public static function getInstance()
{
if (!isset(self::$instance)) {
self::$instance = new PermissionEngine();
}
return self::$instance;
}
public function setCanDo($inValue = false)
{
if (!is_bool($inValue)) {
return false;
}
$user = CurrentUser::getUserSession();
$permissionEngine = PermissionEngine::getInstance();
return $permissionEngine->toggleCanDo($this, $user->getRoleID(), $inValue);
}
public function clearLog()
{
if (!PermissionEngine::getInstance()->currentUserCanDo('userCanClearLog')) {
return false;
}
$database = Database::getInstance();
if (!$database->isConnected()) {
return false;
}
$success = $database->makeCustomQuery('TRUNCATE TABLE systemLog');
if ($success === false) {
return false;
}
return true;
}
public function editOption(UserOption $inOption)
{
// check permissions
$permEng = PermissionEngine::getInstance();
if (!$permEng->currentUserCanDo('canEditUserOptions')) {
return false;
}
// get db
$db = Database::getInstance();
if (!$db->isConnected()) {
return false;
}
$id = $db->escapeString(intval($inOption->getID()));
$computerName = $db->escapeString(preg_replace('/\\s+/', '', $inOption->getComputerName()));
$humanName = $db->escapeString(strip_tags($inOption->getHumanName()));
$description = $db->escapeString(strip_tags($inOption->getDescription()));
$result = $db->updateTable('userOption', "optionName='{$computerName}', humanName='{$humanName}', optionDescription='{$description}'", "optionID={$id}");
if ($result === false) {
return false;
}
return true;
}
private function updateFolderShare($folderID, $userID, $shared, $currentShared)
{
if ((int) $currentShared === (int) $shared) {
return true;
}
if (!is_numeric($folderID)) {
return false;
}
if (!is_numeric($userID)) {
return false;
}
if ($shared != 0 and $shared != 1) {
return false;
}
$permissionEngine = PermissionEngine::getInstance();
if (!$permissionEngine->currentUserCanDo('shareFolder')) {
return false;
}
$database = Database::getInstance();
if (!$database->isConnected()) {
return false;
}
$result = $database->updateTable('fileSystemShare', "shared={$shared}", "referenceID={$folderID} AND referenceType='folder' AND userID={$userID}");
if ($result === false) {
return false;
}
return true;
}
public function deleteRole(Role $roleToDelete)
{
// check permissions
if (!PermissionEngine::getInstance()->currentUserCanDo('userCanDeleteRoles')) {
return false;
}
$db = Database::getInstance();
if (!$db->isConnected()) {
return false;
}
$roleID = $db->escapeString($roleToDelete->getID());
$roleName = $db->escapeString($roleToDelete->getName());
$results = $db->removeData('role', 'roleID = ' . $roleID . ' AND roleName = \'' . $roleName . '\'');
if (!$results) {
return false;
}
return true;
}
public function toggleCurrentUserSupportForStatus(Status $toSupport)
{
$permissionEngine = PermissionEngine::getInstance();
if (!$permissionEngine->currentUserCanDo("canSupportStatuses")) {
return false;
}
$database = Database::getInstance();
if (!$database->isConnected()) {
return false;
}
$user = CurrentUser::getUserSession();
$userID = $database->escapeString($user->getUserID());
$statusID = $database->escapeString($toSupport->getID());
$results = $database->getData("supporterID", "statusSupporter", "supporterID={$userID} AND statusID={$statusID}");
if ($results === false) {
return false;
}
if ($results != null) {
return $this->removeSupport($statusID, $userID);
}
return $this->addSupport($statusID, $userID);
}
private function __construct()
{
$this->permissionObject = PermissionEngine::getInstance();
$this->db = Database::getInstance();
}
private static function render(Site $site, Response $response, array $blocks)
{
$redirectTo = $response->getRedirectTo();
if ($redirectTo !== null) {
header("Location: " . $redirectTo, true, 303);
die;
}
$rawContent = $response->getRawContent();
if ($rawContent !== "") {
echo $rawContent;
return;
}
require_once EDUCASK_ROOT . "/core/thirdPartyLibraries/twig/lib/Twig/Autoloader.php";
Twig_Autoloader::register();
$theme = EDUCASK_ROOT . '/site/themes/' . $site->getTheme();
str_replace('..', '', $theme);
if (!is_dir($theme)) {
$theme = EDUCASK_ROOT . '/site/themes/default';
}
$loader = new Twig_Loader_Filesystem(array($theme));
$baseThemes = glob(EDUCASK_ROOT . '/core/baseThemes/*');
foreach ($baseThemes as $baseTheme) {
$name = explode('/', $baseTheme);
$name = end($name);
$loader->addPath($baseTheme, $name);
}
$viewsDirectories = glob(EDUCASK_ROOT . '/site/modules/*/views');
foreach ($viewsDirectories as $viewDirectory) {
$name = explode('/', $viewDirectory);
$name = $name[count($name) - 2];
$loader->addPath($viewDirectory, $name);
}
$twig = new Twig_Environment($loader, array('debug' => true));
$twig->addExtension(new Twig_Extension_Debug());
$twig->addExtension(new TwigExtensions());
if ($site->isInMaintenanceMode()) {
if (!PermissionEngine::getInstance()->currentUserCanDo('bypasssMaintenanceMode')) {
echo $twig->render('maintenance.twig', array('site' => $site));
return;
}
}
$noticeEngine = NoticeEngine::getInstance();
$notices = $noticeEngine->getNotices();
$noticeEngine->removeNotices();
echo $twig->render('index.twig', array('site' => $site, 'model' => $response->getObjectToPassToView(), 'title' => $response->getPageTitle(), 'blocks' => $blocks, 'notices' => $notices, 'response' => $response));
}
public function updateUserPassword(User $inUser, $newPassword, $oldPassword)
{
if (!PermissionEngine::getInstance()->currentUserCanDo('userCanUpdatePassword')) {
return false;
}
if (strlen($newPassword) < $this->getMinimumPasswordLength()) {
return false;
}
$userID = $inUser->getUserID();
if (!is_numeric($userID)) {
return false;
}
$db = Database::getInstance();
if (!$db->isConnected()) {
return false;
}
$userID = $db->escapeString($userID);
$results = $db->getData('password', 'user', "userID = {$userID}");
if ($results === false) {
return false;
}
if ($results === null) {
return false;
}
if (count($results) > 1) {
return false;
}
$storedPassword = $results[0]['password'];
if (!Hasher::verifyHash($oldPassword, $storedPassword)) {
return false;
}
$newHashed = Hasher::generateHash($newPassword);
$newHashed = $db->escapeString($newHashed);
$results = $db->updateTable('user', "password = '******'", "userID = {$userID}");
if (!$results) {
return false;
}
return true;
}
public function modifyModule($moduleID, $humanName, $enabled)
{
if (!is_numeric($moduleID)) {
return false;
}
if (!is_bool($enabled)) {
return false;
}
// check permissions
$permEng = PermissionEngine::getInstance();
if (!$permEng->currentUserCanDo('canModifyModules')) {
return false;
}
//get db
$db = Database::getInstance();
if (!$db->isConnected()) {
return false;
}
// escape
$humanName = $db->escapeString(strip_tags($humanName));
if ($enabled === true) {
$enabledVal = 1;
} else {
$enabledVal = 0;
}
$results = $db->updateTable('module', "humanName='{$humanName}', enabled={$enabledVal}", "moduleID={$moduleID}");
if (!$results) {
return false;
}
return true;
}
public function deleteAlias(UrlAlias $toDelete)
{
$permissionEngine = PermissionEngine::getInstance();
if (!$permissionEngine->currentUserCanDo('canDeleteUrlAliases')) {
return false;
}
$database = Database::getInstance();
if (!$database->isConnected()) {
return false;
}
$id = $database->escapeString($toDelete->getID());
if (!is_numeric($id)) {
return false;
}
$deleted = $database->removeData('urlAlias', "aliasID={$id}");
if ($deleted === false) {
return false;
}
return true;
}
public function deleteMenuItem($inMenuItemID)
{
if (!is_numeric($inMenuItemID)) {
return false;
}
$permissionEngine = PermissionEngine::getInstance();
if (!$permissionEngine->currentUserCanDo("userCanDeleteMenuItems")) {
return false;
}
$database = Database::getInstance();
if (!$database->isConnected()) {
return false;
}
$inMenuItemID = $database->escapeString($inMenuItemID);
$results = $database->removeData("menuItem", "menuItemID = {$inMenuItemID}");
if ($results === false) {
return false;
}
return true;
}
