isAllowed() public méthode

Has a user effective access to the Resource? If $resource is NULL, then the query applies to all resources.
public isAllowed ( $resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL ) : boolean
Résultat boolean
User Class Documentation
Exemple #1
0
 /**
  * Add menu item
  * @param string $title Text in anchor
  * @param string $module destination module
  * @param string $presenter destination presenter
  * @param string $action destination action
  * @param string $auth resource for authorizator
  * @param boolean $clickable is anchor clickable?
  * @return void
  */
 public function addItem($title, $module, $presenter, $action, $auth, $clickable = true)
 {
     if ($this->user->isAllowed($auth, "view")) {
         $this->items[] = array("title" => $title, "module" => $module, "presenter" => $presenter, "action" => $action, "clickable" => $clickable);
     }
     return;
 }
Exemple #2
0
 /**
  * @param Form $form
  */
 public function Submit(Form $form)
 {
     $json = new \stdClass();
     $json->result = "success";
     $values = $form->getValues();
     $result = false;
     if (!empty($values['userID'])) {
         $userEntity = $this->userRepository->get($values['userID']);
         if ($userEntity) {
             if ($this->user->isAllowed("user_management", "edit")) {
                 $userEntity->setLogin($values['login']);
                 if (!empty($values['password1'])) {
                     $userEntity->setPassword($values['password1']);
                 }
                 if ($userEntity->getLogin() !== "root" && $userEntity->getUserID() !== $this->user->getId()) {
                     $userEntity->setActive($values['active']);
                     if ($userEntity->getRole()->getAclRoleID() != $this->user->getIdentity()->data['aclRoleID']) {
                         $userEntity->setAclRoleID($values['role']);
                     }
                 }
                 try {
                     $result = $this->userRepository->save();
                 } catch (\PDOException $e) {
                     $result = $e->getMessage();
                 }
             } else {
                 $result = UserForm::PERMISSION;
             }
         }
     } else {
         if ($this->user->isAllowed("user_management", "add")) {
             $userEntity = new UserEntity();
             $userEntity->setLogin($values['login'])->setPassword($values['password1'])->setActive($values['active'])->setAclRoleID($values['role']);
             try {
                 $result = $this->userRepository->push($userEntity)->save();
             } catch (\PDOException $e) {
                 $result = $e->getMessage();
                 if (preg_match("/Duplicate entry/", $result)) {
                     $result = "Nick <strong>" . $values['login'] . "</strong> již existuje. Zvolte prosím jiný login.";
                 }
             }
             if ($result instanceof UserEntity || $result === TRUE) {
                 $result = TRUE;
             }
         } else {
             $result = UserForm::PERMISSION;
         }
     }
     if ($result === TRUE) {
         $json->result = "success";
     } else {
         $json->result = "error";
         $json->message = $result;
     }
     $response = new JsonResponse($json);
     $this->getPresenter()->sendResponse($response);
 }
Exemple #3
0
 /**
  * Add menu item
  * @param string $title Text in anchor
  * @param string $module destination module
  * @param string $presenter destination presenter
  * @param string $action destination action
  * @param string $auth resource for authorizator
  * @param boolean $clickable is anchor clickable?
  * @return void
  */
 public function addItem($title, $module, $presenter, $action, $auth, $clickable = true, $params = null)
 {
     if ($this->user->isAllowed($auth, "view")) {
         if ($params != null) {
             $this->items[] = array("title" => _($title), "module" => $module, "presenter" => $presenter, "action" => $action, "clickable" => $clickable, "params" => $params);
         } else {
             $this->items[] = array("title" => _($title), "module" => $module, "presenter" => $presenter, "action" => $action, "clickable" => $clickable);
         }
     }
     return;
 }
Exemple #4
0
 /** Submit
  *
  * @param \Nette\Application\UI\Form $form
  */
 public function Submit(Form $form)
 {
     $json = new \stdClass();
     $json->result = "success";
     $values = $form->getValues();
     if (!empty($values['aclActionID'])) {
         if ($this->user->isAllowed("permission", "edit")) {
             $actionEntity = $this->actionRepository->get($values['aclActionID']);
             if ($actionEntity) {
                 $actionEntity->setName($values['name']);
                 $actionEntity->setHumanName($values['humanName']);
                 try {
                     $result = $this->actionRepository->save();
                 } catch (\PDOException $e) {
                     $result = $e->getMessage();
                 }
             } else {
                 $result = FALSE;
             }
         } else {
             $result = ActionForm::PERMISSION;
         }
     } else {
         if ($this->user->isAllowed("permission", "add")) {
             $actionEntity = new ActionEntity();
             $actionEntity->setName($values['name']);
             $actionEntity->setHumanName($values['humanName']);
             try {
                 $ent = $this->actionRepository->push($actionEntity)->save();
                 if ($ent instanceof ActionEntity || $ent === TRUE) {
                     $result = TRUE;
                 } else {
                     $result = FALSE;
                 }
             } catch (\PDOException $e) {
                 $result = $e->getMessage();
             }
         } else {
             $result = ActionForm::PERMISSION;
         }
     }
     if ($result === TRUE) {
         $json->result = "success";
     } else {
         $json->result = "error";
         $json->message = $result;
     }
     $response = new JsonResponse($json);
     $this->getPresenter()->sendResponse($response);
 }
Exemple #5
0
 /**
  * @return Article[]
  */
 public function getArticles() : array
 {
     $articleFullPath = $this->getArticleFullPath();
     $result = Finder::findDirectories('*/*/*')->from($articleFullPath);
     $articles = [];
     foreach ($result as $articleDirectory) {
         /** @var SplFileInfo $articleDirectory */
         $relativePath = $this->parseRelativePath($articleDirectory);
         $article = $this->articleBuilder->getArticleFromMeta($articleDirectory, $relativePath);
         if ($this->userContext->isAllowed($article, Article::PERMISSION_VIEW)) {
             $articles[] = $article;
         }
     }
     return $articles;
 }
Exemple #6
0
 /** 
  * Panel prihlaseneho uzivatela
  * @param string $baseUrl
  * @param string $log_out
  * @return \App\FrontModule\Components\User\MenuItem */
 private function _panelPrihlaseny($baseUrl, $log_out)
 {
     $menu_user = [];
     $udata = $this->user->getIdentity();
     if ($this->nastavenie['view_avatar']) {
         $obb = Html::el('img class="avatar"');
         if ($udata->avatar_25 && is_file('www/' . $udata->avatar_25)) {
             $obb = $obb->src($baseUrl . '/www/' . $udata->avatar_25)->alt('avatar');
         } else {
             $obb = $obb->src($baseUrl . '/www/ikonky/64/figurky_64.png')->alt('bez avatara');
         }
     } else {
         $obb = "";
     }
     $menu_user[] = new MenuItem(['odkaz' => 'UserLog:', 'nazov' => $obb . " " . $udata->meno . ' ' . $udata->priezvisko, 'title' => $udata->meno . ' ' . $udata->priezvisko]);
     if ($this->user->isAllowed('admin', 'enter')) {
         $menu_user[] = new MenuItem(['odkaz' => ':Admin:Homepage:', 'title' => 'Administrácia', 'ikonka' => $this->nastavenie['admin_link'] & 1 ? 'pencil' : '', 'nazov' => $this->nastavenie['admin_link'] & 2 ? $this->texty['base_AdminLink_name'] : '']);
     }
     if ($this->user->isInRole('admin')) {
         $hl_m_db_info = $this->lang->getDBInfo();
         $menu_user[] = new MenuItem(['abs_link' => $baseUrl . "/www/adminer/?server=" . $hl_m_db_info['host'] . "&db=" . $hl_m_db_info['dbname'], 'title' => 'Adminer', 'target' => '_blank', 'nazov' => Html::el('img')->src($baseUrl . '/www/ikonky/16/graf_16.png')->alt('Adminer')]);
     }
     $menu_user[] = new MenuItem(['odkaz' => 'signOut!', 'ikonka' => "sign-out", 'nazov' => $log_out]);
     return $menu_user;
 }
Exemple #7
0
 /** Submit
  * 
  * @param \Nette\Application\UI\Form $form
  */
 public function Submit(Form $form)
 {
     $json = new \stdClass();
     $json->result = "success";
     $values = $form->getValues();
     if (array_search(TRUE, (array) $values["actions"]) === FALSE) {
         $json->result = "error";
         $json->message = "Prosím vyberte alespoň jednu akci pro modul.";
     } else {
         if (!empty($values['aclResourceID'])) {
             if ($this->user->isAllowed("permission", "edit")) {
                 $result = $this->modelManager->update($values);
             } else {
                 $result = ResourceForm::PERMISSION;
             }
         } else {
             if ($this->user->isAllowed("permission", "add")) {
                 $result = $this->modelManager->insert($values);
             } else {
                 $result = ResourceForm::PERMISSION;
             }
         }
         if ($result === TRUE) {
             $json->result = "success";
         } else {
             $json->result = "error";
             $json->message = $result;
         }
     }
     $response = new JsonResponse($json);
     $this->getPresenter()->sendResponse($response);
 }
Exemple #8
0
 /**
  * @param \Nette\Reflection\Method $element
  */
 protected function checkMethod(Method $element)
 {
     $class = $element->class;
     $name = $element->name;
     $schema = $this->reader->getSchema($class);
     $exception = null;
     // users
     if (isset($schema[$name]['users']) && count($schema[$name]['users']) > 0) {
         $users = $schema[$name]['users'];
         if (!in_array($this->user->getId(), $users)) {
             $exception = sprintf('Access denied for your username: \'%s\'. Require: \'%s\'', $this->user->getId(), implode(', ', $users));
         } else {
             return;
         }
     } elseif (isset($schema[$name]['roles']) && count($schema[$name]['roles']) > 0) {
         $userRoles = $this->user->getRoles();
         $roles = $schema[$name]['roles'];
         if (count(array_intersect($userRoles, $roles)) == 0) {
             $exception = "Access denied for your roles: '" . implode(', ', $userRoles) . "'. Require one of: '" . implode(', ', $roles) . "'";
         } else {
             return;
         }
     } elseif (isset($schema[$name]['resource']) && $schema[$name]['resource']) {
         if (!$this->user->isAllowed($schema[$name]['resource'], $schema[$name]['privilege'])) {
             $exception = sprintf('Access denied for resource: \'%s\' and privilege: \'%s\'', $schema[$name]['resource'], $schema[$name]['privilege']);
         } else {
             return;
         }
     }
     if ($exception) {
         throw new ForbiddenRequestException($exception);
     }
 }
Exemple #9
0
 /** Submit
  * 
  * @param \Nette\Application\UI\Form $form
  */
 public function Submit(Form $form)
 {
     $json = new \stdClass();
     $json->result = "success";
     $values = $form->getValues();
     if (!empty($values['aclRoleID'])) {
         if ($this->user->isAllowed("permission", "edit")) {
             $result = $this->permissionManager->update($values);
         } else {
             $result = RoleForm::PERMISSION;
         }
     } else {
         if ($this->user->isAllowed("permission", "add")) {
             $result = $this->permissionManager->insert($values);
         } else {
             $result = RoleForm::PERMISSION;
         }
     }
     /*Debugger::dump($values);
     		exit();*/
     if ($result === TRUE) {
         $json->result = "success";
     } else {
         $json->result = "error";
         $json->message = $result;
     }
     $response = new JsonResponse($json);
     $this->getPresenter()->sendResponse($response);
 }
Exemple #10
0
 protected function checkResources($element)
 {
     if ($element->hasAnnotation('resource')) {
         $resources = (array) $element->getAnnotation('resource');
         if (count($resources) != 1) {
             throw new InvalidStateException('Invalid annotation resource count!');
         }
         foreach ($resources as $resource) {
             if ($this->user->isAllowed($resource)) {
                 return true;
             }
         }
         return false;
     }
     return true;
 }
Exemple #11
0
 public function render()
 {
     $this->template->setFile(__DIR__ . '/ServerList.latte');
     if ($this->user) {
         $this->template->servers = $this->serverRepo->findBy(array('user_id' => $this->user->id));
         $this->template->userId = $this->user;
         $this->template->allowedToStop = $this->user->isAllowed('commands', 'edit');
         $this->template->allowedToDelete = $this->user->isAllowed('delete', 'edit');
     } else {
         $this->template->servers = $this->serverRepo->findAll();
         $this->template->userId = FALSE;
         $this->template->allowedToStop = TRUE;
         $this->template->allowedToDelete = TRUE;
     }
     $this->template->servers->order('id');
     $this->template->registerHelper('getVersion', '\\gameUpdateModel::getVersionFromFileName');
     $this->template->render();
 }
Exemple #12
0
 public function __construct(array $config, Nette\Security\User $user)
 {
     parent::__construct($config);
     $this->processPattern(function ($value, $key) {
         return $value === NULL;
     }, function ($value, $key) use($user) {
         return $user->isAllowed('WebContent', 'Edit');
     });
 }
Exemple #13
0
 /**
  * Make menu from config.neon
  * @return void
  */
 public function addItems()
 {
     foreach ($this->data as $data) {
         if ($data["module"] . ":" . $data["presenter"] == $this->currentPresenter && $data["action"] == $this->currentAction) {
             $clickable = false;
         } else {
             $clickable = true;
         }
         $this->addItem($data["title"], $data["module"], $data["presenter"], $data["action"], $data["auth"], $clickable);
     }
     if ($this->user->isAllowed("user", "view")) {
         if (!isset($this->user->getIdentity()->isSSLlogin) or $this->user->getIdentity()->isSSLlogin == false) {
             $this->addItem(_("Logout"), "User", "Authenticator", "logout", "user", true);
         } else {
             $this->addItem(_("SSL Login"), "User", "Authenticator", "logout", "user", false);
         }
     }
     return;
 }
Exemple #14
0
 private function create()
 {
     $form = new Form();
     $form->addText('title', 'Titulek')->setRequired('Zadejte titulek')->setAttribute('placeholder', 'Zadejte titulek');
     if ($this->user->isAllowed(self::RES, 'moderate')) {
         $users = $this->userManager->getUserList();
         $form->addSelect('byUser', 'Za uživatele', ['0' => 'Neregistrovaný'] + $users['deleted'] + $users['allowed'])->setValue($this->user->id);
         $form->addText('byUnregUser', 'Za neregistrovaného uživatele');
     }
     $form->addTextArea('description', 'Popis')->setRequired('Zadejte popis');
     $form->addTextArea('text', 'Článek')->setRequired('Zadejte článek');
     $form->addText('keyWords', 'Klíčová slova');
     $form->addCheckbox('commentsAllow', 'Povolit komentáře');
     $form->addCheckbox('voteAllow', 'Povolit hlasování');
     $form->addUpload('photo', 'Náhledová fotka');
     if ($this->setSection) {
         $form->addSelect('underSection', 'Hlavní sekce', $this->articleManager->getMainSectionList())->setValue($this->setSection);
         if ($this->setSubsection) {
             $form->addSelect('underSubSection', 'Podsekce', $this->articleManager->getSubSectionList($this->setSection))->setValue($this->setSubsection);
             if ($this->setSerial) {
                 $form->addSelect('underSerial', 'Serial', $this->articleManager->getSerialList($this->setSubsection))->setValue($this->setSerial);
             } else {
                 $form->addSelect('underSerial', 'Serial', $this->articleManager->getSerialList($this->setSubsection))->setPrompt('Vyberte');
             }
         } else {
             $form->addSelect('underSubSection', 'Podsekce', $this->articleManager->getSubSectionList($this->setSection))->setPrompt('Vyberte podsekci');
             $form->addSelect('underSerial', 'Serial')->setPrompt('Vyberte podsekci');
         }
     } else {
         $form->addSelect('underSection', 'Hlavní sekce', $this->articleManager->getMainSectionList())->setPrompt('Vyberte hlavní sekci');
         $form->addSelect('underSubSection', 'Podsekce')->setPrompt('Vyberte hlavní sekci');
         $form->addSelect('underSerial', 'Serial')->setPrompt('Vyberte hlavní sekci');
     }
     if ($this->user->isAllowed('Section', 'moderate')) {
     }
     if ($this->user->isAllowed(self::RES, 'publish')) {
         $form->addCheckbox('published', 'Publikovaný ihned');
     }
     $form->addSubmit('submitArticle', 'Odeslat')->setValidationScope(false);
     return $form;
 }
Exemple #15
0
 public function isAllowed($resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL)
 {
     $isAllowed = parent::isAllowed($resource, $privilege);
     if (is_array($resource)) {
         @(list($resource, $type) = $resource);
         // @ intentionally
     }
     if ($resource instanceof IUserAccessibleEntity && $isAllowed === FALSE) {
         return $resource->checkAccess($this->id, $privilege);
     }
     return $isAllowed;
 }
Exemple #16
0
 /**
  * @param \Reflector $element
  *
  * @return bool
  */
 protected function checkPermission(\Reflector $element)
 {
     // Check if element has @Secured\Permission annotation
     if ($element->hasAnnotation('Secured\\Permission')) {
         $permission = $element->getAnnotation('Secured\\Permission');
         list($resource, $privilege) = explode(Security\Entities\IPermission::DELIMITER, $permission);
         $resource = Utils\Strings::trim($resource);
         $privilege = Utils\Strings::trim($privilege);
         if ($this->user->isAllowed($resource, $privilege)) {
             return TRUE;
         }
         return FALSE;
     }
     return TRUE;
 }
Exemple #17
0
 public function render()
 {
     $loggedIn = $this->getUser()->isLoggedIn();
     $this->template->setFile($this->templateMain);
     $this->template->logInLink = $this->presenter->link(":Security:Auth:in");
     $this->template->logOutLink = $this->presenter->link(":Security:Auth:out");
     $this->template->isLoggedIn = $loggedIn;
     $this->template->user = $loggedIn ? $this->getUser()->getIdentity() : null;
     //$this->template->pmsCount = 3;
     //$this->template->messagesMenu = true;
     //$this->template->adminMenuPredicate = true;
     $this->template->adminMenuPredicate = $this->user->isAllowed("App\\SystemModule\\Presenters\\DefaultPresenter", "App\\System\\Presenters\\Default\\adminRoot");
     $this->template->clubMenuPredicate = $this->user->isAllowed("App\\SystemModule\\Presenters\\DefaultPresenter", "App\\System\\Presenters\\Default\\clubRoot");
     //$this->template->userMenuPredicate = $this->user->isAllowed("App\SystemModule\Presenters\DefaultPresenter","App\System\Presenters\Default\userRoot");
     $this->template->render();
 }
Exemple #18
0
 /**
  * @param \Nette\Security\IResource $resource
  * @param string $privilege
  * @throws \Nette\Application\ForbiddenRequestException
  */
 protected function tryAllow(IResource $resource, $privilege)
 {
     $allowed = FALSE;
     try {
         if ($this->user->isAllowed($resource, $privilege)) {
             $allowed = TRUE;
         }
     } catch (\Ark8\Security\Exceptions\AllowException $e) {
         $allowed = TRUE;
     } catch (\Ark8\Security\Exceptions\SkipException $e) {
         $allowed = TRUE;
     } catch (\Ark8\Security\Exceptions\DenyException $e) {
     }
     $this->onAllowed($resource, $allowed);
     return call_user_func($this->callback, $resource, $allowed);
 }
Exemple #19
0
 /**
  * @param \Reflector $element
  *
  * @return bool
  */
 protected function checkPermission(\Reflector $element)
 {
     // Check if element has @Secured\Permission annotation
     if ($element->hasAnnotation('Secured\\Permission')) {
         $permissions = (array) $element->getAnnotation('Secured\\Permission');
         foreach ($permissions as $permission) {
             // Parse resource & privilege from permission
             list($resource, $privilege) = explode(Security\Permission::DELIMITER, $permission);
             // Remove white spaces
             $resource = Utils\Strings::trim($resource);
             $privilege = Utils\Strings::trim($privilege);
             if ($this->user->isAllowed($resource, $privilege)) {
                 return TRUE;
             }
         }
         return FALSE;
     }
     return TRUE;
 }
Exemple #20
0
 /**
  * @param Utils\ArrayHash $element
  *
  * @return bool
  */
 protected function checkPermission(Utils\ArrayHash $element)
 {
     // Check if element has permission parameter
     if ($element->offsetExists('permission')) {
         $permissions = (array) $element->offsetGet('permission');
         foreach ($permissions as $permission) {
             // Parse resource & privilege from permission
             list($resource, $privilege) = explode(Security\Entities\IPermission::DELIMITER, $permission);
             // Remove white spaces
             $resource = Utils\Strings::trim($resource);
             $privilege = Utils\Strings::trim($privilege);
             if ($this->user->isAllowed($resource, $privilege)) {
                 return TRUE;
             }
         }
         return FALSE;
     }
     return TRUE;
 }
Exemple #21
0
 protected function createComponentModerateCommentForm()
 {
     return new Multiplier(function ($idsub) {
         $idsubArr = explode('q', $idsub);
         $id = (int) $idsubArr[0];
         $sub = $idsubArr[1] === 'false' ? false : true;
         $form = new Form();
         $comment = $this->commentsManager->getSingleComment($id, $sub);
         if (!(($comment->byUser && $comment->byUser === $this->user->getId() || $this->user->isAllowed('Comments', 'moderate')) && $this->user->isLoggedIn())) {
             return $form;
         }
         $form->getElementPrototype()->class('ajax');
         if (!$comment->byUser) {
             $form->addText('unregName', 'Neregistrované jméno')->setRequired('Zadejte jméno')->setValue($comment->unregName);
         }
         $form->addTextArea('text', 'Text')->setRequired('Zadejte text')->setValue(preg_replace('$<p>\\d{1,2}.\\d{1,2}.\\d{4} \\d{1,2}:\\d{1,2} provedena poslední změna</p>$', '', $comment->text));
         $form->addCheckbox('deleted', 'Smazaný')->setValue($comment->deleted);
         $form->addHidden('id', $id);
         $form->addHidden('sub', $sub ? 'true' : 'false');
         $form->addSubmit('moderate', 'Změnit');
         $form->onSuccess[] = [$this, 'moderateCommentFormSucceeded'];
         return $form;
     });
 }
Exemple #22
0
 /**
  * @param \Nette\Reflection\Method $element
  * @return bool
  */
 protected function isMethodAllowed(\Nette\Reflection\Method $element)
 {
     $classRef = new \Nette\Application\UI\PresenterComponentReflection($element->class);
     $ref = ClassType::from($element->class);
     if (!$this->isPresenterAllowedCached($classRef)) {
         return FALSE;
     }
     $ref = $ref->getMethod($element->name);
     // is not secured
     if (!$ref->hasAnnotation('secured')) {
         return TRUE;
     }
     // resource & privilege
     $secured = $ref->getAnnotation('secured');
     $resource = isset($secured['resource']) ? $secured['resource'] : NULL;
     if (!$resource) {
         $s = $classRef->getAnnotation('secured');
         $resource = isset($s['resource']) ? $s['resource'] : $classRef->getNamespaceName();
     }
     $privilege = isset($secured['privilege']) ? $secured['privilege'] : $element->name;
     if (!parent::isAllowed($resource, $privilege)) {
         return FALSE;
     }
     // roles
     if (isset($secured['roles'])) {
         $userRoles = $this->getRoles();
         $roles = explode(',', $secured['roles']);
         array_walk($roles, function (&$val) {
             $val = trim($val);
         });
         if (count(array_intersect($userRoles, $roles)) == 0) {
             return FALSE;
         }
     }
     // users
     if (isset($secured['users'])) {
         $users = explode(',', $secured['users']);
         array_walk($users, function (&$val) {
             $val = trim($val);
         });
         $users = (array) $element->getAnnotation('User');
         if (in_array($this->getId(), $users)) {
             return FALSE;
         }
     }
     return TRUE;
 }