/** * Checks the current Symphony Author can access the current page. * This includes the check to ensure that an Author cannot access a * hidden section. * * @return boolean * True if the Author can access the current page, false otherwise */ public function canAccessPage() { $nav = $this->getNavigationArray(); $page = '/' . trim(getCurrentPage(), '/') . '/'; $page_limit = 'author'; foreach ($nav as $item) { if (General::in_array_multi($page, $item['children'])) { if (is_array($item['children'])) { foreach ($item['children'] as $c) { if ($c['type'] == 'section' && $c['visible'] == 'no' && preg_match('#^' . $c['link'] . '#', $page)) { $page_limit = 'developer'; } if ($c['link'] == $page && isset($c['limit'])) { $page_limit = $c['limit']; } } } if (isset($item['limit']) && $page_limit != 'primary') { if ($page_limit == 'author' && $item['limit'] == 'developer') { $page_limit = 'developer'; } } } elseif (isset($item['link']) && $page == $item['link'] && isset($item['limit'])) { $page_limit = $item['limit']; } } if ($page_limit == 'author') { return true; } elseif ($page_limit == 'developer' && Administration::instance()->Author->isDeveloper()) { return true; } elseif ($page_limit == 'primary' && Administration::instance()->Author->isPrimaryAccount()) { return true; } return false; }
function getContent($page = NULL, $isAction = false, $silent = false) { $this->_currentPage = URL . "/symphony/?page=" . $page; $dir = "content"; if ($isAction) { $dir = "actions"; } if ($this->authorIsLoggedIn()) { if (trim($page, "/") == "") { General::redirect(URL . "/symphony/?page=" . str_replace('&', '&', $this->_nav[0]['children'][0]['link'])); } if (stristr($page, "campfire/service") !== false) { $parts = explode("/", trim($page, "/")); $parts = array_slice($parts, 2); $owner = array_shift($parts); $service = array_shift($parts); if (empty($parts)) { $parts = array("index"); } $path = CAMPFIRE . "/{$owner}/{$service}/interface/" . ($isAction ? "action" : "content") . "." . implode("_", $parts) . ".php"; } else { $page_real = trim($page, '/'); $page_real = "sym_" . str_replace("/", "_", $page_real); $user_access_level = "author"; if ($this->authorIsOwner()) { $user_access_level = "owner"; } elseif ($this->authorIsSuper()) { $user_access_level = "super"; } $page_limit = "author"; foreach ($this->_nav as $item) { if (General::in_array_multi($page, $item['children'])) { if (isset($item['limit'])) { $page_limit = $item['limit']; } elseif (is_array($item['children'])) { foreach ($item['children'] as $c) { if ($c['link'] == $page && isset($c['limit'])) { $page_limit = $c['limit']; } } } } elseif ($page == $item['link'] && isset($item['limit'])) { $page_limit = $item['limit']; } } $can_access = false; if ($page_limit == "author") { $can_access = true; } elseif ($page_limit == "super" && ($user_access_level == "super" || $user_access_level == "owner")) { $can_access = true; } elseif ($page_limit == "owner" && $user_access_level == "owner") { $can_access = true; } if (!$can_access) { if (!$silent) { $this->fatalError("Access Denied", "<p>Access denied. You are not authorised to access this page.</p>", true, true); } return false; } $path = CORE . "/" . $dir . "/" . $page_real . ".php"; } if (@is_file($path)) { return $path; } if (!$silent) { $this->fatalError("Page Not Found", "<p>The page you were looking for could not be found.</p>", true, true); } return false; } else { return CORE . "/" . $dir . "/sym_login.php"; } }
function canAccessPage() { $nav = $this->getNavigationArray(); $page = '/' . trim(getCurrentPage(), '/') . '/'; $page_limit = 'author'; foreach ($nav as $item) { if (General::in_array_multi($page, $item['children'])) { if (is_array($item['children'])) { foreach ($item['children'] as $c) { if ($c['link'] == $page && isset($c['limit'])) { $page_limit = $c['limit']; } } } if (isset($item['limit']) && $page_limit != 'primary') { if ($page_limit == 'author' && $item['limit'] == 'developer') { $page_limit = 'developer'; } } } elseif (isset($item['link']) && $page == $item['link'] && isset($item['limit'])) { $page_limit = $item['limit']; } } if ($page_limit == 'author') { return true; } elseif ($page_limit == 'developer' && $this->_Parent->Author->isDeveloper()) { return true; } elseif ($page_limit == 'primary' && $this->_Parent->Author->isPrimaryAccount()) { return true; } return false; }
/** * Checks the current Symphony Author can access the current page. * This check uses the `ASSETS . /navigation.xml` file to determine * if the current page (or the current page namespace) can be viewed * by the currently logged in Author. * * @link http://github.com/symphonycms/symphony-2/blob/master/symphony/assets/navigation.xml * @return boolean * True if the Author can access the current page, false otherwise */ public function canAccessPage() { $nav = $this->getNavigationArray(); $page = '/' . trim(getCurrentPage(), '/') . '/'; $page_limit = 'author'; foreach ($nav as $item) { if (General::in_array_multi($page, $item['children']) or General::in_array_multi(Symphony::getPageNamespace() . '/', $item['children'])) { if (is_array($item['children'])) { foreach ($item['children'] as $c) { if ($c['link'] == $page && isset($c['limit'])) { $page_limit = $c['limit']; } } } if (isset($item['limit']) && $page_limit != 'primary') { if ($page_limit == 'author' && $item['limit'] == 'developer') { $page_limit = 'developer'; } } } else { if (isset($item['link']) && $page == $item['link'] && isset($item['limit'])) { $page_limit = $item['limit']; } } } if ($page_limit == 'author' or $page_limit == 'developer' && Administration::instance()->Author->isDeveloper() or $page_limit == 'primary' && Administration::instance()->Author->isPrimaryAccount()) { return true; } else { return false; } }
/** * Checks the current Symphony Author can access the current page. * This check uses the `ASSETS . /xml/navigation.xml` file to determine * if the current page (or the current page namespace) can be viewed * by the currently logged in Author. * * @link http://github.com/symphonycms/symphony-2/blob/master/symphony/assets/xml/navigation.xml * @return boolean * True if the Author can access the current page, false otherwise */ public function canAccessPage() { $nav = $this->getNavigationArray(); $page = '/' . trim(getCurrentPage(), '/') . '/'; $page_limit = 'author'; foreach ($nav as $item) { if (General::in_array_multi($page, $item['children']) or General::in_array_multi(Symphony::getPageNamespace() . '/', $item['children'])) { if (is_array($item['children'])) { foreach ($item['children'] as $c) { if ($c['link'] === $page && isset($c['limit'])) { $page_limit = $c['limit']; } } } if (isset($item['limit']) && $page_limit !== 'primary') { if ($page_limit === 'author' && $item['limit'] === 'developer') { $page_limit = 'developer'; } } } elseif (isset($item['link']) && $page === $item['link'] && isset($item['limit'])) { $page_limit = $item['limit']; } } return $this->doesAuthorHaveAccess($page_limit); }
function in_array_multi($needle, $haystack) { if ($needle == $haystack) { return true; } if (is_array($haystack)) { foreach ($haystack as $key => $val) { if (is_array($val) && General::in_array_multi($needle, $val)) { return true; } elseif (!strcmp($needle, $key) || !strcmp($needle, $val)) { return true; } } } return false; }
public function prepare(array $data = null) { if (!is_null($data)) { if (isset($data['about']['name'])) { $this->about()->name = $data['about']['name']; } $this->parameters()->namespaces = array(); if (is_array($data['namespaces']) && !empty($data['namespaces'])) { foreach ($data['namespaces']['name'] as $index => $name) { if (!strlen(trim($name)) > 0) { continue; } $this->parameters()->namespaces[$index] = array('name' => $name, 'uri' => $data['namespaces']['uri'][$index]); } } if (isset($data['url'])) { $this->parameters()->url = $data['url']; } if (isset($data['xpath'])) { $this->parameters()->xpath = $data['xpath']; } if (isset($data['cache-lifetime'])) { $this->parameters()->{'cache-lifetime'} = $data['cache-lifetime']; } if (isset($data['timeout'])) { $this->parameters()->{'timeout'} = $data['timeout']; } // Namespaces --------------------------------------------------------- if (isset($data['automatically-discover-namespaces'])) { $this->parameters()->{'automatically-discover-namespaces'} = $data['automatically-discover-namespaces']; if ($data['automatically-discover-namespaces'] == 'yes') { $gateway = new Gateway(); $gateway->init(); $gateway->setopt('URL', $this->parameters()->url); $gateway->setopt('TIMEOUT', $this->parameters()->timeout); $result = $gateway->exec(); preg_match_all('/xmlns:([a-z][a-z-0-9\\-]*)="([^\\"]+)"/i', $result, $matches); if (isset($matches[2][0])) { $namespaces = array(); if (!is_array($data['namespaces'])) { $data['namespaces'] = array(); } foreach ($data['namespaces'] as $namespace) { $namespaces[] = $namespace['name']; $namespaces[] = $namespace['uri']; } foreach ($matches[2] as $index => $uri) { $name = $matches[1][$index]; // Duplicate Namespaces if (in_array($name, $namespaces) or in_array($uri, $namespaces)) { continue; } if (General::in_array_multi($name, $this->parameters()->namespaces)) { continue; } $namespaces[] = $name; $namespaces[] = $uri; $this->parameters()->namespaces[$index] = array('name' => $name, 'uri' => $uri); } } } } } }