Merge branch 'master' of git://github.com/collectiveaccess/providence…

… into v1.3

Conflicts:
	app/conf/app.conf

README.md

@@ -1,4 +1,9 @@
-providence
-==========
+CollectiveAccess README
+-----------------------
 
-Providence
+Thanks for downloading CollectiveAccess version 1.2!
+
+You can find installation instructions at http://wiki.collectiveaccess.org/index.php?title=Installation_(Providence)
+If you are upgrading an existing version 1.x installation you can find upgrade instructions at http://wiki.collectiveaccess.org/index.php?title=Upgrading_(Providence)
+
+The release notes for this version can be found at http://wiki.collectiveaccess.org/index.php?title=Release_Notes_for_Providence_1.2

THANKS.txt

@@ -5,14 +5,17 @@ getid3 media format metadata parser library (http://getid3.org)
 Drupal Unicode functions (http://www.drupal.org)
 Archive_TAR PEAR module (http://pear.php.net)
 Zend Framework (http://framework.zend.com)
-SWFObject v2.1 (http://code.google.com/p/swfobject)
+SWFObject (http://code.google.com/p/swfobject)
 DejaVu Fonts (http://dejavu.sourceforge.net/)
 JPlayer (http://www.happyworm.com/jquery/jplayer/)
 VideoJS (http://videojs.com/)
 CKEditor (http://www.ckeditor.org)
 HTMLpurifier (http://htmlpurifier.org)
 PHP QR Code (http://phpqrcode.sourceforge.net)
 HTML2PDF (http://html2pdf.fr)
+D3 (http://d3js.org/)
+DocumentCloud Document Viewer (https://github.com/documentcloud/document-viewer)
+jQuery Tileviewer (https://sites.google.com/site/tileviewer/)
 
 CollectiveAccess uses icons from The Noun Project (http://thenounproject.com) covered 
 under the Creative Commons - Attribution (CC BY 3.0) license.

app/conf/access_restrictions.conf

@@ -1337,7 +1337,8 @@ access_restrictions = {
 	},
 	manage/sets/SetEditorController/Delete = {
 		default = {
-			actions = { can_delete_sets }
+		  operator = OR,
+			actions = { can_delete_sets, can_delete_own_sets }
 		}
 	},
 	manage/TagsController = {

app/conf/app.conf

@@ -70,7 +70,7 @@ bischen_label_processor_url = <ca_url_root>/index.php
 # -------------------
 taskqueue_handler_plugins = <ca_lib_dir>/core/Plugins/TaskQueueHandlers
 taskqueue_tmp_directory = <ca_app_dir>/tmp
-taskqueue_max_opo_processes = 1
+taskqueue_max_opo_processes = 4
 taskqueue_process_timeout = 3600
 taskqueue_max_items_processed_per_session = 100
 
@@ -811,4 +811,4 @@ default_type_access_level = __CA_BUNDLE_ACCESS_EDIT__
 # Item-level access control
 # -------------------------
 perform_item_level_access_checking = 1
-default_item_access_level = __CA_BUNDLE_ACCESS_EDIT__
+default_type_access_level = __CA_ACL_EDIT_DELETE_ACCESS__

app/conf/datamodel.conf

@@ -429,7 +429,7 @@ relationships = [
 	"ca_object_representations_x_storage_locations.location_id = ca_storage_locations.location_id",
 	"ca_object_representations_x_storage_locations.type_id = ca_relationship_types.type_id",
 	"ca_object_representations_x_object_representations.representation_left_id = ca_object_representations.representation_id",
-	"ca_object_representations_x_object_representations.representation_right_id = ca_object_representations.ca_object_representations",
+	"ca_object_representations_x_object_representations.representation_right_id = ca_object_representations.representation_id",
 	"ca_object_representations_x_object_representations.type_id = ca_relationship_types.type_id",
 	"ca_storage_location_labels.location_id = ca_storage_locations.location_id",
 	"ca_storage_location_labels.locale_id = ca_locales.locale_id 1000",
@@ -453,7 +453,7 @@ relationships = [
 	"ca_editor_ui_bundle_placements.screen_id = ca_editor_ui_screens.screen_id",
 	"ca_editor_ui_screen_type_restrictions.screen_id = ca_editor_ui_screens.screen_id",
 	"ca_editor_ui_type_restrictions.ui_id = ca_editor_uis.ui_id",
-	"ca_editor_ui_bundle_placement_type_restrictions.placement_id = ca_editor_ui_bundle_placements.ca_editor_ui_bundle_placement_type_restrictions",
+	"ca_editor_ui_type_restrictions.type_id = ca_list_items.item_id",
 
 	"ca_sets.set_id = ca_set_labels.set_id",
 	"ca_sets.user_id = ca_users.user_id",
@@ -540,7 +540,6 @@ relationships = [
 	"ca_loan_labels.locale_id = ca_locales.locale_id 1000",
 	"ca_loan_labels.type_id = ca_list_items.item_id 500",
 	"ca_loan_labels.loan_id = ca_loans.loan_id",
-	"ca_loans.locale_id = ca_locales.locale_id 1000",
 	"ca_loans.type_id = ca_list_items.item_id 500",
 	"ca_loans_x_objects.object_id = ca_objects.object_id",
 	"ca_loans_x_objects.loan_id = ca_loans.loan_id",
@@ -555,7 +554,6 @@ relationships = [
 	"ca_movement_labels.locale_id = ca_locales.locale_id 1000",
 	"ca_movement_labels.type_id = ca_list_items.item_id 500",
 	"ca_movement_labels.movement_id = ca_movements.movement_id",
-	"ca_movements.locale_id = ca_locales.locale_id 1000",
 	"ca_movements.type_id = ca_list_items.item_id 500",
 	"ca_movements_x_objects.object_id = ca_objects.object_id",
 	"ca_movements_x_objects.movement_id = ca_movements.movement_id",

app/conf/external_applications.conf

@@ -1,8 +1,8 @@
 # Path to Ghostscript binary ("gs" command) (http://pages.cs.wisc.edu/~ghost/)
-ghostscript_app = /opt/local/bin/gs
+ghostscript_app = /usr/bin/gs
 
 # Path to ffmpeg binary (http://ffmpeg.mplayerhq.hu/)
-ffmpeg_app = /opt/local/bin/ffmpeg
+ffmpeg_app = /usr/bin/ffmpeg
 
 # Path to qt-faststart binary [part of ffmpeg] (http://ffmpeg.mplayerhq.hu/)
 qt-faststart_app = /usr/local/bin/qt-faststart
@@ -11,13 +11,13 @@ qt-faststart_app = /usr/local/bin/qt-faststart
 dcraw_app = /usr/bin/dcraw
 
 # Path to directory containing ImageMagick binaries (http://www.imagemagick.org)
-imagemagick_path = /opt/local/binx
+imagemagick_path = /usr/bin
 
 # Path to pdftotext binary (part of the xpdf package from http://www.foolabs.com/xpdf/)
-pdftotext_app = /usr/local/bin/pdftotext
+pdftotext_app = /usr/bin/pdftotext
 
 # Path to abiword binary (http://www.abisource.com/)
-abiword_app = /usr/local/bin/abiword
+abiword_app = /usr/bin/abiword
 
 # Path to LibreOffice binary (http://www.libreoffice.org/)
 libreoffice_app = /usr/bin/libreoffice
@@ -26,4 +26,4 @@ libreoffice_app = /usr/bin/libreoffice
 coreimagetool_app = /usr/local/bin/CoreImageTool
 
 # Path to MediaInfo binary (http://mediainfo.sourceforge.net/en/)
-mediainfo_app = /usr/local/bin/mediainfo
+mediainfo_app = /usr/bin/mediainfo

app/conf/user_actions.conf

@@ -147,6 +147,10 @@ user_actions = {
 				label = _("Delete sets and set content"),
 				description = _("Allow user to delete sets for which they have access privileges")
 			},
+      can_delete_own_sets = {
+        label = _("Delete own sets and set content"),
+        description = _("Allow user to delete sets which they created")
+      },
 			can_view_sets = {
 				label = _("View sets"),
 				description = _("Allow user to view sets of objects or authority items for which they have access privileges")

app/controllers/manage/SetController.php

@@ -35,7 +35,13 @@ public function ListSets() {
  			JavascriptLoadManager::register('tableList');
  			$t_set = new ca_sets();
  			$this->view->setVar('t_set', $t_set);
- 			$this->view->setVar('set_list', $va_set_list = caExtractValuesByUserLocale($t_set->getSets(array('user_id' => $this->request->getUserID(), 'access' => __CA_SET_EDIT_ACCESS__)), null, null, array()));
+      $va_set_list = caExtractValuesByUserLocale($t_set->getSets(array('user_id' => $this->request->getUserID(), 'access' => __CA_SET_EDIT_ACCESS__)), null, null, array());
+ 			if ($va_set_list) {
+        foreach ($va_set_list as $id => $va_set) {
+          $va_set_list[$id]['can_delete'] = $this->UserCanDeleteSet($va_set['user_id']);
+        }
+      }
+      $this->view->setVar('set_list', $va_set_list);
 
  			// get content types for sets
  			$this->view->setVar('table_list', caFilterTableList($t_set->getFieldInfo('table_num', 'BOUNDS_CHOICE_LIST')));
@@ -49,6 +55,22 @@ public function ListSets() {
  			$this->render('set_list_html.php');
  		}
  		# -------------------------------------------------------
+    private function UserCanDeleteSet($user_id) {
+      $can_delete = FALSE;
+      // If users can delete all sets, show Delete button
+      if ($this->request->user->canDoAction('can_delete_sets')) {
+        $can_delete = TRUE;
+      }
+
+      // If users can delete own sets, and this set belongs to them, show Delete button
+      if ($this->request->user->canDoAction('can_delete_own_sets')) {
+        if ($user_id == $this->request->getUserID()) {
+          $can_delete = TRUE;
+        }
+      }
+      return $can_delete;
+    }
+ 		# -------------------------------------------------------
  		/**
  		 * 
  		 */

app/controllers/manage/sets/SetEditorController.php

@@ -55,9 +55,39 @@ protected function _initView() {
  			return $va_init;
  		}
  		# -------------------------------------------------------
- 		public function Edit() {
+ 		public function Edit($pa_values=null, $pa_options=null) {
+      list($vn_subject_id, $t_subject, $t_ui, $vn_parent_id, $vn_above_id) = $this->_initView($pa_options);
+      $this->view->setVar('can_delete', $this->UserCanDeleteSet($t_subject->get('user_id')));
  			parent::Edit();
  		}
+ 		# -------------------------------------------------------
+ 		public function Delete($pa_options=null) {
+ 			list($vn_subject_id, $t_subject, $t_ui) = $this->_initView($pa_options);
+
+ 			if (!$vn_subject_id) { return; }
+      if (!$this->UserCanDeleteSet($t_subject->get('user_id'))) {
+        $this->postError(2320, _t("Access denied here"), "RequestDispatcher->dispatch()");
+      }
+      else {
+        parent::Delete($pa_options);
+      }
+    }
+    # -------------------------------------------------------
+    private function UserCanDeleteSet($user_id) {
+      $can_delete = FALSE;
+      // If users can delete all sets, show Delete button
+      if ($this->request->user->canDoAction('can_delete_sets')) {
+        $can_delete = TRUE;
+      }
+
+      // If users can delete own sets, and this set belongs to them, show Delete button
+      if ($this->request->user->canDoAction('can_delete_own_sets')) {
+        if ($user_id == $this->request->getUserID()) {
+          $can_delete = TRUE;
+        }
+      }
+      return $can_delete;
+    }
  		# -------------------------------------------------------
  		# Ajax handlers
  		# -------------------------------------------------------

app/lib/ca/LabelableBaseModelWithAttributes.php

@@ -288,7 +288,10 @@ public function loadByLabel($pa_label_values, $pa_table_values=null) {
  		 *		bottom - For hierarchy specifications (eg. ca_objects.hierarchy) this option, if set, will limit the returned hierarchy to the first X nodes from the lowest node up. Default is to not limit.
  		 * 		hierarchicalDelimiter - Text to place between items in a hierarchy for a hierarchical specification (eg. ca_objects.hierarchy) when returning as a string
  		 *		removeFirstItems - If set to a non-zero value, the specified number of items at the top of the hierarchy will be omitted. For example, if set to 2, the root and first child of the hierarchy will be omitted. Default is zero (don't delete anything).
- 		 */
+ 		 *		checkAccess = array of access values to filter results by; if defined only items with the specified access code(s) are returned. Only supported for <table_name>.hierarchy.preferred_labels and <table_name>.children.preferred_labels because these returns sets of items. For <table_name>.parent.preferred_labels, which returns a single row at most, you should do access checking yourself. (Everything here applies equally to nonpreferred_labels)
+ 	 	 *		sort = optional bundles to sort returned values on. Only supported for <table_name>.children.preferred_labels. The bundle specifiers are fields with or without tablename.
+ 	 	 *		sort_direction = direction to sort results by, either 'asc' for ascending order or 'desc' for descending order; default is 'asc'
+ 	 	 */
 		public function get($ps_field, $pa_options=null) {
 			$vs_template = 				(isset($pa_options['template'])) ? $pa_options['template'] : null;
 			$vb_return_as_array = 		(isset($pa_options['returnAsArray'])) ? (bool)$pa_options['returnAsArray'] : false;
@@ -335,14 +338,33 @@ public function get($ps_field, $pa_options=null) {
 							$va_data = array();
 							$va_children_ids = $this->getHierarchyChildren(null, array('idsOnly' => true));
 
-							$t_instance = $this->getAppDatamodel()->getInstanceByTableNum($this->tableNum());
-
-							foreach($va_children_ids as $vn_child_id) {
-								if ($t_instance->load($vn_child_id)) {
-									$va_data = array_merge($va_data, $t_instance->get($vs_childless_path, array_merge($pa_options, array('returnAsArray' => true))));
+							if (is_array($va_children_ids) && sizeof($va_children_ids)) {
+								$t_instance = $this->getAppDatamodel()->getInstanceByTableNum($this->tableNum());
+
+								$vb_check_access = is_array($pa_options['checkAccess']) && $t_instance->hasField('access');
+								$vs_sort = isset($pa_options['sort']) ? $pa_options['sort'] : null;
+								$vs_sort_direction = (isset($pa_options['sort_direction']) && in_array(strtolower($pa_options['sort_direction']), array('asc', 'desc'))) ? strtolower($pa_options['sort_direction']) : 'asc';
+
+								$qr_children = $this->makeSearchResult($this->tableName(), $va_children_ids);
+
+								$vs_table = $this->tableName();
+								while($qr_children->nextHit()) {
+									if ($vb_check_access && !in_array($qr_children->get("{$vs_table}.access"), $pa_options['checkAccess'])) { continue; }
+
+									$vs_sort_key = ($vs_sort) ? $qr_children->get($vs_sort) : 0;
+									if(!is_array($va_data[$vs_sort_key])) { $va_data[$vs_sort_key] = array(); }
+									$va_data[$vs_sort_key] = array_merge($va_data[$vs_sort_key], $qr_children->get($vs_childless_path, array_merge($pa_options, array('returnAsArray' => true))));
 								}
+								ksort($va_data);
+								if ($vs_sort_direction && $vs_sort_direction == 'desc') { $va_data = array_reverse($va_data); }
+								$va_sorted_data = array();
+								foreach($va_data as $vs_sort_key => $va_items) {
+									foreach($va_items as $vs_k => $vs_v) {
+										$va_sorted_data[] = $vs_v;
+									}
+								}
+								$va_data = $va_sorted_data;
 							}
-
 							if ($vb_return_as_array) {
 								return $va_data;
 							} else {
@@ -386,8 +408,10 @@ public function get($ps_field, $pa_options=null) {
 							}
 						}
 
+						$vb_check_access = is_array($pa_options['checkAccess']) && $this->hasField('access');
 						$va_tmp = array();
 						foreach($va_ancestor_list as $vn_i => $va_item) {
+							if ($vb_check_access && !in_array($va_item['access'], $pa_options['checkAccess'])) { continue; }
 							if ($vs_template) {
 								$va_tmp[$va_item['NODE'][$vs_pk]] = caProcessTemplate($vs_template, $va_item['NODE'], array('removePrefix' => 'preferred_labels.'));
 							} else {

app/lib/ca/Service/ItemInfoService.php

@@ -7,7 +7,7 @@
  * ----------------------------------------------------------------------
  *
  * Software by Whirl-i-Gig (http://www.whirl-i-gig.com)
- * Copyright 2009-2011 Whirl-i-Gig
+ * Copyright 2009-2012 Whirl-i-Gig
  *
  * For more information visit http://www.CollectiveAccess.org
  *
@@ -323,6 +323,33 @@ public function getObjectRepresentationVersions($representation_ids){
 		return $va_return;
 	}
 	# -------------------------------------------------------
+	/**
+	 * Get URLs to media versions using MD5 hash of original file
+	 *
+	 * @param string $md5 MD5 hash for media to fetch urls for
+	 * @param array $versions list of media versions that should be included in the result
+	 * @return array
+	 * @throws SoapFault
+	 */
+	public function getObjectRepresentationURLByMD5($md5,$versions){
+		if(!$versions) { return array(); }
+		if (!is_array($versions)) { $versions = array($versions); }
+		if(!($t_subject_instance = $this->getTableInstance("ca_object_representations", null))){
+			throw new SoapFault("Server", "Couldn't create instance");
+		}
+		if (!$t_subject_instance->load(array('md5' => $md5, 'deleted' => 0))) {
+			throw new SoapFault("Server", "Media with MD5 does not exist");
+		}
+
+		$va_urls = array();
+		foreach($versions as $version) {
+			if ($vs_url = $t_subject_instance->getMediaUrl('media', $version)) {
+				$va_urls[$version] = $vs_url;
+			}
+		}
+		return $va_urls;
+	}
+	# -------------------------------------------------------
 	/**
 	 * Get primary representation for specified object
 	 *