zoneminder/web/api/app/Controller/ZonesController.php

<?php
App::uses('AppController', 'Controller');
/**
 * Zones Controller
 *
 * @property Zone $Zone
 */
class ZonesController extends AppController {

  /**
   * Components
   *      
   * @var array
   */     
  public $components = array('RequestHandler');

  public function beforeFilter() {
    parent::beforeFilter();

    global $user;
    $canView = (!$user) || ($user['Monitors'] != 'None');
    if ( !$canView ) {
      throw new UnauthorizedException(__('Insufficient Privileges'));
      return;
    }
  }

  // Find all zones which belong to a MonitorId
  public function forMonitor($id = null) {
    $this->loadModel('Monitor');
    if ( !$this->Monitor->exists($id) ) {
      throw new NotFoundException(__('Invalid monitor'));
    }
    $this->Zone->recursive = -1;
    $zones = $this->Zone->find('all', array(
      'conditions' => array('MonitorId' => $id)
    ));
    $this->set(array(
      'zones' => $zones,
      '_serialize' => array('zones')
    ));
  }

  public function index() {
    $this->Zone->recursive = -1;

    global $user;
    $allowedMonitors = $user ? preg_split('@,@', $user['MonitorIds'],NULL, PREG_SPLIT_NO_EMPTY) : null;
    if ( $allowedMonitors ) {
      $mon_options = array('Zones.MonitorId' => $allowedMonitors);
    } else {
      $mon_options = '';
    }
    $zones = $this->Zone->find('all',$mon_options);
    $this->set(array(
      'zones' => $zones,
      '_serialize' => array('zones')
    ));
  }

  /**
   * add method
   *
   * @return void
   */
  public function add() {

    if ( !$this->request->is('post') ) {
      throw new BadRequestException(__('Invalid method. Should be post'));
      return;
    }

    global $user;
    $canEdit = (!$user) || $user['Monitors'] == 'Edit';
    if ( !$canEdit ) {
      throw new UnauthorizedException(__('Insufficient Privileges'));
      return;
    }

    $zone = null;

    $this->Zone->create();
    $zone = $this->Zone->save($this->request->data);
    if ( $zone ) {
      require_once __DIR__ .'/../../../includes/Monitor.php';
      $monitor = new ZM\Monitor($zone['Zone']['MonitorId']);
      $monitor->zmaControl('restart');
      $message = 'Saved';
      //$zone = $this->Zone->find('first', array('conditions' => array( array('Zone.' . $this->Zone->primaryKey => $this->Zone),
    } else {
      $message = 'Error: ';
      // if there is a validation message, use it
      if ( !$this->Zone->validates() ) {
        $message = $this->Zone->validationErrors;
      }
    }

    $this->set(array(
      'message' => $message,
      'zone' => $zone,
      '_serialize' => array('message','zone')
    ));
  } // end function add()

  /**
   * edit method
   *
   * @throws NotFoundException
   * @param string $id
   * @return void
   */
  public function edit($id = null) {
    $this->Zone->id = $id;

    if ( !$this->Zone->exists($id) ) {
      throw new NotFoundException(__('Invalid zone'));
    }
    $message = '';
    if ( $this->request->is(array('post', 'put')) ) {
      global $user;
      $canEdit = (!$user) || $user['Monitors'] == 'Edit';
      if ( !$canEdit ) {
        throw new UnauthorizedException(__('Insufficient Privileges'));
        return;
      }
      if ( $this->Zone->save($this->request->data) ) {
        $message = 'The zone has been saved.';
      } else {
        $message = 'Error ' . print_r($this->Zone->invalidFields());
      }
    }
    $this->set(array(
      'message' => $message,
      '_serialize' => array('message')
    ));
  }

  /**
   * delete method
   *
   * @throws NotFoundException
   * @param string $id
   * @return void
   */
  public function delete($id = null) {
    $this->Zone->id = $id;
    if ( !$this->Zone->exists() ) {
      throw new NotFoundException(__('Invalid zone'));
    }
    $this->request->allowMethod('post', 'delete');
    global $user;
    $canEdit = (!$user) || $user['Monitors'] == 'Edit';
    if ( !$canEdit ) {
      throw new UnauthorizedException(__('Insufficient Privileges'));
      return;
    }
    if ( $this->Zone->delete() ) {
      return $this->flash(__('The zone has been deleted.'), array('action' => 'index'));
    } else {
      return $this->flash(__('The zone could not be deleted. Please, try again.'), array('action' => 'index'));
    }
  }
} // end class
Initial index, view, edit, update and delete functions for Zones 2014-04-24 03:53:43 +08:00			`<?php`
			`App::uses('AppController', 'Controller');`
			`/**`
			`* Zones Controller`
			`*`
			`* @property Zone $Zone`
			`*/`
			`class ZonesController extends AppController {`

fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`/**`
			`* Components`
			`*`
			`* @var array`
			`*/`
			`public $components = array('RequestHandler');`

			`public function beforeFilter() {`
			`parent::beforeFilter();`
fix_2167 (#2168) * Populate a global from the session on every request. Use the object instead of using allowedMonitors in session. * fix when gets loaded. * use for auth, and add Monitor Edit checks to Zone add/delete/edit * add back the ZM_OPT_USE_AUTH test for being logged in in AppController * Update permissions code to use * change quotes * Update permission code to use * Use instal of session for systemPermission * deprecate montiorPermision in session * use instead of session streamPermission * move login code back into AppController. Has to be done for every request * deprecate eventPermission, controlPermission and systemPermission in session. * handle auth params in query string as well as post * exit on HUP to free up memory. * add missing global user * system should be System 2018-08-08 21:59:46 +08:00
			`global $user;`
more parentheses to make logic more clear 2019-03-21 02:26:35 +08:00			`$canView = (!$user) \|\| ($user['Monitors'] != 'None');`
fix_2167 (#2168) * Populate a global from the session on every request. Use the object instead of using allowedMonitors in session. * fix when gets loaded. * use for auth, and add Monitor Edit checks to Zone add/delete/edit * add back the ZM_OPT_USE_AUTH test for being logged in in AppController * Update permissions code to use * change quotes * Update permission code to use * Use instal of session for systemPermission * deprecate montiorPermision in session * use instead of session streamPermission * move login code back into AppController. Has to be done for every request * deprecate eventPermission, controlPermission and systemPermission in session. * handle auth params in query string as well as post * exit on HUP to free up memory. * add missing global user * system should be System 2018-08-08 21:59:46 +08:00			`if ( !$canView ) {`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`throw new UnauthorizedException(__('Insufficient Privileges'));`
			`return;`
			`}`
			`}`
readded forMonitor - removed by mistake 2016-09-04 02:51:24 +08:00
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`// Find all zones which belong to a MonitorId`
			`public function forMonitor($id = null) {`
retab 2016-09-04 03:02:32 +08:00			`$this->loadModel('Monitor');`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`if ( !$this->Monitor->exists($id) ) {`
			`throw new NotFoundException(__('Invalid monitor'));`
retab 2016-09-04 03:02:32 +08:00			`}`
			`$this->Zone->recursive = -1;`
			`$zones = $this->Zone->find('all', array(`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`'conditions' => array('MonitorId' => $id)`
retab 2016-09-04 03:02:32 +08:00			`));`
			`$this->set(array(`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`'zones' => $zones,`
			`'_serialize' => array('zones')`
retab 2016-09-04 03:02:32 +08:00			`));`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`}`
Fix Zone add api. Restart zmc when adding a zone. Use validation. Fixes #2983 2020-07-21 04:24:49 +08:00
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`public function index() {`
retab 2016-09-04 03:02:32 +08:00			`$this->Zone->recursive = -1;`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00
fix_2167 (#2168) * Populate a global from the session on every request. Use the object instead of using allowedMonitors in session. * fix when gets loaded. * use for auth, and add Monitor Edit checks to Zone add/delete/edit * add back the ZM_OPT_USE_AUTH test for being logged in in AppController * Update permissions code to use * change quotes * Update permission code to use * Use instal of session for systemPermission * deprecate montiorPermision in session * use instead of session streamPermission * move login code back into AppController. Has to be done for every request * deprecate eventPermission, controlPermission and systemPermission in session. * handle auth params in query string as well as post * exit on HUP to free up memory. * add missing global user * system should be System 2018-08-08 21:59:46 +08:00			`global $user;`
			`$allowedMonitors = $user ? preg_split('@,@', $user['MonitorIds'],NULL, PREG_SPLIT_NO_EMPTY) : null;`
			`if ( $allowedMonitors ) {`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`$mon_options = array('Zones.MonitorId' => $allowedMonitors);`
			`} else {`
			`$mon_options = '';`
retab 2016-09-04 03:02:32 +08:00			`}`
			`$zones = $this->Zone->find('all',$mon_options);`
			`$this->set(array(`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`'zones' => $zones,`
			`'_serialize' => array('zones')`
retab 2016-09-04 03:02:32 +08:00			`));`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`}`

			`/**`
			`* add method`
			`*`
			`* @return void`
			`*/`
			`public function add() {`
fix_2167 (#2168) * Populate a global from the session on every request. Use the object instead of using allowedMonitors in session. * fix when gets loaded. * use for auth, and add Monitor Edit checks to Zone add/delete/edit * add back the ZM_OPT_USE_AUTH test for being logged in in AppController * Update permissions code to use * change quotes * Update permission code to use * Use instal of session for systemPermission * deprecate montiorPermision in session * use instead of session streamPermission * move login code back into AppController. Has to be done for every request * deprecate eventPermission, controlPermission and systemPermission in session. * handle auth params in query string as well as post * exit on HUP to free up memory. * add missing global user * system should be System 2018-08-08 21:59:46 +08:00
Fix Zone add api. Restart zmc when adding a zone. Use validation. Fixes #2983 2020-07-21 04:24:49 +08:00			`if ( !$this->request->is('post') ) {`
			`throw new BadRequestException(__('Invalid method. Should be post'));`
			`return;`
			`}`
fix_2167 (#2168) * Populate a global from the session on every request. Use the object instead of using allowedMonitors in session. * fix when gets loaded. * use for auth, and add Monitor Edit checks to Zone add/delete/edit * add back the ZM_OPT_USE_AUTH test for being logged in in AppController * Update permissions code to use * change quotes * Update permission code to use * Use instal of session for systemPermission * deprecate montiorPermision in session * use instead of session streamPermission * move login code back into AppController. Has to be done for every request * deprecate eventPermission, controlPermission and systemPermission in session. * handle auth params in query string as well as post * exit on HUP to free up memory. * add missing global user * system should be System 2018-08-08 21:59:46 +08:00
Fix Zone add api. Restart zmc when adding a zone. Use validation. Fixes #2983 2020-07-21 04:24:49 +08:00			`global $user;`
			`$canEdit = (!$user) \|\| $user['Monitors'] == 'Edit';`
			`if ( !$canEdit ) {`
			`throw new UnauthorizedException(__('Insufficient Privileges'));`
			`return;`
			`}`

			`$zone = null;`

			`$this->Zone->create();`
			`$zone = $this->Zone->save($this->request->data);`
			`if ( $zone ) {`
			`require_once __DIR__ .'/../../../includes/Monitor.php';`
			`$monitor = new ZM\Monitor($zone['Zone']['MonitorId']);`
			`$monitor->zmaControl('restart');`
			`$message = 'Saved';`
			`//$zone = $this->Zone->find('first', array('conditions' => array( array('Zone.' . $this->Zone->primaryKey => $this->Zone),`
			`} else {`
			`$message = 'Error: ';`
			`// if there is a validation message, use it`
			`if ( !$this->Zone->validates() ) {`
			`$message = $this->Zone->validationErrors;`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`}`
retab 2016-09-04 03:02:32 +08:00			`}`
Fix Zone add api. Restart zmc when adding a zone. Use validation. Fixes #2983 2020-07-21 04:24:49 +08:00
			`$this->set(array(`
			`'message' => $message,`
			`'zone' => $zone,`
			`'_serialize' => array('message','zone')`
			`));`
			`} // end function add()`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00
			`/**`
			`* edit method`
			`*`
			`* @throws NotFoundException`
			`* @param string $id`
			`* @return void`
			`*/`
			`public function edit($id = null) {`
			`$this->Zone->id = $id;`

			`if ( !$this->Zone->exists($id) ) {`
			`throw new NotFoundException(__('Invalid zone'));`
retab 2016-09-04 03:02:32 +08:00			`}`
Update api Zone Saving. Fixes #3037 2020-09-11 01:31:39 +08:00			`$message = '';`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`if ( $this->request->is(array('post', 'put')) ) {`
fix_2167 (#2168) * Populate a global from the session on every request. Use the object instead of using allowedMonitors in session. * fix when gets loaded. * use for auth, and add Monitor Edit checks to Zone add/delete/edit * add back the ZM_OPT_USE_AUTH test for being logged in in AppController * Update permissions code to use * change quotes * Update permission code to use * Use instal of session for systemPermission * deprecate montiorPermision in session * use instead of session streamPermission * move login code back into AppController. Has to be done for every request * deprecate eventPermission, controlPermission and systemPermission in session. * handle auth params in query string as well as post * exit on HUP to free up memory. * add missing global user * system should be System 2018-08-08 21:59:46 +08:00			`global $user;`
			`$canEdit = (!$user) \|\| $user['Monitors'] == 'Edit';`
			`if ( !$canEdit ) {`
			`throw new UnauthorizedException(__('Insufficient Privileges'));`
			`return;`
			`}`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`if ( $this->Zone->save($this->request->data) ) {`
Update api Zone Saving. Fixes #3037 2020-09-11 01:31:39 +08:00			`$message = 'The zone has been saved.';`
			`} else {`
			`$message = 'Error ' . print_r($this->Zone->invalidFields());`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`}`
retab 2016-09-04 03:02:32 +08:00			`}`
Update api Zone Saving. Fixes #3037 2020-09-11 01:31:39 +08:00			`$this->set(array(`
			`'message' => $message,`
			`'_serialize' => array('message')`
			`));`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`}`

			`/**`
			`* delete method`
			`*`
			`* @throws NotFoundException`
			`* @param string $id`
			`* @return void`
			`*/`
			`public function delete($id = null) {`
			`$this->Zone->id = $id;`
			`if ( !$this->Zone->exists() ) {`
			`throw new NotFoundException(__('Invalid zone'));`
			`}`
			`$this->request->allowMethod('post', 'delete');`
fix_2167 (#2168) * Populate a global from the session on every request. Use the object instead of using allowedMonitors in session. * fix when gets loaded. * use for auth, and add Monitor Edit checks to Zone add/delete/edit * add back the ZM_OPT_USE_AUTH test for being logged in in AppController * Update permissions code to use * change quotes * Update permission code to use * Use instal of session for systemPermission * deprecate montiorPermision in session * use instead of session streamPermission * move login code back into AppController. Has to be done for every request * deprecate eventPermission, controlPermission and systemPermission in session. * handle auth params in query string as well as post * exit on HUP to free up memory. * add missing global user * system should be System 2018-08-08 21:59:46 +08:00			`global $user;`
			`$canEdit = (!$user) \|\| $user['Monitors'] == 'Edit';`
			`if ( !$canEdit ) {`
			`throw new UnauthorizedException(__('Insufficient Privileges'));`
			`return;`
			`}`
fix spacing/quotes/google code style 2018-07-25 04:41:09 +08:00			`if ( $this->Zone->delete() ) {`
			`return $this->flash(__('The zone has been deleted.'), array('action' => 'index'));`
			`} else {`
			`return $this->flash(__('The zone could not be deleted. Please, try again.'), array('action' => 'index'));`
			`}`
			`}`
fix_2167 (#2168) * Populate a global from the session on every request. Use the object instead of using allowedMonitors in session. * fix when gets loaded. * use for auth, and add Monitor Edit checks to Zone add/delete/edit * add back the ZM_OPT_USE_AUTH test for being logged in in AppController * Update permissions code to use * change quotes * Update permission code to use * Use instal of session for systemPermission * deprecate montiorPermision in session * use instead of session streamPermission * move login code back into AppController. Has to be done for every request * deprecate eventPermission, controlPermission and systemPermission in session. * handle auth params in query string as well as post * exit on HUP to free up memory. * add missing global user * system should be System 2018-08-08 21:59:46 +08:00			`} // end class`