1<?php
2/**
3 * @package tikiwiki
4 */
5// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project
6//
7// All Rights Reserved. See copyright.txt for details and a complete list of authors.
8// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
9// $Id$
10
11$inputConfiguration = [
12				[
13					'staticKeyFiltersForArrays' => ['channels' => 'rawhtml_unsafe',],
14				]
15];
16
17require_once 'tiki-setup.php';
18
19// This file will handle a second mode of authentication, don't limit it to permissions.
20// Only channels registered through the admin panel can be executed.
21// Each channel execution validates access rights.
22
23if (! isset($_REQUEST['channels']) || ! is_array($_REQUEST['channels'])) {
24	$access->display_error('tiki-channel.php', tra('Invalid request. Expecting channels array.'));
25}
26
27$calls = [];
28$channels = [];
29
30foreach ($_REQUEST['channels'] as $info) {
31	if (! isset($info['channel_name'])) {
32		$access->display_error('tiki-channel.php', tra('Missing channel name.'));
33	}
34
35	$channel = $info['channel_name'];
36	$channels[] = $channel;
37	unset($info['channel_name']);
38	$calls[] = [ $channel, $info ];
39}
40
41$config = Tiki_Profile_ChannelList::fromConfiguration($prefs['profile_channels']);
42
43$channels = array_unique($channels);
44$groups = $tikilib->get_user_groups($user);
45
46if (! $user && ! $config->canExecuteChannels($channels, $groups)) {
47	// User not defined and some groups missing, likely to be a machine
48	if (! $access->http_auth()) {
49		$access->display_error('tiki-channel.php', tra('Authentication required.'));
50	}
51
52	// Get the new ones
53	$groups = $tikilib->get_user_groups($user);
54}
55
56if (! $config->canExecuteChannels($channels, $groups)) {
57	$access->display_error(
58		'tiki-channel.php',
59		tra('One of the requested channels cannot be requested. It does not exist or permission is denied.')
60	);
61}
62
63$profiles = $config->getProfiles($channels);
64
65if (count($profiles) != count($channels)) {
66	$access->display_error('tiki-channel.php', tra('One of the install profiles could not be obtained.'));
67}
68
69Tiki_Profile::useUnicityPrefix(uniqid());
70$installer = new Tiki_Profile_Installer;
71$installer->limitGlobalPreferences([]);
72
73foreach ($calls as $call) {
74	list($channel, $userInput) = $call;
75
76	// Profile can be installed multiple times
77	// Only last values preserved
78	$profile = $profiles[$channel];
79	$installer->forget($profile);
80
81	$installer->setUserData($userInput);
82	$installer->install($profile);
83}
84
85if (isset($_REQUEST['return_uri'])) {
86	header("Location: {$_REQUEST['return_uri']}");
87}
88