Skip to content

Commit

Permalink
Merge pull request #5 from pkp/master
Browse files Browse the repository at this point in the history 
Update local master branch
  • Loading branch information
@israelcefrin
israelcefrin authored Feb 4, 2021
2 parents edb53e1 + 4895399 commit 673cd0a
Show file tree
Hide file tree
Showing 1,622 changed files with 18,998 additions and 5,103 deletions.
15 changes: 10 additions & 5 deletions api/v1/_email/PKPEmailHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file api/v1/_email/PKPEmailHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2003-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPEmailHandler
Expand Down Expand Up @@ -78,6 +78,10 @@ public function create(ServerRequestInterface $slimRequest, APIResponse $respons
$context = $this->getRequest()->getContext();
$contextId = $context->getId();

if (!in_array($contextId, (array) $this->getRequest()->getSite()->getData('enableBulkEmails'))) {
return $response->withStatus(403)->withJsonError('api.emails.403.disabled');
}

$requestParams = $slimRequest->getParsedBody();

$params = [];
Expand Down Expand Up @@ -120,10 +124,11 @@ public function create(ServerRequestInterface $slimRequest, APIResponse $respons

$userGroupDao = DAORegistry::getDAO('UserGroupDAO');
foreach ($params['userGroupIds'] as $userGroupId) {
if (!$userGroupDao->contextHasGroup($contextId, $userGroupId)) {
if (!$userGroupDao->contextHasGroup($contextId, $userGroupId)
|| in_array($userGroupId, (array) $context->getData('disableBulkEmailUserGroups'))) {
return $response->withJson([
'userGroupIds' => [__('api.emails.403.notAllowedUserGroup')],
], 403);
], 400);
}
}

Expand Down Expand Up @@ -197,7 +202,7 @@ public function process(ServerRequestInterface $slimRequest, APIResponse $respon
if (!$countRunning && $countPending) {
$laravelContainer = Registry::get('laravelContainer');
$worker = new Illuminate\Queue\Worker(
$laravelContainer['queue'],
$laravelContainer['queue'],
$laravelContainer['events'],
$laravelContainer['exception.handler'],
function() {
Expand Down
4 changes: 2 additions & 2 deletions api/v1/_payments/PKPBackendPaymentsSettingsHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
/**
* @file api/v1/_payments/PKPBackendPaymentsSettingsHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2003-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPBackendPaymentsSettingsHandler
Expand Down
4 changes: 2 additions & 2 deletions api/v1/_submissions/PKPBackendSubmissionsHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file api/v1/_submissions/PKPBackendSubmissionsHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2003-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPBackendSubmissionsHandler
Expand Down
4 changes: 2 additions & 2 deletions api/v1/_uploadPublicFile/PKPUploadPublicFileHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
/**
* @file api/v1/contexts/PKPUploadPublicFileHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPUploadPublicFileHandler
Expand Down
4 changes: 2 additions & 2 deletions api/v1/announcements/PKPAnnouncementHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file api/v1/announcements/PKPAnnouncementHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2003-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPAnnouncementHandler
Expand Down
18 changes: 8 additions & 10 deletions api/v1/contexts/PKPContextHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
/**
* @file api/v1/contexts/PKPContextHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPContextHandler
Expand Down Expand Up @@ -143,14 +143,12 @@ public function getMany($slimRequest, $response, $args) {

$items = array();
$contextsIterator = Services::get('context')->getMany($allowedParams);
if (count($contextsIterator)) {
$propertyArgs = array(
'request' => $request,
'slimRequest' => $slimRequest,
);
foreach ($contextsIterator as $context) {
$items[] = Services::get('context')->getSummaryProperties($context, $propertyArgs);
}
$propertyArgs = array(
'request' => $request,
'slimRequest' => $slimRequest,
);
foreach ($contextsIterator as $context) {
$items[] = Services::get('context')->getSummaryProperties($context, $propertyArgs);
}

$data = array(
Expand Down
4 changes: 2 additions & 2 deletions api/v1/emailTemplates/PKPEmailTemplateHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
/**
* @file api/v1/contexts/PKPEmailTemplateHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPEmailTemplateHandler
Expand Down
4 changes: 2 additions & 2 deletions api/v1/site/PKPSiteHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
/**
* @file api/v1/site/PKPSiteHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPSiteHandler
Expand Down
4 changes: 2 additions & 2 deletions api/v1/stats/editorial/PKPStatsEditorialHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file api/v1/stats/PKPStatsEditorialHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2003-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPStatsEditorialHandler
Expand Down
4 changes: 2 additions & 2 deletions api/v1/stats/publications/PKPStatsPublicationHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file api/v1/stats/PKPStatsHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2003-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPStatsPublicationHandler
Expand Down
4 changes: 2 additions & 2 deletions api/v1/stats/users/PKPStatsUserHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file api/v1/stats/PKPStatsUserHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2003-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPStatsUserHandler
Expand Down
41 changes: 21 additions & 20 deletions api/v1/submissions/PKPSubmissionFileHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file api/v1/submissions/PKPSubmissionFileHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2003-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class SubmissionHandler
Expand Down Expand Up @@ -127,13 +127,15 @@ public function getMany($slimRequest, $response, $args) {
$userRoles = $this->getAuthorizedContextObject(ASSOC_TYPE_USER_ROLES);
$stageAssignments = $this->getAuthorizedContextObject(ASSOC_TYPE_ACCESSIBLE_WORKFLOW_STAGES);

$allowedFileStages = [];

// Managers can access files for submissions they are not assigned to
if (empty($stageAssignments)) {
if (!in_array(ROLE_ID_MANAGER, $userRoles)) {
return $response->withStatus(403)->withJsonError('api.403.unauthorized');
}
// @see PKPSubmissionFileService::getAssignedFileStages() for excluded file stages
$params['fileStages'] = [
$allowedFileStages = [
SUBMISSION_FILE_SUBMISSION,
SUBMISSION_FILE_REVIEW_FILE,
SUBMISSION_FILE_FINAL,
Expand All @@ -150,13 +152,14 @@ public function getMany($slimRequest, $response, $args) {
// @see PKPSubmissionFileService::getAssignedFileStages() for excluded file stages
} else {
$allowedFileStages = Services::get('submissionFile')->getAssignedFileStages($stageAssignments, SUBMISSION_FILE_ACCESS_READ);
if (empty($params['fileStages'])) {
$params['fileStages'] = $allowedFileStages;
} else {
foreach ($params['fileStages'] as $fileStage) {
if (!in_array($fileStage, $allowedFileStages)) {
return $response->withStatus(403)->withJsonError('api.submissionFiles.403.unauthorizedFileStageId');
}
}

if (empty($params['fileStages'])) {
$params['fileStages'] = $allowedFileStages;
} else {
foreach ($params['fileStages'] as $fileStage) {
if (!in_array($fileStage, $allowedFileStages)) {
return $response->withStatus(403)->withJsonError('api.submissionFiles.403.unauthorizedFileStageId');
}
}
}
Expand Down Expand Up @@ -194,15 +197,13 @@ public function getMany($slimRequest, $response, $args) {

$items = [];
$filesIterator = Services::get('submissionFile')->getMany($params);
if (count($filesIterator)) {
$propertyArgs = [
'request' => $request,
'slimRequest' => $slimRequest,
'submission' => $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION),
];
foreach ($filesIterator as $file) {
$items[] = Services::get('submissionFile')->getSummaryProperties($file, $propertyArgs);
}
$propertyArgs = [
'request' => $request,
'slimRequest' => $slimRequest,
'submission' => $this->getAuthorizedContextObject(ASSOC_TYPE_SUBMISSION),
];
foreach ($filesIterator as $file) {
$items[] = Services::get('submissionFile')->getSummaryProperties($file, $propertyArgs);
}

$data = [
Expand Down Expand Up @@ -357,7 +358,7 @@ public function edit($slimRequest, $response, $args) {
unset($params['submissionId'], $params['fileId'], $params['uploaderUserId']);

if (empty($params) && empty($_FILES['file'])) {
return $response->withStatus(400)->withJsonError('api.submissions.files.400.noParams');
return $response->withStatus(400)->withJsonError('api.submissionsFiles.400.noParams');
}

$primaryLocale = $request->getContext()->getPrimaryLocale();
Expand Down
13 changes: 10 additions & 3 deletions api/v1/submissions/PKPSubmissionHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file api/v1/submissions/PKPSubmissionHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2003-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class SubmissionHandler
Expand Down Expand Up @@ -51,6 +51,13 @@ class PKPSubmissionHandler extends APIHandler {
'deletePublication',
];

/** @var array Roles that can access a submission's production stage */
public $productionStageAccessRoles = [
ROLE_ID_MANAGER,
ROLE_ID_SUB_EDITOR,
ROLE_ID_ASSISTANT
];

/**
* Constructor
*/
Expand Down Expand Up @@ -165,7 +172,7 @@ function authorize($request, &$args, $roleAssignments) {

if (in_array($routeName, $this->requiresProductionStageAccess)) {
import('lib.pkp.classes.security.authorization.StageRolePolicy');
$this->addPolicy(new StageRolePolicy([ROLE_ID_MANAGER, ROLE_ID_SUB_EDITOR, ROLE_ID_ASSISTANT], WORKFLOW_STAGE_ID_PRODUCTION, false));
$this->addPolicy(new StageRolePolicy($this->productionStageAccessRoles, WORKFLOW_STAGE_ID_PRODUCTION, false));
}

return parent::authorize($request, $args, $roleAssignments);
Expand Down
4 changes: 2 additions & 2 deletions api/v1/temporaryFiles/PKPTemporaryFilesHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
/**
* @file api/v1/contexts/PKPTemporaryFilesHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPTemporaryFilesHandler
Expand Down
4 changes: 2 additions & 2 deletions api/v1/users/PKPUserHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file api/v1/users/PKPUserHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPUserHandler
Expand Down
4 changes: 2 additions & 2 deletions api/v1/vocabs/PKPVocabHandler.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file api/v1/vocabs/PKPVocabHandler.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2003-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2003-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class PKPVocabHandler
Expand Down
4 changes: 2 additions & 2 deletions classes/announcement/Announcement.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@
/**
* @file classes/announcement/Announcement.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class Announcement
Expand Down
4 changes: 2 additions & 2 deletions classes/announcement/AnnouncementDAO.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file classes/announcement/AnnouncementDAO.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class AnnouncementDAO
Expand Down
4 changes: 2 additions & 2 deletions classes/announcement/AnnouncementType.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file classes/announcement/AnnouncementType.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class AnnouncementType
Expand Down
4 changes: 2 additions & 2 deletions classes/announcement/AnnouncementTypeDAO.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file classes/announcement/AnnouncementTypeDAO.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class AnnouncementTypeDAO
Expand Down
4 changes: 2 additions & 2 deletions classes/cache/APCCache.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file classes/cache/APCCache.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @class APCCache
Expand Down
4 changes: 2 additions & 2 deletions classes/cache/CacheManager.inc.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@
/**
* @file classes/cache/CacheManager.inc.php
*
* Copyright (c) 2014-2020 Simon Fraser University
* Copyright (c) 2000-2020 John Willinsky
* Copyright (c) 2014-2021 Simon Fraser University
* Copyright (c) 2000-2021 John Willinsky
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
*
* @ingroup cache
Expand Down
Loading

0 comments on commit 673cd0a

Please sign in to comment.