/** * @brief 异步后台进程初始化 */ public function __construct() { define('APP_NAME', 'Daemon'); define('APPLICATION_PATH', dirname(__DIR__)); define('AHA_SRC_PATH', dirname(dirname(__DIR__)) . DIRECTORY_SEPARATOR . 'src'); require_once AHA_SRC_PATH . '/Aha/Daemon.php'; \Aha\Daemon::initLoader(); $this->_objAha = \Aha\Daemon::getInstance(APP_NAME, 'product'); $this->_objAha->getLoader()->registerNamespace(APP_NAME, APPLICATION_PATH); $this->_objAha->run(); }
/** * @brief 异步后台进程初始化 */ public function __construct() { define('APP_NAME', 'Daemon'); define('APPLICATION_PATH', dirname(__DIR__) . '/../'); define('AHA_SRC_PATH', dirname(__DIR__) . '/../../src'); require_once AHA_SRC_PATH . '/Aha/Daemon.php'; \Aha\Daemon::initLoader(); $this->_objAha = \Aha\Daemon::getInstance(APP_NAME, 'dev'); $this->_objAha->getLoader()->registerNamespace(APP_NAME, APPLICATION_PATH); $this->_objAha->run(); $this->_objProtocolPackage = new \Aha\Process\Protocol\Package(); \Daemon\Library\Ipc\Shared::initTable(); }
/** * A filter to clear the authItem cache. * @param type $filterChain The filter chain Yii is currently acting on. */ public function filterClearAuthCache($filterChain) { // Check for existence of authCache object (for backwards compatibility) if (!is_null(Yii::app()->db->getSchema()->getTable('x2_auth_cache'))) { if (Yii::app()->hasComponent('authCache')) { $authCache = Yii::app()->authCache; if (isset($authCache)) { $authCache->clear(); } } } $filterChain->run(); }
/** * A filter to clear the groups cache. * * This method clears the cache whenever the groups controller is accessed. * Caching improves performance throughout the app, but will occasionally * need to be cleared. Keeping this filter here allows for cleaning up the * cache when required. * * @param type $filterChain The filter chain Yii is currently acting on. */ public function filterClearGroupsCache($filterChain) { $filterChain->run(); Yii::app()->cache->delete('user_groups'); Yii::app()->cache->delete('user_roles'); }
/** * Basic permissions check filter. * * It is meant to simplify the simpler actions where named after existing * actions (or actions listed among the keys of {@link actionAuthItemMap}) * * @param type $filterChain */ public function filterCheckCRUDPermissions($filterChain) { $model = new $this->modelClass(); $module = ucfirst($model->module); $action = $this->action->id; if (array_key_exists($action, $this->actionAuthItemMap)) { $action = $this->actionAuthItemMap[$action]; } else { $action = ucfirst($action); } $level = $this->actionCheckPermissions($module . $action); if ($level) { $filterChain->run(); } else { $this->log("User \"{$this->user->username}\" denied API action; does not have permission for {$module}{$action}", 'application.automation.api'); $this->_sendResponse(403, 'This user does not have permission to perform operation "' . $action . "\" on model <b>{$this->modelClass}</b>"); } }
/** * Performs RBAC permission checks before allowing access to something. * * This is to make permissions consistent with normal use of te app * * @param type $filterChain */ public function filterRbac($filterChain) { $action = null; // The name of the RBAC item to check $data = array(); // Additional parameters for RBAC $method = Yii::app()->request->requestType; $user = Yii::app()->getSuModel(); $username = $user->username; $userId = $user->id; $denial = "User {$username} does not have permission to perform action {action}"; // Include module-specific, assignment-based permissions if operating // on a model (as opposed to, say, querying all tags regardless of the // type of record they're attached to) if (isset($_GET['_class'])) { $linkable = $this->staticModel->asa('X2LinkableBehavior'); $module = !empty($linkable) ? ucfirst($linkable->module) : $_GET['_class']; // Assignment/ownership as stored in the model should be // included in the RBAC parameters for business rules to execute // properly, if an ID is specified: if (isset($_GET['_id'])) { $data['X2Model'] = $this->model; } } // Resolve the name of the auth item to check. // // There are three actions and five different request types (DELETE, // GET, PATCH, POST, PUT) two of which (PATCH/PUT) are indistinct. switch ($this->action->id) { case 'count': switch ($method) { case 'GET': $action = "{$module}Index"; break; } break; case 'model': switch ($method) { case 'DELETE': $action = "{$module}Delete"; break; case 'GET': // Query or view individual: $action = isset($_GET['_id']) ? "{$module}View" : "{$module}Index"; break; case 'PATCH': case 'PUT': $action = "{$module}Update"; } break; case 'relationships': case 'tags': switch ($method) { case 'DELETE': case 'PATCH': case 'PUT': case 'POST': // As long as the user has permission to view the // record, they should have permission to alter these // metadata (this is the behavior of the base app, as // of this writing): $action = "{$module}View"; break; case 'GET': if (isset($_GET['_class']) && isset($_GET['_id'])) { // Respect the permissions of that particular model, // so that URI's corresponding to a given model // record respond consistently: $action = "{$module}View"; } else { // Querying all relationships/tags. Simply allow // access because there's no analogue of this // functionality in the application (as of this // writing), let alone permission entries for them, // and thus nothing on which to base permissions. $filterChain->run(); } break; } break; } // Use RBAC to check permission if an auth item exists. if (Yii::app()->authManager->getAuthItem($action) instanceof CAuthItem) { if (!Yii::app()->authManager->checkAccess($action, $userId, $data)) { $this->send(403, "You do not have permission to perform this action.."); } } $filterChain->run(); }
public function execute() { $this->define_hooks(); $this->plugin_loader->run(); }