public static function currentOperatorHasAnyOfPermissions($requested_permissions_arr) { $current_user_has_any_of_permissions = Auth::currentUserHasAnyOfPermissions($requested_permissions_arr); if ($current_user_has_any_of_permissions) { return true; } $current_user_id = Auth::currentUserId(); if (!$current_user_id) { //error_log('Auth: no current user'); return false; } // check operator permissions $current_operator_ids_arr = Operator::getIdsArrForUserIdByCreatedAtDesc($current_user_id); if (empty($current_operator_ids_arr)) { //error_log('Auth: no operators for user ' . $current_user_id); return false; } $current_operator_id = $current_operator_ids_arr[0]; $operator_permissions_ids_arr = OperatorPermission::getIdsArrForOperatorIdByCreatedAtDesc($current_operator_id); $assigned_permissions_titles_arr = []; foreach ($operator_permissions_ids_arr as $operator_permission_id) { $operator_permission_obj = OperatorPermission::factory($operator_permission_id); $permission_id = $operator_permission_obj->getPermissionId(); $permission_obj = Permission::factory($permission_id); $assigned_permissions_titles_arr[] = $permission_obj->getTitle(); if (in_array($permission_obj->getTitle(), $requested_permissions_arr)) { return true; } } //error_log('Auth: no permissions for operator ' . $current_operator_id . ' (' . implode(',', $operator_permissions_ids_arr) . ') (' . implode(',', $assigned_permissions_titles_arr) . ') matched requested list: ' . implode(',', $requested_permissions_arr)); return false; }
public function save($id = null) { if (!empty($id)) { $id = (int) $id; } $role = UserRole::factory($id); $role->name = $this->input->post('name', true); if (!$role->exists()) { $role->save(); } //save role under new name $perms_arr = $this->input->post('permissions'); $perms = Permission::factory()->where_in('id', $perms_arr)->get(); $role->delete(Permission::factory()->get()->all); $role->save($perms->all); $this->templatemanager->notify_next(__("User role is saved successfully."), "success"); redirect('administration/userroles'); }
public function init() { header("Content-Type: application/x-javascript"); echo "var IU_SITE_URL = '" . str_replace("'", "\\'", rtrim(site_url(), '/')) . "';\n"; echo "var IU_BASE_URL = '" . str_replace("'", "\\'", base_url()) . "';\n"; echo "var IU_GLOBALS = {}; //throw anything in here\n"; $pages = Page::factory()->get(); $pages_arr = array(); foreach ($pages as $p) { $page = new stdClass(); $page->uri = $p->uri; $page->label = $p->title . ' ' . $p->uri; $page->url = site_url($p->uri); $page->title = character_limiter($p->title, 50); $page->id = $p->id; $pages_arr[] = $page; } echo "var IU_PAGES = " . json_encode($pages_arr) . ";\n"; $settings = Setting::factory()->where('group !=', 'hidden')->where('group !=', 'branding')->get(); $setts = array(); foreach ($settings as $s) { $setts[$s->name] = $s->value; } echo "var IU_SETTINGS = " . json_encode($setts) . ";\n"; if (!empty($this->user)) { $juser = $this->user->stored; unset($juser->salt); unset($juser->password); unset($juser->key); unset($juser->active); echo "var IU_USER = "******";\n"; $perms = Permission::factory()->where_related_user('id', $this->user->id)->get(); $permarr = array(); foreach ($perms as $p) { $permarr[] = $p->key; } echo "var IU_USER_PERMISSIONS = " . json_encode($permarr) . ";\n"; } }
public function save($id = null) { $this->load->helper('email'); if (!empty($id)) { $id = (int) $id; } if (!$this->user->can('manage_users') && $id !== $this->user->id) { $this->templatemanager->notify_next("You are not allowed to edit users!", 'failure'); redirect('administration/dashboard'); } //get user from db (or instantiate new user obj) if (empty($id)) { $user = new User(); } else { $user = User::factory()->get_by_id($id); } $user->name = $this->input->post('name'); if ($this->user->can('manage_users')) { $user->active = (bool) $this->input->post('active'); } //check name if (empty($user->name) || strlen($user->name) < 5) { $this->templatemanager->notify_next(__("Name can not be empty or shorter than 5 characters."), 'failure'); redirect('administration/users/' . (empty($id) ? 'add' : 'edit/' . $id)); } $role_id = $this->input->post('userrole_id'); //get role if ($this->user->can('manage_users') && !empty($role_id)) { $role = UserRole::factory((int) $role_id); } else { $role = $this->user->userrole->get(); } //other data $email = trim($this->input->post('email')); //check e-mail if (!valid_email($email)) { $this->templatemanager->notify_next(__("Entered e-mail address was not valid."), 'failure'); redirect('administration/users/' . (empty($id) ? 'add' : 'edit/' . $id)); } else { $user->email = $email; } //get, check and update password $password = trim($this->input->post('password')); $password2 = trim($this->input->post('password2')); if (empty($id) && empty($password) && empty($password2)) { $this->templatemanager->notify_next(__("When creating new user you must specify his password!"), 'failure'); redirect('administration/users/' . (empty($id) ? 'add' : 'edit/' . $id)); } if (!empty($password)) { if ($password != $password2) { $this->templatemanager->notify_next(__("Passwords differ!"), 'failure'); redirect('administration/users/' . (empty($id) ? 'add' : 'edit/' . $id)); } else { //if ($user->id != 1) $user->password = $password; //else // $this->templatemanager->notify_next("Changing administrator password is disabled in the demo!", 'information'); } } //prepare for upload $config['upload_path'] = './iu-resources/uploads/'; $config['allowed_types'] = 'gif|jpg|png|jpeg'; $config['max_size'] = '512'; $config['max_width'] = '1024'; $config['max_height'] = '1024'; $config['encrypt_name'] = true; $this->load->library('upload', $config); //upload profile picture if (!empty($_FILES['picture']['name'])) { if (!$this->upload->do_upload('picture')) { show_error($this->upload->display_errors()); } else { $data = $this->upload->data(); $im = image_create_from_file($config['upload_path'] . $data['file_name']); $im = image_resize($im, 150); image_to_file($im, $config['upload_path'] . $data['file_name']); $user->picture = $data['file_name']; } } //save user $user->save(array($role)); //save user and role //permissions $perms_arr = $this->input->post('permissions'); $perms = Permission::factory()->where_in('id', $perms_arr)->get(); $user->delete(Permission::factory()->get()->all); $user->save($perms->all); //notify user if ($this->user->id != $id) { $this->templatemanager->notify_next(__("User is saved successfully."), "success"); } else { $this->templatemanager->notify_next(__("Profile is updated successfully."), "success"); } if ($this->loginmanager->is_editor()) { redirect('administration/users'); } //go back to previous page if (empty($_SERVER['HTTP_REFERER'])) { redirect('administration/users'); } else { redirect($_SERVER['HTTP_REFERER']); } }
public function saveadmin() { //we cannot save admin if database config file is empty if (!is_db_conf_empty()) { //if config file exists, load libraries $this->load->database(); $this->load->library('datamapper'); DataMapper::$config['prefix'] = $this->db->dbprefix; } else { redirect("setup/help/database-config-missing"); } //now create the mofo admin $role = UserRole::factory()->where('name', 'Administrator')->limit(1)->get(); $user = new User(); $perms = Permission::factory()->get(); $name = $this->input->post('name'); $email = $this->input->post('email'); if (empty($name)) { $this->saveadmin_error("You need to specify administrator's name."); } else { if (empty($email)) { $this->saveadmin_error("You need to specify administrator's e-mail address."); } else { $user->name = $name; $user->email = $email; $user->active = 1; $password = trim($this->input->post('password')); $password2 = trim($this->input->post('password2')); if (empty($password)) { $this->saveadmin_error("You must enter administrator's password."); } else { if ($password != $password2) { $this->saveadmin_error("Entered passwords differ."); } else { $user->password = $password; $user->save(array($role, $perms->all)); redirect("setup/finish"); } } } } }
public function can($permission_key) { //admin can edit all if ($this->is_admin()) { return true; } $perm = Permission::factory()->get_by_key($permission_key); if (!$perm->exists()) { return false; } return $this->is_related_to($perm); }