idleman
/
hackpoint


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398
							<?php
global $_,$conf;
switch($_['action']){

	/** SKETCH **/
	//Récuperation d'une liste de sketch
	case 'hackpoint_sketch_search':
		Action::write(function(&$response){
			global $myUser,$_;
			
			require_once(__DIR__.SLASH.'Sketch.class.php');

			
			// OPTIONS DE RECHERCHE, A ACTIVER POUR UNE RECHERCHE AVANCEE
			$query = 'SELECT * FROM '.Sketch::tableName().' WHERE 1';
			$data = array();
			//Recherche simple
			if(!empty($_['filters']['keyword'])){
				$query .= ' AND label LIKE ?';
				$data[] = '%'.$_['filters']['keyword'].'%';
			}

			//Recherche avancée
			if(isset($_['filters']['advanced'])) filter_secure_query($_['filters']['advanced'],array('label'),$query,$data);

			//Tri des colonnes
			if(isset($_['sort'])) sort_secure_query($_['sort'],array('label'),$query,$data);

			//Pagination
			$response['pagination'] = Sketch::paginate(20,(!empty($_['page'])?$_['page']:0),$query,$data);

			$sketchs = Sketch::staticQuery($query,$data,true,0);
			

			foreach($sketchs as $sketch){

				if(!$sketch->state &&  $sketch->creator != $myUser->login && !$myUser->can('hackpoint',$sketch->id,'read') ) continue;

				$row = $sketch->toArray();
				$row['comment'] = truncate($row['comment'],65);
				$row['picture'] = $sketch->picture();
				

				$row['progress-color'] = 'bg-danger';
				if($row['progress'] > 30) $row['progress-color'] = 'bg-warning';
				if($row['progress'] > 45) $row['progress-color'] = 'bg-info';
				if($row['progress'] > 65) $row['progress-color'] = '';
				if($row['progress'] > 85) $row['progress-color'] = 'bg-success';


				$row['created'] = relative_time($row['created']);
				$response['rows'][] = $row;
			}
		});
	break;
	
	//Ajout ou modification d'élément sketch
	case 'hackpoint_sketch_save':
		Action::write(function(&$response){
			global $myUser,$_;
			if(!$myUser->can('hackpoint','edit')) throw new Exception("Permissions insuffisantes",403);
			require_once(__DIR__.SLASH.'Sketch.class.php');
			$item = Sketch::getById($_['id']);

			if(isset($_['label'])) $item->label = $_['label'];

			if($item->id==0) $item->progress = 5;

			if(isset($_['state'])) $item->state = $_['state'] == 'true';
			if(isset($_['comment']))  $item->comment = $_['comment'];
			$item->save();
		});
	break;


	case 'hackpoint_sketch_permission_save':
		Action::write(function(&$response){
			global $myUser,$_;
			if(!$myUser->can('hackpoint','edit')) throw new Exception("Permissions insuffisantes",403);
			require_once(__DIR__.SLASH.'Sketch.class.php');
			
			$permission = Permission::form();
			$permission->entity = 'hackpoint';

			$sketch = Sketch::getById($permission->uid);
			if($sketch->creator!=$myUser->login) throw new Exception("Vous ne pouvez pas définir une permission sur un sketch qui ne vous appartient pas");
			
			$permission->save();

		});
	break;

	//Suppression d'élement permission
	case 'hackpoint_sketch_permission_delete':
		Action::write(function(&$response){
			global $myUser,$_;
			require_once(__DIR__.SLASH.'Sketch.class.php');
			$permission = Permission::getById($_['id']);
			if($permission->entity != 'hackpoint') throw new Exception("Erreur de routage des permissions");
			
			$sketch = Sketch::getById($permission->uid);
			if($sketch->creator!=$myUser->login) throw new Exception("Vous ne pouvez pas définir une permission sur un sketch qui ne vous appartient pas");
			

			Permission::deleteById($permission->id);
		});
	break;


	case 'hackpoint_sketch_save_cover':
	Action::write(function(&$response){
		global $myUser,$_;
		
		require_once(__DIR__.SLASH.'Sketch.class.php');
		if(!is_numeric($_['sketch'])) throw new Exception("Sketch non spécifié", 400);
		$sketch = Sketch::provide('sketch');
		if($myUser->login!= $sketch->creator) throw new Exception("Permission insuffisantes", 403);
		
		$folder = $sketch->directory();
		if(!file_exists($folder)) mkdir($folder,0755,true);
		$name = 'cover.jpg';

		$stream = preg_replace('|data\:image\/[^;]*;base64,|is','',$_['stream']);
		$filepath = $folder.SLASH.$name;
		$row = file_put_contents($filepath, base64_decode($stream));
		//Image::resize($filepath,150,150);
		$response['stream'] = 'data:image/jpg;base64,'.base64_encode(file_get_contents($filepath));
		
	});
	break;

	case 'hackpoint_sketch_download':
		Action::write(function(&$response){
			global $myUser,$_;
			require_once(__DIR__.SLASH.'Sketch.class.php');
			if(!is_numeric($_['id'])) throw new Exception("Sketch non spécifié", 400);
			$sketch = Sketch::provide();
			if($myUser->login!= $sketch->creator && !$sketch->state) throw new Exception("Permission insuffisantes", 403);
			
			
			File::downloadStream($sketch->download(),$sketch->slug.' '.date('d-m-y H-i-s').'.zip');
			exit();
	
			
		});
	break;
	

	case 'hackpoint_sketch_progress_save':
		Action::write(function(&$response){
			global $myUser,$_;
			
			require_once(__DIR__.SLASH.'Sketch.class.php');
			$item = Sketch::getById($_['id']);
			if($myUser->login!=$item->creator) throw new Exception("Permissions insuffisantes",403);
			$item->progress = $_['progress'];
			$item->save();
		});
	break;

	case 'hackpoint_sketch_add':
		global $myUser,$_;
		if(!$myUser->can('hackpoint','edit')) throw new Exception("Permissions insuffisantes",403);
		require_once(__DIR__.SLASH.'Sketch.class.php');
		$sketch = new Sketch();
		$sketch->label = 'Sketch Sans titre';
		$sketch->state = false;
		$sketch->progress = 10;
		$sketch->comment = 'Nouveau sketch sans commentaires';
		$sketch->save();

		require_once(__DIR__.SLASH.'Resource.class.php');
		$item = new Resource();
		$item->label = 'Documentation';
		$item->sort = 0;
		$item->type = 'readme';
		$item->content = '# Documentation'.PHP_EOL.'Utilisez le bouton + en bas de la barre latérale pour ajouter des ressources...';
		$item->sketch = $sketch->id;
		$item->save();

		header('location: index.php?module=hackpoint&page=sheet.sketch&id='.$sketch->id);
	
	break;

	//Suppression d'élement sketch
	case 'hackpoint_sketch_delete':
		Action::write(function(&$response){
			global $myUser,$_;
			if(!$myUser->can('hackpoint','delete')) throw new Exception("Permissions insuffisantes",403);
			require_once(__DIR__.SLASH.'Sketch.class.php');
			Sketch::removeById($_['id']);
			
		});
	break;

	
	/** RESOURCE **/
	//Récuperation d'une liste de resource
	case 'hackpoint_resource_search':
		Action::write(function(&$response){
			global $myUser,$_;
			
			require_once(__DIR__.SLASH.'Sketch.class.php');
			require_once(__DIR__.SLASH.'Resource.class.php');
			$sketch = Sketch::provide('sketch');
			if(!$sketch->state &&  $sketch->creator != $myUser->login && !$myUser->can('hackpoint',$sketch->id,'read') ) throw new Exception("Sketch privé", 403);
			
			foreach(Resource::loadAll(array('sketch'=>$_['sketch']),array('sort')) as $resource){
				$row = $resource->toArray();
				$type = $resource->type();
				$row['type'] = $type;
				$response['rows'][] = $row;
			}
		});
	break;

	case 'hackpoint_resource_edit':
		Action::write(function(&$response){
			global $myUser,$_;
			require_once(__DIR__.SLASH.'Sketch.class.php');
			require_once(__DIR__.SLASH.'Resource.class.php');
			require_once(__DIR__.SLASH.'Resource.class.php');
			$item = Resource::provide('id',1);
			$sketch = $item->join('sketch');
			if(!$sketch->state &&  $sketch->creator != $myUser->login && !$myUser->can('hackpoint',$sketch->id,'read') ) throw new Exception("Sketch privé", 403);

			$response = $item->toHtml();
			$response['resourceType'] = $item->type;
		});
	break;

	//Sauveagrde du contenu d'une resource
	case 'hackpoint_resource_save_content':
		Action::write(function(&$response){
			global $myUser,$_;
			require_once(__DIR__.SLASH.'Sketch.class.php');
			require_once(__DIR__.SLASH.'Resource.class.php');
			$item = Resource::provide('id',1);
			$sketch = $item->join('sketch');
		
			if($sketch->creator != $myUser->login && !$myUser->can('hackpoint',$sketch->id,'edit')) throw new Exception("Permissions insuffisantes",403);
			$item->content = $_['content'];
			$item->save();
		});
	break;
	
	//Ajout ou modification d'élément resource
	case 'hackpoint_resource_save':
		Action::write(function(&$response){
			global $myUser,$_;
			if(!$myUser->can('hackpoint','edit')) throw new Exception("Permissions insuffisantes",403);
			require_once(__DIR__.SLASH.'Sketch.class.php');
			require_once(__DIR__.SLASH.'Resource.class.php');
			require_once(__DIR__.SLASH.'ResourceType.class.php');
			$item = Resource::provide('id',1);
			$sketch = $item->join('sketch');
			if( !is_object($sketch) || $sketch->id==0){
				$sketch = Sketch::getById($_['sketch']);
			}
			if($sketch->creator != $myUser->login && !$myUser->can('hackpoint',$sketch->id,'edit')) throw new Exception("Permissions insuffisantes",403);

			if(!isset($_['type']) && $item->id!=0) $_['type'] = $item->type;
			$type = ResourceType::types($_['type']);
			
			if(isset($_['label'])) $item->label = $_['label'];
			if($item->id==0){
				$item->label = $type['label'];
				$item->sort = 100;
				$item->type = $_['type'];
				if(isset($type['default'])) $item->content = $type['default'] ;
				$item->sketch = $_['sketch'];
			}
			
			$item->save();
			$response = $item->toArray();

			$response['type'] = $item->type();
		});
	break;
	
	case 'hackpoint_resource_sort':
		Action::write(function(&$response){
			global $myUser,$_;
			if(!$myUser->can('hackpoint','edit')) throw new Exception("Permissions insuffisantes",403);
			require_once(__DIR__.SLASH.'Sketch.class.php');
			require_once(__DIR__.SLASH.'Resource.class.php');
			require_once(__DIR__.SLASH.'ResourceType.class.php');
			foreach($_['sort'] as $sort=>$id){
				$resource =  Resource::getById($id,1);

				$sketch = $resource->join('sketch');
				if($sketch->creator != $myUser->login) continue;

				$resource->sort = $sort;
				$resource->save();
			}
		});
	break;	

	//Suppression d'élement resource
	case 'hackpoint_resource_delete':
		Action::write(function(&$response){
			global $myUser,$_;
			require_once(__DIR__.SLASH.'Sketch.class.php');
			require_once(__DIR__.SLASH.'Resource.class.php');

	
			$item = Resource::getById($_['id'],1);
			$sketch = $item->join('sketch');
			if($sketch->creator != $myUser->login && !$myUser->can('hackpoint',$sketch->id,'delete')) throw new Exception("Permissions insuffisantes",403);
			Resource::deleteById($_['id']);
			
		});
	break;


	//Suppression document
	case 'resource_delete_document':
	Action::write(function(&$response){
		global $myUser,$_;
		if(!$myUser->can('hackpoint','delete')) throw new Exception("Permissions insuffisantes",403);
		require_once(__DIR__.SLASH.'Resource.class.php');
		if(!isset($_['path']) ) throw new Exception("Chemin non spécifié ou non numerique");
		//Le premier argument est un namspace de sécurité 
		//et assure que le fichier sera toujours cloisoné dans un contexte file/hackpoint/sketch
		$path = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? utf8_decode($_['path']) : $_['path'];
		File::delete('hackpoint'.SLASH.'sketch',$path);
	});
	break;

	case 'resource_add_document':
	Action::write(function(&$response){
		global $myUser,$_;
		if(!$myUser->can('hackpoint','edit')) throw new Exception("Permissions insuffisantes",403);
		require_once(__DIR__.SLASH.'Resource.class.php');

		$resource = Resource::provide();
		$folder = $resource->directory();

		if(!file_exists($folder)) mkdir($folder,0755,true);

		foreach ($_['files'] as $file) {

			$name = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? utf8_decode($file['name']) : $file['name'];
			$row = File::move(File::temp().$file['path'],str_replace(File::dir(),'',$folder).SLASH.$name);
			$row['url'] = 'action.php?action=hackpoint_download_file&file='.base64_encode('sketch'.SLASH.$resource->sketch.SLASH.$resource->id.SLASH.rawurlencode($file['name']));
			$row['oldPath'] = $file['path'];

			if(!in_array( getExt($file['name']), array('jpg','jpeg','png','bmp','svg'))){
				$row['icon'] = $file['icon'];//getExtIcon( getExt($file));
			}

			$response['files'][] = $row;
		}
		
	});
	break;


	//Download d'un fichier
	case 'hackpoint_download_file':
		Action::write(function(&$response){
			global $myUser,$_;
			$file = str_replace(array('..'),array(''),urldecode(base64_decode($_['file'])));
			
		
			$file = File::dir().'hackpoint'.SLASH.$file;
			File::downloadFile($file);
		});
	break;


	//Sauvegarde des configurations de hackpoint
	case 'hackpoint_setting_save':
		Action::write(function(&$response){
			global $myUser,$_,$conf;
			if(!$myUser->can('hackpoint','configure')) throw new Exception("Permissions insuffisantes",403);
			foreach(Configuration::setting('hackpoint') as $key=>$value){
				if(!is_array($value)) continue;
				$allowed[] = $key;
			}
			foreach ($_['fields'] as $key => $value) {
				if(in_array($key, $allowed))
					$conf->put($key,$value);
			}
		});
	break;


}
?>