public function handle($request, Closure $next)
{
if (!Sentinel::check()) {
return Redirect::route('login');
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if (Sentinel::check()) {
return redirect('/');
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!\Sentinel::check() || !\Sentinel::getUser()->inRole('admin')) {
return redirect('/');
}
return $next($request);
}
public function forgot()
{
if (!Sentinel::check()) {
$this->redirect('/', false);
}
$this->render('login/forgot');
}
public function __construct()
{
$this->html = new \stdClass();
$this->html->config = \Pinom\Models\SiteConfig::get();
$this->html->config->version = '2016.01.07α';
//Some hacks to prevent errors, setting default values
if (!isset($this->html->config->calendar)) {
$this->html->config->calendar = 0;
}
if (!isset($this->html->config->site_title)) {
$this->html->config->site_title = 'PiNom';
}
if (!isset($this->html->config->site_description)) {
$this->html->config->site_description = trans('public.default-description');
}
// Folowing lines exctracted from lib/accesslib.phplib/accesslib.php
define('CONTEXT_SYSTEM', 10);
// System context level - only one instance in every system
define('CONTEXT_USER', 30);
// User context level - one instance for each user describing what others can do to user
define('CONTEXT_COURSECAT', 40);
// Course category context level - one instance for each category
define('CONTEXT_COURSE', 50);
// Course context level - one instances for each course
define('CONTEXT_MODULE', 70);
// Course module context level - one instance for each course module
$this->html->user = \Sentinel::check();
}
/**
* Returns the "authenticated" view which simply shows the
* authenticated user.
*
* @return mixed
*/
public function getAuthenticated()
{
if (!Sentinel::check()) {
return Redirect::to('oauth')->withErrors('Not authenticated yet.');
}
return Redirect::route('user.account')->withSuccess('Successfully logged in.');
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (\Sentinel::check()) {
return redirect(route('home'));
}
return $next($request);
}
public function getLogin()
{
if (\Sentinel::check()) {
return $this->redirect();
}
$loginPostUrl = route('admin.login.post');
return view(\AdminTemplate::view('pages.login'), ['title' => config('admin.title'), 'loginPostUrl' => $loginPostUrl]);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!\Sentinel::check()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest(route('admin.login'));
}
}
if ($request->route()->getName() == "admin.logout") {
return $next($request);
}
if (count($request->route()->parameters()) == 0) {
//Dashboard or some custom page
if ($request->route()->getName() == "admin.dashboard" || starts_with($request->route()->getName(), "admin.upload.") || starts_with($request->route()->getName(), "elfinder.")) {
if (\Sentinel::hasAnyAccess(['superadmin', 'controlpanel'])) {
return $next($request);
} else {
\Sentinel::logout(null, true);
return redirect()->guest(route('admin.login'));
}
}
} else {
//use dynamic permissions
$route_alias = explode(".", $request->route()->getName());
if (!isset($route_alias[2])) {
$route_alias[2] = 'view';
} elseif ($route_alias[2] == 'update') {
$route_alias[2] = 'edit';
} elseif ($route_alias[2] == 'store') {
$route_alias[2] = 'create';
} else {
$route_alias[2];
}
if (is_null($request->route()->parameters()['adminModel']->permission())) {
if ($route_alias[2] == "view") {
$model_permissions = ["admin." . $request->route()->parameters()['adminModel']->alias() . ".view"];
} else {
$model_permissions = ["admin." . $request->route()->parameters()['adminModel']->alias() . "." . $route_alias[2]];
}
} else {
$model_permissions = explode(",", $request->route()->parameters()['adminModel']->permission());
if ($route_alias[2] == "view") {
$model_permissions[] = "admin." . $request->route()->parameters()['adminModel']->alias() . ".view";
} else {
$model_permissions[] = "admin." . $request->route()->parameters()['adminModel']->alias() . "." . $route_alias[2];
}
}
$model_permissions[] = "superadmin";
if (\Sentinel::hasAnyAccess($model_permissions)) {
return $next($request);
}
}
return redirect()->route('admin.dashboard')->withErrors('Permission denied.');
}
/**
* Login User
*
* @param AccountLogin $request
*
* @return $this|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
*/
public function Login(AccountLogin $request)
{
$credentials = array('email' => \Input::get('email'), 'password' => \Input::get('password'));
try {
$user = \Sentinel::authenticate($credentials, \Input::get('remember_me'));
\Sentinel::getUserRepository()->recordLogin($user);
if (\Sentinel::check()) {
return redirect('/');
}
} catch (\Exception $e) {
return redirect('auth/login')->withErrors(array('login' => trans('auth.errors.login')));
}
}
/**
* extending hieu-le/active function
*
* @param int $user_id
*
* @return bool
*/
function is_admin($user_id = null)
{
if ($user_id) {
$user = Sentinel::findById($user_id);
} else {
if (Sentinel::check()) {
$user = Sentinel::getUser();
} else {
return false;
}
}
$admin = Sentinel::findRoleByName('Administrator');
return $user && $user->inRole($admin);
}
public function getIndex()
{
//Get the items from the StoreDB
$store_items = Item::whereRaw("loadout_slot IN ( 'brillen','hats','pets','skin','snorren','piemol','vogel','jetpack' )")->get();
//Sort them
$store_items = $store_items->sortBy(function ($store_item) {
return $store_item->loadout_slot;
//sort them by loadout slot
});
$paymentprovider = DB::table('sd_payment_providers')->orderBy('pos', 'desc')->get();
$user = Sentinel::check();
$sd_items = SDItem::where('visible', '1')->get();
//Build the view
return View::make('item.overview', array('items' => $store_items, 'sditems' => $sd_items, 'payment_providers' => $paymentprovider, 'user' => $user));
}
/**
* process the login submit.
*
* @return Response
*/
public function login()
{
$potential_user = \Pinom\Models\User::where('email', 'LIKE', \Input::has('email') ? \Input::get('email') : '')->first();
if (!is_null($potential_user) && trim($potential_user->password) == '') {
//echo "isnull password!";
$user = \Sentinel::findById($potential_user->id);
$password = ['password' => $potential_user->id . '.' . $potential_user->email];
$user = \Sentinel::update($user, $password);
$activation = \Activation::create($user);
$activation = \Activation::complete($user, $activation->code);
}
$credentials = ['email' => \Input::has('email') ? \Input::get('email') : '', 'password' => \Input::has('passw') ? \Input::get('passw') : ''];
//echo '<pre>';
//return redirect('/');
$user = \Sentinel::authenticate($credentials);
//print_R($user);
if ($user = \Sentinel::check()) {
return redirect('/login');
} else {
return redirect('/login');
}
}
return $instance->active ? '✓' : '-';
})]);
return $display;
})->create(function ($id) {
$form = AdminForm::form();
$form->ajax_validation(true);
$form->horizontal(true);
$form->label_size('col-sm-offset-4 col-sm-1');
$form->field_size('col-sm-3');
$form->items([FormItem::text('title', 'Title')->validationRules('unique:pages,title,' . $id), FormItem::text('alias', 'Alias')->validationRules('unique:pages,alias,' . $id . ',id,context,' . Request::get('context', '')), FormItem::select('context', 'Context')->enum(config('jetcms.models.context')), FormItem::bsselect('user_id', 'User')->model('App\\User')->display('email|id')->defaultValue(Sentinel::check()->id)->nullable()]);
return $form;
})->edit(function ($id) {
$model = App\Page::find($id);
$form = AdminForm::tabbed();
$form->ajax_validation(true);
$form->items(array('Main' => array(FormItem::columns()->columns([[FormItem::text('title', 'Title')->validationRules('unique:pages,title,' . $id), FormItem::text('alias', 'Alias')->validationRules('unique:pages,alias,' . $id . ',id,context,' . Request::get('context', '')), FormItem::textarea('description', 'Description'), FormItem::chosen('tag', 'Tag')->model('App\\Tag')->display('lable')->multi(true)->nullable(), FormItem::icheckbox('active')->label('Active')->skin('flat')], [FormItem::bsselect('menu_id', 'Menu id')->options(App\Menu::getNestedList('level_lable'))->disableSort()->nullable(), FormItem::select('context', 'Context')->enum(config('jetcms.models.context')), FormItem::select('template', 'Template')->enum(config('jetcms.models.template.' . $model->context, []))->nullable()->disableSort(), FormItem::select('policies', 'Policies')->enum(config('jetcms.models.policies.' . $model->context, []))->nullable()->disableSort(), FormItem::bsselect('user_id', 'User')->model('App\\User')->display('email|id')->defaultValue(Sentinel::check()->id)->nullable(), FormItem::image('image', 'Image')]]), FormItem::images('gallery', 'Gallery')), 'Content' => [FormItem::ckeditor('content', 'Text')], 'Fields' => value(function () use($id, $model) {
//if (!$model) {return array();}
return [FormItem::custom()->display(function ($instance) use($model) {
$str = null;
foreach (config('jetcms.models.fields.' . $instance->context, array()) as $val) {
$type = $val['type'];
$input = FormItem::$type('field_array.' . $val['name'] . '', $val['lable']);
$input->defaultValue($instance->field($val['name']));
$str .= $input;
}
return $str;
})->callback(function ($instance) {
$instance->fieldArray = Request::input('field_array');
})];
}), 'Action' => [FormItem::custom()->display(function ($instance) {
$str = null;
<?php
\Admin::model('App\\Product')->title('Products')->alias('products')->display(function () {
$display = AdminDisplay::datatablesAsync();
$display->columns([Column::checkbox(), Column::string('id')->label('#'), Column::string('title')->label('Загаловок'), Column::string('active_status')->label('Статус'), Column::string('publish')->label('Опубликован')]);
return $display;
})->createAndEdit(function () {
$form = AdminForm::tabbed();
$form->items(['Main' => [FormItem::columns()->columns([[FormItem::text('title', 'Загаловок')->required()->unique(), FormItem::textarea('description', 'Описание')->required(), FormItem::timestamp('publish', 'Дата и время публикации')->defaultValue(Carbon\Carbon::now()), FormItem::icheckbox('active', 'Статус')->defaultValue(true), FormItem::text('rest', 'Остаток'), FormItem::text('price', 'Цена')], [FormItem::text('sort', 'сортировка'), FormItem::bsselect('user_id', 'Пользователь')->model('App\\User')->defaultValue(Sentinel::check()->id)->display('email'), FormItem::bsselect('catalog_id', 'Категоря')->model('App\\Catalog')->display('level_label')->disableSort()->required()]])], 'content' => [FormItem::markdown('content', 'Контент')], 'images' => [FormItem::images('gallery', 'Картинки')], 'files' => [FormItem::view('suroviy.soa_addon::admin.elfinder')]]);
return $form;
});
<label for="name" class="control-label">Name</label>
<div class="controls">
<input type="text" name="name" id="name" value="<?php
echo Sentinel::check() ? Sentinel::getUser()->first_name . " " . Sentinel::getUser()->last_name : "";
?>
" class="form-control" />
</div>
</div>
</div>
<div class="col-lg-6">
<div class="control-group">
<label for="email" class="control-label">Email</label>
<div class="controls">
<input type="text" name="email" id="email" value="<?php
echo Sentinel::check() ? Sentinel::getUser()->email : "";
?>
" class="form-control" />
</div>
</div>
</div>
</div>
<div class="row-fluid">
<div class="col-lg-6">
<div class="control-group">
<label for="subject" class="control-label">Subject</label>
<div class="controls">
<input type="text" name="subject" id="subject" value="" class="form-control" />
</div>
</div>
/**
* Login Check
*
* Checks if a User is logged in and redirects him to the login page if he is not
*/
private function check_login()
{
if ($user = Sentinel::check()) {
return $user;
} else {
return false;
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$custom_routes = config('admin.custom_routes');
$system_route = false;
$route_name = $request->route()->getName();
$route_parameters = $request->route()->parameters();
if (!\Sentinel::check()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest(route('admin.login'));
}
}
if ($route_name == "admin.logout") {
return $next($request);
}
if (starts_with($route_name, "elfinder.") || starts_with($route_name, "admin.upload.") || starts_with($route_name, 'admin.settings')) {
$system_route = true;
}
if (array_key_exists($route_name, $custom_routes) || $system_route) {
$config_permissions = !$system_route ? $custom_routes[$route_name]['permission'] : null;
$check_permissions = !empty($config_permissions) ? $config_permissions : config('admin.defaultPermission');
if (\Sentinel::hasAnyAccess($check_permissions)) {
return $next($request);
} elseif (array_key_exists('logout', $custom_routes[$route_name]) && $custom_routes[$route_name]['logout']) {
\Sentinel::logout(null, true);
return redirect()->guest(route('admin.login'));
}
} else {
//use dynamic permissions
$route_alias = explode(".", $route_name);
if (!isset($route_alias[2])) {
$route_alias[2] = 'view';
} elseif ($route_alias[2] == 'update') {
$route_alias[2] = 'edit';
} elseif ($route_alias[2] == 'store') {
$route_alias[2] = 'create';
} else {
$route_alias[2];
}
if (is_null($route_parameters['adminModel']->permission())) {
if ($route_alias[2] == "view") {
$model_permissions = ["admin." . $route_parameters['adminModel']->alias() . ".view"];
} else {
$model_permissions = ["admin." . $route_parameters['adminModel']->alias() . "." . $route_alias[2]];
}
} else {
$model_permissions = explode(",", $route_parameters['adminModel']->permission());
if ($route_alias[2] == "view") {
$model_permissions[] = "admin." . $route_parameters['adminModel']->alias() . ".view";
} else {
$model_permissions[] = "admin." . $route_parameters['adminModel']->alias() . "." . $route_alias[2];
}
}
$model_permissions[] = "superadmin";
if (\Sentinel::hasAnyAccess($model_permissions)) {
return $next($request);
}
}
flash()->error(trans('admin::lang.permission.denied'));
return redirect()->route('admin.dashboard');
}
<?php
\Admin::model('App\\Post')->title('Posts')->alias('posts')->display(function () {
$display = AdminDisplay::table();
$display->columns([Column::checkbox(), Column::string('id')->label('#'), Column::string('title')->label('Загаловок'), Column::string('active_status')->label('Статус'), Column::string('publish')->label('Опубликован')]);
return $display;
})->createAndEdit(function () {
$form = AdminForm::tabbed();
$form->items(['Main' => [FormItem::columns()->columns([[FormItem::text('title', 'Загаловок')->required()->unique(), FormItem::textarea('description', 'Описание')->required(), FormItem::timestamp('publish', 'Дата и время публикации')->defaultValue(Carbon\Carbon::now()), FormItem::icheckbox('active', 'Статус')->defaultValue(true)], [FormItem::text('alias', 'Алиас')->unique(), FormItem::bsselect('user_id', 'Пользователь')->model('App\\User')->defaultValue(Sentinel::check()->id)->display('email'), FormItem::bsselect('category_id', 'Категоря')->model('App\\Category')->display('level_label')->disableSort()->required(), FormItem::image('image', 'Картинка')]])], 'content' => [FormItem::markdown('content', 'Контент')]]);
return $form;
});
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
return Sentinel::check();
}
echo "<pre>";
var_dump(Input::all());
echo "</pre>";
return "Success Page";
});
Route::any('/payment/cancel', function () {
echo "<pre>";
var_dump(Input::all());
echo "</pre>";
return "Cancel Page";
});
#
# User Routes
#
Route::get('/user', function () {
if ($user = Sentinel::check()) {
return Redirect::to('user/dashboard');
} else {
return Redirect::to('user/login');
}
});
#
# User Pages
#
#Login
Route::get('/user/login', 'UserController@show_login');
Route::post('/user/login', 'UserController@do_login');
Route::get('/user/require_login', 'UserController@show_require_login');
#Logout
Route::any('/user/logout', 'UserController@do_logout');
#Register
public function __construct()
{
parent::__construct();
$this->user = Sentinel::getUser();
$this->isLoggedIn = Sentinel::check();
}
|--------------------------------------------------------------------------
| Application Routes
|--------------------------------------------------------------------------
|
| Here is where you can register all of the routes for an application.
| It's a breeze. Simply tell Laravel the URIs it should respond to
| and give it the Closure to execute when that URI is requested.
|
*/
/**
* Sentinel filter
*
* Checks if the user is logged in
*/
Route::filter('Sentinel', function () {
if (!Sentinel::check()) {
return Redirect::to('admin/signin')->with('error', 'You must be logged in!');
}
});
/**
* Model binding into route
*/
Route::model('blogcategory', 'App\\BlogCategory');
Route::model('blog', 'App\\Blog');
Route::pattern('slug', '[a-z0-9- _]+');
Route::group(array('prefix' => 'admin'), function () {
# Error pages should be shown without requiring login
Route::get('404', function () {
return View('admin/404');
});
Route::get('500', function () {
/**
* Processes the post request.
*
* Request needs to contain:
*
*/
public function process_payment()
{
$debug = Config::get('sdv2.debug');
$data = Input::all();
if ($debug) {
var_dump($data);
}
if ($debug) {
echo "</br>";
}
//Get the payment provider and check if the provider can handle the currency
$provider = SDPaymentProvider::find($data["provider_id"]);
if ($debug) {
echo $provider->currencies;
}
if ($debug) {
echo "</br>";
}
$ava_curr = json_decode($provider->currencies);
if ($debug) {
var_dump($ava_curr);
}
if ($debug) {
echo "</br>";
}
if ($ava_curr == false) {
exit("Provider Currency JSON invalid");
}
if ($ava_curr->{$data}["currency"] != "true") {
exit("Currency not supported by provider");
}
//query the items db to get the price of the plan
if ($debug) {
echo "Item-id:" . $data["item_id"] . "</br>";
}
$item = SDItem::find($data['item_id']);
if ($debug) {
var_dump($item);
}
if ($debug) {
echo "</br>";
}
//get the price of the item in the selected currency
$price_array = json_decode($item->price);
$price = $price_array->{$data}["currency"];
Log::info("price: " . $price);
//Generate a transaction id and check if it exists
$got_transaction_id = false;
while ($got_transaction_id == false) {
$transaction_id = $this->generate_transaction_id();
if (!($check_id = SDPaymentTransaction::find($transaction_id))) {
$got_transaction_id = true;
} else {
Log::info("transaction id " . $transaction_id . " already exists - genearating a new one");
}
}
Log::info("transaction id: " . $transaction_id);
//Check if a user with this mail adress exists or a user is logged in
if ($user = Sentinel::check()) {
Log::info("User logged in - UserID: " . $user->id);
} else {
Log::info("User not logged in - Redirected to the login page");
redirect::to('/user/require_login');
}
//Generate the item json
$items = array();
$items[] = array("id" => $item->id, "count" => "1");
$items = json_encode($items);
//Check if a steamid is added to the users account
//save the transaction to the transaction db
$transaction = new SDPaymentTransaction();
$transaction->id = $transaction_id;
$transaction->user_id = $user->id;
$transaction->payment_provider = $provider->id;
$transaction->currency = $data["currency"];
$transaction->price = $price;
$transaction->items = $items;
$transaction->status = "sent";
$transaction->save();
//Create the payment with the provider, the transaction code and the price
$payment_provider = $provider->provider_class;
Log::info("payment_provider_class:" . $payment_provider);
$payment = new $payment_provider();
$payment->initiate_payment($price, $transaction_id, $data["currency"]);
}
// receive in the activation email
Activation::complete($user, $activation->code);
// $code = $activation->code;
// $sent = Mail::send('sentinel.emails.activate', compact('user', 'code'), function($m) use ($user)
// {
// $m->to($user->email)->subject('Activate Your Account');
// });
// if ($sent === 0)
// {
// return Redirect::to('register')
// ->withErrors('Failed to send activation email.');
// }
return Redirect::to('account')->withSuccess('Account activated.');
})->where('id', '\\d+');
Route::get('deactivate', function () {
$user = Sentinel::check();
Activation::remove($user);
return Redirect::back()->withSuccess('Account deactivated.');
});
Route::get('reset', function () {
return View::make('sentinel.reset.begin');
});
Route::post('reset', function () {
$rules = ['email' => 'required|email'];
$validator = Validator::make(Input::get(), $rules);
if ($validator->fails()) {
return Redirect::back()->withInput()->withErrors($validator);
}
$email = Input::get('email');
$user = Sentinel::findByCredentials(compact('email'));
if (!$user) {
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/
Route::filter('auth', function () {
if (Auth::guest()) {
if (Request::ajax()) {
return Response::make('Unauthorized', 401);
} else {
return Redirect::guest('login');
}
}
});
Route::filter('auth.admin', function () {
if (Sentinel::check() && !Sentinel::hasAccess('admin')) {
return Redirect::to('account')->withErrors(['Only admins can access this page.']);
}
});
Route::filter('auth.basic', function () {
return Auth::basic();
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
