Store adminfiles as institutional artefacts for the default institution

htdocs/admin/site/files.php

@@ -41,8 +41,8 @@ $wwwroot = get_config('wwwroot');
 $javascript = <<<JAVASCRIPT
 
 var copyrightnotice = '{$copyright}';
-var browser = new FileBrowser('filelist', '{$wwwroot}artefact/file/myfiles.json.php', {'adminfiles':true});
-var uploader = new FileUploader('uploader', '{$wwwroot}artefact/file/upload.php', {'adminfiles':true}, 
+var browser = new FileBrowser('filelist', '{$wwwroot}artefact/file/myfiles.json.php', {'institution':'mahara'});
+var uploader = new FileUploader('uploader', '{$wwwroot}artefact/file/upload.php', {'institution':'mahara'}, 
                                 null, null, browser.refresh, browser.fileexists);
 browser.changedircallback = uploader.updatedestination;
 

htdocs/artefact/blog/lib.php

@@ -651,7 +651,6 @@ class ArtefactTypeBlogPost extends ArtefactType {
         $data->description = $description;
         $data->tags = $tags;
         $data->owner = $USER->get('id');
-        $data->adminfiles = 0; // No admin blogs yet...
         $data->parent = $blogfilesid;
         $data->oldextension = $oldextension;
         

htdocs/artefact/file/createfolder.json.php

@@ -38,7 +38,7 @@ $title          = param_variable('name');
 $description    = param_variable('description', null);
 $tags           = param_variable('tags', null);
 $collideaction  = param_variable('collideaction', 'fail');
-$adminfiles     = param_boolean('adminfiles', false);
+$institution    = param_alpha('institution', null);
 
 $data = new StdClass;
 if ($parentfolder) {
@@ -47,10 +47,13 @@ if ($parentfolder) {
 $data->title = $title;
 $data->description = $description;
 $data->tags = $tags;
-$data->owner = $USER->get('id');
-$data->adminfiles = (int)$adminfiles;
+if ($institution) {
+    $data->institution = $institution;
+} else {
+    $data->owner = $USER->get('id');
+}
 
-if ($oldid = ArtefactTypeFileBase::file_exists($data->title, $data->owner, $parentfolder, $adminfiles)) {
+if ($oldid = ArtefactTypeFileBase::file_exists($data->title, $data->owner, $parentfolder, $institution)) {
     if ($collideaction == 'replace') {
         require_once(get_config('docroot') . 'artefact/lib.php');
         $obj = artefact_instance_from_id($oldid);

htdocs/artefact/file/db/install.xml

@@ -8,7 +8,6 @@
         <FIELDS>
             <FIELD NAME="artefact" TYPE="int" LENGTH="10" NOTNULL="true" />
             <FIELD NAME="size" TYPE="int" LENGTH="10" NOTNULL="false" />
-            <FIELD NAME="adminfiles" TYPE="int" LENGTH="1" NOTNULL="true" />
             <FIELD NAME="oldextension" TYPE="text" NOTNULL="false" />
         </FIELDS>
         <KEYS>

htdocs/artefact/file/download.php

@@ -68,13 +68,13 @@ else {
 
     // If the file is in the public directory, it's fine to serve
     $fileispublic = $file->get('parent') == ArtefactTypeFolder::admin_public_folder_id();
-    $fileispublic &= $file->get('adminfiles');
+    $fileispublic &= $file->get('institution') == 'mahara';
     $fileispublic &= record_exists('site_menu', 'file', $fileid, 'public', 1);
 
     if (!$fileispublic) {
         // If the file is in the logged in menu and the user is logged in then
         // they can view it
-        $fileinloggedinmenu = $file->get('adminfiles');
+        $fileinloggedinmenu = $file->get('institution') == 'mahara';
         $fileinloggedinmenu &= $file->get('parent') == null;
         $fileinloggedinmenu &= record_exists('site_menu', 'file', $fileid, 'public', 0);
         $fileinloggedinmenu &= $USER->is_logged_in();

htdocs/artefact/file/lang/en.utf8/artefact.file.php

@@ -66,6 +66,7 @@ $string['folder'] = 'Folder';
 $string['foldercreated'] = 'Folder created';
 $string['home'] = 'Home';
 $string['htmlremovedmessage'] = 'You are viewing <strong>%s</strong> by <a href="%s">%s</a>. The file displayed below has been filtered to remove malicious content, and is only a rough representation of the original.';
+$string['htmlremovedmessagenoowner'] = 'You are viewing <strong>%s</strong>. The file displayed below has been filtered to remove malicious content, and is only a rough representation of the original.';
 $string['image'] = 'Image';
 $string['lastmodified'] = 'Last Modified';
 $string['myfiles'] = 'My Files';

htdocs/artefact/file/lib.php

@@ -255,7 +255,6 @@ class PluginArtefactFile extends PluginArtefact {
 
 abstract class ArtefactTypeFileBase extends ArtefactType {
 
-    protected $adminfiles = 0;
     protected $size;
     // The original filename extension (when the file is first
     // uploaded) is saved here.  This is used as a workaround for IE's
@@ -334,7 +333,6 @@ abstract class ArtefactTypeFileBase extends ArtefactType {
         $data = (object)array(
             'artefact'      => $this->get('id'),
             'size'          => $this->get('size'),
-            'adminfiles'    => $this->get('adminfiles'),
             'oldextension'  => $this->get('oldextension')
         );
 
@@ -380,14 +378,22 @@ abstract class ArtefactTypeFileBase extends ArtefactType {
 
     // Check if something exists in the db with a given title and parent,
     // either in adminfiles or with a specific owner.
-    public static function file_exists($title, $owner, $folder, $adminfiles=false) {
+    public static function file_exists($title, $owner, $folder, $institution=null) {
         $filetypesql = "('" . join("','", PluginArtefactFile::get_artefact_types()) . "')";
+        $phvals = array($title);
+        if ($institution) {
+            $ownersql = 'a.institution = ? AND a.owner IS NULL';
+            $phvals[] = $institution;
+        } else {
+            $ownersql = 'a.institution IS NULL AND a.owner = ?';
+            $phvals[] = $owner;
+        }
         return get_field_sql('SELECT a.id FROM {artefact} a
             LEFT OUTER JOIN {artefact_file_files} f ON f.artefact = a.id
-            WHERE ' . ($adminfiles ? 'f.adminfiles = 1' : 'f.adminfiles <> 1 AND a.owner = ' . $owner) . '
-            AND a.title = ?
+            WHERE a.title = ?
+            AND ' . $ownersql . '
             AND a.parent ' . (empty($folder) ? ' IS NULL' : ' = ' . $folder) . '
-            AND a.artefacttype IN ' . $filetypesql, array($title));
+            AND a.artefacttype IN ' . $filetypesql, $phvals);
     }
 
 
@@ -398,13 +404,21 @@ abstract class ArtefactTypeFileBase extends ArtefactType {
     }
 
 
-    public static function get_my_files_data($parentfolderid, $userid, $adminfiles=false) {
+    public static function get_my_files_data($parentfolderid, $userid, $institution=null) {
 
         $foldersql = $parentfolderid ? ' = ' . $parentfolderid : ' IS NULL';
 
+        if ($institution) {
+            $ownersql = 'a.institution = ? AND a.owner IS NULL';
+            $phvals = array($institution);
+        } else {
+            $ownersql = 'a.institution IS NULL AND a.owner = ?';
+            $phvals = array($userid);
+        }
+
         // if blogs are installed then also return the number of blog
         // posts each file is attached to
-        $bloginstalled = !$adminfiles && get_field('artefact_installed', 'active', 'name', 'blog');
+        $bloginstalled = get_field('artefact_installed', 'active', 'name', 'blog');
 
         $filetypesql = "('" . join("','", PluginArtefactFile::get_artefact_types()) . "')";
         $filedata = get_records_sql_array('
@@ -418,10 +432,10 @@ abstract class ArtefactTypeFileBase extends ArtefactType {
                 . ($bloginstalled ? ('LEFT OUTER JOIN
                                      {artefact_blog_blogpost_file} b ON b.file = a.id') : '') . '
             WHERE a.parent' . $foldersql . '
-                AND ' . ($adminfiles ? 'f.adminfiles = 1' : ('f.adminfiles = 0 AND a.owner = ' . $userid)) . '
+                AND ' . $ownersql . '
                 AND a.artefacttype IN ' . $filetypesql . '
             GROUP BY
-                1, 2, 3, 4, 5, 6;', '');
+                a.id, a.artefacttype, a.mtime, f.size, a.title, a.description;', $phvals);
 
         if (!$filedata) {
             $filedata = array();
@@ -539,11 +553,10 @@ class ArtefactTypeFile extends ArtefactTypeFileBase {
         }
         $size = $um->file['size'];
         global $USER;
-        if (!$USER->quota_allowed($size) && !$data->adminfiles) {
+        if (!$USER->quota_allowed($size) && !$data->institution) {
             return get_string('uploadexceedsquota', 'artefact.file');
         }
         $f = self::new_file($um->file['tmp_name'], $data);
-        $f->set('owner', $USER->id);
         $f->set('size', $size);
         $f->set('oldextension', $um->original_filename_extension());
         $f->commit();
@@ -575,12 +588,12 @@ class ArtefactTypeFile extends ArtefactTypeFileBase {
 
     public static function get_admin_files($public) {
         $pubfolder = ArtefactTypeFolder::admin_public_folder_id();
-        $artefacts = get_records_sql_assoc('
+        $artefacts = get_records_sql_assoc("
             SELECT
                 a.id, a.title, a.parent, a.artefacttype
             FROM {artefact} a
                 INNER JOIN {artefact_file_files} f ON f.artefact = a.id
-            WHERE f.adminfiles = 1', array());
+            WHERE a.institution = 'mahara'", array());
 
         $files = array();
         if (!empty($artefacts)) {
@@ -617,7 +630,7 @@ class ArtefactTypeFile extends ArtefactTypeFileBase {
             unlink($file);
             global $USER;
             // Deleting other users' files won't lower their quotas yet...
-            if (!$this->adminfiles && $USER->id == $this->get('owner')) {
+            if (!$this->institution && $USER->id == $this->get('owner')) {
                 $USER->quota_remove($size);
                 $USER->commit();
             }
@@ -790,15 +803,15 @@ class ArtefactTypeFolder extends ArtefactTypeFileBase {
         // name of the directory uses the site language rather than
         // the language of the admin who first creates it.
         $name = get_string_from_language(get_config('lang'), 'adminpublicdirname', 'admin');
-        $folderid = get_field_sql('
+        $folderid = get_field_sql("
            SELECT
              a.id
            FROM {artefact} a
              INNER JOIN {artefact_file_files} f ON a.id = f.artefact
            WHERE a.title = ?
              AND a.artefacttype = ?
-             AND f.adminfiles = 1
-             AND a.parent IS NULL', array($name, 'folder'));
+             AND a.institution = 'mahara'
+             AND a.parent IS NULL", array($name, 'folder'));
         if (!$folderid) {
             global $USER;
             if (get_field('usr', 'admin', 'id', $USER->id)) {
@@ -807,7 +820,7 @@ class ArtefactTypeFolder extends ArtefactTypeFileBase {
                 $data = (object) array('title' => $name,
                                        'description' => $description,
                                        'owner' => $USER->id,
-                                       'adminfiles' => 1);
+                                       'institution' => 'mahara');
                 $f = new ArtefactTypeFolder(0, $data);
                 $f->commit();
                 $folderid = $f->get('id');
@@ -820,15 +833,15 @@ class ArtefactTypeFolder extends ArtefactTypeFileBase {
 
     public static function change_public_folder_name($oldlang, $newlang) {
         $oldname = get_string_from_language($oldlang, 'adminpublicdirname', 'admin');
-        $folderid = get_field_sql('
+        $folderid = get_field_sql("
            SELECT
              a.id
            FROM {artefact} a
              INNER JOIN {artefact_file_files} f ON a.id = f.artefact
            WHERE a.title = ?
              AND a.artefacttype = ?
-             AND f.adminfiles = 1
-             AND a.parent IS NULL', array($oldname, 'folder'));
+             AND a.institution = 'mahara'
+             AND a.parent IS NULL", array($oldname, 'folder'));
 
         if (!$folderid) {
             return;

htdocs/artefact/file/move.json.php

@@ -40,7 +40,7 @@ $artefact = artefact_instance_from_id($artefactid);
 global $USER;
 $userid = $USER->get('id');
 
-if ($userid != $artefact->get('owner')) {
+if ($userid != $artefact->get('owner') && !$USER->can_edit_institution($artefact->get('institution'))) {
     json_reply(true, get_string('movefailednotowner', 'artefact.file'));
 }
 if (!in_array($artefact->get('artefacttype'), PluginArtefactFile::get_artefact_types())) {
@@ -55,7 +55,7 @@ if ($newparentid > 0) {
         json_reply(false, get_string('filealreadyindestination', 'artefact.file'));
     }
     $newparent = artefact_instance_from_id($newparentid);
-    if ($userid != $newparent->get('owner')) {
+    if ($userid != $newparent->get('owner') && !$USER->can_edit_institution($newparent->get('institution'))) {
         json_reply(true, get_string('movefailednotowner', 'artefact.file'));
     }
     if ($newparent->get('artefacttype') != 'folder') {

htdocs/artefact/file/myfiles.json.php

@@ -34,11 +34,11 @@ require(dirname(dirname(dirname(__FILE__))) . '/init.php');
 $limit = param_integer('limit', null);
 $offset = param_integer('offset', 0);
 $folder = param_integer('folder', null);
-$adminfiles = param_boolean('adminfiles', false);
+$institution = param_alpha('institution', null);
 $userid = $USER->get('id');
 
 safe_require('artefact', 'file');
-$filedata = ArtefactTypeFileBase::get_my_files_data($folder, $userid, $adminfiles);
+$filedata = ArtefactTypeFileBase::get_my_files_data($folder, $userid, $institution);
 
 $result = array(
     'count'       => count($filedata),

htdocs/artefact/file/updatemetadata.json.php

@@ -40,10 +40,10 @@ $name = param_variable('name');
 $description = param_variable('description');
 $tags = param_variable('tags');
 $collideaction = param_variable('collideaction', 'fail');
-$adminfiles = param_boolean('adminfiles', false);
+$institution = param_alpha('institution', null);
 $owner = $USER->get('id');
 
-if ($existingid = ArtefactTypeFileBase::file_exists($name, $owner, $parentfolder, $adminfiles)) {
+if ($existingid = ArtefactTypeFileBase::file_exists($name, $owner, $parentfolder, $institution)) {
     if ($existingid != $id) {
         if ($collideaction == 'replace') {
             log_debug('deleting ' . $existingid);
@@ -60,8 +60,11 @@ $artefact = artefact_instance_from_id($id);
 $artefact->set('title', $name);
 $artefact->set('description', $description);
 $artefact->set('tags', preg_split("/\s*,\s*/", trim($tags)));
-$artefact->set('adminfiles', (int) $adminfiles);
-$artefact->set('owner', $owner);
+if ($institution) {
+    $artefact->set('institution', $institution);
+} else {
+    $artefact->set('owner', $owner);
+}
 $artefact->commit();
 
 json_reply(false, get_string('changessaved', 'artefact.file'));

htdocs/artefact/file/upload.php

@@ -37,7 +37,7 @@ $description      = param_variable('description', null);
 $tags             = param_variable('tags', null);
 $uploadnumber     = param_integer('uploadnumber'); // id of target iframe
 $collideaction    = param_variable('collideaction', 'fail');
-$adminfiles       = param_boolean('adminfiles', false);
+$institution      = param_alpha('institution', null);
 
 $data = new StdClass;
 if ($parentfolder) {
@@ -46,15 +46,18 @@ if ($parentfolder) {
 $data->title = $title;
 $data->description = $description;
 $data->tags = $tags;
-$data->owner = $USER->get('id');
-$data->adminfiles = (int) $adminfiles;
+if ($institution) {
+    $data->institution = $institution;
+} else {
+    $data->owner = $USER->get('id');
+}
 $data->container = 0;
 $data->locked = 0;
 
 $result = new StdClass;
 $result->uploadnumber = $uploadnumber;
 
-if ($oldid = ArtefactTypeFileBase::file_exists($title, $data->owner, $parentfolder, $adminfiles)) {
+if ($oldid = ArtefactTypeFileBase::file_exists($title, $data->owner, $parentfolder, $institution)) {
     if ($collideaction == 'replace') {
         $obj = artefact_instance_from_id($oldid);
         $obj->delete();

htdocs/artefact/lib.php

@@ -94,6 +94,7 @@ abstract class ArtefactType {
     protected $description;
     protected $note;
     protected $tags = array();
+    protected $institution;
 
     protected $viewsinstances;
     protected $viewsmetadata;

htdocs/lib/db/upgrade.php

@@ -1056,6 +1056,15 @@ function xmldb_core_upgrade($oldversion=0) {
         execute_sql('ALTER TABLE {group_member} DROP tutor');
     }
 
+    if ($oldversion < 2008062000) {
+        execute_sql("
+        ALTER TABLE {artefact} ADD COLUMN institution CHARACTER VARYING(255);
+        ALTER TABLE {artefact} ALTER COLUMN owner DROP NOT NULL;
+        ALTER TABLE {artefact} ADD CONSTRAINT {arte_ins_fk} FOREIGN KEY (institution) REFERENCES {institution}(name);
+        UPDATE {artefact} SET institution = 'mahara', owner = NULL WHERE id IN (SELECT artefact FROM {artefact_file_files} WHERE adminfiles = 1)");
+        execute_sql("ALTER TABLE {artefact_file_files} DROP COLUMN adminfiles");
+    }
+
     return $status;
 
 }

htdocs/lib/version.php

@@ -27,7 +27,7 @@
 defined('INTERNAL') || die();
 
 $config = new StdClass;
-$config->version = 2008061700;
+$config->version = 2008062000;
 $config->release = '1.1.0alpha';
 $config->minupgradefrom = 2007080700;
 $config->minupgraderelease = '0.8.0 (release tag 0.8.0_RELEASE)';

htdocs/lib/web.php

@@ -2018,7 +2018,11 @@ function clean_text($text) {
 function display_cleaned_html($html, $filename, $params) {
     $smarty = smarty_core();
     $smarty->assign('params', $params);
-    $smarty->assign('htmlremovedmessage', get_string('htmlremovedmessage', 'artefact.file', $filename, get_config('wwwroot') . 'user/view.php?id=' . $params['owner'], display_name($params['owner'])));
+    if ($params['owner']) {
+        $smarty->assign('htmlremovedmessage', get_string('htmlremovedmessage', 'artefact.file', $filename, get_config('wwwroot') . 'user/view.php?id=' . $params['owner'], display_name($params['owner'])));
+    } else {
+        $smarty->assign('htmlremovedmessage', get_string('htmlremovedmessagenoowner', 'artefact.file', $filename));
+    }
     $smarty->assign('content', clean_text($html));
     $smarty->display('cleanedhtml.tpl');
     exit;