/** * display block */ public function display($blockinfo) { // Security check if (!\SecurityUtil::checkPermission('Admin:adminnavblock', "{$blockinfo['title']}::{$blockinfo['bid']}", ACCESS_ADMIN)) { return; } // Get variables from content block $vars = \BlockUtil::varsFromContent($blockinfo['content']); // Call the modules API to get the items if (!\ModUtil::available('AdminModule')) { return; } $items = \ModUtil::apiFunc('AdminModule', 'admin', 'getall'); // Check for no items returned if (empty($items)) { return; } // get admin capable modules $adminmodules = \ModUtil::getModulesCapableOf('admin'); $adminmodulescount = count($adminmodules); // Display each item, permissions permitting $admincategories = array(); foreach ($items as $item) { if (\SecurityUtil::checkPermission('Admin::', "{$item['name']}::{$item['cid']}", ACCESS_READ)) { $adminlinks = array(); foreach ($adminmodules as $adminmodule) { // Get all modules in the category $catid = \ModUtil::apiFunc('AdminModule', 'admin', 'getmodcategory', array('mid' => \ModUtil::getIdFromName($adminmodule['name']))); if ($catid == $item['cid'] || $catid == false && $item['cid'] == $this->getVar('defaultcategory')) { $modinfo = \ModUtil::getInfoFromName($adminmodule['name']); $menutexturl = \ModUtil::url($modinfo['name'], 'admin'); $menutexttitle = $modinfo['displayname']; $adminlinks[] = array('menutexturl' => $menutexturl, 'menutexttitle' => $menutexttitle); } } $admincategories[] = array('url' => \ModUtil::url('Admin', 'admin', 'adminpanel', array('cid' => $item['cid'])), 'title' => \DataUtil::formatForDisplay($item['name']), 'modules' => $adminlinks); } } $this->view->assign('admincategories', $admincategories); // Populate block info and pass to theme $blockinfo['content'] = $this->view->fetch('Block/adminnav.tpl'); return \BlockUtil::themeBlock($blockinfo); }
/** * Zikula_View function to display a list box with a list of active modules. * * Either user or admin capable or all modules. * * Available parameters: * - name: Name for the control (optional) if not present then only the option tags are output * - id: ID for the control * - selected: Selected value * - capability: Show modules with this capability, all or $capability. * - assign: If set, the results are assigned to the corresponding variable instead of printed out * * Example * * {html_select_modules name=mod selected=$mymod} * * <select name="mod"> * <option value="">&bsp;</option> * {html_select_modules selected=$mythemechoice} * </select> * * @param array $params All attributes passed to this function from the template. * @param Zikula_View $view Reference to the Zikula_View object. * * @see function.html_select_modules.php::smarty_function_html_select_modules() * @return string A drop down containing a list of modules. */ function smarty_function_html_select_modules($params, Zikula_View $view) { // we'll make use of the html_options plugin to simplfiy this plugin require_once $view->_get_plugin_filepath('function', 'html_options'); // set some defaults if (isset($params['type'])) { // bc $params['capability'] = $params['type']; } if (!isset($params['capability'])) { $params['capability'] = 'all'; } // get the modules switch ($params['capability']) { case 'all': $modules = ModUtil::getAllMods(); break; default: $modules = ModUtil::getModulesCapableOf($params['capability']); break; } // process our list of modules for input to the html_options plugin $moduleslist = array(); $installerArray = array('ZikulaBlocksModule', 'ZikulaErrorsModule', 'ZikulaPermissionsModule', 'ZikulaCategoriesModule', 'ZikulaGroupsModule', 'ZikulaThemeModule', 'ZikulaUsersModule', 'ZikulaSearchModule'); if (!empty($modules)) { foreach ($modules as $module) { if (!(System::isInstalling() && in_array($module['name'], $installerArray))) { $moduleslist[$module['name']] = $module['displayname']; } } } natcasesort($moduleslist); // get the formatted list $output = smarty_function_html_options(array('options' => $moduleslist, 'selected' => isset($params['selected']) ? $params['selected'] : null, 'name' => isset($params['name']) ? $params['name'] : null, 'id' => isset($params['id']) ? $params['id'] : null), $view); if (isset($params['assign']) && !empty($params['assign'])) { $view->assign($params['assign'], $output); } else { return $output; } }
/** * Get list of modules that subscribe to hooks. * * This means modules that can make use of another modules' hooks. * * @return array */ public static function getHookSubscribers() { return ModUtil::getModulesCapableOf(self::SUBSCRIBER_CAPABLE); }
/** * Retrieve the account recovery information for a user from the various authentication modules. * * @param numeric $uid The user id of the user for which account recovery information should be retrieved; optional, defaults to the * currently logged in user (an exception occurs if the current user is not logged in). * * @return array An array of account recovery information. * * @throws Zikula_Exception_Fatal If the $uid parameter is not valid. */ public static function getUserAccountRecoveryInfo($uid = -1) { if (!isset($uid) || !is_numeric($uid) || (string) (int) $uid != $uid || ($uid < -1 || $uid == 0 || $uid == 1)) { throw new Zikula_Exception_Fatal('Attempt to get authentication information for an invalid user id.'); } if ($uid == -1) { if (self::isLoggedIn()) { $uid = self::getVar('uid'); } else { throw new Zikula_Exception_Fatal('Attempt to get authentication information for an invalid user id.'); } } $userAuthenticationInfo = array(); $authenticationModules = ModUtil::getModulesCapableOf(UsersConstant::CAPABILITY_AUTHENTICATION); if ($authenticationModules) { $accountRecoveryArgs = array('uid' => $uid); foreach ($authenticationModules as $authenticationModule) { $moduleUserAuthenticationInfo = ModUtil::apiFunc($authenticationModule['name'], 'authentication', 'getAccountRecoveryInfoForUid', $accountRecoveryArgs, 'Zikula_Api_AbstractAuthentication'); if (is_array($moduleUserAuthenticationInfo)) { $userAuthenticationInfo = array_merge($userAuthenticationInfo, $moduleUserAuthenticationInfo); } } } return $userAuthenticationInfo; }
/** * Main category menu. * * @return string HTML string */ public function categorymenuAction(array $args = array()) { // get the current category $acid = $this->request->query->get('acid', isset($args['acid']) ? $args['acid'] : $this->getVar('startcategory')); // Get all categories $categories = array(); $items = \ModUtil::apiFunc('AdminModule', 'admin', 'getall'); foreach ($items as $item) { if (\SecurityUtil::checkPermission('Admin::', "{$item['name']}::{$item['cid']}", ACCESS_READ)) { $categories[] = $item; } } // get admin capable modules $adminmodules = \ModUtil::getModulesCapableOf('admin'); $adminlinks = array(); foreach ($adminmodules as $adminmodule) { if (\SecurityUtil::checkPermission("{$adminmodule['name']}::", '::', ACCESS_EDIT)) { $catid = \ModUtil::apiFunc('AdminModule', 'admin', 'getmodcategory', array('mid' => $adminmodule['id'])); $order = \ModUtil::apiFunc('AdminModule', 'admin', 'getSortOrder', array('mid' => \ModUtil::getIdFromName($adminmodule['name']))); $menutexturl = \ModUtil::url($adminmodule['name'], 'admin', 'index'); $menutext = $adminmodule['displayname']; $menutexttitle = $adminmodule['description']; $adminlinks[$catid][] = array('menutexturl' => $menutexturl, 'menutext' => $menutext, 'menutexttitle' => $menutexttitle, 'modname' => $adminmodule['name'], 'order' => $order); } } foreach ($adminlinks as &$item) { usort($item, 'AdminModule\\Controller\\_sortAdminModsByOrder'); } $menuoptions = array(); $possible_cids = array(); $permission = false; if (isset($categories) && is_array($categories)) { foreach ($categories as $category) { // only categories containing modules where the current user has permissions will // be shown, all others will be hidden // admin will see all categories if (isset($adminlinks[$category['cid']]) && count($adminlinks[$category['cid']]) || \SecurityUtil::checkPermission('.*', '.*', ACCESS_ADMIN)) { $menuoption = array('url' => \ModUtil::url('Admin', 'admin', 'adminpanel', array('acid' => $category['cid'])), 'title' => $category['name'], 'description' => $category['description'], 'cid' => $category['cid']); if (isset($adminlinks[$category['cid']])) { $menuoption['items'] = $adminlinks[$category['cid']]; } else { $menuoption['items'] = array(); } $menuoptions[$category['cid']] = $menuoption; $possible_cids[] = $category['cid']; if ($acid == $category['cid']) { $permission = true; } } } } // if permission is false we are not allowed to see this category because its // empty and we are not admin if ($permission == false) { // show the first category $acid = !empty($possible_cids) ? (int) $possible_cids[0] : null; } $this->view->assign('currentcat', $acid); $this->view->assign('menuoptions', $menuoptions); // security analyzer and update checker warnings $notices = array(); $notices['security'] = $this->_securityanalyzer(); $notices['update'] = $this->_updatecheck(); $notices['developer'] = $this->_developernotices(); $this->view->assign('notices', $notices); // this should not return a response since it's being used as an API call for some odd reason... drak return $this->view->fetch('Admin/categorymenu.tpl'); }
/** * Inserts a hidden admin panel controlled by permissions. * * Inserts required javascript and css files for a hidden admin panel that is triggered by a rendered link. * Builds and renders an unordered list of admin-capable modules and their adminLinks using the * jQuery.mmenu library <@see http://mmenu.frebsite.nl> * * This plugin currently has NO configuration options. * * Examples: * * <samp>{adminpanelmenu}</samp> * * @param array $params All attributes passed to this function from the template. * @param Zikula_View $view Reference to the {@link Zikula_View} object. * * @return string */ function smarty_function_adminpanelmenu($params, Zikula_View $view) { if (!SecurityUtil::checkPermission('ZikulaAdminModule::', "::", ACCESS_EDIT)) { return ''; // Since no permission, return empty } // add required scritps and stylesheets to page PageUtil::addVar('javascript', '@ZikulaAdminModule/Resources/public/js/jQuery.mmenu-5.5.1/dist/core/js/jquery.mmenu.min.all.js'); PageUtil::addVar('stylesheet', '@ZikulaAdminModule/Resources/public/js/jQuery.mmenu-5.5.1/dist/core/css/jquery.mmenu.all.css'); // add override for panel width created from .scss file PageUtil::addVar('stylesheet', '@ZikulaAdminModule/Resources/public/css/mmenu-hiddenpanel-customwidth.css'); $router = $view->getContainer()->get('router'); $modules = ModUtil::getModulesCapableOf('admin'); // sort modules by displayname $moduleNames = array(); foreach ($modules as $key => $module) { $moduleNames[$key] = $module['displayname']; } array_multisort($moduleNames, SORT_ASC, $modules); // create unordered list of admin-capable module links $htmlContent = '<nav id="zikula-admin-hiddenpanel-menu">'; $htmlContent .= '<div class="text-left">'; $htmlContent .= '<h1><img src="images/logo.gif" alt="Logo" style="height: 32px"> ' . __('Administration') . '</h1>'; $htmlContent .= '<ul>'; foreach ($modules as $module) { if (SecurityUtil::checkPermission("module[name]::", '::', ACCESS_EDIT)) { // first-level list - list modules with general 'index' link $img = ModUtil::getModuleImagePath($module['name']); $url = isset($module['capabilities']['admin']['url']) ? $module['capabilities']['admin']['url'] : $router->generate($module['capabilities']['admin']['route']); $moduleSelected = empty($moduleSelected) && strpos($view->getRequest()->getUri(), $module['url']) ? " class='Selected'" : ""; $htmlContent .= "<li{$moduleSelected}><a href=\"" . DataUtil::formatForDisplay($url) . "\"><img src=\"{$img}\" alt=\"\" style=\"height: 18px\" /> " . $module['displayname'] . "</a>"; $links = $view->getContainer()->get('zikula.link_container_collector')->getLinks($module['name'], 'admin'); if (empty($links)) { $links = (array) ModUtil::apiFunc($module['name'], 'admin', 'getLinks'); } if (count($links) > 0 && $links[0] != false) { // create second-level list from module adminLinks $htmlContent .= '<ul class="text-left">'; foreach ($links as $link) { if (isset($link['icon'])) { $img = '<i class="fa fa-' . $link['icon'] . '"></i>'; } elseif (isset($link['class'])) { $img = '<span class="' . $link['class'] . '"></span>'; } else { $img = ''; } $linkSelected = empty($linkSelected) && strpos($view->getRequest()->getUri(), $link['url']) ? " class='Selected'" : ""; $htmlContent .= "<li{$linkSelected}><a href=\"" . DataUtil::formatForDisplay($link['url']) . "\">{$img} " . $link['text'] . '</a>'; // create third-level list from adminLinks subLinks if (isset($link['links']) && count($link['links']) > 0) { $htmlContent .= '<ul class="text-left">'; foreach ($link['links'] as $sublink) { $htmlContent .= '<li><a href="' . DataUtil::formatForDisplay($sublink['url']) . '">' . $sublink['text'] . '</a></li>'; } $htmlContent .= '</ul>'; } $htmlContent .= '</li>'; } $htmlContent .= '</ul>'; } $htmlContent .= '</li>'; } } $htmlContent .= '</ul>'; $htmlContent .= '</div>'; $htmlContent .= '</nav>'; $htmlContent .= ' <script type="text/javascript"> jQuery(document).ready(function( $ ){ $("#zikula-admin-hiddenpanel-menu").mmenu({ extensions: ["hiddenpanel-customwidth"], "header": { "title": "' . __('Zikula Administration') . '", "add": true, "update": true }, "searchfield": true }); }); </script>'; // the the html content before </body> PageUtil::addVar('footer', $htmlContent); // display the control link return '<a href="#zikula-admin-hiddenpanel-menu"><i class="fa fa-bars"></i></a>'; }
/** * @Route("/config") * @Method("GET") * * Modify Theme module settings * * @return Response symfony response object if confirmation isn't provided * * @throws AccessDeniedException Thrown if the user doesn't have admin permissions over the module */ public function modifyconfigAction() { // Security check if (!SecurityUtil::checkPermission('ZikulaThemeModule::', '::', ACCESS_EDIT)) { throw new AccessDeniedException(); } // assign a list of modules suitable for html_options $usermods = ModUtil::getModulesCapableOf('user'); $mods = array(); foreach ($usermods as $usermod) { $mods[$usermod['name']] = $usermod['displayname']; } // register the renderer object allow access to various view values $this->view->register_object('render', $this->view); // check for a .htaccess file if (file_exists('.htaccess')) { $this->view->assign('htaccess', 1); } else { $this->view->assign('htaccess', 0); } // assign the output variables and fetch the template return new Response($this->view->assign('mods', $mods)->assign($this->getVars())->assign('admintheme', ModUtil::getVar('Admin', 'admintheme', ''))->assign('csrftoken', SecurityUtil::generateCsrfToken($this->container, true))->assign('theme_change', System::getVar('theme_change'))->assign('modulesnocache', array_flip(explode(',', $this->getVar('modulesnocache'))))->fetch('Admin/modifyconfig.tpl')); }
/** * Creates an instance of this collection, initializeing the list. * * @param Zikula_AbstractBase $base The parent base for this collection. * @param array $orderedListableAuthenticationMethods Used to order and filter the list. * * @throws Zikula_Exception_Fatal Thrown if a list of authentication modules cannot be obtained from ModUtil. */ public function __construct(Zikula_AbstractBase $base, array $orderedListableAuthenticationMethods = array(), $filter = Zikula_Api_AbstractAuthentication::FILTER_NONE) { parent::__construct($base); $this->name = 'Users'; $authenticationModules = ModUtil::getModulesCapableOf('authentication'); if (!is_array($authenticationModules)) { throw new Zikula_Exception_Fatal($this->__('An invalid list of authentication modules was returned by ModUtil::getModulesCapableOf().')); } foreach ($authenticationModules as $modinfo) { $getAuthenticationMethodsArgs = array( 'filter' => $filter, ); $moduleAuthenticationMethods = ModUtil::apiFunc($modinfo['name'], 'Authentication', 'getAuthenticationMethods', $getAuthenticationMethodsArgs, 'Zikula_Api_AbstractAuthentication'); if (is_array($moduleAuthenticationMethods) && !empty($moduleAuthenticationMethods)) { $this->authenticationMethods = array_merge($this->authenticationMethods, array_values($moduleAuthenticationMethods)); $this->nameIndex[$modinfo['name']] = array(); } } if (empty($this->authenticationMethods) && (($filter == Zikula_Api_AbstractAuthentication::FILTER_NONE) || ($filter == Zikula_Api_AbstractAuthentication::FILTER_ENABLED))) { LogUtil::log($this->__('There were no authentication methods available. Forcing the Users module to be used for authentication.'), Zikula_AbstractErrorHandler::CRIT); $this->authenticationMethods[] = new Users_Helper_AuthenticationMethod($this->name, 'uname', $this->__('User name'), $this->__('User name and password')); $this->nameIndex[$this->name] = array(); } foreach ($this->authenticationMethods as $index => $authenticationMethod) { $this->nameIndex[$authenticationMethod->modname][$authenticationMethod->method] = &$this->authenticationMethods[$index]; } if (!empty($orderedListableAuthenticationMethods)) { foreach ($orderedListableAuthenticationMethods as $authenticationMethodId) { if (isset($this->nameIndex[$authenticationMethodId['modname']])) { if (isset($this->nameIndex[$authenticationMethodId['modname']][$authenticationMethodId['method']])) { $this->orderedListableAuthenticationMethods[] = $this->nameIndex[$authenticationMethodId['modname']][$authenticationMethodId['method']]; } else { LogUtil::log($this->__f('The authentication method \'%2$s\' is not a listable method for the module \'%1$s\'. It will be ignored.', array($authenticationMethod['modname'], $authenticationMethod['method'])), Zikula_AbstractErrorHandler::WARN); } } else { LogUtil::log($this->__f('The module \'%1$s\' is not a listable authentication module. All methods specified for it will be ignored.', array($authenticationMethod['modname'])), Zikula_AbstractErrorHandler::WARN); } } if (empty($this->orderedListableAuthenticationMethods)) { if (isset($this->nameIndex[$this->name])) { $forcedMethod = array( 'modname' => $this->name, 'method' => array_shift(array_keys($this->nameIndex[$this->name])), ); } else { $forcedMethod = $this->authenticationMethods[0]; } $this->orderedListableAuthenticationMethods[] = $this->nameIndex[$forcedMethod['modname']][$forcedMethod['method']]; LogUtil::log($this->__f('The set of listable authentication methods did not contain any methods that are currently available. Forcing the \'%2$s\' method defined by the \'%1$s\' module to be listable.', array($forcedMethod['modname'], $forcedMethod['method'])), Zikula_AbstractErrorHandler::WARN); } } else { foreach ($this->authenticationMethods as $index => $authenticationMethod) { $this->orderedListableAuthenticationMethods[] = $index; } } // Initialize Iterator $this->rewind(); }