/**
* Scan available permissions and write to cfg file
* @return string
*/
public function actionBuildperms()
{
// default permissions
$permissions = ['global/write', 'global/modify', 'global/file', 'global/all'];
// admin controllers
$AdminAppControllers = '/Apps/Controller/Admin/';
// scan directory
$scan = File::listFiles($AdminAppControllers, ['.php']);
foreach ($scan as $file) {
$className = Str::firstIn(Str::lastIn($file, DIRECTORY_SEPARATOR, true), '.');
// read as plain text
$byte = File::read($file);
preg_match_all('/public function action(\\w*?)\\(/', $byte, $matches);
// matches[0] contains all methods ;)
if (Obj::isArray($matches[1]) && count($matches[1]) > 0) {
foreach ($matches[1] as $perm) {
$permissions[] = 'Admin/' . $className . '/' . $perm;
}
}
}
// prepare save string
$stringSave = "<?php \n\nreturn " . var_export($permissions, true) . ';';
File::write('/Private/Config/Permissions.php', $stringSave);
return 'Permissions configuration is successful updated! Founded permissions: ' . count($permissions);
}
/**
* Get label value by variable name
* @param string $param
* @return mixed
*/
public final function getLabel($param)
{
$labels = $this->labels();
$response = null;
// maybe array-dotted declaration?
if (Str::contains('.', $param)) {
// not defined for all array-dotted nesting?
if (Str::likeEmpty($labels[$param])) {
// lets set default array label (before first dot-separation)
$response = $labels[Str::firstIn($param, '.')];
} else {
$response = $labels[$param];
}
} else {
$response = $labels[$param];
}
return Str::likeEmpty($response) ? Str::replace('.', ' ', Str::splitCamelCase($param)) : $response;
}
/**
* Get field value from input POST/GET/AJAX data with defined security level (html - safe html, !secure = fully unescaped)
* @param string $field_name
* @return array|null|string
* @throws \InvalidArgumentException
*/
private function getFieldValue($field_name)
{
// get type of input data (where we must look it up)
$inputType = Str::lowerCase($this->_sendMethod);
$filterType = 'text';
// get declared field sources and types
$sources = $this->sources();
$types = $this->types();
// validate sources for current field
if (Obj::isArray($sources) && array_key_exists($field_name, $sources)) {
$inputType = Str::lowerCase($sources[$field_name]);
}
if (Obj::isArray($types)) {
// check if field is array-nested element by dots and use first element as general
$filterField = $field_name;
// check if field_name is dot-separated array and use general part
if (Str::contains('.', $field_name)) {
$filterField = Str::firstIn($field_name, '.');
}
if (array_key_exists($filterField, $types)) {
$filterType = Str::lowerCase($types[$filterField]);
}
}
// get clear field value
$field_value = $this->getRequest($field_name, $inputType);
// apply security filter for input data
if ($inputType !== 'file') {
if ($filterType === 'html') {
$field_value = App::$Security->secureHtml($field_value);
} elseif ($filterType !== '!secure') {
$field_value = App::$Security->strip_tags($field_value);
}
}
return $field_value;
}
/**
* Check if uri $source is equal to current uri point with array of $aliases and active $order set
* @param null $source
* @param array|null $aliases
* @param bool $order
* @return bool
*/
public static function isCurrentLink($source = null, array $aliases = null, $order = false)
{
$elementPoint = Url::buildPathway($source);
$currentPoint = Url::buildPathwayFromRequest();
// use special active element order type: controller, action
switch ($order) {
case 'controller':
$elementPoint = Str::firstIn($elementPoint, '/');
$active = Str::startsWith($elementPoint, $currentPoint);
break;
case 'action':
$elementArray = explode('/', $elementPoint);
if (!Str::contains('/', $elementPoint) || count($elementArray) < 2) {
$active = $elementPoint === $currentPoint;
} else {
$elementPoint = $elementArray[0] . '/' . $elementArray[1];
$active = Str::startsWith($elementPoint, $currentPoint);
}
break;
case 'id':
$elementArray = explode('/', $elementPoint);
$elementPoint = $elementArray[0] . '/' . $elementArray[1];
if ($elementArray[2] === null) {
// looks like id is not defined in element
if (Str::contains('?', $currentPoint)) {
$currentPoint = Str::firstIn($currentPoint, '?');
}
$currentArray = explode('/', $currentPoint);
$currentToId = implode('/', array_slice($currentArray, 0, 3));
$active = $elementPoint === $currentToId;
} else {
$elementPoint .= '/' . $elementArray[2];
$active = Str::startsWith($elementPoint, $currentPoint);
}
break;
default:
$active = $elementPoint === $currentPoint;
break;
}
// check if current uri equals with aliases
if (Obj::isArray($aliases) && count($aliases) > 0) {
foreach ($aliases as $activeUri) {
$activeUri = trim($activeUri, '/');
if (Str::endsWith('*', $activeUri)) {
$activeUri = rtrim($activeUri, '*');
if (Str::startsWith($activeUri, $currentPoint)) {
$active = true;
}
} else {
if ($activeUri === $currentPoint) {
$active = true;
}
}
}
}
return $active;
}
/**
* Remove items from gallery (preview+full)
* @param int $id
* @param string $file
* @throws ForbiddenException
* @throws NativeException
* @return string
*/
public function actionGallerydelete($id, $file = null)
{
if ($file === null || Str::likeEmpty($file)) {
$file = (string) $this->request->query->get('file', null);
}
// check passed data
if (Str::likeEmpty($file) || !Obj::isLikeInt($id)) {
throw new NativeException('Wrong input data');
}
// check passed file extension
$fileExt = Str::lastIn($file, '.', true);
$fileName = Str::firstIn($file, '.');
if (!Arr::in($fileExt, $this->allowedExt)) {
throw new ForbiddenException('Wrong file extension');
}
// generate path
$thumb = '/upload/gallery/' . $id . '/thumb/' . $fileName . '.jpg';
$full = '/upload/gallery/' . $id . '/orig/' . $file;
// check if file exists and remove
if (File::exist($thumb) || File::exist($full)) {
File::remove($thumb);
File::remove($full);
} else {
throw new NativeException('Image is not founded');
}
return json_encode(['status' => 1, 'msg' => 'Image is removed']);
}
