/** * Gibt den Text mit den ersetzten Links zurück * @return string */ public function getText() { $this->text = html_entity_decode($this->text); $matches = []; // Suchen nach allem, dass in [[ ]] eingeschlossen ist preg_match_all('/\\[\\[([\\w\\.\\säöüÄÖÜß]+)\\]\\]/', $this->text, $matches); Logging::debug(print_r($matches, true)); foreach ($matches[1] as $match) { $artikel = CmsArtikel::loadByBezeichnung($match, $this->kategorieId); if ($artikel == null) { Logging::info('Lege Artikel neu an: ' . $match); $artikel = new CmsArtikel(); $artikel->ca_kategorie = $this->kategorieId; $artikel->ca_bezeichnung = $match; $artikel->ca_aktiv = 1; $artikel->ca_autor = Security::getUserId(); $artikel->save(); $titel = Text::get($artikel->getElementId() . '.titel'); $titel->te_text = $match; $titel->save(); } $link = EntityLinks::show($artikel); $tag = "<a href=\"{$link}\">{$match}</a>"; $this->text = str_replace('[[' . $match . ']]', $tag, $this->text); } return $this->text; }
protected function preSave() { if ($this->ko_benutzer == 0) { $this->ko_benutzer = Security::getUserId(); $this->ko_datum = new \DateTime(); } }
/** * @param $user * @param $pass * @param $token * @return array */ private function loginUser($user, $pass, &$token) { if (Security::login($user, $pass)) { $token = md5(Security::getUserId() . date('dmyHis')); $user = new User(Security::getUserId()); $user->us_hash = $token; $user->save(); return true; } return false; }
protected function createBoxen() { $rollen = new Rolle(); $rollen = $rollen->loadAll(); foreach ($rollen as $rolle) { $text = ''; if ($rolle->parent != '') { $text .= $rolle->parent . ' » '; } $this->addBox($rolle->id, $text . $rolle->ro_bezeichnung, $this->id . '[]', Security::hatBerechtigung($this->element, 0, $rolle->id)); } }
/** * */ public function install() { Logging::info('Installiere Modul ' . $this->getModulename()); $module = Modules::getModule($this->getModulename()); $this->migrateDatabase(); Logging::info('Vergebe Berechtigungen'); foreach ($module->actions as $action) { /**@var Action $action */ if ($action->securityLevel === Action::LEVEL_CONFIG) { Security::berechtigungSchreiben($action->getSecurityToken(), self::ID_ADMIN_ROLLE, 1); } } }
public function isAuthenticated($request) { if (Security::isAuthenticated()) { return true; } // Token kann im Header oder in einem Parameter stehen $token = 'XYZ'; if (isset($_SERVER['HTTP_X_TOKEN'])) { $token = $_SERVER['HTTP_X_TOKEN']; } elseif (isset($request->token)) { $token = $request->token; } $user = User::loadByToken($token); if ($user !== null) { Security::loginUser($user); return true; } else { return false; } }
protected function handle_file_upload($uploaded_file, $name, $size, $type, $error, $index = null, $content_range = null) { // TODO: Refactor! if (isset(Application::getCurrentRequest()->target) && Application::getCurrentRequest()->target != '') { $name = Application::getCurrentRequest()->target; } $file = parent::handle_file_upload($uploaded_file, $name, $size, $type, $error, $index, $content_range); if (empty($file->error) && $this->kollektionId > 0) { $medium = new Medien(); $medium->me_kollektion = $this->kollektionId; $medium->me_titel = $file->name; $medium->me_dateiname = $file->name; $medium->me_erweiterung = strtolower(substr(strrchr($name, '.'), 1)); $medium->me_groesse = $file->size; $medium->me_upload_am = date('d.m.Y'); $medium->me_upload_von = Security::getUserId(); if (isset(Application::getCurrentRequest()->token) && Application::getCurrentRequest()->token != '') { $medium->me_token = Application::getCurrentRequest()->token; } $medium->save(); $file->id = $medium->id; } return $file; }
public function endEditPage() { $this->page = new Page($this->request->id); $this->page->save($this->request); if ($this->request->id < 0) { $this->page->generatePos(); } Text::saveArray($this->page->getElementId(), $this->request->texte); Security::berechtigungenSchreiben($this->page->getSecurityElement(), $this->request->berechtigung); $this->flushCache(); $oldPanel = $this->request->initPanel; $this->request->clear(); $this->request->initPanel = $oldPanel; $this->request->id = $this->page->id; FlashMessage::success(Strings::GESPEICHERT); }
/** * Gibt zurück ob der aktuell angemeldete Benutzer ein Administrator ist. * Als Kennzeichen wird die Rolle Rolle::ROLLE_ADMIN verwendet. * * @return boolean */ public static function isAdmin() { if (self::getInstance()->isAdministrator === null) { self::getInstance()->isAdministrator = Security::hatRolle(Rolle::ROLLE_ADMIN); } return self::getInstance()->isAdministrator; }
use NewFrontiers\Framework\Core\Application; use NewFrontiers\Framework\Events\FrameworkEvents; use Nostromo\Contracts\Facades\Events; use Nostromo\Contracts\Facades\Logging; use Nostromo\Contracts\Facades\Profiler; use Nostromo\Contracts\Facades\Security; use Symfony\Component\EventDispatcher\Event; Profiler::startSection('initApplication'); // Listener, der als Login-Gate fungiert // TODO: In eigene Klasse Events::addListener(FrameworkEvents::REQUEST_BEFORE, function (\NewFrontiers\Framework\Events\RequestEvent $event) { $request = $event->getRequest(); // Nur Admin schützen if (!$request->admin) { return; } // API ausnhemen (pauschal) if ($request->module == 'api' || $request->module == 'Api') { return; } $allowedActions = array('showLogin', 'login', 'loginFailure', 'logout', 'password', 'doPassword', 'reset', 'doReset'); if (!Security::isAuthenticated() && !in_array($request->action, $allowedActions)) { $request->followUpModule = $request->module; $request->followUpAction = $request->action; $request->module = 'defaultMod'; $request->action = 'showLogin'; Logging::warning('Action not allowed. User was sent to Login-Screen'); } else { } }); Profiler::endSection('initApplication');
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries --> <!--[if lt IE 9]> <script src="//oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script> <script src="//oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script> <![endif]--> <script src="//code.jquery.com/jquery-1.11.2.min.js"></script> </head> <body style="padding-top: 70px;"> <!-- Navbar --> <?php if (Security::isAuthenticated()) { ?> <nav class="navbar navbar-inverse navbar-fixed-top" role="navigation"> <div class="container"> <div class="navbar-header"> <button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <!--<a class="navbar-brand" href="#"><img src="http://pixw.net/p3/themes/p3-bootstrap/img/p3.png" style="margin-top: -4px"></a>--> </div>
public function install() { parent::install(); // Datensätze anlegen $site = new Site(); $site->si_bezeichnung = 'Administration'; $site->si_name = 'admin'; $site->si_urlpattern = 'admin.php'; $site->si_template = 'bootadmin'; $site->save(); // Struktur-Eintrag im Menü $page = new Page(); $page->pa_site = $site->id; $page->pa_parent = 0; $page->pa_bezeichnung = 'Struktur'; $page->pa_link = 'struktur'; $page->pa_pos = 0; $page->pa_title = 'Struktur'; $page->pa_module = 'site'; $page->pa_action = 'useInnerTemplate'; $page->pa_haschildren = false; $page->pa_innertemplate = 'normal'; $page->save(); $region = new Region(); $region->re_page = $page->id; $region->re_name = 'main'; $region->re_module = 'site'; $region->re_action = 'showSite'; $region->re_position = 1; $region->save(); Security::berechtigungSchreiben($page->getElementId(), 1, 1); Text::saveArray($page->getElementId(), array(1 => 'Struktur')); // Benutzer-Eintrag im Menü $page = new Page(); $page->pa_site = $site->id; $page->pa_parent = 0; $page->pa_bezeichnung = 'Benutzer'; $page->pa_link = 'benutzer'; $page->pa_pos = 0; $page->pa_title = 'Benutzer'; $page->pa_module = 'site'; $page->pa_action = 'useInnerTemplate'; $page->pa_haschildren = false; $page->pa_innertemplate = 'normal'; $page->save(); $region = new Region(); $region->re_page = $page->id; $region->re_name = 'main'; $region->re_module = 'user'; $region->re_action = 'indexUser'; $region->re_position = 1; $region->save(); Security::berechtigungSchreiben($page->getElementId(), 1, 1); Text::saveArray($page->getElementId(), array(1 => 'Benutzer')); // Modul-Eintrag im Menü $page = new Page(); $page->pa_site = $site->id; $page->pa_parent = 0; $page->pa_bezeichnung = 'Module'; $page->pa_link = 'module'; $page->pa_pos = 0; $page->pa_title = 'Module'; $page->pa_module = 'site'; $page->pa_action = 'useInnerTemplate'; $page->pa_haschildren = false; $page->pa_innertemplate = 'normal'; $page->save(); $region = new Region(); $region->re_page = $page->id; $region->re_name = 'main'; $region->re_module = 'modView'; $region->re_action = 'showModules'; $region->re_position = 1; $region->save(); Security::berechtigungSchreiben($page->getElementId(), 1, 1); Text::saveArray($page->getElementId(), array(1 => 'Module')); // Site-Definition Frontend $site = new Site(); $site->si_bezeichnung = 'Webseite'; $site->si_name = 'web'; $site->si_urlpattern = ''; $site->si_template = 'unify'; $site->save(); }
public function install() { parent::install(); Security::berechtigungSchreiben('ModView_newModule', 1, 1); }
public function endBerechtigung() { $this->current = Modules::getModule($this->request->current); $this->action = $this->current->getAction($this->request->id); Security::berechtigungenSchreiben($this->current->qualifiedName . '_' . $this->action->name, $this->request->berechtigung); $this->request->id = $this->request->current; }
/** * Wechselt die Identität des angemeldeten Benutzers * ACHTUNG! Besondere Sorgfalt bei der Berechtigungsprüfung von Nöten! */ public function doAnmeldenAls() { // TODO: Berechtigung prüfen // TODO: DTV! $darfWechsel = Application::isAdmin() || Security::hatRolle('DTV-GS'); if (!$darfWechsel) { FlashMessage::danger('Für diese Aktion haben Sie keine Berechtigung'); Application::getCurrentResponse()->redirectToFrontpage(); } $this->user = User::loadByBenutzername($this->request->benutzer); if ($this->user != null) { Security::loginUser($this->user); FlashMessage::success('Sie sind jetzt angemeldet als ' . $this->user); } else { FlashMessage::danger('Benutzername nicht bekannt'); } Application::getCurrentResponse()->redirectToFrontpage(); }
/** * Prüft, ob der aktuell angemeldete Benutzer berechtigt für diese Aktion ist * @return bool */ public function isBerechtigt() { Logging::debug("Prüfe Berechtigung für {$this->name} : {$this->securityLevel}"); if ($this->securityLevel === Action::LEVEL_ALL) { return true; } elseif ($this->securityLevel === Action::LEVEL_LOGGEDIN) { return Security::isAuthenticated(); } elseif ($this->securityLevel === Action::LEVEL_CONFIG) { return Security::hatBerechtigung($this->getSecurityToken()); } else { // TODO: Hier könnte man jetzt auch den Rückgriff auf // andere Module einbauen. Wäre kein Problem $module = $this->module; $action = $module->getAction($this->securityLevel); if ($action !== null) { return $action->isBerechtigt(); } } return false; }