protected function reloadAction() { K_Access::load(true); K_Access::loadAclTree(true); $returnJson['msg'] = '<strong>ОК:</strong> ACL перезагружен'; $returnJson['error'] = false; $this->putJSON($returnJson); }
protected function seoGUI() { if (!K_Access::acl()->isAllowed(K_Auth::getRoles(), 'admin/tree/updateseo', true)) { return false; } $this->tabs['seo'] = 'SEO'; $this->view->node = $this->nodeData; return $this->x_render('seo', $this); }
public function indexAction() { $auth_error = false; //Если авторизован отпровляем в админку if (K_Access::acl()->isAllowed(K_Auth::getRoles(), 'admin')) { K_Request::redirect("/admin"); } if (isset($_POST['btnauth'])) { $login = K_Arr::get($_POST, 'login', false); if ($login and strlen($login) < 100) { $password = K_Arr::get($_POST, 'password', false); if ($password) { $password_hash = md5(md5($password . K_Registry::get('Configure.salt'))); $user_model = new Admin_Model_User(); $user_arr = $user_model->find(K_Db_Select::create()->fields('user_id, user_name, user_login , user_email')->where(array('and' => array('user_login' => $login, "user_password" => $password_hash)))->limit(1)); if (is_array($user_arr) && count($user_arr)) { $user = $user_arr[0]->toArray(); $user_role = new Admin_Model_UserRole(); // находим все роли пользователя $user_roles_arr = $user_role->fetchAssoc('role_acl_key', 'SELECT r.role_acl_key FROM (`users_roles`)inner join `role` as r on usrol_role_id=r.role_id WHERE usrol_user_id = "' . $user['user_id'] . '"'); foreach ($user_roles_arr as $v) { $user_roles[] = $v["role_acl_key"]; } //Загружаем роли в класc авторизации // var_dump ($user); //даже если у пользователя нет ролей даём ему роль guests if (!isset($user_roles)) { $user_roles = array('guests'); } K_Auth::authorize($user, $user_roles); K_Request::redirect("/admin"); } else { $auth_error = true; } } else { $auth_error = true; } } else { $auth_error = true; } } $this->view->error_msg = ''; if ($auth_error) { $this->view->error_msg = "Ошибка авторизации, неверный логин или пароль"; } }
public function start($nodeId, $accessRes = 'admin') { if ($this->editAccess || K_Access::accessSiteCheck($accessRes)) { if (K_Access::accessTree($nodeId)) { echo '<div class="edit-wrapper"> <div class="mod-panel"> <a class="edit-button" href="javascript:;" id="edit_' . $nodeId . '"> <img src="/usr/img/edit.png"> </a> <a class="fast-edit-button" href="javascript:;" id="edit_' . $nodeId . '"> <img src="/usr/img/edit2.png"> </a> </div> '; } $this->editAccess = true; } }
public function initAccess() { K_Access::load(true); }
public static function accessSite($res, $privilege = 'view') { $access = self::accessSiteCheck($res, $privilege); if (!$access) { if (isset(self::$lastKnowResourse)) { $denyAction = K_Access::acl()->getDeneyAction(self::$lastKnowResourse); if ($denyAction) { if ($resourse != $denyAction) { K_Request::redirect($denyAction); } } else { if ($resourse != 'default/index/index') { K_Request::redirect('/'); } } } else { if ($resourse != 'default/index/index') { K_Request::redirect('/'); } } } }
/** * Execute action * @param Array $route array with call attributes as controller, module, action, params, disableLayout etc. * @param Bool $autoRender render action after call (not wait controller destroy action) */ public function executeRequest(&$route, $autoRender = false, $checkAcl = true) { if (is_array($route)) { if ($checkAcl && $route['module'] == 'admin') { K_Access::accessSite($route); } // echo '$this->controller = new '.ucfirst($route['module']).'_Controller_'.ucfirst($route['controller']).'( $route );'; eval('$this->controller = new ' . ucfirst($route['module']) . '_Controller_' . ucfirst($route['controller']) . '( $route );'); $this->controller->options($route); $this->controller->run($route['action'], null, $autoRender); } }
$allowTrigger = true; $nodeArr = array(); } for ($i = 0; $i < sizeof($treeElements); $i++) { $typeController = 'Type_Controller_' . ucfirst($treeElements[$i]['tree_type']); $resArr = $nodeArr; $resArr[] = $treeElements[$i]['tree_id']; $resourse = implode('/', $resArr); // echo $resourse."\n"; $access = K_Access::aclTree()->isAllowed(K_Auth::getRoles(), $resourse, true); // var_dump(K_Access::aclTree()->lastResource); if (K_Access::aclTree()->lastResource == null) { $access = $allowTrigger; } if ($access || $treeElements[$i]['tree_id'] == '1') { if ($treeElements[$i]['subElements']) { $nodeState = 'closed'; } else { $nodeState = ''; } if ($treeElements[$i]['tree_type'] == 'list') { $list = K_CupItems::getItems($treeElements[$i]['tree_id'], $treeElements[$i]['tree_type']); $allowTypes = array_map('trim', explode(',', $list[0]['types'])); } else { $allowTypes = $typeController::$allowedChildren; } if (!in_array("all", $allowTypes)) { $allows = array("types" => array("valid_children" => $allowTypes)); } $treeStructure = array('attr' => array('id' => 'node_' . $treeElements[$i]['tree_id'], 'rel' => $access ? $treeElements[$i]['tree_type'] : "disable_n"), 'data' => array("title" => $treeElements[$i]['tree_title'], 'icon' => "/adm/img/tree/" . $treeElements[$i]['tree_type'] . ".png", "attr" => array("href" => "#", "class" => $access ? "" : "ui-state-disabled")), "metadata" => array('id' => $treeElements[$i]['tree_id']), 'state' => $nodeState); $treeStructure['metadata']["jstree"] = $allows; $treeStructureArr[] = $treeStructure; // $treeStructure['metadata']['jstree']=$allows; } } $this->putJSON($treeStructureArr); } /* Перемещяет нод в дереве $key, $base_key, $position = 'bottom' */ public function moveAction() { $this->disableRender = true; $key = (int) $_POST['key']; $baseKey = (int) $_POST['base_key']; $position = $_POST['position']; $copy = (int) $_POST['copy']; $pasteKey = (int) $_POST['parent_key']; $node = K_Tree::getNode($key); if ($node['tree_bloked'] == '1') { $this->putAjax('{ "status" : false}'); } if ($copy) {