Tinebase_Export - introduce definition templateFileId, add vfs access check
authorPaul Mehrer <p.mehrer@metaways.de>
Fri, 4 Aug 2017 15:40:38 +0000 (17:40 +0200)
committerPaul Mehrer <p.mehrer@metaways.de>
Tue, 8 Aug 2017 12:48:13 +0000 (14:48 +0200)
Change-Id: I7fb2c5c610c3f3dcd105a989f6cdab4560e73bef
Reviewed-on: http://gerrit.tine20.com/customers/5402
Reviewed-by: Paul Mehrer <p.mehrer@metaways.de>
Tested-by: Paul Mehrer <p.mehrer@metaways.de>
tine20/Tinebase/Export/Abstract.php
tine20/Tinebase/ImportExportDefinition.php

index 36f7d31..4756cc2 100644 (file)
@@ -244,6 +244,12 @@ abstract class Tinebase_Export_Abstract implements Tinebase_Record_IteratableInt
         if ($this->_config->template) {
             $this->_templateFileName = $this->_config->template;
         }
+        if ($this->_config->templateFileId) {
+            try {
+                $path = Tinebase_Model_Tree_Node_Path::createFromStatPath(Tinebase_FileSystem::getInstance()->getPathOfNode($this->_config->templateFileId, true));
+                $this->_templateFileName = $path->streamwrapperpath;
+            } catch (Exception $e) {}
+        }
         if (isset($_additionalOptions['template'])) {
             try {
                 $path = Tinebase_Model_Tree_Node_Path::createFromStatPath(Tinebase_FileSystem::getInstance()->getPathOfNode($_additionalOptions['template'], true));
index 950046e..1984d82 100644 (file)
@@ -87,6 +87,37 @@ class Tinebase_ImportExportDefinition extends Tinebase_Controller_Record_Abstrac
             array('field' => 'type',            'operator' => 'equals',  'value' => 'export'),
         ));
         $result = $this->search($filter);
+
+        $fileSystem = Tinebase_FileSystem::getInstance();
+        $toRemove = new Tinebase_Record_RecordSet('Tinebase_Model_ImportExportDefinition');
+        /** @var Tinebase_Model_ImportExportDefinition $definition */
+        foreach($result as $definition) {
+            if ($definition->plugin_options) {
+                $config = Tinebase_ImportExportDefinition::getInstance()->
+                    getOptionsAsZendConfigXml($definition, array());
+                if (!empty($config->template)) {
+                    if (strpos($config->template, 'tine20://') === false) {
+                        continue;
+                    }
+                    try {
+                        $node = $fileSystem->stat(substr($config->template, 9));
+                        if (false === $fileSystem->hasGrant(Tinebase_Core::getUser()->getId(), $node->getId(),
+                                Tinebase_Model_Grants::GRANT_READ)) {
+                            $toRemove[] = $definition;
+                        }
+                    } catch (Exception $e) {
+                        $toRemove[] = $definition;
+                    }
+                } elseif (!empty($config->templateFileId)) {
+                    if (false === $fileSystem->hasGrant(Tinebase_Core::getUser()->getId(), $config->templateFileId,
+                            Tinebase_Model_Grants::GRANT_READ)) {
+                        $toRemove[] = $definition;
+                    }
+                }
+            }
+        }
+
+        $result->removeRecords($toRemove);
         
         return $result;
     }