ajax_controller.class.php 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. /**
  4. * Link controller (ajax) script
  5. * @package chamilo.link
  6. */
  7. /**
  8. * Init
  9. */
  10. namespace Link;
  11. use \Model\Course;
  12. use \CourseDescription;
  13. use \CourseDescriptionRoutes;
  14. use \Display;
  15. use \Template;
  16. use \FormValidator;
  17. use \Security;
  18. use \Uri;
  19. use Header;
  20. /**
  21. * Ajax controller. Dispatch request and perform required action.
  22. *
  23. * - delete category/link
  24. * - hide/show link
  25. * - sort links/categories
  26. *
  27. * Usage:
  28. *
  29. * $controller = AjaxController::instance();
  30. * $controller->run();
  31. *
  32. * @author Laurent Opprecht <laurent@opprecht.info> for the Univesity of Genevas
  33. * @license /license.txt
  34. */
  35. class AjaxController extends \Controller
  36. {
  37. const ACTION_DELETE_CATEGORY = 'delete_category';
  38. const ACTION_HIDE_LINK = 'hide_link';
  39. const ACTION_SHOW_LINK = 'show_link';
  40. const ACTION_DELETE_LINK = 'delete_link';
  41. const ACTION_DELETE_BY_COURSE = 'delete_by_course';
  42. const ACTION_SORT_CATEGORIES = 'sort_categories';
  43. const ACTION_SORT_LINKS = 'sort_links';
  44. const ACTION_VALIDATE_LINK = 'validate_link';
  45. /**
  46. * Return the instance of the controller.
  47. *
  48. * @return \Link\AjaxController
  49. */
  50. public static function instance()
  51. {
  52. static $result = null;
  53. if (empty($result)) {
  54. $result = new self();
  55. }
  56. return $result;
  57. }
  58. protected function __construct()
  59. {
  60. }
  61. /**
  62. * Prepare the environment. Set up breadcrumps and raise tracking event.
  63. */
  64. protected function prolog()
  65. {
  66. event_access_tool(TOOL_LINK);
  67. }
  68. public function authorize()
  69. {
  70. $authorize = api_protect_course_script();
  71. if (!$authorize) {
  72. return false;
  73. }
  74. $c_id = Request::get_c_id();
  75. if (empty($c_id)) {
  76. return false;
  77. }
  78. if (Request::is_student_view()) {
  79. return false;
  80. }
  81. if (!$this->is_allowed_to_edit()) {
  82. return false;
  83. }
  84. return true;
  85. }
  86. public function is_allowed_to_edit()
  87. {
  88. $session_id = Request::get_session_id();
  89. if ($session_id != 0 && api_is_allowed_to_session_edit(false, true) == false) {
  90. return false;
  91. }
  92. // if (!Security::check_token('get')) {
  93. // return false;
  94. // }
  95. if (!api_is_allowed_to_edit(false, true, true)) {
  96. return false;
  97. }
  98. return true;
  99. }
  100. /**
  101. *
  102. */
  103. public function hide_link()
  104. {
  105. if (!$this->is_allowed_to_edit()) {
  106. $this->forbidden();
  107. return;
  108. }
  109. $c_id = Request::get_c_id();
  110. $id = Request::get_id();
  111. $success = LinkRepository::instance()->make_invisible($c_id, $id);
  112. $this->response($success);
  113. }
  114. /**
  115. *
  116. */
  117. public function show_link()
  118. {
  119. if (!$this->is_allowed_to_edit()) {
  120. $this->forbidden();
  121. return;
  122. }
  123. $c_id = Request::get_c_id();
  124. $id = Request::get_id();
  125. $success = LinkRepository::instance()->make_visible($c_id, $id);
  126. $this->response($success);
  127. }
  128. /**
  129. *
  130. */
  131. public function delete_link()
  132. {
  133. if (!$this->is_allowed_to_edit()) {
  134. $this->forbidden();
  135. return;
  136. }
  137. $link = (object) array();
  138. $link->c_id = Request::get_c_id();
  139. $link->id = Request::get_id();
  140. $success = LinkRepository::instance()->remove($link);
  141. $this->response($success);
  142. }
  143. /**
  144. *
  145. */
  146. public function delete_category()
  147. {
  148. if (!$this->is_allowed_to_edit()) {
  149. $this->forbidden();
  150. return;
  151. }
  152. $category = (object) array();
  153. $category->c_id = Request::get_c_id();
  154. $category->id = Request::get_id();
  155. $success = LinkCategoryRepository::instance()->remove($category);
  156. $this->response($success);
  157. }
  158. /**
  159. *
  160. */
  161. public function delete_by_course()
  162. {
  163. if (!$this->is_allowed_to_edit()) {
  164. $this->forbidden();
  165. return;
  166. }
  167. $c_id = Request::get_c_id();
  168. $session_id = Request::get_session_id();
  169. $success_link = LinkRepository::instance()->remove_by_course($c_id, $session_id);
  170. $success_cat = LinkCategoryRepository::instance()->remove_by_course($c_id, $session_id);
  171. $this->response($success_link && $success_cat);
  172. }
  173. public function sort_categories()
  174. {
  175. if (!$this->is_allowed_to_edit()) {
  176. $this->forbidden();
  177. return;
  178. }
  179. $c_id = Request::get_c_id();
  180. $ids = Request::get_ids();
  181. if (empty($ids)) {
  182. return;
  183. }
  184. $repo = LinkCategoryRepository::instance();
  185. $success = $repo->order($c_id, $ids);
  186. $this->response($success);
  187. }
  188. public function sort_links()
  189. {
  190. if (!$this->is_allowed_to_edit()) {
  191. $this->forbidden();
  192. return;
  193. }
  194. $c_id = Request::get_c_id();
  195. $ids = Request::get_ids();
  196. if (empty($ids)) {
  197. return;
  198. }
  199. $repo = LinkRepository::instance();
  200. $success = $repo->order($c_id, $ids);
  201. $this->response($success);
  202. }
  203. public function validate_link()
  204. {
  205. $c_id = Request::get_c_id();
  206. $id = Request::get_id();
  207. $repo = LinkRepository::instance();
  208. $link = $repo->find_one_by_id($c_id, $id);
  209. $success = $link ? $link->validate() : false;
  210. $this->response($success);
  211. }
  212. function forbidden()
  213. {
  214. $this->response(false, get_lang('YouAreNotAuthorized'));
  215. }
  216. public function unknown()
  217. {
  218. $this->response(false, get_lang('UnknownAction'));
  219. }
  220. /**
  221. * Action exists but implementation is missing.
  222. */
  223. public function missing()
  224. {
  225. $this->response(false, get_lang('NoImplementation'));
  226. }
  227. /**
  228. * Display a standard json responce.
  229. *
  230. * @param bool $success
  231. * @param string $message
  232. * @param object $data
  233. */
  234. public function response($success = false, $message = '', $data = null)
  235. {
  236. $message = trim($message);
  237. $response = (object) array();
  238. $response->success = $success;
  239. if ($message) {
  240. $response->message = Display::return_message($message, $success ? 'normal' : 'error');
  241. } else {
  242. $response->message = '';
  243. }
  244. $response->data = $data;
  245. $this->render_json($response);
  246. }
  247. }