/**
* Iterates through elements of $each and renders child nodes
*
* @param string $as
* @return string Rendered string
* @author Marc Neuhaus <*****@*****.**>
* @api
*/
public function render($as = "user")
{
if ($as == null) {
$as = $get;
}
$this->templateVariableContainer->add($as, $this->securityManager->getUser());
$output = $this->renderChildren();
$this->templateVariableContainer->remove($as);
return $output;
}
/**
* Returns a query for objects of this repository
*
* @return \TYPO3\FLOW3\Persistence\Doctrine\Query
* @api
*/
public function createQuery()
{
$query = parent::createQuery();
if ($this->helper->isDemoMode()) {
if ($this->securityManager->getUser()) {
$query->matching($query->logicalNot($query->equals("accountIdentifier", $this->helper->getSettings("Admin.SuperAdmin"))));
}
}
return $query;
}
/**
* Advices the dispatch method so that illegal requests are blocked before invoking
* any controller.
*
* @FLOW3\Around("method(TYPO3\FLOW3\MVC\Dispatcher->dispatch())")
* @param \TYPO3\FLOW3\AOP\JoinPointInterface $joinPoint The current joinpoint
* @return mixed Result of the advice chain
*/
public function checkAccess(\TYPO3\FLOW3\AOP\JoinPointInterface $joinPoint)
{
$this->securityManager->setRequest($joinPoint->getMethodArgument('request'));
$this->securityManager->setResponse($joinPoint->getMethodArgument('response'));
$request = $joinPoint->getMethodArgument('request');
if (is_a($request, "\\TYPO3\\FLOW3\\MVC\\Web\\Request")) {
$className = $request->getControllerObjectName();
$methodName = $request->getControllerActionName() . 'Action';
try {
if (!empty($className) && $this->reflectionService->isMethodAnnotatedWith($className, $methodName, "Admin\\Annotations\\Access")) {
$annotation = $this->reflectionService->getMethodAnnotation($className, $methodName, "Admin\\Annotations\\Access");
if (!is_object($user = $this->securityManager->getUser())) {
return $this->securityManager->redirectToLogin($joinPoint);
}
if ($annotation->admin && !$user->isAdmin()) {
return $this->securityManager->redirectToLogin($joinPoint);
}
if ($annotation->role !== null) {
$hasRole = false;
foreach ($user->getRoles() as $role) {
if ($role->getName() == $annotation->role) {
$hasRole = true;
}
}
if (!$hasRole) {
$message = new \TYPO3\FLOW3\Error\Error("You don't have access to this page!");
$this->flashMessageContainer->addMessage($message);
return $this->securityManager->redirectToLogin($joinPoint);
}
}
}
} catch (\Exception $e) {
}
}
if (is_object($adviceChain = $joinPoint->getAdviceChain())) {
$result = $adviceChain->proceed($joinPoint);
return $result;
}
}
