예제 #1
0
 public function filterNotGuestAndFriendIdExists(CFilterChain $chain)
 {
     if (!isset($_POST['friend_id']) || Yii::app()->user->isGuest) {
         $this->badRequest();
     }
     return $chain->run();
 }
 public function filterSuperAdminOnly(CFilterChain $filterChain)
 {
     if (!Yii::app()->user->is("SuperAdmin")) {
         throw new CHttpException("You don't have super admin privileges to access this page");
     }
     $filterChain->run();
 }
 /**
  * Filters requests that are not passing order_id as a parameter.
  *
  * @param CFilterChain $filterchain 
  */
 public function filterPreloadOrder($filterchain)
 {
     if ($this->order === null) {
         throw new CHttpException(403, 'Invalid request!');
     }
     $filterchain->run();
 }
예제 #4
0
 public function filterGuestView(CFilterChain $filterChain)
 {
     if (Yii::app()->user->is("guest")) {
         $this->layout = '/layouts/guestLogin';
     }
     $filterChain->run();
 }
 /**
  * Ensure that everything is prepared before we execute the serve action.
  * @param CFilterChain $filterChain Instance of CFilterChain.
  */
 public function filterValidateServe($filterChain)
 {
     header('X-Powered-By:');
     header('Pragma:');
     header('Expires:');
     header('Cache-Control:');
     header('Last-Modified:');
     header('Etag:');
     @ob_end_clean();
     if (isset($_GET['g'])) {
         $qs = 'g=' . $_GET['g'];
         if (isset($_GET['lm'])) {
             $lm = $_GET['lm'];
             if (ctype_digit((string) $lm)) {
                 $qs .= '&' . $lm;
             }
         }
         $_SERVER['QUERY_STRING'] = $qs;
     }
     if (isset(Yii::app()->log)) {
         foreach (Yii::app()->log->routes as $route) {
             if ($route instanceof CWebLogRoute) {
                 $route->enabled = false;
             }
         }
     }
     $filterChain->run();
 }
예제 #6
0
 /**
  * @param \CFilterChain $filterChain
  */
 public function filterEnsureToken(\CFilterChain $filterChain)
 {
     if (($token = \Yii::app()->request->getQuery('token')) === null) {
         $this->accessDenied(Helper::t('errors', 'Invalid authentication token.'));
     }
     $filterChain->run();
 }
 /**
  * Checks that the application has been configured, and if not redirects 
  * to the "create backend" page
  * @param CFilterChain $filterChain
  */
 public function filterCheckConfiguration($filterChain)
 {
     if (Yii::app()->backendManager->getCurrent() === null) {
         Yii::app()->user->setFlash('error', Yii::t('Backend', 'You must configure a backend before you can use the application'));
         $this->redirect(array('backend/create'));
     }
     $filterChain->run();
 }
예제 #8
0
 /**
  * Фильтр аналогичен фильтру ajaxOnly, только по нему не происходит уведомлений об ошибках на e-mail
  * The filter method for 'ajaxOnly' filter.
  * This filter throws an exception (CHttpException with code 400) if the applied action is receiving a non-AJAX request.
  * @param CFilterChain $filterChain the filter chain that the filter is on.
  * @throws CHttpException if the current request is not an AJAX request.
  */
 public function filterAjaxOnlySilent($filterChain)
 {
     if (Yii::app()->getRequest()->getIsAjaxRequest()) {
         $filterChain->run();
     } else {
         throw new DaHttpException(400, Yii::t('yii', 'Your request is invalid.'));
     }
 }
 /**
  * Performs the filtering.
  * The default implementation simply calls {@link init()},
  * {@link CFilterChain::run()} and {@link run()} in order
  * Derived classes may want to override this method to change this behavior.
  * @param CFilterChain $filterChain the filter chain that the filter is on.
  */
 public function filter($filterChain)
 {
     $this->init();
     if (!$this->stopAction) {
         $filterChain->run();
         $this->run();
     }
 }
 /**
  * Override parent implementation so we don't get stuck in a redirect loop
  * @param CFilterChain $filterChain
  */
 public function filterCheckConfiguration($filterChain)
 {
     if ($this->route === 'backend/create') {
         $filterChain->run();
     } else {
         parent::filterCheckConfiguration($filterChain);
     }
 }
 /**
  * Displays a flash if the backend doesn't support streaming
  * @param CFilterChain $filterChain the filter chain
  */
 public function filterCheckBackendCanStream($filterChain)
 {
     // Check backend version and warn about incompatibilities
     if (!Yii::app()->xbmc->meetsMinimumRequirements() && !Setting::getBoolean('disableFrodoWarning')) {
         Yii::app()->user->setFlash('info', Yii::t('Misc', 'Streaming of video files is not possible from XBMC 12 "Frodo" backends'));
     }
     $filterChain->run();
 }
예제 #12
0
 /**
  * 进行权限检查的内联过滤器
  * 当权限检查失败时抛出全局异常
  * 
  * @param CFilterChain $filterChains
  */
 public function filterAuthCheck($filterChains)
 {
     // 未登录用户直接调转到首页,强制重新登录
     if (Yii::app()->user->isGuest) {
         $this->redirect(Yii::app()->createAbsoluteUrl('adminlogin/index'));
     }
     KefuRbacTool::getInstance()->checkAccess();
     $filterChains->run();
 }
예제 #13
0
 /**
  * User permissions filter.
  * 
  * @param CFilterChain $filterChain
  */
 public function filterAccessControl($filterChain)
 {
     $user = Yii::app()->user;
     if ($user->isGuest) {
         $this->redirect(array('profile/login'));
     } else {
         $filterChain->run();
     }
 }
예제 #14
0
 /**
  * Allow access to all upgrade actions only to Super Administrators.
  * @param CFilterChain $filterChain
  */
 public function filterMaintananceModeAccessControl($filterChain)
 {
     if (!Yii::app()->isApplicationInMaintenanceMode()) {
         $message = Zurmo::t('InstallModule', 'Please set $maintenanceMode = true in perInstance.php config file.');
         $messageView = new AccessFailureView($message);
         $view = new AccessFailurePageView($messageView);
         echo $view->render();
         Yii::app()->end(0, false);
     }
     $filterChain->run();
 }
예제 #15
0
파일: UserSet.php 프로젝트: a707937337/bscy
 /**
  * 进行权限检查的内联过滤器
  * 当权限检查失败时抛出全局异常
  *
  * @param CFilterChain $filterChains
  */
 public function filterAuthCheck($filterChains)
 {
     if (empty(Yii::app()->session['info'])) {
         $this->redirect(Yii::app()->createAbsoluteUrl('passport/index'));
     } else {
         if (Yii::app()->session['info']['logintime'] + 86400 < time()) {
             $this->redirect(Yii::app()->createAbsoluteUrl('passport/index'));
         }
     }
     $filterChains->run();
 }
예제 #16
0
 /**
  * User permissions filter.
  * 
  * @param CFilterChain $filterChain
  */
 public function filterAccessControl($filterChain)
 {
     $user = Yii::app()->user;
     /*
      * Only not authorized users can access to login action,
      * and only authorized users to other actions. 
      */
     if ($filterChain->action->id == 'login' && !$user->isGuest) {
         $this->redirect(array('quote/list'));
     } elseif ($filterChain->action->id != 'login' && $user->isGuest) {
         $this->redirect(array('login'));
     }
     $filterChain->run();
 }
 /**
  * Insures that failed payment requests have a valid authentication code in the GET params.
  * @param CFilterChain $filterChain the filter chain.
  * @throws CException if the authentication code does not match the passed data.
  */
 public function filterValidateFailureRequest(CFilterChain $filterChain)
 {
     $request = Yii::app()->getRequest();
     $ORDER_NUMBER = $request->getQuery('ORDER_NUMBER');
     $TIMESTAMP = $request->getQuery('TIMESTAMP');
     $RETURN_AUTHCODE = $request->getQuery('RETURN_AUTHCODE');
     $transaction = $this->loadTransaction($ORDER_NUMBER);
     $gateway = $this->createGateway($transaction->gateway);
     $data = implode('|', array($ORDER_NUMBER, $TIMESTAMP, $gateway->apiSecret));
     if (!$this->validateAuthCode($RETURN_AUTHCODE, $data)) {
         throw new CException('Invalid authentication code.');
     }
     $filterChain->run();
 }
 /**
  * Ensure that everything is prepared before we execute the serve action.
  * @param CFilterChain $filterChain Instance of CFilterChain.
  * @throws CException if the minScript application component is not defined in CWebApplication::$components.
  * @since 2.1
  */
 public function filterPrepareServe($filterChain)
 {
     // Check for existence of the minScript application component inside CWebApplication::$components
     if (!($this->_minScriptComponent = Yii::app()->getComponent($this->minScriptComponentId)) instanceof ExtMinScript) {
         throw new CException('The minScript application component with ID "' . $this->minScriptComponentId . '" needs to be defined in CWebApplication::$components.');
     }
     // Clean output buffer and headers
     @ob_end_clean();
     header('X-Powered-By:');
     header('Pragma:');
     header('Expires:');
     header('Cache-Control:');
     header('Last-Modified:');
     header('Etag:');
     // Process query string
     $get = array();
     if (isset($_GET['g'])) {
         $get['g'] = $_GET['g'];
     }
     if (isset($_GET['debug'])) {
         $get['debug'] = '';
     } elseif (isset($_GET['lm']) && ctype_digit((string) $_GET['lm'])) {
         $get[$_GET['lm']] = '';
     }
     $_GET = $get;
     $_SERVER['QUERY_STRING'] = http_build_query($get, '', '&');
     // Disable CWebLogRoute
     if (isset(Yii::app()->log)) {
         foreach (Yii::app()->log->routes as $route) {
             if ($route instanceof CWebLogRoute) {
                 $route->enabled = false;
             }
         }
     }
     // Serve
     $filterChain->run();
 }
예제 #19
0
 /**
  * Ensures that the "model" parameter is present and valid.
  *
  * @param CFilterChain $filterChain
  */
 public function filterValidModel($filterChain)
 {
     if (!isset($this->modelClass)) {
         $this->checkValidModel();
         // Set user for the model:
         Yii::app()->setSuModel($this->user);
     }
     $filterChain->run();
 }
 /**
  * Override parent implementation so the user can check the logs even when 
  * a backend is not yet configured
  * @param CFilterChain $filterChain
  */
 public function filterCheckConfiguration($filterChain)
 {
     $filterChain->run();
 }
예제 #21
0
 /**
  * A filter to ensure only the note owner can update the note.
  * @param  CFilterChain $filterChain the filter chain
  */
 public function filterCheckNoteOwner($filterChain)
 {
     if (isset($_GET['id'])) {
         $model = $this->loadModel($_GET['id']);
         if ($model->student_id !== Yii::app()->user->id) {
             throw new CHttpException(403, 'Berkas ini bukan milik Anda.');
         }
     }
     $filterChain->run();
 }
예제 #22
0
 public function filterAdminOnly(CFilterChain $filterChain)
 {
     $filterChain->run();
 }
예제 #23
0
 /**
  * A filter to ensure only new testimonial can be updated.
  * @param  CFilterChain $filterChain the filter chain
  */
 public function filterCheckNewStatus($filterChain)
 {
     if (isset($_GET['id'])) {
         $model = $this->loadModel($_GET['id']);
         if ($model->status != Testimonial::STATUS_NEW && $model->status != Testimonial::STATUS_REJECTED) {
             $statusMap = Testimonial::getStatusMap();
             throw new CHttpException(403, 'Testimoni ini statusnya bukan "' . $statusMap[Testimonial::STATUS_NEW] . '" atau "' . $statusMap[Testimonial::STATUS_REJECTED] . '".');
         }
     }
     $filterChain->run();
 }
예제 #24
0
 /**
  * A filter to ensure a student will not be able to update other students profile.
  * @param  CFilterChain $filterChain the filter chain
  */
 public function filterCheckAuthorized($filterChain)
 {
     if (isset($_GET['id'])) {
         if ($_GET['id'] != Yii::app()->user->id) {
             throw new CHttpException(403, 'Anda tidak berhak melakukan operasi ini.');
         }
     }
     $filterChain->run();
 }
예제 #25
0
 /**
  * A filter to ensure that an action only available in debug mode.
  * @param  CFilterChain $filterChain the filter chain
  */
 public function filterCheckDebugMode($filterChain)
 {
     if (!YII_DEBUG) {
         throw new CHttpException(404, 'Fitur ini tidak tersedia.');
     }
     $filterChain->run();
 }
예제 #26
0
파일: x2base.php 프로젝트: shuvro35/X2CRM
 /**
  * Obtain the widget list for the current web user.
  *
  * @param CFilterChain $filterChain
  */
 public function filterSetPortlets($filterChain)
 {
     if (!Yii::app()->user->isGuest) {
         $themeURL = Yii::app()->theme->getBaseUrl();
         $this->portlets = Profile::getWidgets();
     }
     $filterChain->run();
 }
예제 #27
0
 /**
  * The filter method for 'ajaxOnly' filter.
  * This filter throws an exception (CHttpException with code 400) if the applied action is receiving a non-AJAX request.
  * @param CFilterChain $filterChain the filter chain that the filter is on.
  * @throws CHttpException if the current request is not an AJAX request.
  */
 public function filterAjaxOnly($filterChain)
 {
     if (Gateway::app()->getRequest()->getIsAjaxRequest()) {
         $filterChain->run();
     } else {
         throw new CHttpException(400, Gateway::t('Gateway', 'Your request is invalid.'));
     }
 }
예제 #28
0
 /**
  * Performs filtering before the action is executed.
  * This method is meant to be overridden by child classes if begin-filtering is needed.
  * @param CFilterChain $filterChain list of filters being applied to an action
  * @return boolean whether the filtering process should stop after this filter. Defaults to false.
  */
 public function filter($filterChain)
 {
     if (!$this->getIsContentCached()) {
         $filterChain->run();
     }
     $this->run();
 }
예제 #29
0
 /**
  * Ends the request if the app is locked.
  * 
  * @param CFilterChain $filterChain
  */
 public function filterAvailable($filterChain)
 {
     $this->response->httpHeader['Content-Type'] = 'application/json; ' . 'charset=utf-8';
     if (is_int(Yii::app()->locked)) {
         $this->send(503, "X2Engine is currently locked. " . "It may be undergoing maintenance. Please try again later.");
     }
     if (!$this->enabled) {
         $this->send(503, "API access has been disabled on this system.");
     }
     $filterChain->run();
 }