コード例 #1
0
 function admin_actionAll()
 {
     if (!empty($this->data['_Tech']['action'])) {
         if (isset($this->Acl)) {
             if ($this->Acl->check($this->Auth->user(), 'Cities/admin_' . $this->data['_Tech']['action'])) {
                 $this->setAction('admin_' . $this->data['_Tech']['action']);
             } else {
                 $this->Session->setFlash(___d('alaxos', 'not authorized', true), 'flash_error', array('plugin' => 'alaxos'));
                 $this->redirect($this->referer());
             }
         } elseif (isset($this->Auth) && $this->Auth->user() == null) {
             /*
              * Manually check permission, as the setAction() method does not check for permission rights
              */
             if (in_array(strtolower('admin_' . $this->data['_Tech']['action']), $this->Auth->allowedActions)) {
                 $this->setAction('admin_' . $this->data['_Tech']['action']);
             } else {
                 $this->Session->setFlash(___d('alaxos', 'not authorized', true), 'flash_error', array('plugin' => 'alaxos'));
                 $this->redirect($this->referer());
             }
         } else {
             /*
              * neither Auth nor Acl, or Auth + logged user
              * -> grant access
              */
             $this->setAction('admin_' . $this->data['_Tech']['action']);
         }
     } else {
         $this->Session->setFlash(___d('alaxos', 'the action to perform is not defined', true), 'flash_error', array('plugin' => 'alaxos'));
         $this->redirect($this->referer());
     }
 }
コード例 #2
0
 function check_access()
 {
     $authorized = false;
     $user_logged = false;
     $action = $this->controller->action;
     if (isset($this->controller->params['prefix'])) {
         $prefix = $this->controller->params['prefix'];
     }
     if (array_key_exists($action, $this->actions_roles_mapping)) {
         /*
          * The action is protected
          * -> check if logged User has the right to do the action
          */
         if ($this->Session->check(LOGGED_USER)) {
             $logged_user = $this->Session->read(LOGGED_USER);
             if (isset($logged_user)) {
                 $user_logged = true;
                 foreach ($this->actions_roles_mapping[$action] as $authorized_role_id) {
                     foreach ($logged_user[LOGGED_USER_ROLES] as $role) {
                         if ($role['id'] == $authorized_role_id || $role['id'] == ROLE_ID_ADMINISTRATOR) {
                             $authorized = true;
                             break;
                         }
                     }
                 }
             }
         }
     } elseif (isset($prefix) && array_key_exists($prefix, $this->prefix_roles_mapping)) {
         /*
          * The action is protected
          * -> check if logged User has the right to do the action
          */
         if ($this->Session->check(LOGGED_USER)) {
             $logged_user = $this->Session->read(LOGGED_USER);
             if (isset($logged_user)) {
                 $user_logged = true;
                 foreach ($this->prefix_roles_mapping[$prefix] as $authorized_role_id) {
                     foreach ($logged_user[LOGGED_USER_ROLES] as $role) {
                         if ($role['id'] == $authorized_role_id || $role['id'] == ROLE_ID_ADMINISTRATOR) {
                             $authorized = true;
                             break;
                         }
                     }
                 }
             }
         }
     } else {
         $authorized = true;
     }
     if (!$authorized) {
         if (isset($this->controller->RequestHandler) && $this->controller->RequestHandler->isAjax()) {
             if ($user_logged) {
                 e('<span class="error">' . ___d('alaxos', 'not authorized', true) . '</span>');
             } else {
                 e('<span class="error">' . ___d('alaxos', 'please login', true) . '</span>');
             }
             die;
         } else {
             if ($user_logged) {
                 $this->Session->setFlash(___d('alaxos', 'not authorized', true), 'flash_error', array('class' => 'error'));
             } else {
                 $this->Session->setFlash(___d('alaxos', 'please login', true), 'flash_error', array('class' => 'error'));
             }
             $return_url = $this->controller->get_return_url();
             /*
              * Note:
              * 		we use 'admin' => '0' because 'admin' => false leads to an infinite redirection loop
              * 		Why ?
              * 		TODO: discover why... ;-)
              */
             $this->controller->redirect(array('admin' => '0', 'controller' => $this->login_controller, 'action' => $this->login_action . '?' . RETURN_URL . '=' . $return_url));
         }
     }
 }
コード例 #3
0
ファイル: alaxos_form.php プロジェクト: shashin62/abc_audit
 /**
  * Return a dropdown list filled with actions that can be performed on the selected elements of a datat list
  * It also automatically set the needed translated Javascript variables.
  *
  * @param string $fieldName
  * @param array $options
  */
 public function input_actions_list($fieldName = '_Tech.action', $options = array())
 {
     $options['id'] = !empty($options['id']) ? $options['id'] : 'ActionToPerform';
     $actions = !empty($options['actions']) ? $options['actions'] : array('deleteAll' => ___d('alaxos', 'delete all', true), 'activateAll' => ___d('alaxos', 'activate all', true), 'deactivateAll' => ___d('alaxos', 'deactivate all', true));
     /*
      * Include translated texts for JS confirm box
      */
     $script = 'var confirmDeleteAllText =            "' . ___d('alaxos', 'are you sure you want to delete all those items ?', true) . '";' . "\n";
     $script .= 'var pleaseChooseActionToPerformText = "' . ___d('alaxos', 'please choose the action to perform', true) . '";' . "\n";
     $this->AlaxosHtml->scriptBlock($script, array('inline' => false));
     unset($options['actions']);
     return $this->select($fieldName, $actions, null, $options);
 }
コード例 #4
0
 public function get_pagination_limit_combobox($options = array())
 {
     $html = [];
     $html[] = '<div class="row">';
     $html[] = '  <div class="col-md-12 col-sm-12 col-xs-12 text-right">';
     $select_options = [];
     $select_options['id'] = 'select_pagination_limit';
     $select_options['value'] = isset($this->request->query['limit']) ? $this->request->query['limit'] : $this->Paginator->param('perPage');
     $select_limit = $this->Form->select('_Tech.pagination_limit', array_combine($options['pagination_limits'], $options['pagination_limits']), $select_options);
     $js = [];
     $js[] = '<script type="text/javascript">';
     $js[] = '$(document).ready(function(){';
     $js[] = '   $("#select_pagination_limit").change(function(){';
     $js[] = '       window.location = "' . $this->request->here . '" + "?limit=" +$(this).val();';
     $js[] = '   });';
     $js[] = '});';
     $js[] = '</script>';
     $html[] = ___d('alaxos', $options['pagination_limits_text'], $select_limit);
     $html[] = implode("\n", $js);
     $html[] = '  </div>';
     $html[] = '</div>';
     return implode("\n", $html);
 }
コード例 #5
0
 /**
  * Logs the given user in by using the Auth component
  *
  * @param unknown_type $user
  */
 protected function log_user($user)
 {
     if (isset($user) && is_array($user)) {
         if (isset($this->controller->Auth)) {
             return $this->controller->Auth->login($user);
         } else {
             $this->add_error(___d('alaxos', 'the Auth component must be loaded to use the Alaxos.ShibbolethAuthenticator component', true));
             return false;
         }
     }
 }