/**
* Get possible actions from Controller class.
* Note! Code accelerator (eaccelerator, apc, xcache, etc ) should be disabled to get comment line.
* Method returns only public methods that ends with "Action"
* @param string $controllerName
* @return array like array(
* array(
* 'name' => action name without "Action" postfix
* 'comment'=> doc comment
* )
* )
*/
public static function getPossibleActions($controllerName)
{
$manager = new Backend_Modules_Manager();
$appCfg = Registry::get('main', 'config');
$designerConfig = Config::factory(Config::File_Array, $appCfg->get('configs') . 'designer.php');
$templates = $designerConfig->get('templates');
$reflector = new ReflectionClass($controllerName);
if (!$reflector->isSubclassOf('Backend_Controller') && !$reflector->isSubclassOf('Frontend_Controller')) {
return array();
}
$actions = array();
$methods = $reflector->getMethods(ReflectionMethod::IS_PUBLIC);
$url = array();
if ($reflector->isSubclassOf('Backend_Controller')) {
$url[] = $templates['adminpath'];
$url[] = $manager->getModuleName($controllerName);
} elseif ($reflector->isSubclassOf('Frontend_Controller')) {
if ($appCfg['frontend_router_type'] == 'module') {
$module = self::_moduleByClass($controllerName);
if ($module !== false) {
$urlcode = Model::factory('Page')->getCodeByModule($module);
if ($urlcode !== false) {
$url[] = $urlcode;
}
}
} elseif ($appCfg['frontend_router_type'] == 'path') {
$paths = explode('_', str_replace(array('Frontend_'), '', $controllerName));
$pathsCount = count($paths) - 1;
if ($paths[$pathsCount] === 'Controller') {
$paths = array_slice($paths, 0, $pathsCount);
}
$url = array_merge($url, $paths);
} elseif ($appCfg['frontend_router_type'] == 'config') {
$urlCode = self::_moduleByClass($controllerName);
if ($urlCode !== false) {
$url[] = $urlCode;
}
}
}
if (!empty($methods)) {
Request::setDelimiter($templates['urldelimiter']);
Request::setRoot($templates['wwwroot']);
foreach ($methods as $method) {
if (substr($method->name, -6) !== 'Action') {
continue;
}
$actionName = substr($method->name, 0, -6);
$paths = $url;
$paths[] = $actionName;
$actions[] = array('name' => $actionName, 'code' => $method->name, 'url' => Request::url($paths, false), 'comment' => self::_clearDocSymbols($method->getDocComment()));
}
Request::setDelimiter($appCfg['urlDelimiter']);
Request::setRoot($appCfg['wwwroot']);
}
return $actions;
}
/**
* Route request to the Controller
* @return void
*/
public function route()
{
$cfg = Registry::get('backend', 'config');
$controller = $this->_request->getPart(1);
$controller = Utils_String::formatClassName(Filter::filterValue('pagecode', $controller));
if (in_array('Backend_' . $controller . '_Controller', $cfg->get('system_controllers'))) {
$controller = 'Backend_' . $controller . '_Controller';
} else {
$manager = new Backend_Modules_Manager();
$controller = $manager->getModuleController($controller);
if ($controller === false) {
if (Request::isAjax()) {
Response::jsonError(Lang::lang()->get('WRONG_REQUEST') . ' ' . Request::getInstance()->getUri());
}
$controller = 'Backend_Index_Controller';
}
}
$this->runController($controller, $this->_request->getPart(2));
}
/**
* Delete module
*/
public function deletemoduleAction()
{
$this->_checkCanEdit();
$module = Request::post('id', 'string', false);
$removeRelated = Request::post('delete_related', 'boolean', false);
$manager = new Backend_Modules_Manager();
$moduleName = $manager->getModuleName($module);
if (!$module || !strlen($module) || !$manager->isValidModule($moduleName)) {
Response::jsonError($this->_lang->WRONG_REQUEST);
}
$filesToDelete = array();
if ($removeRelated) {
$item = $manager->getModuleConfig($moduleName);
$classFile = './system/app/' . str_replace('_', '/', $item['class']) . '.php';
if (file_exists($classFile)) {
$filesToDelete[] = $classFile;
}
if (!empty($item['designer'])) {
if (file_exists($item['designer'])) {
$filesToDelete[] = $item['designer'];
}
$crudJs = './js/app/system/crud/' . strtolower($manager->getModuleName($item['class'])) . '.js';
if (file_exists($crudJs)) {
$filesToDelete[] = $crudJs;
}
$actionJs = './js/app/actions/' . strtolower($manager->getModuleName($item['class'])) . '.js';
if (file_exists($actionJs)) {
$filesToDelete[] = $actionJs;
}
}
}
// check before deleting
if (!empty($filesToDelete)) {
$err = array();
foreach ($filesToDelete as $file) {
if (!is_writable($file)) {
$err[] = $file;
}
}
if (!empty($err)) {
Response::jsonError($this->_lang->CANT_WRITE_FS . "\n<br>" . implode(",\n<br>", $err));
}
}
$manager->removeModule($moduleName);
if (!$manager->save()) {
Response::jsonError($this->_lang->CANT_WRITE_FS . ' ' . $manager->getConfig()->getName());
}
// try to delete
if (!empty($filesToDelete)) {
$err = array();
foreach ($filesToDelete as $file) {
if (!unlink($file)) {
$err[] = $file;
}
}
if (!empty($err)) {
Response::jsonError($this->_lang->CANT_WRITE_FS . "\n<br>" . implode(",\n<br>", $err));
}
}
Response::jsonSuccess();
}
/**
* List permissions action
*/
public function permissionsAction()
{
$user = Request::post('user_id', 'int', 0);
$group = Request::post('group_id', 'int', 0);
$data = array();
if ($user && $group) {
Response::jsonError($this->_lang->get('WRONG_REQUEST'));
}
if ($group) {
$data = Model::factory('Permissions')->getGroupPermissions($group);
}
if (!empty($data)) {
$data = Utils::rekey('module', $data);
}
$manager = new Backend_Modules_Manager();
$modules = $manager->getRegisteredModules();
foreach ($modules as $name) {
if (!isset($data[$name])) {
$data[$name] = array('module' => $name, 'view' => false, 'edit' => false, 'delete' => false, 'publish' => false);
}
}
foreach ($data as $k => &$v) {
$class = $manager->getModuleController($k);
if (!class_exists($class)) {
$v['rc'] = false;
continue;
}
$reflector = new ReflectionClass($class);
if ($reflector->isSubclassOf('Backend_Controller_Crud_Vc')) {
$v['rc'] = true;
} else {
$v['rc'] = false;
}
}
unset($v);
Response::jsonSuccess(array_values($data));
}
/**
* Check user permissions and authentication
*/
public function checkAuth()
{
$user = User::getInstance();
$uid = false;
if ($user->isAuthorized()) {
$uid = $user->id;
}
if (!$uid || !$user->isAdmin()) {
if (Request::isAjax()) {
Response::jsonError($this->_lang->MSG_AUTHORIZE);
} else {
$this->loginAction();
}
}
/*
* Check CSRF token
*/
if ($this->_configBackend->get('use_csrf_token') && Request::hasPost()) {
$csrf = new Security_Csrf();
$csrf->setOptions(array('lifetime' => $this->_configBackend->get('use_csrf_token_lifetime'), 'cleanupLimit' => $this->_configBackend->get('use_csrf_token_garbage_limit')));
if (!$csrf->checkHeader() && !$csrf->checkPost()) {
$this->_errorResponse($this->_lang->MSG_NEED_CSRF_TOKEN);
}
}
$this->_user = $user;
$isSysController = in_array(get_called_class(), $this->_configBackend->get('system_controllers'), true);
if ($isSysController) {
return;
}
if (!$this->_user->canView($this->_module)) {
$this->_errorResponse($this->_lang->CANT_VIEW);
}
$moduleManager = new Backend_Modules_Manager();
// $modules = Config::factory(Config::File_Array , $this->_configMain['backend_modules']);
/*
* Redirect for undefined module
*/
if (!$moduleManager->isValidModule($this->_module)) {
$this->_errorResponse($this->_lang->WRONG_REQUEST);
}
$moduleCfg = $moduleManager->getModuleConfig($this->_module);
/*
* Redirect for disabled module
*/
if ($moduleCfg['active'] == false) {
$this->_errorResponse($this->_lang->CANT_VIEW);
}
/*
* Redirect for dev module at prouction
*/
if ($moduleCfg['dev'] && !$this->_configMain['development']) {
$this->_errorResponse($this->_lang->CANT_VIEW);
}
}
protected function _prepareRecords($adminPass, $adminEmail, $adminName)
{
try {
$toCleanModels = array(Model::factory('User'), Model::factory('Group'), Model::factory('Permissions'), Model::factory('Page'));
foreach ($toCleanModels as $model) {
$model->getDbConnection()->delete($model->table());
}
// Add group
$group = new Db_Object('Group');
$group->setValues(array('title' => $this->_dictionary['ADMINISTRATORS'], 'system' => true));
$group->save(true, false);
$groupId = $group->getId();
// Add user
$user = new Db_Object('user');
$user->setValues(array('name' => 'Admin', 'email' => $adminEmail, 'login' => $adminName, 'pass' => Utils::hash($adminPass), 'enabled' => true, 'admin' => true, 'registration_date' => date('Y-m-d H:i:s'), 'confirmation_code' => md5(date('Y-m-d H:i:s')), 'group_id' => $groupId, 'confirmed' => true, 'avatar' => '', 'registration_ip' => $_SERVER['REMOTE_ADDR'], 'last_ip' => $_SERVER['REMOTE_ADDR'], 'confirmation_date' => date('Y-m-d H:i:s')));
$userId = $user->save(false, false);
if (!$userId) {
return false;
}
// Add permissions
$permissionsModel = Model::factory('Permissions');
$modulesManager = new Backend_Modules_Manager();
$modules = $modulesManager->getList();
foreach ($modules as $name => $config) {
if (!$permissionsModel->setGroupPermissions($groupId, $name, true, true, true, true)) {
return false;
}
}
$u = User::getInstance();
$u->setId($userId);
$u->setAuthorized();
// Add index Page
$page = new Db_Object('Page');
$page->setValues(array('code' => 'index', 'is_fixed' => 1, 'html_title' => 'Index', 'menu_title' => 'Index', 'page_title' => 'Index', 'meta_keywords' => '', 'meta_description' => '', 'parent_id' => null, 'text' => '[Index page content]', 'func_code' => '', 'order_no' => 1, 'show_blocks' => true, 'published' => true, 'published_version' => 0, 'editor_id' => $userId, 'date_created' => date('Y-m-d H:i:s'), 'date_updated' => date('Y-m-d H:i:s'), 'author_id' => $userId, 'blocks' => '', 'theme' => 'default', 'date_published' => date('Y-m-d H:i:s'), 'in_site_map' => true, 'default_blocks' => true));
if (!$page->save(true, false)) {
return false;
}
//404 Page
$page = new Db_Object('Page');
$page->setValues(array('code' => '404', 'is_fixed' => 1, 'html_title' => 'Error 404. Page not found', 'menu_title' => '404', 'page_title' => 'We cannot find the page you are looking for.', 'meta_keywords' => '', 'meta_description' => '', 'parent_id' => null, 'text' => 'We cannot find the page you are looking for.', 'func_code' => '', 'order_no' => 2, 'show_blocks' => true, 'published' => true, 'published_version' => 0, 'editor_id' => $userId, 'date_created' => date('Y-m-d H:i:s'), 'date_updated' => date('Y-m-d H:i:s'), 'author_id' => $userId, 'blocks' => '', 'theme' => 'default', 'date_published' => date('Y-m-d H:i:s'), 'in_site_map' => false, 'default_blocks' => true));
if (!$page->save(true, false)) {
return false;
}
//API Page
$page = new Db_Object('Page');
$page->setValues(array('code' => 'api', 'is_fixed' => 1, 'html_title' => 'API [System]', 'menu_title' => 'API', 'page_title' => 'API [System]', 'meta_keywords' => '', 'meta_description' => '', 'parent_id' => null, 'text' => '', 'func_code' => 'api', 'order_no' => 3, 'show_blocks' => false, 'published' => true, 'published_version' => 0, 'editor_id' => $userId, 'date_created' => date('Y-m-d H:i:s'), 'date_updated' => date('Y-m-d H:i:s'), 'author_id' => $userId, 'blocks' => '', 'theme' => 'default', 'date_published' => date('Y-m-d H:i:s'), 'in_site_map' => false, 'default_blocks' => false));
if (!$page->save(true, false)) {
return false;
}
return true;
} catch (Exception $e) {
return false;
}
}
/**
* Reset modules cache
*/
public function resetCache()
{
self::$_classRoutes = false;
Config::resetCache();
}
