/** * Resets admin rights on a collection. * * @param \ACL $acl * @param \collection $collection */ private function doResetRightsOnCollection(\ACL $acl, \collection $collection) { $baseId = $collection->get_base_id(); $acl->set_limits($baseId, false); $acl->remove_quotas_on_base($baseId); $acl->set_masks_on_base($baseId, '0', '0', '0', '0'); $acl->update_rights_to_base($baseId, ['canputinalbum' => '1', 'candwnldhd' => '1', 'candwnldsubdef' => '1', 'nowatermark' => '1', 'candwnldpreview' => '1', 'cancmd' => '1', 'canadmin' => '1', 'canreport' => '1', 'canpush' => '1', 'creationdate' => '1', 'canaddrecord' => '1', 'canmodifrecord' => '1', 'candeleterecord' => '1', 'chgstatus' => '1', 'imgtools' => '1', 'manage' => '1', 'modify_struct' => '1', 'bas_modify_struct' => '1']); }
protected function getACL() { $acl = new ACL(); $logger = new \Monolog\Logger('ACL'); $logger->pushHandler(new \Monolog\Handler\SyslogHandler('ACL Tests')); $acl->setLogger($logger); return $acl; }
function test_join_test() { ACL::add('dummy', 'blog:posts', 'add'); $acl = new ACL(); $this->assertTrue($acl->grant('dummy', 'blog:posts', 'add')); $this->assertFalse($acl->grant('dummy', 'blog:posts', 'edit')); ACL::remove('dummy', 'blog:posts', 'add'); $this->assertFalse($acl->grant('dummy', 'blog:posts', 'add')); }
function signup_form($data) { $user = new User(); if ($data) { foreach ($data as $key => $value) { $field_name = ucwords(str_replace('_', ' ', $key)); switch ($key) { case 'first_name': case 'last_name': case 'username': if (trim($value) == '') { $error[] = 'Field ' . $field_name . ' is required!'; } break; case 'email': if (!filter_var($value, FILTER_VALIDATE_EMAIL)) { $error[] = 'Invalid format for ' . $field_name . ', please insert a valid email!'; } break; } } // Verify Username $user->byUsername($data['username']); if ($data['username'] = $user->username) { $error[] = 'Username already taken. Please select another one.'; } if ($data['password'] != $data['password2']) { $error[] = 'Password does not match.'; } // Adding values if ($data['password']) { $user->password = $data['password']; $gen_pass = false; } else { $gen_pass = true; } if (!$error) { $res = $user->create(false, $gen_pass, $data); if ($res) { session_start(); $ACL = new ACL(); $ACL->username = $res->username; $ACL->password = $res->temp_password; $ACL->login(); header("Location: /dashboard.php"); } else { $error[] = 'Ops, We could not create the user at this time. Try again later.'; } } } global $twig; // Twig Base $template = $twig->loadTemplate('signup-content.html'); $template->display(array('project_title' => TITLE, 'path_to_theme' => '../../' . THEME_PATH, 'company' => NATURAL_COMPANY, 'page' => 'signup', 'data' => $data, 'errors' => $error)); }
private function processAclRequest() { $dom = $this->xmlDom; $headerNode = $dom->getElementsByTagName('SIF_Header')->item(0); $originalMsgId = $headerNode->getElementsByTagName('SIF_MsgId')->item(0)->nodeValue; $originalSourceId = $headerNode->getElementsByTagName('SIF_SourceId')->item(0)->nodeValue; $acl = new ACL($dom); $timestamp = Utility::createTimestamp(); $msgId = Utility::createMessageId(); XmlHelper::buildSuccessMessage($msgId, $timestamp, $originalSourceId, $originalMsgId, 0, $originalMsg = $acl->BuildACL(), $desc = null); }
/** * Returns all the feeds a user can access. * * @return \Doctrine\Common\Collections\Collection */ public function getAllForUser(\ACL $userACL) { $base_ids = array_keys($userACL->get_granted_base()); $qb = $this->createQueryBuilder('f'); $qb->where($qb->expr()->isNull('f.baseId'))->orWhere('f.public = true'); if (count($base_ids) > 0) { $qb->orWhere($qb->expr()->in('f.baseId', $base_ids)); } $qb->orderBy('f.updatedOn', 'DESC'); return $qb->getQuery()->getResult(); }
public function permissions() { $this->form_validation->set_rules('resource', 'resource', 'required'); return Validation::validate($this, 'user', 'read', function ($token, $output) { $resource = $this->input->post('resource'); $acl = new ACL(); $permissions = $acl->userPermissions($token->id, $resource); $output['status'] = true; $output['resource'] = $resource; $output['permissions'] = $permissions; return $output; }); }
/** * @param MvcEvent $e */ public function checkAcl(MvcEvent $e) { $route = $e->getRouteMatch(); $controller = $route->getParam('controller'); $action = $route->getParam('action'); if (!$this->acl->isAllowed($controller, $action)) { $url = $e->getRouter()->assemble(array('controller' => 'index', 'action' => 'non-autorise'), array('name' => 'accueil')); /** @var Response $response */ $response = $e->getResponse(); $response->getHeaders()->addHeaderLine('Location', $url); $response->setStatusCode(302); $response->sendHeaders(); } }
public function action_plugin_deactivation($file) { if ($file == str_replace('\\', '/', $this->get_file())) { # delete default access token ACL::destroy_token('manage_cronjobs'); } }
protected function render_item(&$next_id, $name, $cfg, $parent) { $menu = ''; if ($parent == -1) { $menu .= Ext::menu_begin($name); } if (is_array($cfg)) { $cur_id = $next_id; $cur_menu = ''; if ($parent != -1) { $cur_menu .= Ext::menu_row($next_id, $name, NULL, $parent); } $next_id++; $cur_menu_subitems = ''; foreach ($cfg as $subname => $subcfg) { $cur_menu_subitems .= $this->render_item($next_id, $subname, $subcfg, $cur_id); } if (!empty($cur_menu_subitems)) { $menu .= $cur_menu . $cur_menu_subitems; } } else { if (ACL::is_route_allowed($cfg)) { $menu .= Ext::menu_row($next_id, $name, $cfg, $parent); if ($this->is_route_active($cfg)) { $this->_active_id = $next_id; } } $next_id++; } if ($parent == -1) { $menu .= Ext::menu_end($this->_active_id); } return $menu; }
public function action_user() { $id = (int) $this->request->param('id', 0); $post = ORM::factory('user', $id); if (!$post->loaded() or $id === 1) { Message::error(__("User doesn't exists!")); Log::error('Attempt to access non-existent user.'); $this->request->redirect(Route::get('admin/user')->uri(array('action' => 'list')), 404); } $this->title = __(':user Permissions', array(":user" => $post->name)); $action = Route::get('admin/permission')->uri(array('action' => 'user', 'id' => isset($post->id) ? $post->id : 0)); $view = View::factory('admin/permission/user')->set('post', $post)->set('oldperms', $post->perms())->set('permissions', ACL::all())->set('action', $action)->bind('errors', $this->_errors); if ($this->valid_post('permissions')) { $perms = array_filter($_POST['perms']); $post->data = array('permissions' => $perms); try { $post->save(); Message::success(__('Permissions: saved successful!')); $this->request->redirect(Route::get('admin/permission')->uri(array('action' => 'user', 'id' => $post->id))); } catch (ORM_Validation_Exception $e) { Message::error(__('Permissions save failed!')); $this->_errors = $e->errors('models', TRUE); } catch (Exception $e) { Message::error(__('Permissions save failed!')); $this->_errors = array($e->getMessage()); } } $this->response->body($view); }
/** * The before() method is called before controller action * * @uses ACL::required */ public function before() { ACL::required('access comment'); // Disable sidebars on comments page $this->_sidebars = FALSE; parent::before(); }
public function action_plugin_deactivation($file) { if (realpath($file) == __FILE__) { CronTab::delete_cronjob('pbem_check_accounts'); ACL::destroy_token('PBEM'); } }
public function setUp() { parent::setUp(); $model = new TestDocument(); $model->createDatabaseTable(true); Helper::dbFixture(SITEMAP_TABLE, []); \ACL::create(SitemapModel::PermissionName); Configure::write('Sitemap', ['Menu' => ['title' => self::Title, 'depth' => 3]]); Helper::setupUsers([['login' => self::AdminUser, 'rights' => [SitemapModel::PermissionName => true]], ['login' => self::GuestUser]]); $documents = [['name' => 'first', 'sitemap' => ['count' => 1]], ['name' => 'second'], ['name' => 'third', 'sitemap' => ['parent' => 1]]]; foreach ($documents as $key => $row) { $documents[$key] = new TestDocument($row); $documents[$key]->insert(); $sitemapModel = new SitemapModel(); $sitemapModel->name = $row['name']; $sitemapModel->full_url = $row['name']; $sitemapModel->linkToModel($documents[$key]); if (isset($row['sitemap'])) { foreach ($row['sitemap'] as $key => $value) { $sitemapModel->{$key} = $value; } } $sitemapModel->insert(); } }
/** * @return ACL */ public static function instance() { if (is_null(self::$_instance)) { self::$_instance = new self(); } return self::$_instance; }
/** * Загрузка информации о правах пользователя. */ private function loadAccess() { if (null === $this->access) { $this->access = ACL::getTypeAccess($this->getGroups()); } return $this->access; }
public static function validate($context, $class, $function, $callback) { $output = array(); $output['status'] = false; $token = false; if (!empty($class)) { $token = ACL::authenticate($class, $function); if ($token == false) { if (defined('PHPUNIT_TEST')) { return json_encode(array('output' => $output)); } else { $context->load->view('json', array('output' => $output)); } } } $context->form_validation->set_error_delimiters('', ''); $validated = $context->form_validation->run(); if ($validated) { $output = $callback($token, $output); } else { $output['errors'] = validation_errors(); } if (array_key_exists('errors', $output)) { $errors = explode("\n", $output['errors']); foreach ($errors as $key => $error) { $errors[$key] = json_decode($error); } $output['errors'] = $errors; } if (defined('PHPUNIT_TEST')) { return json_encode(array('output' => $output)); } else { $context->load->view('json', array('output' => $output)); } }
/** * Returns all the feeds from a given array containing their id. * * @param \ACL $userACL * @param array $feedIds Ids to restrict feeds, all accessible otherwise * * @return Feed[] */ public function filterUserAccessibleByIds(\ACL $userACL, array $feedIds = []) { $qb = $this->createQueryBuilder('f'); // is public feed? $orx = $qb->expr()->orX($qb->expr()->isNull('f.baseId'), $qb->expr()->eq('f.public', $qb->expr()->literal(true))); // is granted base? $grantedBases = array_keys($userACL->get_granted_base()); if ($grantedBases) { $orx->add($qb->expr()->in('f.baseId', $grantedBases)); } if ($feedIds) { $qb->where($qb->expr()->in('f.id', $feedIds), $orx); } $qb->orderBy('f.updatedOn', 'DESC'); return $qb->getQuery()->getResult(); }
/** * The before() method is called before controller action * * @uses ACL::required */ public function before() { ACL::required('administer comment'); $this->_destination = '?destination=' . Route::get('admin/comment')->uri(array('action' => $this->request->action())); $this->_form_action = Route::get('admin/comment')->uri(array('action' => 'process')) . $this->_destination; parent::before(); }
/** * Add page to section. * * @param Navigation_Abstract $page * @param int $priority * @return $this */ public function add_page(Navigation_Abstract &$page, $priority = 1) { $priority = (int) $priority; // Check permissions if (!ACL::check($page->permissions)) { return $this; } // Priority if (isset($page->priority)) { $priority = (int) $page->priority; } // Typeof if ($page instanceof Navigation_Section) { $this->_sections[] = $page; $page->set_section($this); } else { // Change priority if (isset($this->_pages[$priority])) { while (isset($this->_pages[$priority])) { $priority++; } } // Store page $this->_pages[$priority] = $page; } // Add page buttons if (isset($page->buttons)) { $page->add_buttons($page->buttons); } // $page->set_section($this); return $this->update()->sort(); }
public function testget_limits() { $found = false; foreach (self::$DI['app']['phraseanet.appbox']->get_databoxes() as $databox) { foreach ($databox->get_collections() as $collection) { $base_id = $collection->get_base_id(); if (!self::$object->has_access_to_base($base_id)) { continue; } $minusone = new DateTime('-1 day'); $plusone = new DateTime('+1 day'); self::$object->set_limits($base_id, true, $minusone, $plusone); $limits = self::$object->get_limits($base_id); $this->assertEquals($limits['dmin'], $minusone); $this->assertEquals($limits['dmax'], $plusone); $minustwo = new DateTime('-2 day'); $plustwo = new DateTime('-2 day'); self::$object->set_limits($base_id, true, $minustwo, $plustwo); $limits = self::$object->get_limits($base_id); $this->assertEquals($limits['dmin'], $minustwo); $this->assertEquals($limits['dmax'], $plustwo); self::$object->set_limits($base_id, false); $this->assertNull(self::$object->get_limits($base_id)); $found = true; } } if (!$found) { $this->fail('Unable to test'); } }
/** * List of pages (blogs/posts/etc.) with a specific tag * * @throws HTTP_Exception_404 * * @uses Log::add * @uses Text::ucfirst * @uses ACL::check * @uses Meta::links * @uses URL::canonical * @uses Route::url */ public function action_view() { $id = (int) $this->request->param('id', 0); $tag = ORM::factory('tag', $id); if (!$tag->loaded()) { throw HTTP_Exception::factory(404, 'Tag :tag not found!', array(':tag' => $id)); } $this->title = __(':title', array(':title' => Text::ucfirst($tag->name))); $view = View::factory('tag/view')->set('teaser', TRUE)->bind('pagination', $pagination)->bind('posts', $posts); $posts = $tag->posts; if (!ACL::check('administer tags') and !ACL::check('administer content')) { $posts->where('status', '=', 'publish'); } $total = $posts->reset(FALSE)->count_all(); if ($total == 0) { Log::info('No posts found.'); $this->response->body(View::factory('page/none')); return; } $pagination = Pagination::factory(array('current_page' => array('source' => 'cms', 'key' => 'page'), 'total_items' => $total, 'items_per_page' => 15, 'uri' => $tag->url)); $posts = $posts->order_by('created', 'DESC')->limit($pagination->items_per_page)->offset($pagination->offset)->find_all(); $this->response->body($view); // Set the canonical and shortlink for search engines if ($this->auto_render === TRUE) { Meta::links(URL::canonical($tag->url, $pagination), array('rel' => 'canonical')); Meta::links(Route::url('tag', array('action' => 'view', 'id' => $tag->id)), array('rel' => 'shortlink')); } }
function test_creategroup() { $user = User::create( array( 'username' => 'testcaseuser', 'email' => '*****@*****.**', 'password' => 'test') ); $this->assert_true( $user instanceof User, 'Could not create test user.' ); $group = UserGroup::create( array( 'name' => 'new test group' ) ); $this->assert_true( $group instanceof UserGroup, 'Could not create a new group named "new test group".' ); ACL::create_token( 'test permission', 'A permission for test cases', 'Administration' ); ACL::create_token( 'test deny permission', 'A permission for test cases', 'Administration' ); $this->assert_true( ACL::token_exists('test permission'), 'The test permission was not created.' ); $this->assert_true( ACL::token_exists(' test PeRmission '), 'Permission names are not normalized.' ); $group->add( 'testcaseuser' ); $group->grant( 'test permission' ); $group->deny( 'test deny permisSion' ); $group->update(); $newgroup = UserGroup::get( 'new test group' ); $this->assert_true( in_array( $user->id, $newgroup->members ), 'The created user is not a member of the new group.' ); $this->assert_true( in_array( ACL::token_id( 'test permission' ), array_keys( $newgroup->permissions ) ), 'The group does not have the new permission.' ); $this->assert_true( ACL::group_can( 'new test group', 'test permission' ), 'The group does not have the new permission.' ); $this->assert_false( ACL::group_can( 'new test group', 'test deny permission' ), 'The group has a denied permission.' ); $this->assert_true( $user->can( 'test permission' ), 'The user does not have a permission his group has been granted.' ); }
public function action_plugin_deactivation($file) { # delete default access tokens for: 'system', 'plugin', 'theme', 'class' ACL::destroy_token('install_new_system'); ACL::destroy_token('install_new_plugin'); ACL::destroy_token('install_new_theme'); ACL::destroy_token('install_new_class'); }
public function testCreateWithCheckValues() { ACL::create('test/test2'); $result = DBSimple::get(ACL_TABLE, array('id' => 1)); $this->assertEquals('test', $result['name']); $result = DBSimple::get(ACL_TABLE, array('id' => 2)); $this->assertEquals('test2', $result['name']); }
public function testGrant() { ACL::create('test/test2'); ACL::grant('test/test2', 'e1'); $this->assertEquals(1, DBSimple::getRowsCount(ACL_GRANT_TABLE)); $found = DBSimple::get(ACL_GRANT_TABLE, array('actionId' => 2)); $this->assertEquals('e1', $found['entity']); }
public function generate() { $fullGrantList = $this->getAllGrantsMap(); $grantList = ACL::selectAllGrantsForEntity($this->entity); $tpl = __DIR__ . DIRECTORY_SEPARATOR . 'form.tpl'; $parseData = array('name' => $this->szName, 'grantList' => $grantList, 'fullGrantList' => $fullGrantList); return UParser::parsePHPFile($tpl, $parseData); }
protected function _field($obj) { $route_str = Extasy::obj_placeholders($obj, $this->_route_str); if (!ACL::is_route_allowed($route_str)) { return '<td></td>'; } return $this->_draw_field($obj); }
public function setup() { parent::setUp(); \ACL::create(\CMSAuth::AdministratorRoleName); Helper::setupUsers(array(array('login' => self::login, 'password' => self::password, 'rights' => array(\CMSAuth::AdministratorRoleName => true)))); $user = \UserAccount::getByLogin(self::login); \ACL::grant(\CMSAuth::AdministratorRoleName, $user->rights->getEntity()); }
public function before() { parent::before(); if (!ACL::is_action_allowed($this->request->directory(), $this->request->controller(), $this->request->action())) { $this->on_auth_error(); } $this->_user = Auth::instance()->get_user(); }