'/payment-type/edit/{id:\d+}',
[Crud\PaymentTypeController::class, 'doEdit']
)->setname('editPaymentType')->add($authenticate);
+
+$app->get(
+ '/{form_name:adh|contrib|trans}/{id:\d+}/file/{fid:\d+}/{pos:\d+}/{name}',
+ [Crud\DynamicFieldsController::class, 'getDynamicFile']
+)->setName('getDynamicFile')->add($authenticate);
[Crud\GroupsController::class, 'ajaxMembers']
)->setName('ajaxGroupMembers')->add($authenticate);
-$app->get(
- '/member/{id:\d+}/file/{fid:\d+}/{pos:\d+}/{name}',
- [Crud\MembersController::class, 'getDynamicFile']
-)->setName('getDynamicFile')->add($authenticate);
-
$app->get(
'/members/mass-change',
[Crud\MembersController::class, 'massChange']
namespace Galette\Controllers\Crud;
+use Galette\IO\File;
use Galette\Repository\DynamicFieldsSet;
use Throwable;
use Galette\Controllers\CrudController;
return $response;
}
+ /**
+ * Get a dynamic file
+ *
+ * @param Request $request PSR Request
+ * @param Response $response PSR Response
+ * @param string $form_name Form name
+ * @param integer $id Object ID
+ * @param integer $fid Dynamic fields ID
+ * @param integer $pos Dynamic field position
+ * @param string $name File name
+ *
+ * @return Response
+ */
+ public function getDynamicFile(
+ Request $request,
+ Response $response,
+ string $form_name,
+ int $id,
+ int $fid,
+ int $pos,
+ string $name
+ ): Response {
+ $object_class = DynamicFieldsSet::getClasses()[$form_name];
+ if ($object_class === 'Galette\Entity\Adherent') {
+ $object = new $object_class($this->zdb);
+ } else {
+ $object = new $object_class($this->zdb, $this->login);
+ }
+
+ $object
+ ->disableAllDeps()
+ ->enableDep('dynamics')
+ ->load($id);
+
+ $denied = null;
+ if (!$object->canShow($this->login)) {
+ $fields = $object->getDynamicFields()->getFields();
+ if (!isset($fields[$fid])) {
+ //field does not exist or access is forbidden
+ $denied = true;
+ } else {
+ $denied = false;
+ }
+ }
+
+ if ($denied === true) {
+ $this->flash->addMessage(
+ 'error_detected',
+ _T("You do not have permission for requested URL.")
+ );
+
+ $route_name = 'member';
+ if ($form_name == 'contrib') {
+ $route_name = 'contribution';
+ } elseif ($route_name == 'trans') {
+ $route_name = 'transaction';
+ }
+ return $response
+ ->withHeader(
+ 'Location',
+ $this->routeparser->urlFor(
+ $route_name,
+ ['id' => $id]
+ )
+ );
+ }
+
+ $filename = str_replace(
+ [
+ '%form',
+ '%oid',
+ '%fid',
+ '%pos'
+ ],
+ [
+ $form_name,
+ $id,
+ $fid,
+ $pos
+ ],
+ '%form_%oid_field_%fid_value_%pos'
+ );
+
+ if (file_exists(GALETTE_FILES_PATH . $filename)) {
+ $type = File::getMimeType(GALETTE_FILES_PATH . $filename);
+
+ $response = $response->withHeader('Content-Description', 'File Transfer')
+ ->withHeader('Content-Type', $type)
+ ->withHeader('Content-Disposition', 'attachment;filename="' . $name . '"')
+ ->withHeader('Pragma', 'no-cache')
+ ->withHeader('Content-Transfer-Encoding', 'binary')
+ ->withHeader('Expires', '0')
+ ->withHeader('Cache-Control', 'must-revalidate')
+ ->withHeader('Pragma', 'public');
+
+ $stream = fopen('php://memory', 'r+');
+ fwrite($stream, file_get_contents(GALETTE_FILES_PATH . $filename));
+ rewind($stream);
+
+ return $response->withBody(new \Slim\Psr7\Stream($stream));
+ } else {
+ Analog::log(
+ 'A request has been made to get a dynamic file named `' .
+ $filename . '` that does not exists.',
+ Analog::WARNING
+ );
+
+ $this->flash->addMessage(
+ 'error_detected',
+ _T("The file does not exists or cannot be read :(")
+ );
+
+ return $response
+ ->withHeader(
+ 'Location',
+ $this->routeparser->urlFor('member', ['id' => $id])
+ );
+ }
+ }
+
// /CRUD - Read
// CRUD - Update
use Galette\Entity\Social;
use Galette\Filters\AdvancedMembersList;
use Galette\Filters\MembersList;
-use Galette\IO\File;
use Galette\Repository\Groups;
use Galette\Repository\Members;
use Galette\Repository\PaymentTypes;
->withHeader('Location', $this->routeparser->urlFor('publicList', ['type' => $type]));
}
- /**
- * Get a dynamic file
- *
- * @param Request $request PSR Request
- * @param Response $response PSR Response
- * @param integer $id Member ID
- * @param integer $fid Dynamic fields ID
- * @param integer $pos Dynamic field position
- * @param string $name File name
- *
- * @return Response
- */
- public function getDynamicFile(
- Request $request,
- Response $response,
- int $id,
- int $fid,
- int $pos,
- string $name
- ): Response {
- $member = new Adherent($this->zdb);
- $member
- ->disableAllDeps()
- ->enableDep('dynamics')
- ->load($id);
-
- $denied = null;
- if (!$member->canShow($this->login)) {
- $fields = $member->getDynamicFields()->getFields();
- if (!isset($fields[$fid])) {
- //field does not exist or access is forbidden
- $denied = true;
- } else {
- $denied = false;
- }
- }
-
- if ($denied === true) {
- $this->flash->addMessage(
- 'error_detected',
- _T("You do not have permission for requested URL.")
- );
-
- return $response
- ->withHeader(
- 'Location',
- $this->routeparser->urlFor(
- 'member',
- ['id' => $id]
- )
- );
- }
-
- $filename = str_replace(
- [
- '%mid',
- '%fid',
- '%pos'
- ],
- [
- $id,
- $fid,
- $pos
- ],
- 'member_%mid_field_%fid_value_%pos'
- );
-
- if (file_exists(GALETTE_FILES_PATH . $filename)) {
- $type = File::getMimeType(GALETTE_FILES_PATH . $filename);
-
- $response = $response->withHeader('Content-Description', 'File Transfer')
- ->withHeader('Content-Type', $type)
- ->withHeader('Content-Disposition', 'attachment;filename="' . $name . '"')
- ->withHeader('Pragma', 'no-cache')
- ->withHeader('Content-Transfer-Encoding', 'binary')
- ->withHeader('Expires', '0')
- ->withHeader('Cache-Control', 'must-revalidate')
- ->withHeader('Pragma', 'public');
-
- $stream = fopen('php://memory', 'r+');
- fwrite($stream, file_get_contents(GALETTE_FILES_PATH . $filename));
- rewind($stream);
-
- return $response->withBody(new \Slim\Psr7\Stream($stream));
- } else {
- Analog::log(
- 'A request has been made to get a dynamic file named `' .
- $filename . '` that does not exists.',
- Analog::WARNING
- );
-
- $this->flash->addMessage(
- 'error_detected',
- _T("The file does not exists or cannot be read :(")
- );
-
- return $response
- ->withHeader(
- 'Location',
- $this->routeparser->urlFor('member', ['id' => $id])
- );
- }
- }
-
/**
* Members list
*
*/
public function load($object)
{
- switch (get_class($object)) {
- case 'Galette\Entity\Adherent':
- $this->form_name = 'adh';
- break;
- case 'Galette\Entity\Contribution':
- $this->form_name = 'contrib';
- break;
- case 'Galette\Entity\Transaction':
- $this->form_name = 'trans';
- break;
- default:
- throw new \RuntimeException('Class ' . get_class($object) . ' does not handle dynamic fields!');
- }
+ $this->form_name = $object->getFormName();
try {
$this->item_id = $object->id;
namespace Galette\Features;
+use Galette\Repository\DynamicFieldsSet;
use Throwable;
use Analog\Analog;
use Galette\DynamicFields\File;
continue;
}
+ $form_name = $this->getFormName();
+ if ($form_name === 'adh') {
+ $form_name = 'member'; //for compatibility with existing files
+ }
$new_filename = sprintf(
- 'member_%d_field_%d_value_%d',
+ '%s_%d_field_%d_value_%d',
+ $form_name,
$this->id,
$field_id,
$val_index
}
return $this->dynamicsCheck($dfields, [], []);
}
+
+ /**
+ * Get form name
+ *
+ * @return string
+ */
+ public function getFormName(): string
+ {
+ return array_search(get_class($this), DynamicFieldsSet::getClasses());
+ }
}
$this->routeparser->urlFor(
'getDynamicFile',
[
+ 'form_name' => $form_name,
'id' => $object->id,
'fid' => $field_id,
'pos' => ++$pos,
$this->login = $login;
}
+ /**
+ * Get form names and associated classes
+ *
+ * @return string[]
+ */
+ public static function getClasses(): array
+ {
+ return [
+ 'adh' => 'Galette\Entity\Adherent',
+ 'contrib' => 'Galette\Entity\Contribution',
+ 'trans' => 'Galette\Entity\Transaction'
+ ];
+ }
+
/**
* Get fields list for one form
*
</div>
{% elseif get_class(field) == 'Galette\\DynamicFields\\File' %}
{% if object.id and valuedata %}
- <a href="{{ url_for("getDynamicFile", {"id": object.id, "fid": field.getId(), "pos": loop, "name": valuedata}) }}">
+ <a href="{{ url_for("getDynamicFile", {"form_name": object.getFormName(), "id": object.id, "fid": field.getId(), "pos": loop, "name": valuedata}) }}">
{{ valuedata }}
<i class="external alternate icon"></i>
</a>
{{ _T("No") }}
{% endif %}
{% elseif get_class(field) == 'Galette\\DynamicFields\\File' %}
- <a href="{{ url_for("getDynamicFile", {"id": object.id, "fid": field.getId(), "pos": loop.index, "name": value}) }}">{{ value }}</a>
+ <a href="{{ url_for("getDynamicFile", {"form_name": object.getFormName(), "id": object.id, "fid": field.getId(), "pos": loop.index, "name": value}) }}">{{ value }}</a>
{% elseif get_class(field) == 'Galette\\DynamicFields\\Line' and callstatic("Galette\\Core\\GaletteMail", "isValidEmail", value) %}
<a href="mailto:{{ value }}">{{ value }}</a>
{% elseif get_class(field) == 'Galette\\DynamicFields\\Line' and callstatic("Galette\\Core\\GaletteMail", "isUrl", value) %}