protected function BeforeInit()
{
if (!self::Guard()->Allow(BackendAction::Read(), $this)) {
//TODO: message
Response::Redirect(BackendRouter::ModuleUrl(new Overview()));
return false;
}
return parent::BeforeInit();
}
/**
* Initiaizes the set of sites
*/
protected function Init()
{
$sql = Access::SqlBuilder();
$tbl = Site::Schema()->Table();
$order = $sql->OrderList($sql->OrderAsc($tbl->Field('Name')));
$sites = Site::Schema()->Fetch(false, null, $order);
$this->sites = array();
foreach ($sites as $site) {
if (self::Guard()->Allow(BackendAction::Read(), $site)) {
$this->sites[] = $site;
}
}
return parent::Init();
}
/**
* The modules for the backend navigation
* @return Returns an array with bundle names as keys and backend modules as list
*/
static function BackendNavModules()
{
$result = array();
$allBundles = PathUtil::Bundles();
//force Core to appear first
$coreKey = array_search('Core', $allBundles);
unset($allBundles[$coreKey]);
array_unshift($allBundles, 'Core');
$bundles = array_values($allBundles);
foreach ($bundles as $bundle) {
$modules = PathUtil::BackendModules($bundle);
foreach ($modules as $module) {
$type = self::CalcModuleType($bundle, $module);
$instance = self::CreateBackendModule($type);
if (!$instance instanceof BackendModule) {
continue;
}
if ($instance->SideNavIndex() >= 0 && BackendModule::Guard()->Allow(BackendAction::Read(), $instance)) {
self::AddBackendNavModule($result, $instance);
}
}
}
return self::SortByNavIndex($result);
}
/**
* True if the area is locked
* @param Area $area
* @return bool
*/
protected function IsLocked(Area $area)
{
return !BackendModule::Guard()->Allow(BackendAction::Read(), $area);
}
private function GrantOnUser(BackendAction $action, User $user)
{
$allowed = false;
switch ($action) {
case BackendAction::Delete():
case BackendAction::ChangeIsAdmin():
$allowed = $this->IsAdministrator() && !$this->GetUser()->Equals($user);
break;
case BackendAction::AssignGroups():
$allowed = $this->IsAdministrator() && !$user->GetIsAdmin();
break;
case BackendAction::Edit():
case BackendAction::Read():
$allowed = $this->IsAdministrator() || $this->GetUser()->Equals($user);
break;
case BackendAction::Create():
$allowed = $this->IsAdministrator();
break;
}
return $allowed ? GrantResult::Allowed() : GrantResult::NoAccess();
}
/**
* True if the the content can be edited
* @return Boolean
*/
protected final function CanEdit()
{
$form = $this->module->ContentForm();
return BackendModule::Guard()->Allow(BackendAction::Edit(), $this->content) && BackendModule::Guard()->Allow(BackendAction::Read(), $form);
}