/** * Check if current user has access to the resource * @param string|array $access The Access needed * @param string $resource The resource * @param boolean */ function zbase_auth_check_access($access, $resource = null) { if (strtolower($access) == 'guest') { return true; } if (zbase_auth_has()) { return (bool) zbase_auth_user()->hasAccess(strtolower($access), $resource); } return false; }
/** * Return the Current Authed User * @return \ */ function zbase_auth_user() { if (!zbase_auth_has()) { return false; } if (\Auth::user()->isAdmin() && !empty(zbase_session_has('_duplexSession'))) { return zbase_user_byId(zbase_session_get('_duplexSession')); } if (!empty(\Auth::user())) { return zbase_user_byid(\Auth::user()->id()); } return false; }
/** * Create a URL Based from a route $name * @param type $name * @param type $params */ function zbase_url_from_route($name, $params = [], $relative = false) { if (!\Route::has($name)) { return '#'; } $routes = zbase_config_get('routes'); $prefix = ''; $name = str_replace('admin.', zbase_admin_key() . '.', $name); $name = str_replace('admin', zbase_admin_key(), $name); $usernameRouteEnabled = zbase_route_username(); if (isset($routes[$name]['usernameroute'])) { if ($routes[$name]['usernameroute'] === false) { $usernameRouteEnabled = false; } } if (!empty($usernameRouteEnabled)) { $usernameRouteParameterName = zbase_route_username_prefix(); $usernameRoute = zbase_route_username_get(); $username = zbase_route_input(zbase_route_username_prefix(), false); if (!empty($username)) { $username = strtolower($username); $user = zbase_user_by('username', $username); if ($user instanceof \Zbase\Entity\Laravel\User\User && $user->hasUrl()) { $usernameRoute = true; } } if (empty($usernameRoute) && zbase_auth_has() && zbase_is_back()) { $username = zbase_auth_user()->username(); $usernameRoute = true; } if (!empty($usernameRoute)) { $prefix = $usernameRouteParameterName; if (empty($params[$usernameRouteParameterName])) { $params[$usernameRouteParameterName] = $username; } } } $name = $prefix . $name; if (!empty($relative)) { $home = route('index'); $url = str_replace($home, '', route($name, $params)); } else { $url = route($name, $params); } if ($usernameRouteEnabled && !empty($usernameRoute)) { $url = str_replace($usernameRoute . '/' . $usernameRoute, '/' . $usernameRoute . '/', $url); } return $url; }
/** * Process access * Redirect if needed to * Else will display a message to the user when rendering the UI */ protected function _access() { if (!$this->hasAccess()) { /** * If User has Auth */ if (zbase_auth_has()) { $redirectToRoute = $this->_v('access.noaccess.route', null); $message = $this->_v('access.noaccess.message', null); } else { $redirectToRoute = $this->_v('access.noauth.route', null); $message = $this->_v('access.noauth.message', null); } if (!empty($message)) { $this->_viewParams['message'] = $message; } if (!empty($redirectToRoute)) { $this->setViewFile('ui.auth'); return; // return redirect()->to(zbase_url_from_route($redirectToRoute)); } if (!empty($message)) { $this->setViewFile('ui.message.access'); return; } $this->setViewFile(null); } }
</div> <?php } ?> <!-- BEGIN TOP NAVIGATION MENU --> <ul class="nav navbar-nav pull-right"> <?php echo zbase_view_render(zbase_view_file('partial.notification-bar')); ?> <!-- BEGIN USER LOGIN DROPDOWN --> <?php if (zbase_auth_has()) { ?> <li class="dropdown user"> <a href="#" class="dropdown-toggle" data-toggle="dropdown" data-hover="dropdown" data-close-others="true"> <img style="width:28px;" alt="" src="<?php echo zbase_auth_user()->avatarUrl(['w' => 30]); ?> "/> <span class="username"> <?php echo zbase_auth_user()->displayName(); ?> </span> <i class="fa fa-angle-down"></i> </a> <ul class="dropdown-menu">
<?php $hasAuth = zbase_auth_has(); $section = 'backend'; $prefix = zbase_tag(); $modules = zbase()->modules(); $isMobile = zbase_is_mobile(); $isMobileTablet = zbase_is_mobileTablet(); $routeProviders = []; $controllers = []; $mainControllerString = []; $mobileIndex = zbase_is_mobile() ? 'mobile.' : ''; foreach ($modules as $module) { if (!$module->isEnable()) { continue; } $moduleRouteProviders = $module->_v('angular.mobile.' . $section . '.routeProvider', $module->_v('angular.' . $section . '.routeProvider', [])); if (!empty($moduleRouteProviders)) { foreach ($moduleRouteProviders as $moduleRouteProvider) { $auth = zbase_data_get($moduleRouteProvider, 'auth', true); if (empty($auth) && !empty($hasAuth)) { continue; } if (!empty($auth) && empty($hasAuth)) { continue; } $url = zbase_data_get($moduleRouteProvider, 'url', null); $templateUrl = zbase_data_get($moduleRouteProvider, 'templateUrl', null); $controller = zbase_data_get($moduleRouteProvider, 'controller', null); if (!empty($url) && !empty($templateUrl) && !empty($controller)) { $routeProviders[] = '$routeProvider.when(\'' . $url . '\', {templateUrl : \'' . $templateUrl . '?at=1\',controller : \'' . $controller . '\', reloadOnSearch: false});';
public function controllerIndex() { if (!$this->getModule()->hasAccess()) { if (zbase_auth_has()) { return $this->unathorized(_zt('You don\'t have enough access to the resource.')); } else { return redirect()->to(zbase_url_from_route('login')); } } /** * Check for widgets */ $widgetsAction = $action = str_replace('.', '-', $this->getRouteParameter('action', 'index')); $requestMethod = zbase_request_method(); if (!empty($this->nodeName)) { $widgetsAction = $requestMethod . '-node-' . $this->nodeName . '-' . $action; $htmls = []; } $isAjax = zbase_request_is_ajax(); if ($isAjax) { $widgetsAction = (!empty($this->nodeName) ? $requestMethod . '-node-' . $this->nodeName . '-' : '') . 'json-' . $action; $htmls = []; } if ($this->getModule()->hasAction($requestMethod . '-' . $action)) { $widgetsAction = $requestMethod . '-' . $action; $action = $widgetsAction; $htmls = []; } $widgets = $this->getModule()->pageProperties($action)->widgetsByControllerAction($widgetsAction); if (count($widgets) == 1) { $firstWidget = collect($widgets)->first(); if ($firstWidget instanceof \Zbase\Widgets\WidgetInterface) { $firstWidget->pageProperties($widgetsAction); } } if (!is_array($widgets) && $widgets instanceof \Illuminate\Http\RedirectResponse) { return $widgets; } zbase()->json()->addVariable('_widget', $this->getModule()->id() . '_' . str_replace('-', '', $action)); if (zbase_is_dev()) { zbase()->json()->addVariable(__METHOD__, $widgetsAction); if (zbase_request_is_post()) { zbase()->json()->addVariable('_POST_PARAMETERS', zbase_request_inputs()); } zbase()->json()->addVariable('_ROUTE_PARAMETERS', zbase_route_inputs()); zbase()->json()->addVariable('_GET_PARAMETERS', zbase_request_query_inputs()); } // dd($this->getModule(), $widgetsAction, $widgets); if (empty($widgets)) { return zbase_abort(404); } foreach ($widgets as $widget) { if (!empty($this->nodeName)) { zbase()->json()->addVariable('node', ['prefix' => $this->getModule()->nodeNamespace(), 'name' => $this->nodeName, 'support' => 1]); $widget->setNodename($this->nodeName)->setNodeSupport(true); } if ($widget instanceof \Zbase\Widgets\ControllerInterface) { $v = $widget->validateWidget($action); if ($v instanceof \Illuminate\Contracts\Validation\Validator) { if ($isAjax) { zbase()->json()->addVariable('errors', $v->errors()->getMessages()); return new \Illuminate\Http\JsonResponse($v->errors()->getMessages(), 422); } else { return redirect()->to($this->getRedirectUrl())->withInput(zbase_request_inputs())->withErrors($v->errors()->getMessages()); } } $ret = $widget->controller($this->getRouteParameter('action', 'index')); if ($ret instanceof \Zbase\Exceptions\NotFoundHttpException) { return $this->notFound(); } if ($ret instanceof \Zbase\Exceptions\UnauthorizedException) { return $this->unathorized(); } if ($ret instanceof \Zbase\Exceptions\Exception) { return $this->error(); } if ($ret instanceof \Illuminate\Http\RedirectResponse) { if ($isAjax) { zbase()->json()->addVariable('redirect', $ret->getTargetUrl()); } else { return $ret; } } if (zbase_is_json()) { zbase_response_format_set('json'); $jsonIndexName = $widget->getWidgetPrefix(); if (zbase_is_angular()) { if ($widget instanceof \Zbase\Widgets\Type\Datatable) { $angularTemplate = zbase_angular_widget_datatable($this->getModule(), $widget); $jsonIndexName = $angularTemplate['serviceName']; } } if (zbase_is_dev()) { zbase()->json()->addVariable('$jsonIndexName', $jsonIndexName); } if (!$widget->isExporting()) { zbase()->json()->addVariable($jsonIndexName, $widget->toArray()); } } else { if ($isAjax) { $htmls[str_replace('-', '_', $widget->id())] = $widget->render(); } } $widget->pageProperties($widgetsAction); } } if (!empty($isAjax)) { zbase()->json()->addVariable('_widgets', 1); zbase()->json()->addVariable('html', $htmls); } else { return $this->view(zbase_view_file('module.index'), array('module' => $this->getModule(), 'widgets' => $widgets)); } }
/** * Create Node from Array * @param array $data * @return \Zbase\Entity\Laravel\Node\Node */ public function createNode($data) { if (!empty($data['user'])) { if ($data['user'] instanceof \Zbase\Entity\Laravel\User\User) { $user = $data['user']; } if (is_int((int) $data['user'])) { $user = zbase_user_byid($data['user']); } if ($user instanceof \Zbase\Entity\Laravel\User\User) { $user->equipments()->save($this); } unset($data['user']); } else { if (zbase_auth_has()) { zbase_auth_user()->equipments()->save($this); } } $this->nodeAttributes($data); $this->status = 2; $this->save(); $this->setNodeCategories($data); $this->setMessages($data); if (!empty($data['file_url'])) { $this->uploadNodeFile($data['file_url']); } elseif (!empty($data['files_url'])) { foreach ($data['files_url'] as $fUrl) { $this->uploadNodeFile($fUrl); } } else { $this->uploadNodeFile(); } return $this; }
/** * Receive the File/Image * * @param \Zbase\Entity\Laravel\Entity $parentObject The Parent */ public function receiveFile(\Zbase\Entity\Laravel\Entity $parentObject) { try { $index = 'file'; $entityName = $this->entityName; $defaultImageFormat = zbase_config_get('node.files.image.format', 'png'); $folder = zbase_storage_path() . '/' . zbase_tag() . '/' . $this->actionUrlRouteName() . '/' . $parentObject->id() . '/'; zbase_directory_check($folder, true); $nodeFileObject = zbase_entity($entityName, [], true); $nodeFiles = $parentObject->childrenFiles(); if (preg_match('/http\\:/', $index) || preg_match('/https\\:/', $index)) { // File given is a URL if ($nodeFileObject->isUrlToFile()) { $filename = zbase_file_name_from_file(basename($index), time(), true); $uploadedFile = zbase_file_download_from_url($index, $folder . $filename); } else { $this->is_primary = empty($nodeFiles) ? 1 : 0; $this->status = 2; $this->mimetype = null; $this->size = null; $this->filename = null; $this->url = $index; $this->{$this->parentObjectIndexId} = $parentObject->id(); $this->user_id = zbase_auth_has() ? zbase_auth_user()->id() : null; $this->save(); return true; } } if (zbase_file_exists($index)) { $uploadedFile = $index; $filename = basename($index); } if (!empty($_FILES[$index]['name'])) { $filename = zbase_file_name_from_file($_FILES[$index]['name'], time(), true); $uploadedFile = zbase_file_upload_image($index, $folder, $filename, $defaultImageFormat); } if (!empty($uploadedFile) && zbase_file_exists($uploadedFile)) { $this->is_primary = empty($nodeFiles) ? 1 : 0; $this->status = 2; $this->user_id = zbase_auth_has() ? zbase_auth_user()->id() : null; $this->mimetype = zbase_file_mime_type($uploadedFile); $this->size = zbase_file_size($uploadedFile); $this->filename = basename($uploadedFile); $this->{$this->parentObjectIndexId} = $parentObject->id(); if (empty($nodeFiles)) { $parentObject->image = $this->filename; $parentObject->save(); } $this->save(); return true; } } catch (\Zbase\Exceptions\RuntimeException $e) { if (zbase_is_dev()) { dd($e); } zbase_abort(500); } return false; }
/** * Return the Current User * @return aray */ public static function current() { if (zbase_auth_has()) { return ['user' => self::userApi(static::findUserById(zbase_auth_user()->id(), true))]; } return []; }
/** * Check for access on the resource * @param string|array $access The Access needed * @param string $resource The resource * @return boolean */ public function hasAccess($access, $resource = null) { if ($access == 'users') { if (zbase_auth_has()) { return true; } } if (preg_match('/\\,/', $access) > 0) { $accesses = explode(',', $access); if (!empty($accesses)) { foreach ($accesses as $access) { $check = $this->hasAccess($access); if (!empty($check)) { return true; } } return false; } } $cacheKey = zbase_cache_key($this, 'hasAccess_' . $access . '_' . $this->id()); return zbase_cache($cacheKey, function () use($access) { // if(!empty($this->attributes['roles'])) // { // $roles = json_decode($this->attributes['roles'], true); // foreach ($roles as $role) // { // $role = zbase_entity('user_roles')->getRoleByName($role); // if(strtolower($role) == $access) // { // return 1; // } // } // } /** * only::sudo,user,moderator * comma separated values * * only::sudo, * will only be for rolename given access * * below::sudo * will only be for users with role below given access * * above::sudo * will only be for users with role above given access * * same::sudo * will only be for users with same level as the given access * * user_id::123 */ if (preg_match('/user_id\\:\\:/', $access) > 0) { $access = str_replace('user_id::', '', (int) $access); if (zbase_auth_user()->id() == $access) { return 1; } return 0; } if (preg_match('/only\\:\\:/', $access) > 0) { $access = str_replace('only::', '', $access); $role = zbase_entity('user_roles')->getRoleByName(trim($access)); $roleClassname = get_class(zbase_entity('user_roles')); if ($role instanceof $roleClassname) { $userHighestRole = $this->getUserHighestRole(); if ($userHighestRole->name() == $role->name()) { return 1; } } return 0; } if (preg_match('/below\\:\\:/', $access) > 0) { $access = str_replace('below::', '', $access); $role = zbase_entity('user_roles')->getRoleByName($access); $roleClassname = get_class(zbase_entity('user_roles')); if ($role instanceof $roleClassname) { $userHighestRole = $this->getUserHighestRole(); $roles = $role->below(); if (!empty($roles)) { foreach ($roles as $r) { if ($r->name() == $userHighestRole->name()) { return 1; } } } } return 0; } if (preg_match('/above\\:\\:/', $access) > 0) { $access = str_replace('above::', '', $access); $role = zbase_entity('user_roles')->getRoleByName($access); $roleClassname = get_class(zbase_entity('user_roles')); if ($role instanceof $roleClassname) { $userHighestRole = $this->getUserHighestRole(); $roles = $role->above(); if (!empty($roles)) { foreach ($roles as $r) { if ($r->name() == $userHighestRole->name()) { return 1; } } } } return 0; } if (preg_match('/same\\:\\:/', $access) > 0) { $access = str_replace('same::', '', $access); $role = zbase_entity('user_roles')->getRoleByName($access); $roleClassname = get_class(zbase_entity('user_roles')); if ($role instanceof $roleClassname) { $userHighestRole = $this->getUserHighestRole(); $roles = $role->same(); if (!empty($roles)) { foreach ($roles as $r) { if ($r->name() == $userHighestRole->name()) { return 1; } } } } return 0; } $role = zbase_entity('user_roles')->getRoleByName($access); $roleClassname = get_class(zbase_entity('user_roles')); if ($role instanceof $roleClassname) { $userHighestRole = $this->getUserHighestRole(); if ($userHighestRole->name() == $role->name()) { return 1; } $roles = $userHighestRole->same(); if (!empty($roles)) { foreach ($roles as $r) { if ($r->name() == $role->name()) { return 1; } } } $roles = $userHighestRole->below(); if (!empty($roles)) { foreach ($roles as $r) { if ($r->name() == $role->name()) { return 1; } } } } return 0; }, [$this->entityName], 60 * 24, ['forceCache' => true, 'driver' => 'file']); }
public function boot() { parent::boot(); $this->loadViewsFrom(__DIR__ . '/../resources/views', zbase_tag()); $this->loadViewsFrom(__DIR__ . '/../modules', zbase_tag() . 'modules'); if (!zbase_is_testing()) { $this->mergeConfigFrom(__DIR__ . '/../config/config.php', zbase_tag()); $packages = zbase()->packages(); if (!empty($packages)) { foreach ($packages as $packageName) { $packagePath = zbase_package($packageName)->path(); $this->loadViewsFrom($packagePath . 'modules', $packageName . 'modules'); if (zbase_file_exists($packagePath . 'resources/views')) { $this->loadViewsFrom($packagePath . 'resources/views', $packageName); } if (zbase_file_exists($packagePath . 'resources/assets')) { $this->publishes([$packagePath . 'resources/assets' => zbase_public_path(zbase_path_asset($packageName))], 'public'); } if (zbase_file_exists($packagePath . '/Http/Controllers/Laravel/routes.php')) { require $packagePath . '/Http/Controllers/Laravel/routes.php'; } } } $this->app['config'][zbase_tag()] = array_replace_recursive($this->app['config'][zbase_tag()], zbase()->getPackagesMergedConfigs()); } else { $this->loadViewsFrom(__DIR__ . '/../tests/resources/views', zbase_tag() . 'test'); copy(__DIR__ . '/../config/entities/user.php', __DIR__ . '/../tests/config/entities/user.php'); $this->mergeConfigFrom(__DIR__ . '/../tests/config/config.php', zbase_tag()); } $this->publishes([__DIR__ . '/../resources/assets' => zbase_public_path(zbase_path_asset())], 'public'); $this->publishes([__DIR__ . '/../database/migrations' => base_path('database/migrations'), __DIR__ . '/../database/seeds' => base_path('database/seeds'), __DIR__ . '/../database/factories' => base_path('database/factories')], 'migrations'); $this->app['config']['database.connections.mysql.prefix'] = zbase_db_prefix(); $this->app['config']['auth.providers.users.model'] = get_class(zbase_entity('user')); $this->app['config']['auth.passwords.users.table'] = zbase_config_get('entity.user_tokens.table.name'); $this->app['config']['auth.passwords.users.email'] = zbase_view_file_contents('auth.password.email.password'); require __DIR__ . '/Http/Controllers/Laravel/routes.php'; zbase()->prepareWidgets(); /** * Validator to check for account password * @TODO should be placed somewhere else other than here, and just call */ \Validator::extend('accountPassword', function ($attribute, $value, $parameters, $validator) { if (zbase_auth_has()) { $user = zbase_auth_user(); if (zbase_bcrypt_check($value, $user->password)) { return true; } } return false; }); \Validator::replacer('accountPassword', function ($message, $attribute, $rule, $parameters) { return _zt('Account password don\'t match.'); }); /** * */ \Validator::extend('passwordStrengthCheck', function ($attribute, $value, $parameters, $validator) { // if(!preg_match("#[0-9]+#", $value)) // { // //$errors[] = "Password must include at least one number!"; // return false; // } // // if(!preg_match("#[a-zA-Z]+#", $value)) // { // //$errors[] = "Password must include at least one letter!"; // return false; // } return true; }); \Validator::replacer('passwordStrengthCheck', function ($message, $attribute, $rule, $parameters) { return _zt('New password is too weak.'); }); // dd(zbase_config_get('email.account-noreply.email')); // dd(\Zbase\Utility\Service\Flickr::findByTags(['heavy equipment','dozers','loader'])); }
/** * Update email Address Request * Process the link that was sent into the email when * a user wanted to update his email address to a new email address * * routename: update-email-request, expect: email and token * @return */ public function emailUpdateRequestVerify() { $email = $this->getRouteParameter('email', false); $token = $this->getRouteParameter('token', false); if (!empty($email) && !empty($token)) { $user = zbase_user_by('email', $email); if ($user instanceof \Zbase\Entity\Laravel\User\User) { if (zbase_auth_has()) { $updated = $user->checkEmailRequestUpdate($token); if (!empty($updated)) { zbase_session_set('update-email-address', true); return redirect()->to(zbase_url_from_route('home')); } else { zbase_alert('error', 'There was an error updating your email address. Kindly try again.'); } } else { zbase_session_set('__loginRedirect', zbase_url_from_current()); return redirect()->to(zbase_url_from_route('login')); } } } return $this->notfound(); }
/** * Create a route * @param string $name The Route Name * @param array $route The Route configuration * @return Response */ function zbase_route_response($name, $route) { if (!empty(zbase_is_maintenance())) { return zbase_response(view(zbase_view_file('maintenance'))); } $redirect = zbase_value_get($route, 'redirect', false); if (!empty($redirect)) { return redirect()->to($redirect); } $response = zbase_value_get($route, 'response', false); if (!empty($response)) { return $response; } /** * If we are using username in routes, * we have to check if the username exists in DB. * This is checked in zbase_route_username_get() * if the zbase_route_username_get() returns false, means * that the route is not a username or username didn't exists. * Here we check against all other Routes if the prefix is in our * list of routes, if not found, throw NotFoundHttpException */ $useUsernameRoute = zbase_route_username(); $usernameRoute = zbase_route_username_get(); $usernameRouteCheck = zbase_data_get($route, 'usernameRouteCheck', true); if (empty($usernameRouteCheck)) { /** * Will not check for username route */ $useUsernameRoute = false; } //if($usernameRoute === false && !empty($useUsernameRoute)) if ($name == 'index' && zbase_auth_has() && !empty($useUsernameRoute)) { return redirect()->to('/' . zbase_auth_real()->username); } if ($usernameRoute === false && !empty($useUsernameRoute)) { $uri = zbase_url_uri(); $adminKey = zbase_admin_key(); if (!empty($uri)) { $uriEx = explode('/', $uri); if (!empty($uriEx)) { foreach ($uriEx as $uriV) { if (!empty($uriV)) { /** * If it isn't an admin key, check it against given Routes */ if ($uriV !== $adminKey) { $routes = zbase_config_get('routes', []); if (!empty($routes)) { foreach ($routes as $rName => $r) { if (!empty($r['enable']) && !empty($r['url'])) { $urlEx = explode('/', $r['url']); if (!empty($urlEx)) { foreach ($urlEx as $urlExV) { if (!empty($urlExV)) { if ($uriV == $urlExV) { /** * Found it, valid URL */ $validUrlPrefix = true; } /** * Will deal only with the first not empty value so break it. */ break; } } } } if (!empty($validUrlPrefix)) { /** * Found it, break it */ $name = $rName; $route = $r; break; } } } } else { return redirect(zbase_url_from_route('home')); } /** * Will deal only with the first not empty value so break it. */ break; } } if (empty($validUrlPrefix)) { /** * Only if routeName is not the index */ if ($name != 'index') { // $response = new \Zbase\Exceptions\NotFoundHttpException(); // return $response->render(zbase_request(), $response); } } } } } $usernameRoutePrefix = zbase_route_username_prefix(); $originalRouteName = str_replace($usernameRoutePrefix, '', $name); zbase()->setCurrentRouteName($name); $guest = true; $authed = false; $guestOnly = false; $middleware = !empty($route['middleware']) ? $route['middleware'] : false; $backend = !empty($route['backend']) ? $route['backend'] : false; if ($name == 'password-reset' && zbase_auth_has()) { \Auth::guard()->logout(); return redirect(zbase_url_from_current()); } if (!empty($backend)) { // zbase_in_back(); } if (preg_match('/\\?usernameroute/', zbase_url_uri()) > 0 && !empty($useUsernameRoute) && zbase_auth_has()) { return redirect()->to('/' . zbase_auth_user()->username() . '/home'); } if (!empty($useUsernameRoute) && zbase_auth_has() && $usernameRoute != zbase_auth_user()->username()) { return redirect(zbase_url_from_route($originalRouteName, [$usernameRoutePrefix => zbase_auth_user()->username()])); } if (!empty($middleware)) { if (is_array($middleware)) { $access = isset($middleware['access']) ? $middleware['access'] : false; if (!empty($access) && is_array($access)) { if (!zbase_auth_has()) { zbase_session_set('__loginRedirect', zbase_url_from_current()); return redirect(zbase_url_from_route('login')); } if (zbase_auth_has() && !zbase_auth_is($access)) { return zbase_abort(401, ucfirst($access) . ' is needed to access the page.'); } } else { $guest = isset($middleware['guest']) ? $middleware['guest'] : false; $authed = isset($middleware['auth']) ? $middleware['auth'] : false; $adminAuthed = isset($middleware['admin']) ? $middleware['admin'] : false; if ($adminAuthed) { $authed = true; } $guestOnly = isset($middleware['guestOnly']) ? $middleware['guestOnly'] : false; } } } if (empty($access)) { if (!empty($backend)) { if (!empty($usernameRoute)) { /** * If user is loggedIn and this is admin side and this is not logIn page, * redirect to users dashboard. * User can only access his own dashboard via /{usernameroute?}/admin */ if (zbase_auth_has() && zbase_auth_is(zbase_route_username_minimum_access()) && zbase_is_back() && $usernameRoute != zbase_auth_user()->username()) { return redirect(zbase_url_from_route('admin', [$usernameRoutePrefix => zbase_auth_user()->username])); } if ((empty(zbase_auth_has()) || !zbase_auth_is('user')) && $name != $usernameRoutePrefix . 'admin.login') { zbase_session_set('__loginRedirect', zbase_url_from_current()); return redirect(zbase_url_from_route('admin.login')); } } else { if ((empty(zbase_auth_has()) || !zbase_auth_is('admin')) && $name != 'admin.login') { zbase_session_set('__loginRedirect', zbase_url_from_current()); return redirect(zbase_url_from_route('admin.login')); } } } else { if (!empty($guestOnly) && zbase_auth_has()) { return redirect(zbase_url_from_route('home')); } if (!empty($usernameRoute)) { if (!empty($authed) && !zbase_auth_has() && $name != $usernameRoutePrefix . 'login') { zbase_session_set('__loginRedirect', zbase_url_from_current()); return redirect(zbase_url_from_route('login')); } } else { if (!empty($authed) && !zbase_auth_has() && $name != 'login') { zbase_session_set('__loginRedirect', zbase_url_from_current()); return redirect(zbase_url_from_route('login')); } } } } $params = zbase_route_inputs(); $requestMethod = zbase_request_method(); $controller = !empty($route['controller']) ? $route['controller'] : null; $command = !empty($route['command']) ? $route['command'] : false; if (!empty($command) && $command instanceof \Closure) { $command(); exit; } if (!empty($controller) && !empty($controller['name']) && !empty($route['controller']['enable'])) { $controllerName = !empty($route['controller']['name']) ? $route['controller']['name'] : null; $controllerMethod = !empty($route['controller']['method'][$requestMethod]) ? $route['controller']['method'][$requestMethod] : (!empty($route['controller']['method']) ? $route['controller']['method'] : 'index'); if (!empty($controllerName)) { $controllerConfig = zbase_config_get('controller.class.' . $controllerName, null); if (!empty($controllerConfig) && !empty($controllerConfig['enable'])) { $controllerClass = zbase_controller_create_name(zbase_config_get('controller.class.' . $controllerName . '.name', Zbase\Http\Controllers\__FRAMEWORK__\PageController::class)); $controllerObject = zbase_object_factory($controllerClass, !empty($route['controller']['params']) ? $route['controller']['params'] : []); zbase()->setController($controllerObject->setName($controllerName)->setActionName($controllerMethod)->setRouteParameters($params)); zbase_view_page_details($route); return zbase_response($controllerObject->{$controllerMethod}()); } } } $view = !empty($route['view']) ? $route['view'] : null; if (!empty($view) && !empty($view['name']) && !empty($route['view']['enable'])) { zbase_view_page_details($route); if (!empty($route['view']['content'])) { $params['content'] = zbase_data_get($route['view']['content'], null); } if ($view['name'] == 'type.js') { zbase_response_format_set('javascript'); } return zbase_response(zbase_view_render(zbase_view_file($view['name']), $params)); } }