protected function BeforeInit() { if (!self::Guard()->Allow(BackendAction::Read(), $this)) { //TODO: message Response::Redirect(BackendRouter::ModuleUrl(new Overview())); return false; } return parent::BeforeInit(); }
/** * Initiaizes the set of sites */ protected function Init() { $sql = Access::SqlBuilder(); $tbl = Site::Schema()->Table(); $order = $sql->OrderList($sql->OrderAsc($tbl->Field('Name'))); $sites = Site::Schema()->Fetch(false, null, $order); $this->sites = array(); foreach ($sites as $site) { if (self::Guard()->Allow(BackendAction::Read(), $site)) { $this->sites[] = $site; } } return parent::Init(); }
/** * The modules for the backend navigation * @return Returns an array with bundle names as keys and backend modules as list */ static function BackendNavModules() { $result = array(); $allBundles = PathUtil::Bundles(); //force Core to appear first $coreKey = array_search('Core', $allBundles); unset($allBundles[$coreKey]); array_unshift($allBundles, 'Core'); $bundles = array_values($allBundles); foreach ($bundles as $bundle) { $modules = PathUtil::BackendModules($bundle); foreach ($modules as $module) { $type = self::CalcModuleType($bundle, $module); $instance = self::CreateBackendModule($type); if (!$instance instanceof BackendModule) { continue; } if ($instance->SideNavIndex() >= 0 && BackendModule::Guard()->Allow(BackendAction::Read(), $instance)) { self::AddBackendNavModule($result, $instance); } } } return self::SortByNavIndex($result); }
/** * True if the area is locked * @param Area $area * @return bool */ protected function IsLocked(Area $area) { return !BackendModule::Guard()->Allow(BackendAction::Read(), $area); }
private function GrantOnUser(BackendAction $action, User $user) { $allowed = false; switch ($action) { case BackendAction::Delete(): case BackendAction::ChangeIsAdmin(): $allowed = $this->IsAdministrator() && !$this->GetUser()->Equals($user); break; case BackendAction::AssignGroups(): $allowed = $this->IsAdministrator() && !$user->GetIsAdmin(); break; case BackendAction::Edit(): case BackendAction::Read(): $allowed = $this->IsAdministrator() || $this->GetUser()->Equals($user); break; case BackendAction::Create(): $allowed = $this->IsAdministrator(); break; } return $allowed ? GrantResult::Allowed() : GrantResult::NoAccess(); }
/** * True if the the content can be edited * @return Boolean */ protected final function CanEdit() { $form = $this->module->ContentForm(); return BackendModule::Guard()->Allow(BackendAction::Edit(), $this->content) && BackendModule::Guard()->Allow(BackendAction::Read(), $form); }