FIxed db/build authentification errors, merged from gsoc r39559 and r37162

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@39609 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Andrew O'Neil 2007-08-06 00:47:31 +00:00
parent f545953c18
commit 4560135eb9
2 changed files with 190 additions and 113 deletions

View File

@ -1,27 +1,41 @@
<?php <?php
/** /**
* Database Administration
*
* @package sapphire * @package sapphire
* @subpackage core * @subpackage core
*/ */
require_once("core/model/DB.php");
/** /**
* Utility functions for administrating the database. These can be accessed via URL, * Include the DB class
* eg http://www,yourdomain.com/db/build. */
require_once("core/model/DB.php");
/**
* DatabaseAdmin class
*
* Utility functions for administrating the database. These can be accessed
* via URL, e.g. http://www.yourdomain.com/db/build.
*/ */
class DatabaseAdmin extends Controller { class DatabaseAdmin extends Controller {
/** /**
* Get the data classes, grouped by their root class * Get the data classes, grouped by their root class
* @return array *
* @return array Array of data classes, grouped by their root class
*/ */
function groupedDataClasses() { function groupedDataClasses() {
// Get all root data objects // Get all root data objects
$allClasses = get_declared_classes(); $allClasses = get_declared_classes();
foreach($allClasses as $class) { foreach($allClasses as $class) {
if(get_parent_class($class) == "DataObject") $rootClasses[$class] = array(); if(get_parent_class($class) == "DataObject")
$rootClasses[$class] = array();
} }
// Assign every other data object one of those // Assign every other data object one of those
foreach($allClasses as $class) { foreach($allClasses as $class) {
if(!isset($rootClasses[$class]) && is_subclass_of($class, "DataObject")) { if(!isset($rootClasses[$class]) && is_subclass_of($class, "DataObject")) {
@ -36,6 +50,7 @@ class DatabaseAdmin extends Controller {
return $rootClasses; return $rootClasses;
} }
/** /**
* Display a simple HTML menu of database admin helpers. * Display a simple HTML menu of database admin helpers.
*/ */
@ -45,17 +60,26 @@ class DatabaseAdmin extends Controller {
echo "<p><a href=\"../images/flush\">Flush <b>all</b> of the generated images.</a></p>"; echo "<p><a href=\"../images/flush\">Flush <b>all</b> of the generated images.</a></p>";
} }
/** /**
* Updates the database schema, creating tables & fields as necessary. * Updates the database schema, creating tables & fields as necessary.
*/ */
function build() { function build() {
if(Director::isLive() && ClassInfo::hasTable('Member') && ClassInfo::hasTable('Group') && ClassInfo::hasTable('Permission')) { if((Director::isLive() && ClassInfo::hasTable('Member') &&
BasicAuth::requireLogin("SilverStripe developer access. Use your CMS login", "ADMIN"); ClassInfo::hasTable('Group') && ClassInfo::hasTable('Permission'))
&& (!Member::currentUser() || !Member::currentUser()->isAdmin())) {
Security::permissionFailure($this,
"This page is secured and you need administrator rights to access it. " .
"Enter your credentials below and we will send you right along.");
return;
} }
$this->doBuild(isset($_REQUEST['quiet']) || isset($_REQUEST['from_installer'])); // The default time limit of 30 seconds is normally not enough
} set_time_limit(600);
$this->doBuild(isset($_REQUEST['quiet']) ||
isset($_REQUEST['from_installer']));
}
/** /**
* Check if database needs to be built, and build it if it does. * Check if database needs to be built, and build it if it does.
@ -72,20 +96,27 @@ class DatabaseAdmin extends Controller {
} }
} }
/** /**
* Returns the timestamp of the time that the database was last built * Returns the timestamp of the time that the database was last built
* @return string *
* @return string Returns the timestamp of the time that the database was
* last built
*/ */
static function lastBuilt() { static function lastBuilt() {
$file = TEMP_FOLDER . '/database-last-generated-' .str_replace(array('\\','/',':'),'.',Director::baseFolder()); $file = TEMP_FOLDER . '/database-last-generated-' .
str_replace(array('\\','/',':'), '.' , Director::baseFolder());
if(file_exists($file)) { if(file_exists($file)) {
return filemtime($file); return filemtime($file);
} }
} }
/** /**
* Updates the database schema, creating tables & fields as necessary. * Updates the database schema, creating tables & fields as necessary.
* @param boolean $quiet Don't show messages' *
* @param boolean $quiet Don't show messages
*/ */
function doBuild($quiet = false) { function doBuild($quiet = false) {
if($quiet) { if($quiet) {
@ -151,6 +182,7 @@ class DatabaseAdmin extends Controller {
} }
} }
/** /**
* Method used to check mod_rewrite is working correctly in the installer. * Method used to check mod_rewrite is working correctly in the installer.
*/ */
@ -158,9 +190,10 @@ class DatabaseAdmin extends Controller {
echo "OK"; echo "OK";
} }
/** /**
* Remove invalid records from tables - that is, records that * Remove invalid records from tables - that is, records that don't have
* don't have corresponding records in their parent class tables. * corresponding records in their parent class tables.
*/ */
function cleanup() { function cleanup() {
$allClasses = get_declared_classes(); $allClasses = get_declared_classes();
@ -185,13 +218,16 @@ class DatabaseAdmin extends Controller {
foreach($subclasses as $subclass) { foreach($subclasses as $subclass) {
$recordExists[$subclass] = DB::query("SELECT ID FROM `$subclass")->keyedColumn(); $recordExists[$subclass] =
DB::query("SELECT ID FROM `$subclass")->keyedColumn();
} }
foreach($records as $record) { foreach($records as $record) {
foreach($subclasses as $subclass) { foreach($subclasses as $subclass) {
$id = $record['ID']; $id = $record['ID'];
if($record['ClassName'] != $subclass && !is_subclass_of($record['ClassName'], $subclass) && $recordExists[$subclass][$id]) { if(($record['ClassName'] != $subclass) &&
(!is_subclass_of($record['ClassName'], $subclass)) &&
($recordExists[$subclass][$id])) {
$sql = "DELETE FROM `$subclass` WHERE ID = $record[ID]"; $sql = "DELETE FROM `$subclass` WHERE ID = $record[ID]";
echo "<li>$sql"; echo "<li>$sql";
DB::query($sql); DB::query($sql);
@ -202,12 +238,15 @@ class DatabaseAdmin extends Controller {
} }
} }
/** /**
* Imports objects based on a specified CSV file in $_GET['FileName'] * Imports objects based on a specified CSV file in $_GET['FileName']
*/ */
function import(){ function import(){
$FileName = $_GET['FileName']; $FileName = $_GET['FileName'];
$FileName = $_SERVER['DOCUMENT_ROOT'] . substr($_SERVER['PHP_SELF'],0,strlen($_SERVER['PHP_SELF'])-18) ."/assets/". $FileName; $FileName = $_SERVER['DOCUMENT_ROOT'] .
substr($_SERVER['PHP_SELF'], 0, strlen($_SERVER['PHP_SELF'])-18) .
"/assets/" . $FileName;
if(file_exists($FileName)) { if(file_exists($FileName)) {
$handle = fopen($FileName,'r'); $handle = fopen($FileName,'r');
@ -218,9 +257,10 @@ class DatabaseAdmin extends Controller {
$row++; $row++;
if($row == 1){ if($row == 1){
for ($c=0; $c < $num; $c++) for ($c=0; $c < $num; $c++) {
$ColumnHeaders[] = str_replace(' ','',$data[$c]); $ColumnHeaders[] = str_replace(' ','',$data[$c]);
// Have to add code here to remove unsafe chars.. // Have to add code here to remove unsafe chars..
}
} else { } else {
$Product = new Product(); $Product = new Product();
@ -229,10 +269,13 @@ class DatabaseAdmin extends Controller {
$Product->$ColumnHeaders[$c] = trim($data[$c]); $Product->$ColumnHeaders[$c] = trim($data[$c]);
} }
$MainCategory = DataObject::get("ProductGroup", "URLSegment LIKE '". $Product->generateURLSegment($Product->Category) ."'"); $MainCategory = DataObject::get("ProductGroup",
"URLSegment LIKE '" . $Product->generateURLSegment(
$Product->Category) ."'");
if(!$MainCategory){ if(!$MainCategory) {
// if we cant find a main category, create all three sub categories, as they must be unique. // if we can't find a main category, create all three sub
// categories, as they must be unique.
$ProductGroup = new ProductGroup(); $ProductGroup = new ProductGroup();
$ProductGroup->Title = $Product->Category; $ProductGroup->Title = $Product->Category;
@ -241,7 +284,7 @@ class DatabaseAdmin extends Controller {
$index = $ProductGroup->write(); $index = $ProductGroup->write();
$ProductGroup->flushCache(); $ProductGroup->flushCache();
if($Product->SubCategory){ if($Product->SubCategory) {
$ChildProductGroup = new ProductGroup(); $ChildProductGroup = new ProductGroup();
$ChildProductGroup->Title = $Product->SubCategory; $ChildProductGroup->Title = $Product->SubCategory;
print_r("<ul><li>Created : $ChildProductGroup->Title</li>"); print_r("<ul><li>Created : $ChildProductGroup->Title</li>");
@ -265,7 +308,9 @@ class DatabaseAdmin extends Controller {
print_r("<ul><li>USING : $MainCategory->Title</li>"); print_r("<ul><li>USING : $MainCategory->Title</li>");
$index = $MainCategory->ID; $index = $MainCategory->ID;
$SubCategory = DataObject::get_one("ProductGroup","URLSegment LIKE '". $Product->generateURLSegment($Product->SubCategory) ."'"); $SubCategory = DataObject::get_one("ProductGroup",
"URLSegment LIKE '" . $Product->generateURLSegment(
$Product->SubCategory) ."'");
if(!$SubCategory && $Product->SubCategory) { if(!$SubCategory && $Product->SubCategory) {
$ChildProductGroup = new ProductGroup(); $ChildProductGroup = new ProductGroup();
@ -290,7 +335,9 @@ class DatabaseAdmin extends Controller {
print_r("<ul><li>USING : $SubCategory->Title</li>"); print_r("<ul><li>USING : $SubCategory->Title</li>");
$index = $SubCategory->ID; $index = $SubCategory->ID;
$SubCategory2 = DataObject::get_one("ProductGroup","URLSegment LIKE '". $Product->generateURLSegment($Product->SubCategory2) ."'"); $SubCategory2 = DataObject::get_one("ProductGroup",
"URLSegment LIKE '" . $Product->generateURLSegment(
$Product->SubCategory2) ."'");
if($Product->SubCategory2) { if($Product->SubCategory2) {
$NestedProductGroup = new ProductGroup(); $NestedProductGroup = new ProductGroup();
@ -305,7 +352,9 @@ class DatabaseAdmin extends Controller {
} }
} }
$MatchedProduct = DataObject::get_one("Product","URLSegment LIKE '". $Product->generateURLSegment($Product->Title) . "'"); $MatchedProduct = DataObject::get_one("Product",
"URLSegment LIKE '" . $Product->generateURLSegment(
$Product->Title) . "'");
if($MatchedProduct) { if($MatchedProduct) {
// create the new parents / assign many many // create the new parents / assign many many
@ -340,12 +389,14 @@ class DatabaseAdmin extends Controller {
*/ */
function generateProductGroups() { function generateProductGroups() {
$FileName = $_GET['FileName']; $FileName = $_GET['FileName'];
$FileName = $_SERVER['DOCUMENT_ROOT'] . substr($_SERVER['PHP_SELF'], 0, strlen($_SERVER['PHP_SELF']) - 18) ."/assets/". $FileName; $FileName = $_SERVER['DOCUMENT_ROOT'] .
substr($_SERVER['PHP_SELF'], 0, strlen($_SERVER['PHP_SELF']) - 18) .
"/assets/" . $FileName;
if(file_exists($FileName)) { if(file_exists($FileName)) {
$handle = fopen($FileName,'r'); $handle = fopen($FileName,'r');
if($handle){ if($handle) {
$i = 0; $i = 0;
while(($data = fgetcsv($handle, 1000, ",")) !== FALSE) { while(($data = fgetcsv($handle, 1000, ",")) !== FALSE) {
$ProductGroup[$i] = $data[0]; $ProductGroup[$i] = $data[0];
@ -359,11 +410,17 @@ class DatabaseAdmin extends Controller {
} else { } else {
print_r("<h1>Error: Could not open file.</h1>"); print_r("<h1>Error: Could not open file.</h1>");
} }
} else{ } else {
print_r("<h1>Error: Could not open file.</h1>"); print_r("<h1>Error: Could not open file.</h1>");
} }
} }
/**
* This method does nothing at the moment...
*/
function makeURL() {} function makeURL() {}
} }
?> ?>

View File

@ -217,11 +217,31 @@ class Member extends DataObject {
/** /**
* Returns true if this user is an administrator. * Returns true if this user is an administrator.
* Administrators have access to everything. The lucky bastards! ;-) * Administrators have access to everything. The lucky bastards! ;-)
*
* @todo Should this function really exists? Is not {@link isAdmin()} the
* only right name for this?
* @todo Is {@link Group}::CanCMSAdmin not deprecated?
*/ */
function _isAdmin() { function _isAdmin() {
if($groups = $this->Groups()) { if($groups = $this->Groups()) {
foreach($groups as $group) if($group->CanCMSAdmin) return true; foreach($groups as $group) if($group->CanCMSAdmin) return true;
} }
return Permission::check('ADMIN');
}
/**
* Check if the user is an administrator
*
* Alias for {@link _isAdmin()} because the method is used in both ways
* all over the framework.
*
* @return Returns TRUE if this user is an administrator.
* @see _isAdmin()
*/
public function isAdmin() {
return $this->_isAdmin();
} }
function _isCMSUser() { function _isCMSUser() {
if($groups = $this->Groups()) { if($groups = $this->Groups()) {