/**
* @param CWebUser $c
* @return bool
*/
public function kannLoeschen($c)
{
if ($this->getVeranstaltung()->isAdminCurUser()) {
return true;
}
if (!is_null($this->verfasserIn->auth) && $c->getId() == $this->verfasserIn->auth) {
return true;
}
return false;
}
public function getReturnUrl($defaultUrl = null)
{
if ($defaultUrl === null) {
$defaultUrl = $this->defaultReturnUrl;
}
return parent::getReturnUrl($defaultUrl);
}
protected function beforeLogin($id, $states, $fromCookie)
{
if ($fromCookie) {
//the cookie isn't here, so we refuse the login
if (!isset($states[UserIdentity::LOGIN_TOKEN])) {
return false;
}
$model = Users::model()->findByPk($id);
if ($model == null) {
return false;
}
//check if cookie is correct
$cookieLoginToken = $states[UserIdentity::LOGIN_TOKEN];
if (!isset($cookieLoginToken) || $cookieLoginToken != $model->logintoken) {
return false;
}
if (!$model->activated || $model->blocked || $model->deleted) {
//user deleted
return false;
}
}
if (!parent::beforeLogin($id, $states, $fromCookie)) {
return false;
}
return true;
}
function local_generateHeader($data)
{
// only needed for zbx_construct_menu
global $page;
header('Content-Type: text/html; charset=UTF-8');
// construct menu
$main_menu = [];
$sub_menus = [];
zbx_construct_menu($main_menu, $sub_menus, $page, $data['controller']['action']);
$pageHeader = new CView('layout.htmlpage.header', ['javascript' => ['files' => $data['javascript']['files']], 'page' => ['title' => $data['page']['title']], 'user' => ['lang' => CWebUser::$data['lang'], 'theme' => CWebUser::$data['theme']]]);
echo $pageHeader->getOutput();
if ($data['fullscreen'] == 0) {
global $ZBX_SERVER_NAME;
$pageMenu = new CView('layout.htmlpage.menu', ['server_name' => isset($ZBX_SERVER_NAME) ? $ZBX_SERVER_NAME : '', 'menu' => ['main_menu' => $main_menu, 'sub_menus' => $sub_menus, 'selected' => $page['menu']], 'user' => ['is_guest' => CWebUser::isGuest(), 'alias' => CWebUser::$data['alias'], 'name' => CWebUser::$data['name'], 'surname' => CWebUser::$data['surname']]]);
echo $pageMenu->getOutput();
}
echo '<div class="' . ZBX_STYLE_ARTICLE . '">';
// should be replaced with addPostJS() at some point
zbx_add_post_js('initMessages({});');
// if a user logs in after several unsuccessful attempts, display a warning
if ($failedAttempts = CProfile::get('web.login.attempt.failed', 0)) {
$attempt_ip = CProfile::get('web.login.attempt.ip', '');
$attempt_date = CProfile::get('web.login.attempt.clock', 0);
$error_msg = _n('%4$s failed login attempt logged. Last failed attempt was from %1$s on %2$s at %3$s.', '%4$s failed login attempts logged. Last failed attempt was from %1$s on %2$s at %3$s.', $attempt_ip, zbx_date2str(DATE_FORMAT, $attempt_date), zbx_date2str(TIME_FORMAT, $attempt_date), $failedAttempts);
error($error_msg);
CProfile::update('web.login.attempt.failed', 0, PROFILE_TYPE_INT);
}
show_messages();
}
/**
* Checks that the user has write permissions to objects used in the map elements.
*
* @throws APIException if the user has no permissions to at least one of the objects
*
* @param array $selements
*/
protected function checkSelementPermissions(array $selements)
{
if (CWebUser::getType() == USER_TYPE_SUPER_ADMIN) {
return;
}
$hostIds = $groupIds = $triggerIds = $mapIds = array();
foreach ($selements as $selement) {
switch ($selement['elementtype']) {
case SYSMAP_ELEMENT_TYPE_HOST:
$hostIds[$selement['elementid']] = $selement['elementid'];
break;
case SYSMAP_ELEMENT_TYPE_HOST_GROUP:
$groupIds[$selement['elementid']] = $selement['elementid'];
break;
case SYSMAP_ELEMENT_TYPE_TRIGGER:
$triggerIds[$selement['elementid']] = $selement['elementid'];
break;
case SYSMAP_ELEMENT_TYPE_MAP:
$mapIds[$selement['elementid']] = $selement['elementid'];
break;
}
}
if ($hostIds && !API::Host()->isWritable($hostIds) || $groupIds && !API::HostGroup()->isWritable($groupIds) || $triggerIds && !API::Trigger()->isWritable($triggerIds) || $mapIds && !API::Map()->isWritable($mapIds)) {
self::exception(ZBX_API_ERROR_PERMISSIONS, _('No permissions to referred object or it does not exist!'));
}
}
public function checkAccess($operation, $params=array(), $allowCaching=true)
{
if(!Yum::hasModule('role') || Yum::module('role')->useYiiCheckAccess )
return parent::checkAccess($operation, $params, $allowCaching);
return $this->can($operation);
}
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
if ($operation === 'admin') {
return $this->isAdmin();
}
return parent::checkAccess($operation, $params, $allowCaching);
}
/**
* Performs access check for this user.
* @param string $operation the name of the operation that need access check.
* @param array $params name-value pairs that would be passed to business rules associated
* with the tasks and roles assigned to the user.
* @param boolean $allowCaching whether to allow caching the result of access check.
* @return boolean whether the operations can be performed by this user.
*/
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
if ($this->getIsAdmin()) {
return true;
}
return parent::checkAccess($operation, $params, $allowCaching);
}
function bodyToString($destroy = true)
{
$setup_left = (new CDiv([(new CDiv())->addClass(ZBX_STYLE_SIGNIN_LOGO), $this->getList()]))->addClass(ZBX_STYLE_SETUP_LEFT);
$setup_right = (new CDiv($this->getStage()))->addClass(ZBX_STYLE_SETUP_RIGHT);
if (CWebUser::$data && CWebUser::getType() == USER_TYPE_SUPER_ADMIN) {
$cancel_button = (new CSubmit('cancel', _('Cancel')))->addClass(ZBX_STYLE_BTN_ALT)->addClass(ZBX_STYLE_FLOAT_LEFT);
if ($this->DISABLE_CANCEL_BUTTON) {
$cancel_button->setEnabled(false);
}
} else {
$cancel_button = null;
}
if (array_key_exists($this->getStep() + 1, $this->stage)) {
$next_button = new CSubmit('next[' . $this->getStep() . ']', _('Next step'));
} else {
$next_button = new CSubmit($this->SHOW_RETRY_BUTTON ? 'retry' : 'finish', _('Finish'));
}
$back_button = (new CSubmit('back[' . $this->getStep() . ']', _('Back')))->addClass(ZBX_STYLE_BTN_ALT)->addClass(ZBX_STYLE_FLOAT_LEFT);
if ($this->getStep() == 0 || $this->DISABLE_BACK_BUTTON) {
$back_button->setEnabled(false);
}
$setup_footer = (new CDiv([new CDiv([$next_button, $back_button]), $cancel_button]))->addClass(ZBX_STYLE_SETUP_FOOTER);
$setup_container = (new CDiv([$setup_left, $setup_right, $setup_footer]))->addClass(ZBX_STYLE_SETUP_CONTAINER);
return parent::bodyToString($destroy) . $setup_container->ToString();
}
public function __set($attributeName, $value)
{
if ($attributeName == 'userModel') {
$this->userModel = $value;
} else {
parent::__set($attributeName, $value);
}
}
public function getReturnUrl($defaultUrl = '/')
{
$returnUrl = parent::getReturnUrl($defaultUrl);
if ($returnUrl == '/index.php') {
return '/';
}
return $returnUrl;
}
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
if ($operation == 'administrator') {
return Permission::model()->hasGlobalPermission('superadmin', 'read');
} else {
return parent::checkAccess($operation, $params, $allowCaching);
}
}
public function isCustomer()
{
if ($this->_isCustomer === null) {
$customer_user_role = Yii::app()->getModule('user')->customerUser['role'];
$this->_isCustomer = parent::checkAccess($customer_user_role);
}
return $this->_isCustomer;
}
protected function afterLogin($fromCookie)
{
parent::afterLogin($fromCookie);
$this->updateSession();
$this->updateIdentity();
$this->recordlogintime();
$this->recordonline();
}
/**
* @param IUserIdentity $identity
* @param int $duration
* @return bool
*/
public function login($identity, $duration = 0)
{
$this->setState("__branchId", $identity->getBranchId());
$this->setState("__scope", $identity->getScope());
$this->setState("__roles", $identity->getRoles());
$this->setState("__userData", $identity->getUserData());
return parent::login($identity, $duration);
}
public function init()
{
parent::init();
if (!$this->isGuest) {
/** @var $u User */
$u = User::model()->findByPk($this->id);
$this->_profile = $u;
}
}
/**
* @inheritDoc
*/
public function init()
{
parent::init();
if (!$this->isGuest) {
// Note that saveAttributes can return false if the account is active twice the same second
// because no attributes are updated, therefore we cannot throw an exception if save fails.
$this->loadAccount()->saveAttributes(array('lastActiveAt' => Helper::sqlNow()));
}
}
public function __call($name, $parameters)
{
try {
return parent::__call($name, $parameters);
} catch (CException $e) {
$m = $this->getModel();
return call_user_func_array(array($m, $name), $parameters);
}
}
/**
* updateAuthStatus
*
* @access public
* @return void
*/
public function updateAuthStatus()
{
if (!$this->isGuest) {
parent::updateAuthStatus();
$timeOut = Yii::app()->getSession()->getTimeout();
if ($this->isGuest) {
Yii::app()->session->destroy();
}
}
}
public function init()
{
parent::init();
if ($this->getIsGuest() === FALSE) {
// Если юзер залогинен то обновляю его инфу
$this->_user = Users::model()->with('profile')->find('auth_hash = :auth_hash', array('auth_hash' => $this->getState('auth_hash')));
if (!$this->_user) {
$this->logout();
}
}
}
public function afterLogin($fromCookie)
{
if (parent::beforeLogout()) {
$user = User::model()->findByPk(Yii::app()->user->id);
$user->last_login_time = new CDbExpression('NOW()');
$user->saveAttributes(array('last_login_time'));
return parent::afterLogin($fromCookie);
} else {
return false;
}
}
/**
* Initializes the application component.
*
* This method will determine how long user sessions are configured to last, and whether the current request
* has requested to not extend the current user session, before calling {@link \CWebUser::init()}.
*
* @return null
*/
public function init()
{
if (!craft()->isConsole()) {
// Set the authTimeout based on whether the current identity was created with "Remember Me" checked.
$data = $this->getIdentityCookieValue();
$this->authTimeout = craft()->config->getUserSessionDuration($data ? $data[3] : false);
// Should we skip auto login and cookie renewal?
$this->_dontExtendSession = !$this->shouldExtendSession();
$this->autoRenewCookie = !$this->_dontExtendSession;
parent::init();
}
}
public function login($identity, $duration = 0)
{
if (@strlen(Yii::app()->params['admin_ips'])) {
$model = User::model()->findByPk($identity->id);
if ($model->global_role == 'superuser' || $model->name == $this->superuser) {
if (!$this->checkIp(Yii::app()->params['admin_ips'])) {
Yii::log('Superuser login denied for ' . $model->name . ' (IP ' . $this->ip . ')');
return false;
}
}
}
return parent::login($identity, $duration);
}
public function __get($attribute)
{
try {
return parent::__get($attribute);
} catch (CException $e) {
$model = $this->getModel();
if ($model) {
return $model->__get($attribute);
} else {
throw $e;
}
}
}
public function login($identity, $duration = 0)
{
$result = parent::login($identity, $duration);
if (!$result) {
return $result;
}
$session = Yii::app()->getSession();
$info = UserInfo::model()->findByAttributes(['user_id' => $identity->getId()]);
$session['username'] = $info->name;
$session['surname'] = $info->surname;
$session['otchestvo'] = $info->otchestvo;
return $result;
}
public function checkAccess($operation, $params = array(), $allowCaching = true)
{
if (Yii::app()->getModule('srbac')->isInstalled()) {
//Always allow access if $access is in the allowedAccess array
if (in_array($operation, $this->allowedAccess())) {
return true;
}
//Allow access when srbac is in debug mode
if (Yii::app()->getModule('srbac')->debug) {
return true;
}
}
return parent::checkAccess($operation, $params, $allowCaching);
}
public function checkAccess($name, $userId = array())
{
if (!Yii::app()->user->isAdmin) {
return false;
}
switch ($name) {
case 'view':
case 'update':
case 'create':
case 'delete':
return parent::checkAccess($name . '_' . ucfirst(Yii::app()->controller->id));
}
return parent::checkAccess($name, $userId);
}
protected function updateAuthStatus()
{
if (!Ibos::app()->request->getIsAjaxRequest()) {
if ($this->account["allowshare"] != 1 && !$this->getIsGuest()) {
$criteria = array("condition" => sprintf("`uid` = %d", $this->uid));
$session = Session::model()->fetch($criteria);
if ($session && $session["sid"] != Ibos::app()->setting->get("sid")) {
Ibos::app()->getRequest()->getCookies()->remove($this->getStateKeyPrefix());
Ibos::app()->getSession()->destroy();
}
}
parent::updateAuthStatus();
}
}
public function __get($name)
{
if ($this->hasState($name)) {
return $this->getState($name);
} elseif (in_array($name, $this->UserStatefulFields)) {
$user = $this->getUserModel();
if ($user) {
return $user->{$name};
} else {
return NULL;
}
} else {
return parent::__get($name);
}
}
/**
* @runInSeparateProcess
* @outputBuffering enabled
* @dataProvider booleanProvider
*/
public function testLoginLogout($destroySession)
{
$identity = new CUserIdentity('testUser', 'testPassword');
$user = new CWebUser();
$user->init();
// be guest before login
$this->assertTrue($user->isGuest);
// do a login
$this->assertTrue($user->login($identity));
// don't be guest after login
$this->assertFalse($user->isGuest);
$this->assertEquals('testUser', $user->getId());
$this->assertEquals('testUser', $user->getName());
$user->logout($destroySession);
// be guest after logout
$this->assertNull($user->getId());
$this->assertEquals($user->guestName, $user->getName());
}
