Łukasz Serwatka
|
Friday 30 May 2008 5:37:10 am
First of all what are you tring to do here? As mentioned above the code content object creating might not work on eZ Publish 4.0. You need to tune it. The content object handler works fine on eZ Publish 4.0, I have tested it. You may also need to update your autoload array (bin/php/ezpgenerateautoloads.php)
Personal website -> http://serwatka.net
Blog (about eZ Publish) -> http://serwatka.net/blog
|
Romain Dausset
|
Friday 30 May 2008 6:44:22 am
I'm just trying to launch some php actions on publishing objects (eg: user). My autoload array seem to be ok :
return array(
'CustomEditHandler' => 'extension\customedit\content\customedithandler.php',
'PclZip' => 'extension\ezodf\lib\pclzip.lib.php',
'eZDHTMLInputParser' => 'extension\ezdhtml\ezxmltext\handlers\input\ezdhtmlinputparser.php',
'eZDHTMLXMLInput' => 'extension\ezdhtml\ezxmltext\handlers\input\ezdhtmlxmlinput.php',
'eZOOConverter' => 'extension\ezodf\modules\ezodf\ezooconverter.php',
'eZOOGenerator' => 'extension\ezodf\modules\ezodf\ezoogenerator.php',
'eZOOImport' => 'extension\ezodf\modules\ezodf\ezooimport.php',
'eZOpenofficeUploadHandler' => 'extension\ezodf\uploadhandlers\ezopenofficeuploadhandler.php',
'ezdhtmlInfo' => 'extension\ezdhtml\ezinfo.php',
'ezodfInfo' => 'extension\ezodf\ezinfo.php',
);
If it help you this is the beginning of my customedithandler.php ( I use the same on 3.9 and it works fine ) :
<?php
class CustomEditHandler extends eZContentObjectEditHandler
{
function fetchInput( &$http, &$module, &$class, &$object, &$version, &$contentObjectAttributes, $editVersion, $editLanguage, $fromLanguage )
{
}
function storeActionList()
{
}
function publish( $contentObjectID, $contentObjectVersion )
{
// I want to access php here when I publish objects
[...]
Thanks, Romain.
--
Romain Dausset
rdausset@facileit.com
http://www.facileit.com
|
André R.
|
Friday 30 May 2008 7:11:13 am
If you enable / read the php errors / notices you get, you get a hint on what to do. 4.0 code:
class CustomEditHandler extends eZContentObjectEditHandler
{
function fetchInput( $http, &$module, &$class, $object, &$version, $contentObjectAttributes, $editVersion, $editLanguage, $fromLanguage )
{
}
static function storeActionList()
{
return array();
}
function publish( $contentObjectID, $contentObjectVersion )
{
eZ Online Editor 5: http://projects.ez.no/ezoe || eZJSCore (Ajax): http://projects.ez.no/ezjscore || eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription
@: http://twitter.com/andrerom
|
Romain Dausset
|
Friday 30 May 2008 7:36:01 am
Thanks a lot André and Lukasz, the customedithandler works fine with your code... Moreover I activated the extension but I've forgotten to add manually the content.ini.append in the settings/override folder with the following code :
[EditSettings]
ExtensionDirectories[]=customedit
Romain.
--
Romain Dausset
rdausset@facileit.com
http://www.facileit.com
|
Pascal Specht
|
Tuesday 16 September 2008 9:34:33 am
Hi, Łukasz article here helped me to understand the custom edit handler. Thanks. How did you manage it to secure the code against people looking into other people's folders?
Since the code builds folder named after the first+last name, it is very possible to have folders with the same name. Adding the user ID in front of the name would help a little, but doesn't make this safe. Did anyone already implement some securing around this? Like having the folder only available to the user? Would it make sense to create a new role per user, and a new section per user, and place those folders under that protection? So the question is how to make this waterproof, I can't live with the fact that users could try other names to see other account's information...
Cheers, </Pascal>
|
André R.
|
Tuesday 16 September 2008 11:19:53 am
> Would it make sense to create a new role per user
Do not do this, it will not scale since user rights are used in sql when you fetch content. Sections does not have this issue though.
You can limit read rights based on owner of object, just set the correct owner in your edit handler. In 4.1 you'll also be able to use this(and user group) on content/create limitations, so you can easily specify rights to create content in personal folders.
$object->setAttribute('owner_id', $userObjectID );
eZ Online Editor 5: http://projects.ez.no/ezoe || eZJSCore (Ajax): http://projects.ez.no/ezjscore || eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription
@: http://twitter.com/andrerom
|