public function __construct(KConfigInterface $config) { parent::__construct($config); if (KRequest::type() == 'AJAX' && KRequest::method() == 'POST') { $this->unregisterCallback('after.dispatch', array($this, 'forward')); } }
protected function _initialize($config) { $config->append(array('request' => array('sort' => 'created_on', 'direction' => 'desc'))); if (KRequest::method() != 'GET') { $config->request->append(array('id' => KRequest::get('post.id', 'int'))); } parent::_initialize($config); }
public function canAdd() { $itemid = $this->getRequest()->Itemid; $page = $this->getService('com://site/docman.model.pages')->id($itemid)->getItem(); $view = $this->getView()->getName(); $page_view = $page->query['view']; // We only allow these views to have an edit form/add something if (!in_array($page_view, array('list', 'document', 'submit'))) { return false; } // User could pass through Joomla menu access checks, so has access if ($page->query['view'] === 'submit') { return true; } // If a POST request is made, we need to be sure it's for a document controller if (KRequest::method() !== KHttpRequest::GET && !in_array($this->getMixer()->getIdentifier()->name, array('document', 'submit'))) { return false; } if ($page_view === 'list') { // canAdd is being run on a GET request to determine if we should show the add button if (KRequest::method() === KHttpRequest::GET) { // If we are on a certain category make sure user can add something here if ($view === 'list' && $this->getRequest()->slug) { $category = $this->getModel()->getItem(); return (!$category->isAclable() || $category->canPerform('add')); } $authorized_categories = $this->getAuthorisedCategories(array('core.create')); if ($page->children) { // make sure user can add something to at least one category return (bool) array_intersect($authorized_categories, $page->children); } else { // top level category link, return true if user can add something to any category return (bool) count($authorized_categories); } } else { // POSTing a new document // Can only add something to a category reachable by the menu item if ($page->children && !in_array($this->_context->data->docman_category_id, $page->children)) { return false; } } } return parent::canAdd(); }
protected function _initialize(KConfig $config) { if (JFactory::getUser()->guest) { if (KRequest::method() == KHttpRequest::GET) { //Force the view to prevent a redirect KRequest::set('get.view', 'login'); $config->controller = 'login'; } } parent::_initialize($config); }
protected function _actionDispatch(KCommandContext $context) { if (KRequest::method() == KHttpRequest::GET) { $view = KRequest::get('get.view', 'cmd', $this->_controller); if ($view == 'modules' && !KRequest::has('get.application')) { $url = clone KRequest::url(); $url->query['application'] = 'site'; JFactory::getApplication()->redirect($url); } } return parent::_actionDispatch($context); }
/** * Check the token to prevent CSRF exploits * * @param object The command context * @return boolean Returns FALSE if the check failed. Otherwise TRUE. */ protected function _checkToken(KCommandContext $context) { //Check the token if ($context->caller->isDispatched()) { $method = KRequest::method(); //Only check the token for PUT, DELETE and POST requests if ($method != KHttpRequest::GET && $method != KHttpRequest::OPTIONS) { if (KRequest::token() !== JUtility::getToken()) { return false; } } } return true; }
/** * @see KDispatcherAbstract::_actionDispatch() */ protected function _actionDispatch(KCommandContext $context) { $identifier = clone $this->getIdentifier(); $identifier->name = 'aliases'; $identifier->path = array(); //Load the component aliases $this->getService('koowa:loader')->loadIdentifier($identifier); //if a command line the either do get or //post depending if there are any action if (PHP_SAPI == 'cli') { $method = KRequest::get('post.action', 'cmd', 'get'); } elseif (file_exists(JPATH_COMPONENT . '/' . $this->getIdentifier()->package . '.php') || file_exists(JPATH_COMPONENT . '/' . 'admin.' . $this->getIdentifier()->package . '.php')) { $method = 'renderlegacy'; } else { $method = strtolower(KRequest::method()); } $result = $this->execute($method, $context); return $result; }
/** * Get the action * * @return string The action to dispatch */ public function getAction() { //For none GET requests get the action based on action variable or request method if (KRequest::method() != KHttpRequest::GET) { $action = KRequest::get('post.action', 'cmd', strtolower(KRequest::method())); } else { $action = $this->getController()->getAction(); } return $action; }
/** * Check the token to prevent CSRF exploits * * @param object The command context * @return boolean Returns FALSE if the check failed. Otherwise TRUE. */ protected function _checkToken(KCommandContext $context) { //Check the token if ($context->caller->isDispatched()) { $method = KRequest::method(); //Only check the token for PUT, DELETE and POST requests if ($method != KHttpRequest::GET && $method != KHttpRequest::OPTIONS) { $token = version_compare(JVERSION, '3.0', 'ge') ? JSession::getFormToken() : JUtility::getToken(); if (KRequest::token() !== $token) { return false; } } } return true; }
/** * Load the site * * This function checks if the site exists in the request, or in the session. If not it * falls back on the default site. * * @param string $site The name of the site to load * @return void * @throws KException If the site could not be found * @since Nooku Server 0.7 */ protected function _loadSite($default) { $method = strtolower(KRequest::method()); if (KRequest::has($method . '.site')) { $site = KRequest::get($method . '.site', 'cmd'); } else { $site = JFactory::getSession()->get('site', $default); } parent::_loadSite($site); }
/** * Load the site * * This function checks if the site exists in the request, it not it tries * to get the site form the url falling back on the default is no site was * found * * @param string $site The name of the site to load * @return void * @throws KException If the site could not be found * @since Nooku Server 0.7 */ protected function _loadSite($site) { $method = strtolower(KRequest::method()); if(!KRequest::has($method.'.site')) { $uri = clone(JURI::getInstance()); $path = trim(str_replace(array(JURI::base(true)), '', $uri->getPath()), '/'); $path = trim(str_replace('index.php', '', $path), '/'); $segments = array(); if(!empty($path)) { $segments = explode('/', $path); } if(!empty($segments)) { // Check if the site exists if(KFactory::get('com://admin/sites.model.sites')->getList()->find($segments[0])) { $site = array_shift($segments); } } } else $site = KRequest::get($method.'.site', 'cmd'); parent::_loadSite($site); }
/** * Check the token * * @return boolean Returns FALSE if the token is not valid or the session timed-out. */ public function checkToken() { if (KRequest::method() != KHttpRequest::GET) { if (KRequest::token() !== JUtility::getToken()) { return false; } } return true; }
/** * Dispatch the controller * * @param object A command context object * @return mixed */ protected function _actionDispatch(KCommandContext $context) { $action = KRequest::get('post.action', 'cmd', strtolower(KRequest::method())); if (KRequest::method() != KHttpRequest::GET) { $context->data = KRequest::get(strtolower(KRequest::method()), 'raw'); } $result = $this->getController()->execute($action, $context); return $result; }
/** * Return if the request is put. * * @return bool */ public function getMethod() { return KRequest::method(); }
/** * Get the real action that is was/will be performed relevant for acl checks. * * @return string Action name */ public function getRealAction() { $action = $this->getAction(); if (empty($action)) { switch (KRequest::method()) { case 'GET': //Determine if the action is browse or read based on the view information $view = KRequest::get('get.view', 'cmd'); $action = KInflector::isPlural($view) ? 'browse' : 'read'; break; case 'POST': //If an action override exists in the post request use it if (!($action = KRequest::get('post.action', 'cmd'))) { $action = 'add'; } break; case 'PUT': $action = 'edit'; break; case 'DELETE': $action = 'delete'; break; } } if ($action == 'apply') { $action = 'save'; } if ($action == 'save') { $action = (bool) KRequest::get('get.id', 'int') ? 'edit' : 'add'; } return $action; }