $thumbname = str_replace(array('\\'),array('/'),$_['path']);
  311. $thumbpath = Element::root().'.thumbnails'.SLASH.base64_encode($thumbname).'.'.$extension;
  312. if(file_exists($thumbpath)) unlink($thumbpath);
  313. }
  314. if($conf->get('document_enable_logs')) Log::put("Suppression d'un élément : ".$path,'document');
  315. });
  316. //edition d'un fichier (chargement)
  317. Action::register('document_element_edit',function(&$response){
  318. global $myUser,$_,$conf;
  319. User::check_access('document','edit');
  320. require_once(__DIR__.SLASH.'Element.class.php');
  321. if(!isset($_['path'])) throw new Exception("Veuillez spécifier le chemin du fichier");
  322. $path = str_replace(array('..'),'',$_['path']);
  323. $path = Element::root().$path;
  324. $osPath = File::convert_decoding($path);
  325. if(!file_exists($osPath)) throw new Exception("Impossible de trouver le fichier, peut-être a t-il été supprimé entre temps, veuillez recharger la page.");
  326. $response['path'] = $path;
  327. $response['label'] = mt_basename($path);
  328. $response['content'] = Element::download($path);
  329. if(in_array(getExt($path), array('html','htm'))) $response['wysiwyg'] = true;
  330. });
  331. //edition d'un fichier (sauvegarde)
  332. Action::register('document_element_save',function(&$response){
  333. global $myUser,$_,$conf;
  334. User::check_access('document','edit');
  335. require_once(__DIR__.SLASH.'Element.class.php');
  336. if(!isset($_['label'])) throw new Exception("Veuillez spécifier le nom du fichier");
  337. $label = str_replace(array('..','/','\\'),'',$_['label']);
  338. $path = Element::root().$_['path'].SLASH;
  339. $osPath = File::convert_decoding($path);
  340. $content = html_entity_decode($_['content']);
  341. $maxSize = $conf->get('document_allowed_size');
  342. if($maxSize=='') $maxSize = 28060000;
  343. $extensions = explode(',',str_replace(' ', '', $conf->get('document_allowed_extensions')));
  344. $extension = getExt($_['label']);
  345. if(strlen($content) > $maxSize) throw new Exception("Taille du fichier ".$_['label']." trop grande, taille maximum :".readable_size($maxSize).' ('.$maxSize.' octets)');
  346. if(!in_array($extension , $extensions)) throw new Exception("Extension '".$extension."' du fichier ".$_['label']." non permise, autorisé :".implode(', ',$extensions));
  347. $filePath = $path.$_['label'];
  348. Element::addFile($filePath,$content);
  349. });
  350. //upload d'un fichier
  351. Action::register('document_element_upload',function(&$response){
  352. global $myUser,$_,$conf;
  353. User::check_access('document','edit');
  354. require_once(__DIR__.SLASH.'Element.class.php');
  355. $response['sort'] = $_['sort'];
  356. if(empty($_FILES)) throw new Exception("Aucun document à importer");
  357. $path = Element::root().$_['path'].SLASH;
  358. $osPath = File::convert_decoding($path);
  359. if(!file_exists($osPath)) throw new Exception("Dossier ".$osPath." introuvable");
  360. $maxSize = $conf->get('document_allowed_size');
  361. $extensions = explode(',',str_replace(' ', '', $conf->get('document_allowed_extensions')));
  362. $extension = getExt($_FILES['file']['name'][0]);
  363. if($_FILES['file']['size'][0] > $maxSize) throw new Exception("Taille du fichier ".$_FILES['file']['name'][0]." trop grande, taille maximum :".readable_size($maxSize).' ('.$maxSize.' octets)');
  364. if(!in_array($extension , $extensions)) throw new Exception("Extension '".$extension."' du fichier ".$_FILES['file']['name'][0]." non permise, autorisé :".implode(', ',$extensions));
  365. if(isset($_['method']) && $_['method'] == 'paste') $_FILES['file']['name'][0] = 'presse papier '.date('d-m-Y H-i-s').'.'.$extension;
  366. $filePath = $path.$_FILES['file']['name'][0];
  367. if(!file_exists($_FILES['file']['tmp_name'][0])) throw new Exception("Fichier temporaire n°".$_['sort']." inexistant, verifiez la clause upload_max_size de PHP.");
  368. Element::addFile($filePath,file_get_contents($_FILES['file']['tmp_name'][0]));
  369. if($conf->get('document_enable_logs')) Log::put("Upload d'un élément : ".$filePath,'document');
  370. });
  371. //Sauvegarde des configurations de document
  372. Action::register('document_setting_save',function(&$response){
  373. global $myUser,$_,$conf;
  374. User::check_access('document','configure');
  375. foreach(Configuration::setting('document') as $key=>$value){
  376. if(!is_array($value)) continue;
  377. $allowed[] = $key;
  378. }
  379. foreach ($_['fields'] as $key => $value)
  380. if(in_array($key, $allowed)) $conf->put($key,$value);
  381. });
  382. /** ELEMENTRIGHT **/
  383. //Récuperation d'une liste de elementright
  384. Action::register('document_right_search',function(&$response){
  385. global $myUser,$_;
  386. User::check_access('document','read');
  387. require_once(__DIR__.SLASH.'ElementRight.class.php');
  388. $rights = ElementRight::loadAll(array('element'=>$_['id']));
  389. foreach($rights as $right){
  390. if($right->entity =='rank'){
  391. $rank = Rank::getById($right->uid);
  392. if(!$rank) continue;
  393. $right->uid = $rank->label.' <small class="text-muted">(rang)</small>';
  394. }
  395. $row = $right->toArray();
  396. if($row['read'] == 0) unset($row['read']);
  397. if($row['edit'] == 0) unset($row['edit']);
  398. if($row['recursive'] == 0) unset($row['recursive']);
  399. $response['rows'][] = $row;
  400. }
  401. });
  402. //Ajout ou modification d'élément elementright
  403. Action::register('document_right_save',function(&$response){
  404. global $myUser,$_;
  405. User::check_access('document','edit');
  406. require_once(__DIR__.SLASH.'ElementRight.class.php');
  407. require_once(__DIR__.SLASH.'Element.class.php');
  408. if(!isset($_['uid']) || empty($_['uid'])) throw new Exception("UID de partage non spécifié");
  409. $element = Element::provide('element');
  410. if(!$element) throw new Exception("Cet élément n'existe pas",404);
  411. if($element->creator != $myUser->login && !$myUser->can('document','configure') && !$myUser->superadmin) throw new Exception("Vous n'êtes pas propriétaire de cet élement",403);
  412. $item = ElementRight::provide();
  413. $item->element = $element->id;
  414. $item->recursive = isset($_['recursive']) ? $_['recursive'] : 0 ;
  415. $item->edit = isset($_['edit']) ? $_['edit'] : 0 ;
  416. $item->read = isset($_['read']) ? $_['read'] : 0 ;
  417. $item->uid = $_['uid'];
  418. $item->entity = is_numeric($_['uid']) ? 'rank' : 'user';
  419. //supression des anciens droits sur le même couple element / utilisateur si existants
  420. ElementRight::delete(array('element'=>$item->element,'entity'=>$item->entity,'uid'=>$item->uid));
  421. $item->save();
  422. });
  423. //Suppression d'élement elementright
  424. Action::register('document_right_delete',function(&$response){
  425. global $myUser,$_;
  426. User::check_access('document','delete');
  427. require_once(__DIR__.SLASH.'ElementRight.class.php');
  428. require_once(__DIR__.SLASH.'Element.class.php');
  429. $right = ElementRight::provide('id',1);
  430. $element = $right->join('element');
  431. if(!$element) throw new Exception("Cet élément n'existe pas",404);
  432. if($element->creator != $myUser->login && !$myUser->can('document','configure') && !$myUser->superadmin) throw new Exception("Vous n'etes pas propriétaire de cet élement",403);
  433. ElementRight::deleteById($right->id);
  434. });
  435. ?>