/**
* Check if the currently logged in user is authorized to access the given url.
*
* @param array $url The url parameters.
* @return bool
*/
public function hasAccess($url)
{
if ($this->isGuestAction($url)) {
return true;
}
$path = $this->getPathFromUrl($url);
$groupId = $this->Auth->user('group_id');
if ($groupId === null) {
return false;
}
if (!is_array($groupId)) {
$groupId = [$groupId];
}
if (in_array(1, $groupId)) {
return true;
}
$user = Wasabi::user();
if (empty($user->permissions)) {
Wasabi::user()->permissions = $this->_getGroupPermissions()->findAllForGroup($groupId);
}
if (array_key_exists($path, Wasabi::user()->permissions)) {
return true;
}
return false;
}
/**
* beforeFilter callback
*
* @param Event $event An Event instance.
* @return void
*/
public function beforeFilter(Event $event)
{
parent::beforeFilter($event);
$this->Auth->deny();
if (!$this->Auth->user()) {
$this->Auth->config('authError', false);
} else {
Wasabi::user(new User($this->Auth->user()));
$currentUrlArray = Wasabi::getCurrentUrlArray();
$currentRequestPath = join('.', [$currentUrlArray['plugin'], $currentUrlArray['controller'], $currentUrlArray['action']]);
if (!$this->request->is('ajax') || $currentRequestPath !== 'Wasabi/Core.Users.heartBeat') {
$this->request->session()->write('loginTime', time());
}
}
$this->_allow();
Wasabi::loadLanguages(null, true);
// Load all menu items from all plugins.
$this->eventManager()->dispatch(new Event('Wasabi.Backend.Menu.initMain', Nav::createMenu('backend.main')));
$this->_setSectionCssClass();
$this->set('heartBeatFrequency', $this->_calculateHeartBeatFrequency());
if ($this->request->is('ajax')) {
$this->viewClass = null;
}
}
/**
* beforeSave callback
*
* @param Event $event
* @param Content $entity
* @param \ArrayObject $options
*/
public function beforeSave(Event $event, Content $entity, \ArrayObject $options)
{
$entity->language_id = Wasabi::contentLanguage()->id;
$entity->created_by_user_id = Wasabi::user()->id;
$entity->modified_by_user_id = Wasabi::user()->id;
}
