/** * Method to save the configuration data. * * @param array $data An array containing all global config data. * * @return boolean True on success, false on failure. * * @since 1.6 */ public function save($data) { $app = JFactory::getApplication(); // Save the rules if (isset($data['rules'])) { $rules = new JAccessRules($data['rules']); // Check that we aren't removing our Super User permission // Need to get groups from database, since they might have changed $myGroups = JAccess::getGroupsByUser(JFactory::getUser()->get('id')); $myRules = $rules->getData(); $hasSuperAdmin = $myRules['core.admin']->allow($myGroups); if (!$hasSuperAdmin) { $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_REMOVING_SUPER_ADMIN'), 'error'); return false; } $asset = JTable::getInstance('asset'); if ($asset->loadByName('root.1')) { $asset->rules = (string) $rules; if (!$asset->check() || !$asset->store()) { $app->enqueueMessage(JText::_('SOME_ERROR_CODE'), 'error'); return; } } else { $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_ROOT_ASSET_NOT_FOUND'), 'error'); return false; } } // Clear cache of com_config component. $this->cleanCache('_system', 0); $this->cleanCache('_system', 1); }
/** * Tests the JAccessRules::getData method. * * @return void * * @since 12.2 */ public function testGetData() { $array = array('edit' => array(-42 => 1, 2 => 1, 3 => 0)); $rule = new JAccessRules($array); $data = $rule->getData(); $this->assertArrayHasKey('edit', $data); $this->assertInstanceOf('JAccessRule', $data['edit']); }
/** * Creates initial component actions based on global config and on some ... logic * * @return array * @since 11.1 */ protected function _createComponentRules($component) { $groups = $this->_getUserGroups(); // Get flexicontent ACTION names, and initialize flexicontent rules to empty * $flexi_actions = JAccess::getActions($component, 'component'); $flexi_rules = array(); foreach ($flexi_actions as $action) { $flexi_rules[$action->name] = array(); // * WE NEED THIS (even if it remains empty), because we will compare COMPONENT actions in DB when checking initial permissions $flexi_action_names[] = $action->name; // Create an array of all COMPONENT actions names } // Get Joomla ACTION names $root = JTable::getInstance('asset'); $root->loadByName('root.1'); $joomla_rules = new JAccessRules($root->rules); foreach ($joomla_rules->getData() as $action_name => $data) { $joomla_action_names[] = $action_name; } //echo "<pre>"; print_r($rules->getData()); echo "</pre>"; // Decide the actions to grant (give) to each user group foreach ($groups as $group) { // STEP 1: we will -grant- all NON-STANDARD component ACTIONS to any user group, that has 'core.manage' ACTION in the Global Configuration // NOTE (a): if some user group has the --Super Admin-- Global Configuration ACTION (aka 'core.admin' for asset root.1), then it also has 'core.manage' // NOTE (b): The STANDARD Joomla ACTIONs will not be set thus they will default to value -INHERIT- (=value "") if (JAccess::checkGroup($group->id, 'core.manage')) { //$flexi_rules['core.manage'][$group->id] = 1; foreach ($flexi_action_names as $action_name) { //if ($action_name == 'core.admin') continue; // component CONFIGURE action, skip it, this will can only be granted by STEP 2 if (in_array($action_name, $joomla_action_names)) { continue; } // Skip Joomla STANDARD rules allowing them to inherit $flexi_rules[$action_name][$group->id] = 1; } } // STEP 2: we will set ACTIONS already granted in GLOBAL CONFIGURATION (this include the COMPONENT CONFIGURE 'core.admin' action) // NOTE: that actions that do not exist in global configuration, will not be set here, so they will default to the the setting received by STEP 1 // NOTE: this was commented out and thus heritage will be used instead for existing Global ACTIONS /*foreach($flexi_action_names as $action_name) { if (JAccess::checkGroup($group->id, $action_name)) { $flexi_rules[$action_name][$group->id] = 1; } }*/ // STEP 3: Handle some special case of custom-added ACTIONs // e.g. Grant --OWNED-- actions if they have the corresponding --GENERAL-- actions if (!empty($flexi_rules['core.delete'][$group->id])) { if (in_array('core.delete.own', $flexi_action_names)) { $flexi_rules['core.delete.own'][$group->id] = 1; } //CanDeleteOwn } if (!empty($flexi_rules['core.edit.state'][$group->id])) { if (in_array('core.edit.state.own', $flexi_action_names)) { $flexi_rules['core.edit.state.own'][$group->id] = 1; } //CanPublishOwn } // Give these regardless of edit privelege, since if the do not have edit then they cannot access item form and save task anyway //if( !empty($flexi_rules['core.edit'][$group->id]) || !empty($flexi_rules['core.edit.own'][$group->id])) { if (1) { if (in_array('flexicontent.change.cat', $flexi_action_names)) { $flexi_rules['flexicontent.change.cat'][$group->id] = 1; } // CanChangeCat if (in_array('flexicontent.change.cat.sec', $flexi_action_names)) { $flexi_rules['flexicontent.change.cat.sec'][$group->id] = 1; } // CanChangeSecCat if (in_array('flexicontent.change.cat.feat', $flexi_action_names)) { $flexi_rules['flexicontent.change.cat.feat'][$group->id] = 1; } // CanChangeFeatCat if (in_array('flexicontent.uploadfiles', $flexi_action_names)) { $flexi_rules['flexicontent.uploadfiles'][$group->id] = 1; } // CanUploadFiles } // By default give to everybody the edit field values privelege if (in_array('flexicontent.editfieldvalues', $flexi_action_names)) { $flexi_rules['flexicontent.editfieldvalues'][$group->id] = 1; } //CanEditFieldValues } // return rules, a NOTE: MAYBE in future we create better initial permissions by checking allow/deny/inherit values instead of just HAS ACTION ... return $flexi_rules; }
/** * Method to save the configuration data. * * @param array $data An array containing all global config data. * * @return boolean True on success, false on failure. * * @since 1.6 */ public function save($data) { $app = JFactory::getApplication(); // Check that we aren't setting wrong database configuration $options = array('driver' => $data['dbtype'], 'host' => $data['host'], 'user' => $data['user'], 'password' => JFactory::getConfig()->get('password'), 'database' => $data['db'], 'prefix' => $data['dbprefix']); try { $dbc = JDatabaseDriver::getInstance($options)->getVersion(); } catch (Exception $e) { $app->enqueueMessage(JText::_('JLIB_DATABASE_ERROR_DATABASE_CONNECT'), 'error'); return false; } // Save the rules if (isset($data['rules'])) { $rules = new JAccessRules($data['rules']); // Check that we aren't removing our Super User permission // Need to get groups from database, since they might have changed $myGroups = JAccess::getGroupsByUser(JFactory::getUser()->get('id')); $myRules = $rules->getData(); $hasSuperAdmin = $myRules['core.admin']->allow($myGroups); if (!$hasSuperAdmin) { $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_REMOVING_SUPER_ADMIN'), 'error'); return false; } $asset = JTable::getInstance('asset'); if ($asset->loadByName('root.1')) { $asset->rules = (string) $rules; if (!$asset->check() || !$asset->store()) { $app->enqueueMessage(JText::_('SOME_ERROR_CODE'), 'error'); return; } } else { $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_ROOT_ASSET_NOT_FOUND'), 'error'); return false; } unset($data['rules']); } // Save the text filters if (isset($data['filters'])) { $registry = new Registry(); $registry->loadArray(array('filters' => $data['filters'])); $extension = JTable::getInstance('extension'); // Get extension_id $extension_id = $extension->find(array('name' => 'com_config')); if ($extension->load((int) $extension_id)) { $extension->params = (string) $registry; if (!$extension->check() || !$extension->store()) { $app->enqueueMessage(JText::_('SOME_ERROR_CODE'), 'error'); return; } } else { $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_CONFIG_EXTENSION_NOT_FOUND'), 'error'); return false; } unset($data['filters']); } // Get the previous configuration. $prev = new JConfig(); $prev = JArrayHelper::fromObject($prev); // Merge the new data in. We do this to preserve values that were not in the form. $data = array_merge($prev, $data); /* * Perform miscellaneous options based on configuration settings/changes. */ // Escape the offline message if present. if (isset($data['offline_message'])) { $data['offline_message'] = JFilterOutput::ampReplace($data['offline_message']); } // Purge the database session table if we are changing to the database handler. if ($prev['session_handler'] != 'database' && $data['session_handler'] == 'database') { $table = JTable::getInstance('session'); $table->purge(-1); } if (empty($data['cache_handler'])) { $data['caching'] = 0; } $path = JPATH_SITE . '/cache'; // Give a warning if the cache-folder can not be opened if ($data['caching'] > 0 && $data['cache_handler'] == 'file' && @opendir($path) == false) { JLog::add(JText::sprintf('COM_CONFIG_ERROR_CACHE_PATH_NOTWRITABLE', $path), JLog::WARNING, 'jerror'); $data['caching'] = 0; } // Clean the cache if disabled but previously enabled. if (!$data['caching'] && $prev['caching']) { $cache = JFactory::getCache(); $cache->clean(); } // Create the new configuration object. $config = new Registry('config'); $config->loadArray($data); // Overwrite the old FTP credentials with the new ones. $temp = JFactory::getConfig(); $temp->set('ftp_enable', $data['ftp_enable']); $temp->set('ftp_host', $data['ftp_host']); $temp->set('ftp_port', $data['ftp_port']); $temp->set('ftp_user', $data['ftp_user']); $temp->set('ftp_pass', $data['ftp_pass']); $temp->set('ftp_root', $data['ftp_root']); // Clear cache of com_config component. $this->cleanCache('_system', 0); $this->cleanCache('_system', 1); // Write the configuration file. return $this->writeConfigFile($config); }
/** * Method to save the configuration data. * * @param array $data An array containing all global config data. * * @return boolean True on success, false on failure. * * @since 1.6 */ public function save($data) { $app = JFactory::getApplication(); // Check that we aren't setting wrong database configuration $options = array('driver' => $data['dbtype'], 'host' => $data['host'], 'user' => $data['user'], 'password' => JFactory::getConfig()->get('password'), 'database' => $data['db'], 'prefix' => $data['dbprefix']); try { $dbc = JDatabaseDriver::getInstance($options)->getVersion(); } catch (Exception $e) { $app->enqueueMessage(JText::_('JLIB_DATABASE_ERROR_DATABASE_CONNECT'), 'error'); return false; } // Check if we can set the Force SSL option if ((int) $data['force_ssl'] !== 0 && (int) $data['force_ssl'] !== (int) JFactory::getConfig()->get('force_ssl', '0')) { try { // Make an HTTPS request to check if the site is available in HTTPS. $host = JUri::getInstance()->getHost(); $options = new \Joomla\Registry\Registry(); $options->set('userAgent', 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0'); $options->set('transport.curl', array(CURLOPT_SSL_VERIFYPEER => false)); $response = JHttpFactory::getHttp($options)->get('https://' . $host . JUri::root(true) . '/', array('Host' => $host), 10); // If available in HTTPS check also the status code. if (!in_array($response->code, array(200, 503, 301, 302, 303, 304, 305, 306, 307, 308, 309, 310), true)) { throw new RuntimeException('HTTPS version of the site returned an invalid HTTP status code.'); } } catch (RuntimeException $e) { $data['force_ssl'] = 0; // Also update the user state $app->setUserState('com_config.config.global.data.force_ssl', 0); // Inform the user $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_SSL_NOT_AVAILABLE'), 'warning'); } } // Save the rules if (isset($data['rules'])) { $rules = new JAccessRules($data['rules']); // Check that we aren't removing our Super User permission // Need to get groups from database, since they might have changed $myGroups = JAccess::getGroupsByUser(JFactory::getUser()->get('id')); $myRules = $rules->getData(); $hasSuperAdmin = $myRules['core.admin']->allow($myGroups); if (!$hasSuperAdmin) { $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_REMOVING_SUPER_ADMIN'), 'error'); return false; } $asset = JTable::getInstance('asset'); if ($asset->loadByName('root.1')) { $asset->rules = (string) $rules; if (!$asset->check() || !$asset->store()) { $app->enqueueMessage(JText::_('SOME_ERROR_CODE'), 'error'); return; } } else { $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_ROOT_ASSET_NOT_FOUND'), 'error'); return false; } unset($data['rules']); } // Save the text filters if (isset($data['filters'])) { $registry = new Registry(); $registry->loadArray(array('filters' => $data['filters'])); $extension = JTable::getInstance('extension'); // Get extension_id $extension_id = $extension->find(array('name' => 'com_config')); if ($extension->load((int) $extension_id)) { $extension->params = (string) $registry; if (!$extension->check() || !$extension->store()) { $app->enqueueMessage(JText::_('SOME_ERROR_CODE'), 'error'); return; } } else { $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_CONFIG_EXTENSION_NOT_FOUND'), 'error'); return false; } unset($data['filters']); } // Get the previous configuration. $prev = new JConfig(); $prev = JArrayHelper::fromObject($prev); // Merge the new data in. We do this to preserve values that were not in the form. $data = array_merge($prev, $data); /* * Perform miscellaneous options based on configuration settings/changes. */ // Escape the offline message if present. if (isset($data['offline_message'])) { $data['offline_message'] = JFilterOutput::ampReplace($data['offline_message']); } // Purge the database session table if we are changing to the database handler. if ($prev['session_handler'] != 'database' && $data['session_handler'] == 'database') { $table = JTable::getInstance('session'); $table->purge(-1); } if (empty($data['cache_handler'])) { $data['caching'] = 0; } $path = JPATH_SITE . '/cache'; // Give a warning if the cache-folder can not be opened if ($data['caching'] > 0 && $data['cache_handler'] == 'file' && @opendir($path) == false) { JLog::add(JText::sprintf('COM_CONFIG_ERROR_CACHE_PATH_NOTWRITABLE', $path), JLog::WARNING, 'jerror'); $data['caching'] = 0; } // Clean the cache if disabled but previously enabled. if (!$data['caching'] && $prev['caching']) { $cache = JFactory::getCache(); $cache->clean(); } // Create the new configuration object. $config = new Registry('config'); $config->loadArray($data); // Overwrite the old FTP credentials with the new ones. $temp = JFactory::getConfig(); $temp->set('ftp_enable', $data['ftp_enable']); $temp->set('ftp_host', $data['ftp_host']); $temp->set('ftp_port', $data['ftp_port']); $temp->set('ftp_user', $data['ftp_user']); $temp->set('ftp_pass', $data['ftp_pass']); $temp->set('ftp_root', $data['ftp_root']); // Clear cache of com_config component. $this->cleanCache('_system', 0); $this->cleanCache('_system', 1); // Write the configuration file. return $this->writeConfigFile($config); }
/** * Method to save the configuration data. * * @param array An array containing all global config data. * @return bool True on success, false on failure. * @since 1.6 */ public function save($data) { // Save the rules if (isset($data['rules'])) { $rules = new JAccessRules($data['rules']); // Check that we aren't removing our Super User permission // Need to get groups from database, since they might have changed $myGroups = JAccess::getGroupsByUser(JFactory::getUser()->get('id')); $myRules = $rules->getData(); $hasSuperAdmin = $myRules['core.admin']->allow($myGroups); if (!$hasSuperAdmin) { $this->setError(JText::_('COM_CONFIG_ERROR_REMOVING_SUPER_ADMIN')); return false; } $asset = JTable::getInstance('asset'); if ($asset->loadByName('root.1')) { $asset->rules = (string) $rules; if (!$asset->check() || !$asset->store()) { JError::raiseNotice('SOME_ERROR_CODE', $asset->getError()); } } else { $this->setError(JText::_('COM_CONFIG_ERROR_ROOT_ASSET_NOT_FOUND')); return false; } unset($data['rules']); } // Save the text filters if (isset($data['filters'])) { $registry = new JRegistry(); $registry->loadArray(array('filters' => $data['filters'])); $extension = JTable::getInstance('extension'); // Get extension_id $extension_id = $extension->find(array('name' => 'com_config')); if ($extension->load((int) $extension_id)) { $extension->params = (string) $registry; if (!$extension->check() || !$extension->store()) { JError::raiseNotice('SOME_ERROR_CODE', $extension->getError()); } } else { $this->setError(JText::_('COM_CONFIG_ERROR_CONFIG_EXTENSION_NOT_FOUND')); return false; } unset($data['filters']); } // Get the previous configuration. $prev = new JConfig(); $prev = JArrayHelper::fromObject($prev); // Merge the new data in. We do this to preserve values that were not in the form. $data = array_merge($prev, $data); /* * Perform miscellaneous options based on configuration settings/changes. */ // Escape the sitename if present. if (isset($data['sitename'])) { $data['sitename'] = $data['sitename']; } // Escape the MetaDesc if present. if (isset($data['MetaDesc'])) { $data['MetaDesc'] = $data['MetaDesc']; } // Escape the MetaKeys if present. if (isset($data['MetaKeys'])) { $data['MetaKeys'] = $data['MetaKeys']; } // Escape the offline message if present. if (isset($data['offline_message'])) { $data['offline_message'] = JFilterOutput::ampReplace($data['offline_message']); } // Purge the database session table if we are changing to the database handler. if ($prev['session_handler'] != 'database' && $data['session_handler'] == 'database') { $table = JTable::getInstance('session'); $table->purge(-1); } if (empty($data['cache_handler'])) { $data['caching'] = 0; } // Clean the cache if disabled but previously enabled. if (!$data['caching'] && $prev['caching']) { $cache = JFactory::getCache(); $cache->clean(); } // Create the new configuration object. $config = new JRegistry('config'); $config->loadArray($data); /* * Write the configuration file. */ jimport('joomla.filesystem.path'); jimport('joomla.filesystem.file'); // Set the configuration file path. $file = JPATH_CONFIGURATION . '/configuration.php'; // Overwrite the old FTP credentials with the new ones. $temp = JFactory::getConfig(); $temp->set('ftp_enable', $data['ftp_enable']); $temp->set('ftp_host', $data['ftp_host']); $temp->set('ftp_port', $data['ftp_port']); $temp->set('ftp_user', $data['ftp_user']); $temp->set('ftp_pass', $data['ftp_pass']); $temp->set('ftp_root', $data['ftp_root']); // Get the new FTP credentials. $ftp = JClientHelper::getCredentials('ftp', true); // Attempt to make the file writeable if using FTP. if (!$ftp['enabled'] && JPath::isOwner($file) && !JPath::setPermissions($file, '0644')) { JError::raiseNotice('SOME_ERROR_CODE', JText::_('COM_CONFIG_ERROR_CONFIGURATION_PHP_NOTWRITABLE')); } // Attempt to write the configuration file as a PHP class named JConfig. $configString = $config->toString('PHP', array('class' => 'JConfig', 'closingtag' => false)); if (!JFile::write($file, $configString)) { $this->setError(JText::_('COM_CONFIG_ERROR_WRITE_FAILED')); return false; } // Attempt to make the file unwriteable if using FTP. if ($data['ftp_enable'] == 0 && !$ftp['enabled'] && JPath::isOwner($file) && !JPath::setPermissions($file, '0444')) { JError::raiseNotice('SOME_ERROR_CODE', JText::_('COM_CONFIG_ERROR_CONFIGURATION_PHP_NOTUNWRITABLE')); } return true; }
/** * Method to save the configuration data. * * @param array An array containing all global config data. * * @return bool True on success, false on failure. * * @since 1.6 */ public function save($data) { // Save the rules if (isset($data['rules'])) { $rules = new JAccessRules($data['rules']); // Check that we aren't removing our Super User permission // Need to get groups from database, since they might have changed $myGroups = JAccess::getGroupsByUser(JFactory::getUser()->get('id')); $myRules = $rules->getData(); $hasSuperAdmin = $myRules['core.admin']->allow($myGroups); if (!$hasSuperAdmin) { $this->setError(JText::_('COM_CONFIG_ERROR_REMOVING_SUPER_ADMIN')); return false; } $asset = JTable::getInstance('asset'); if ($asset->loadByName('root.1')) { $asset->rules = (string) $rules; if (!$asset->check() || !$asset->store()) { JError::raiseNotice('SOME_ERROR_CODE', $asset->getError()); } } else { $this->setError(JText::_('COM_CONFIG_ERROR_ROOT_ASSET_NOT_FOUND')); return false; } unset($data['rules']); } // Save the text filters if (isset($data['filters'])) { $registry = new JRegistry(); $registry->loadArray(array('filters' => $data['filters'])); $extension = JTable::getInstance('extension'); // Get extension_id $extension_id = $extension->find(array('name' => 'com_config')); if ($extension->load((int) $extension_id)) { $extension->params = (string) $registry; if (!$extension->check() || !$extension->store()) { JError::raiseNotice('SOME_ERROR_CODE', $extension->getError()); } } else { $this->setError(JText::_('COM_CONFIG_ERROR_CONFIG_EXTENSION_NOT_FOUND')); return false; } unset($data['filters']); } // Get the previous configuration. $prev = new JConfig(); $prev = JArrayHelper::fromObject($prev); // Merge the new data in. We do this to preserve values that were not in the form. $data = array_merge($prev, $data); /* * Perform miscellaneous options based on configuration settings/changes. */ // Escape the offline message if present. if (isset($data['offline_message'])) { $data['offline_message'] = JFilterOutput::ampReplace($data['offline_message']); } // Purge the database session table if we are changing to the database handler. if ($prev['session_handler'] != 'database' && $data['session_handler'] == 'database') { $table = JTable::getInstance('session'); $table->purge(-1); } if (empty($data['cache_handler'])) { $data['caching'] = 0; } // Clean the cache if disabled but previously enabled. if (!$data['caching'] && $prev['caching']) { $cache = JFactory::getCache(); $cache->clean(); } // Create the new configuration object. $config = new JRegistry('config'); $config->loadArray($data); // Overwrite the old FTP credentials with the new ones. $temp = JFactory::getConfig(); $temp->set('ftp_enable', $data['ftp_enable']); $temp->set('ftp_host', $data['ftp_host']); $temp->set('ftp_port', $data['ftp_port']); $temp->set('ftp_user', $data['ftp_user']); $temp->set('ftp_pass', $data['ftp_pass']); $temp->set('ftp_root', $data['ftp_root']); // Clear cache of com_config component. $this->cleanCache('_system'); // Write the configuration file. return $this->writeConfigFile($config); }