2014-06-10 15:18:49 +02:00
< ? php
App :: uses ( 'AppController' , 'Controller' );
/**
* TemplateElements Controller
*
* @ property TemplateElement $TemplateElements
*/
class TemplateElementsController extends AppController {
public $components = array ( 'Security' , 'RequestHandler' );
public $paginate = array (
'limit' => 50 ,
'order' => array (
'TemplateElement.position' => 'asc'
)
);
2016-06-04 01:08:16 +02:00
2014-06-10 15:18:49 +02:00
public function index ( $id ) {
2016-06-04 01:08:16 +02:00
2014-06-10 15:18:49 +02:00
//check permissions
2014-06-19 08:44:35 +02:00
$template = $this -> TemplateElement -> Template -> checkAuthorisation ( $id , $this -> Auth -> user (), false );
if ( ! $this -> _isSiteAdmin () && ! $template ) throw new MethodNotAllowedException ( 'No template with the provided ID exists, or you are not authorised to see it.' );
2016-06-04 01:08:16 +02:00
2014-06-10 15:18:49 +02:00
$templateElements = $this -> TemplateElement -> find ( 'all' , array (
'conditions' => array (
'template_id' => $id ,
),
'contain' => array (
'TemplateElementAttribute' ,
2014-06-19 08:44:35 +02:00
'TemplateElementText' ,
'TemplateElementFile'
2014-06-10 15:18:49 +02:00
),
'order' => array ( 'TemplateElement.position ASC' )
));
2014-06-12 13:59:54 +02:00
$this -> loadModel ( 'Attribute' );
$this -> set ( 'validTypeGroups' , $this -> Attribute -> validTypeGroups );
2014-06-10 15:18:49 +02:00
$this -> set ( 'id' , $id );
$this -> layout = 'ajaxTemplate' ;
$this -> set ( 'elements' , $templateElements );
2014-06-19 08:44:35 +02:00
$mayModify = false ;
2015-11-28 23:49:52 +01:00
if ( $this -> _isSiteAdmin () || $template [ 'Template' ][ 'org' ] == $this -> Auth -> user ( 'Organisation' )[ 'name' ]) $mayModify = true ;
2014-06-19 08:44:35 +02:00
$this -> set ( 'mayModify' , $mayModify );
2014-06-10 15:18:49 +02:00
$this -> render ( 'ajax/ajaxIndex' );
}
2016-06-04 01:08:16 +02:00
2014-06-10 15:18:49 +02:00
public function templateElementAddChoices ( $id ) {
2014-06-19 08:44:35 +02:00
if ( ! $this -> _isSiteAdmin () && ! $this -> TemplateElement -> Template -> checkAuthorisation ( $id , $this -> Auth -> user (), true )) throw new MethodNotAllowedException ( 'You are not authorised to do that.' );
2016-06-04 01:08:16 +02:00
2014-06-10 15:18:49 +02:00
if ( ! $this -> request -> is ( 'ajax' )) Throw new MethodNotAllowedException ( 'This action is for ajax requests only.' );
$this -> set ( 'id' , $id );
$this -> layout = 'ajax' ;
$this -> render ( 'ajax/template_element_add_choices' );
}
2016-06-04 01:08:16 +02:00
2014-06-19 08:44:35 +02:00
public function add ( $type , $id ) {
2014-06-12 13:59:54 +02:00
$ModelType = 'TemplateElement' . ucfirst ( $type );
2014-06-19 08:44:35 +02:00
if ( ! $this -> _isSiteAdmin () && ! $this -> TemplateElement -> Template -> checkAuthorisation ( $id , $this -> Auth -> user (), true )) return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => false , 'errors' => 'You are not authorised to do that.' )), 'status' => 200 ));
2016-06-04 01:08:16 +02:00
2014-06-10 15:18:49 +02:00
if ( ! $this -> request -> is ( 'ajax' )) Throw new MethodNotAllowedException ( 'This action is for ajax requests only.' );
2016-06-04 01:08:16 +02:00
2014-06-10 15:18:49 +02:00
if ( $this -> request -> is ( 'get' )) {
$this -> set ( 'id' , $id );
2014-06-12 13:59:54 +02:00
if ( $type == 'attribute' ) {
$this -> loadModel ( 'Attribute' );
// combobox for types
$types = array_keys ( $this -> Attribute -> typeDefinitions );
$types = $this -> _arrayToValuesIndexArray ( $types );
$this -> set ( 'types' , $types );
2014-06-19 08:44:35 +02:00
// combobox for categories
2015-11-20 04:22:10 +01:00
$categories = array_keys ( $this -> Attribute -> categoryDefinitions );
2014-06-12 13:59:54 +02:00
$categories = $this -> _arrayToValuesIndexArray ( $categories );
$this -> set ( 'categories' , compact ( 'categories' ));
$this -> set ( 'attrDescriptions' , $this -> Attribute -> fieldDescriptions );
$this -> set ( 'typeDefinitions' , $this -> Attribute -> typeDefinitions );
$categoryDefinitions = $this -> Attribute -> categoryDefinitions ;
foreach ( $categoryDefinitions as $k => & $catDef ) {
foreach ( $catDef [ 'types' ] as $l => $t ) {
2014-06-19 08:44:35 +02:00
if ( $t == 'malware-sample' || $t == 'attachment' ) {
unset ( $catDef [ 'types' ][ $l ]);
2014-06-12 13:59:54 +02:00
}
}
}
2014-06-19 08:44:35 +02:00
$this -> set ( 'categoryDefinitions' , $categoryDefinitions );
2014-06-12 13:59:54 +02:00
$this -> set ( 'validTypeGroups' , $this -> Attribute -> validTypeGroups );
$this -> set ( 'typeGroupCategoryMapping' , $this -> Attribute -> typeGroupCategoryMapping );
2014-06-19 08:44:35 +02:00
} else if ( $type == 'file' ) {
$this -> loadModel ( 'Attribute' );
$categoryArray = array ();
$categories = array ();
foreach ( $this -> Attribute -> categoryDefinitions as $k => $catDef ) {
$temp = array ();
if ( in_array ( 'malware-sample' , $catDef [ 'types' ])) {
$temp [] = 'malware-sample' ;
}
if ( in_array ( 'attachment' , $catDef [ 'types' ])) {
$temp [] = 'attachment' ;
}
if ( ! empty ( $temp )) {
$categoryArray [ $k ] = $temp ;
$categories [] = $k ;
}
}
$categories = $this -> _arrayToValuesIndexArray ( $categories );
$this -> set ( 'categoryArray' , $categoryArray );
$this -> set ( 'categories' , $categories );
2014-06-12 13:59:54 +02:00
}
2014-06-10 15:18:49 +02:00
$this -> layout = 'ajaxTemplate' ;
$this -> render ( 'ajax/template_element_add_' . $type );
} else if ( $this -> request -> is ( 'post' )) {
$pos = $this -> TemplateElement -> lastPosition ( $id );
$this -> TemplateElement -> create ();
$templateElement = array (
'TemplateElement' => array (
'template_id' => $id ,
'position' => ++ $pos ,
'element_definition' => $type
),
);
2014-06-12 13:59:54 +02:00
$errorMessage = 'The element could not be added.' ;
2014-06-10 15:18:49 +02:00
if ( $this -> TemplateElement -> save ( $templateElement )) {
2014-06-12 13:59:54 +02:00
$this -> request -> data [ $ModelType ][ 'template_element_id' ] = $this -> TemplateElement -> id ;
$this -> TemplateElement -> $ModelType -> create ();
if ( $this -> TemplateElement -> $ModelType -> save ( $this -> request -> data )) {
2014-06-10 15:18:49 +02:00
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => true , 'success' => 'Element successfully added to template.' )), 'status' => 200 ));
} else {
$this -> TemplateElement -> delete ( $this -> TemplateElement -> id );
2014-06-12 13:59:54 +02:00
$errorMessage = $this -> TemplateElement -> $ModelType -> validationErrors ;
2014-06-10 15:18:49 +02:00
}
2014-06-12 13:59:54 +02:00
} else {
$errorMessage = $this -> TemplateElement -> validationErrors ;
2014-06-10 15:18:49 +02:00
}
2014-06-12 13:59:54 +02:00
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => false , 'errors' => $errorMessage )), 'status' => 200 ));
2014-06-10 15:18:49 +02:00
}
}
2016-06-04 01:08:16 +02:00
2014-06-19 08:44:35 +02:00
public function edit ( $type , $id ) {
$ModelType = 'TemplateElement' . ucfirst ( $type );
$templateElement = $this -> TemplateElement -> find ( 'first' , array (
'conditions' => array ( 'TemplateElement.id' => $id ),
'contain' => array ( 'Template' , $ModelType )
));
$this -> set ( 'template_id' , $templateElement [ 'Template' ][ 'id' ]);
if ( ! $this -> _isSiteAdmin () && ! $this -> TemplateElement -> Template -> checkAuthorisation ( $id , $this -> Auth -> user (), true )) return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => false , 'errors' => 'You are not authorised to do that.' )), 'status' => 200 ));
2016-06-04 01:08:16 +02:00
2014-06-19 08:44:35 +02:00
if ( ! $this -> request -> is ( 'ajax' )) Throw new MethodNotAllowedException ( 'This action is for ajax requests only.' );
if ( $this -> request -> is ( 'get' )) {
$this -> set ( 'id' , $id );
$this -> request -> data [ $ModelType ] = $templateElement [ $ModelType ][ 0 ];
if ( $type == 'attribute' ) {
$this -> loadModel ( 'Attribute' );
2014-08-06 10:02:52 +02:00
// combobox for types
$types = array_keys ( $this -> Attribute -> typeDefinitions );
$types = $this -> _arrayToValuesIndexArray ( $types );
$this -> set ( 'types' , $types );
2014-06-19 08:44:35 +02:00
// combobox for categories
2015-11-20 04:22:10 +01:00
$categories = array_keys ( $this -> Attribute -> categoryDefinitions );
2014-06-19 08:44:35 +02:00
$categories = $this -> _arrayToValuesIndexArray ( $categories );
$this -> set ( 'categories' , compact ( 'categories' ));
$categoryDefinitions = $this -> Attribute -> categoryDefinitions ;
foreach ( $categoryDefinitions as $k => & $catDef ) {
foreach ( $catDef [ 'types' ] as $l => $t ) {
if ( $t == 'malware-sample' || $t == 'attachment' ) {
unset ( $catDef [ 'types' ][ $l ]);
}
}
}
if ( $this -> request -> data [ 'TemplateElementAttribute' ][ 'complex' ]) {
$this -> set ( 'initialTypes' , $this -> _arrayToValuesIndexArray ( $this -> Attribute -> typeGroupCategoryMapping [ $templateElement [ 'TemplateElementAttribute' ][ 0 ][ 'category' ]]));
} else {
2014-08-06 10:02:52 +02:00
$this -> set ( 'initialTypes' , $this -> _arrayToValuesIndexArray ( $categoryDefinitions [ $templateElement [ 'TemplateElementAttribute' ][ 0 ][ 'category' ]][ 'types' ]));
2014-06-19 08:44:35 +02:00
}
$this -> set ( 'initialValues' , $templateElement [ 'TemplateElementAttribute' ][ 0 ]);
$this -> set ( 'categoryDefinitions' , $categoryDefinitions );
$this -> set ( 'validTypeGroups' , $this -> Attribute -> validTypeGroups );
$this -> set ( 'typeGroupCategoryMapping' , $this -> Attribute -> typeGroupCategoryMapping );
} else if ( $type == 'file' ) {
$this -> loadModel ( 'Attribute' );
$categoryArray = array ();
$categories = array ();
foreach ( $this -> Attribute -> categoryDefinitions as $k => $catDef ) {
$temp = array ();
if ( in_array ( 'malware-sample' , $catDef [ 'types' ])) {
$temp [] = 'malware-sample' ;
}
if ( in_array ( 'attachment' , $catDef [ 'types' ])) {
$temp [] = 'attachment' ;
}
if ( ! empty ( $temp )) {
$categoryArray [ $k ] = $temp ;
$categories [] = $k ;
}
}
$categories = $this -> _arrayToValuesIndexArray ( $categories );
$this -> set ( 'categoryArray' , $categoryArray );
$this -> set ( 'categories' , $categories );
}
$this -> layout = 'ajaxTemplate' ;
$this -> render ( 'ajax/template_element_edit_' . $type );
} else if ( $this -> request -> is ( 'post' ) || $this -> request -> is ( 'put' )) {
$this -> request -> data [ $ModelType ][ 'id' ] = $templateElement [ $ModelType ][ 0 ][ 'id' ];
$this -> request -> data [ $ModelType ][ 'template_element_id' ] = $templateElement [ $ModelType ][ 0 ][ 'template_element_id' ];
if ( $this -> TemplateElement -> $ModelType -> save ( $this -> request -> data )) {
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => true , 'success' => 'Element successfully edited.' )), 'status' => 200 ));
} else {
$this -> TemplateElement -> delete ( $this -> TemplateElement -> id );
$errorMessage = $this -> TemplateElement -> $ModelType -> validationErrors ;
}
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => false , 'errors' => 'The element could not be edited.' )), 'status' => 200 ));
}
}
2016-06-04 01:08:16 +02:00
2014-06-19 08:44:35 +02:00
public function delete ( $id ) {
if ( ! $this -> request -> is ( 'ajax' )) Throw new MethodNotAllowedException ( 'This action is for ajax requests only.' );
$this -> TemplateElement -> read ( null , $id );
2016-02-03 09:59:35 +01:00
if ( ! $this -> _isSiteAdmin () && ! $this -> TemplateElement -> Template -> checkAuthorisation ( $this -> TemplateElement -> data [ 'Template' ][ 'id' ], $this -> Auth -> user (), true )) throw new NotAllowedException ( 'You are not authorised to do that.' );
2014-06-19 08:44:35 +02:00
if ( $this -> request -> is ( 'post' )) {
2016-02-03 09:59:35 +01:00
if ( $this -> _isSiteAdmin () || $this -> Auth -> user ( 'Organisation' )[ 'name' ] == $this -> TemplateElement -> data [ 'Template' ][ 'org' ]) {
2014-06-19 08:44:35 +02:00
// check permissions
if ( empty ( $this -> TemplateElement -> data )) throw new NotFoundException ();
$type = 'TemplateElement' . ucfirst ( $this -> TemplateElement -> data [ 'TemplateElement' ][ 'element_definition' ]);
if ( $this -> TemplateElement -> $type -> delete ( $this -> TemplateElement -> data [ $type ][ 0 ][ 'id' ])) {
$this -> TemplateElement -> delete ( $this -> TemplateElement -> data [ 'TemplateElement' ][ 'id' ]);
$this -> TemplateElement -> Template -> trimElementPositions ( $this -> TemplateElement -> data [ 'TemplateElement' ][ 'template_id' ]);
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => true , 'success' => 'Element deleted.' )), 'status' => 200 ));
} else {
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => true , 'errors' => 'Couldn\'t delete the Element' )), 'status' => 200 ));
}
} else {
return new CakeResponse ( array ( 'body' => json_encode ( array ( 'saved' => true , 'errors' => 'You don\'t have permission to do that.' )), 'status' => 200 ));
}
} else {
$this -> set ( 'id' , $id );
$this -> set ( 'template_id' , $this -> TemplateElement -> data [ 'Template' ][ 'id' ]);
$this -> render ( 'ajax/templateElementConfirmationForm' );
}
}
2014-06-10 15:18:49 +02:00
}