/**
* Gibt den Text mit den ersetzten Links zurück
* @return string
*/
public function getText()
{
$this->text = html_entity_decode($this->text);
$matches = [];
// Suchen nach allem, dass in [[ ]] eingeschlossen ist
preg_match_all('/\\[\\[([\\w\\.\\säöüÄÖÜß]+)\\]\\]/', $this->text, $matches);
Logging::debug(print_r($matches, true));
foreach ($matches[1] as $match) {
$artikel = CmsArtikel::loadByBezeichnung($match, $this->kategorieId);
if ($artikel == null) {
Logging::info('Lege Artikel neu an: ' . $match);
$artikel = new CmsArtikel();
$artikel->ca_kategorie = $this->kategorieId;
$artikel->ca_bezeichnung = $match;
$artikel->ca_aktiv = 1;
$artikel->ca_autor = Security::getUserId();
$artikel->save();
$titel = Text::get($artikel->getElementId() . '.titel');
$titel->te_text = $match;
$titel->save();
}
$link = EntityLinks::show($artikel);
$tag = "<a href=\"{$link}\">{$match}</a>";
$this->text = str_replace('[[' . $match . ']]', $tag, $this->text);
}
return $this->text;
}
protected function preSave()
{
if ($this->ko_benutzer == 0) {
$this->ko_benutzer = Security::getUserId();
$this->ko_datum = new \DateTime();
}
}
/**
* @param $user
* @param $pass
* @param $token
* @return array
*/
private function loginUser($user, $pass, &$token)
{
if (Security::login($user, $pass)) {
$token = md5(Security::getUserId() . date('dmyHis'));
$user = new User(Security::getUserId());
$user->us_hash = $token;
$user->save();
return true;
}
return false;
}
protected function createBoxen()
{
$rollen = new Rolle();
$rollen = $rollen->loadAll();
foreach ($rollen as $rolle) {
$text = '';
if ($rolle->parent != '') {
$text .= $rolle->parent . ' » ';
}
$this->addBox($rolle->id, $text . $rolle->ro_bezeichnung, $this->id . '[]', Security::hatBerechtigung($this->element, 0, $rolle->id));
}
}
/**
*
*/
public function install()
{
Logging::info('Installiere Modul ' . $this->getModulename());
$module = Modules::getModule($this->getModulename());
$this->migrateDatabase();
Logging::info('Vergebe Berechtigungen');
foreach ($module->actions as $action) {
/**@var Action $action */
if ($action->securityLevel === Action::LEVEL_CONFIG) {
Security::berechtigungSchreiben($action->getSecurityToken(), self::ID_ADMIN_ROLLE, 1);
}
}
}
public function isAuthenticated($request)
{
if (Security::isAuthenticated()) {
return true;
}
// Token kann im Header oder in einem Parameter stehen
$token = 'XYZ';
if (isset($_SERVER['HTTP_X_TOKEN'])) {
$token = $_SERVER['HTTP_X_TOKEN'];
} elseif (isset($request->token)) {
$token = $request->token;
}
$user = User::loadByToken($token);
if ($user !== null) {
Security::loginUser($user);
return true;
} else {
return false;
}
}
protected function handle_file_upload($uploaded_file, $name, $size, $type, $error, $index = null, $content_range = null)
{
// TODO: Refactor!
if (isset(Application::getCurrentRequest()->target) && Application::getCurrentRequest()->target != '') {
$name = Application::getCurrentRequest()->target;
}
$file = parent::handle_file_upload($uploaded_file, $name, $size, $type, $error, $index, $content_range);
if (empty($file->error) && $this->kollektionId > 0) {
$medium = new Medien();
$medium->me_kollektion = $this->kollektionId;
$medium->me_titel = $file->name;
$medium->me_dateiname = $file->name;
$medium->me_erweiterung = strtolower(substr(strrchr($name, '.'), 1));
$medium->me_groesse = $file->size;
$medium->me_upload_am = date('d.m.Y');
$medium->me_upload_von = Security::getUserId();
if (isset(Application::getCurrentRequest()->token) && Application::getCurrentRequest()->token != '') {
$medium->me_token = Application::getCurrentRequest()->token;
}
$medium->save();
$file->id = $medium->id;
}
return $file;
}
public function endEditPage()
{
$this->page = new Page($this->request->id);
$this->page->save($this->request);
if ($this->request->id < 0) {
$this->page->generatePos();
}
Text::saveArray($this->page->getElementId(), $this->request->texte);
Security::berechtigungenSchreiben($this->page->getSecurityElement(), $this->request->berechtigung);
$this->flushCache();
$oldPanel = $this->request->initPanel;
$this->request->clear();
$this->request->initPanel = $oldPanel;
$this->request->id = $this->page->id;
FlashMessage::success(Strings::GESPEICHERT);
}
/**
* Gibt zurück ob der aktuell angemeldete Benutzer ein Administrator ist.
* Als Kennzeichen wird die Rolle Rolle::ROLLE_ADMIN verwendet.
*
* @return boolean
*/
public static function isAdmin()
{
if (self::getInstance()->isAdministrator === null) {
self::getInstance()->isAdministrator = Security::hatRolle(Rolle::ROLLE_ADMIN);
}
return self::getInstance()->isAdministrator;
}
use NewFrontiers\Framework\Core\Application;
use NewFrontiers\Framework\Events\FrameworkEvents;
use Nostromo\Contracts\Facades\Events;
use Nostromo\Contracts\Facades\Logging;
use Nostromo\Contracts\Facades\Profiler;
use Nostromo\Contracts\Facades\Security;
use Symfony\Component\EventDispatcher\Event;
Profiler::startSection('initApplication');
// Listener, der als Login-Gate fungiert
// TODO: In eigene Klasse
Events::addListener(FrameworkEvents::REQUEST_BEFORE, function (\NewFrontiers\Framework\Events\RequestEvent $event) {
$request = $event->getRequest();
// Nur Admin schützen
if (!$request->admin) {
return;
}
// API ausnhemen (pauschal)
if ($request->module == 'api' || $request->module == 'Api') {
return;
}
$allowedActions = array('showLogin', 'login', 'loginFailure', 'logout', 'password', 'doPassword', 'reset', 'doReset');
if (!Security::isAuthenticated() && !in_array($request->action, $allowedActions)) {
$request->followUpModule = $request->module;
$request->followUpAction = $request->action;
$request->module = 'defaultMod';
$request->action = 'showLogin';
Logging::warning('Action not allowed. User was sent to Login-Screen');
} else {
}
});
Profiler::endSection('initApplication');
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="//oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="//oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
<script src="//code.jquery.com/jquery-1.11.2.min.js"></script>
</head>
<body style="padding-top: 70px;">
<!-- Navbar -->
<?php
if (Security::isAuthenticated()) {
?>
<nav class="navbar navbar-inverse navbar-fixed-top" role="navigation">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse"
data-target="#bs-example-navbar-collapse-1">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<!--<a class="navbar-brand" href="#"><img src="http://pixw.net/p3/themes/p3-bootstrap/img/p3.png" style="margin-top: -4px"></a>-->
</div>
public function install()
{
parent::install();
// Datensätze anlegen
$site = new Site();
$site->si_bezeichnung = 'Administration';
$site->si_name = 'admin';
$site->si_urlpattern = 'admin.php';
$site->si_template = 'bootadmin';
$site->save();
// Struktur-Eintrag im Menü
$page = new Page();
$page->pa_site = $site->id;
$page->pa_parent = 0;
$page->pa_bezeichnung = 'Struktur';
$page->pa_link = 'struktur';
$page->pa_pos = 0;
$page->pa_title = 'Struktur';
$page->pa_module = 'site';
$page->pa_action = 'useInnerTemplate';
$page->pa_haschildren = false;
$page->pa_innertemplate = 'normal';
$page->save();
$region = new Region();
$region->re_page = $page->id;
$region->re_name = 'main';
$region->re_module = 'site';
$region->re_action = 'showSite';
$region->re_position = 1;
$region->save();
Security::berechtigungSchreiben($page->getElementId(), 1, 1);
Text::saveArray($page->getElementId(), array(1 => 'Struktur'));
// Benutzer-Eintrag im Menü
$page = new Page();
$page->pa_site = $site->id;
$page->pa_parent = 0;
$page->pa_bezeichnung = 'Benutzer';
$page->pa_link = 'benutzer';
$page->pa_pos = 0;
$page->pa_title = 'Benutzer';
$page->pa_module = 'site';
$page->pa_action = 'useInnerTemplate';
$page->pa_haschildren = false;
$page->pa_innertemplate = 'normal';
$page->save();
$region = new Region();
$region->re_page = $page->id;
$region->re_name = 'main';
$region->re_module = 'user';
$region->re_action = 'indexUser';
$region->re_position = 1;
$region->save();
Security::berechtigungSchreiben($page->getElementId(), 1, 1);
Text::saveArray($page->getElementId(), array(1 => 'Benutzer'));
// Modul-Eintrag im Menü
$page = new Page();
$page->pa_site = $site->id;
$page->pa_parent = 0;
$page->pa_bezeichnung = 'Module';
$page->pa_link = 'module';
$page->pa_pos = 0;
$page->pa_title = 'Module';
$page->pa_module = 'site';
$page->pa_action = 'useInnerTemplate';
$page->pa_haschildren = false;
$page->pa_innertemplate = 'normal';
$page->save();
$region = new Region();
$region->re_page = $page->id;
$region->re_name = 'main';
$region->re_module = 'modView';
$region->re_action = 'showModules';
$region->re_position = 1;
$region->save();
Security::berechtigungSchreiben($page->getElementId(), 1, 1);
Text::saveArray($page->getElementId(), array(1 => 'Module'));
// Site-Definition Frontend
$site = new Site();
$site->si_bezeichnung = 'Webseite';
$site->si_name = 'web';
$site->si_urlpattern = '';
$site->si_template = 'unify';
$site->save();
}
public function install()
{
parent::install();
Security::berechtigungSchreiben('ModView_newModule', 1, 1);
}
public function endBerechtigung()
{
$this->current = Modules::getModule($this->request->current);
$this->action = $this->current->getAction($this->request->id);
Security::berechtigungenSchreiben($this->current->qualifiedName . '_' . $this->action->name, $this->request->berechtigung);
$this->request->id = $this->request->current;
}
/**
* Wechselt die Identität des angemeldeten Benutzers
* ACHTUNG! Besondere Sorgfalt bei der Berechtigungsprüfung von Nöten!
*/
public function doAnmeldenAls()
{
// TODO: Berechtigung prüfen
// TODO: DTV!
$darfWechsel = Application::isAdmin() || Security::hatRolle('DTV-GS');
if (!$darfWechsel) {
FlashMessage::danger('Für diese Aktion haben Sie keine Berechtigung');
Application::getCurrentResponse()->redirectToFrontpage();
}
$this->user = User::loadByBenutzername($this->request->benutzer);
if ($this->user != null) {
Security::loginUser($this->user);
FlashMessage::success('Sie sind jetzt angemeldet als ' . $this->user);
} else {
FlashMessage::danger('Benutzername nicht bekannt');
}
Application::getCurrentResponse()->redirectToFrontpage();
}
/**
* Prüft, ob der aktuell angemeldete Benutzer berechtigt für diese Aktion ist
* @return bool
*/
public function isBerechtigt()
{
Logging::debug("Prüfe Berechtigung für {$this->name} : {$this->securityLevel}");
if ($this->securityLevel === Action::LEVEL_ALL) {
return true;
} elseif ($this->securityLevel === Action::LEVEL_LOGGEDIN) {
return Security::isAuthenticated();
} elseif ($this->securityLevel === Action::LEVEL_CONFIG) {
return Security::hatBerechtigung($this->getSecurityToken());
} else {
// TODO: Hier könnte man jetzt auch den Rückgriff auf
// andere Module einbauen. Wäre kein Problem
$module = $this->module;
$action = $module->getAction($this->securityLevel);
if ($action !== null) {
return $action->isBerechtigt();
}
}
return false;
}
