public function isGranted($route = "ibrows_simple_cms_content", $parameters=array()) {
        
        
    
        
   
        try {
            if (false === $this->securityContext->isGranted($this->globalRole)) {
                return false;
            }
        }  catch (AuthenticationCredentialsNotFoundException $e){
            return true;
        }
        if(isset($parameters['type']) && key_exists($parameters['type'], $this->securityMap)){
            $roles = $this->securityMap[$parameters['type']];             
            foreach($roles as $roletype => $role){              
                if(stripos($route, $roletype) !== false || $roletype == 'general') {                    
                    if(false === $this->securityContext->isGranted($role)){
                        return false;
                    }
                    
                }
            }            
        }
        

        
        
        return true;
        
    }
 public function onKernelRequest(GetResponseEvent $event)
 {
     if (HttpKernel::MASTER_REQUEST != $event->getRequestType()) {
         // don't do anything if it's not the master request
         return;
     }
     $token = $this->context->getToken();
     if (is_null($token)) {
         return;
     }
     $_route = $event->getRequest()->attributes->get('_route');
     if ($this->context->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
         if (!$token->getUser() instanceof PersonInterface) {
             // We don't have a PersonInterface... Nothing to do here.
             return;
         }
         if ($_route == 'lc_home' || $_route == 'fos_user_security_login') {
             $key = '_security.main.target_path';
             #where "main" is your firewall name
             //check if the referer session key has been set
             if ($this->session->has($key)) {
                 //set the url based on the link they were trying to access before being authenticated
                 $url = $this->session->get($key);
                 //remove the session key
                 $this->session->remove($key);
             } else {
                 $url = $this->router->generate('lc_dashboard');
             }
             $event->setResponse(new RedirectResponse($url));
         } else {
             $this->checkUnconfirmedEmail();
         }
     }
 }
 /**
  * Assigns the Security token's user to the vote.
  *
  * @param  VoteEvent $vote
  * @return void
  */
 public function blame(VoteEvent $event)
 {
     $vote = $event->getVote();
     if (null === $this->securityContext) {
         if ($this->logger) {
             $this->logger->debug("Vote Blamer did not receive the security.context service.");
         }
         return;
     }
     if (!$vote instanceof SignedVoteInterface) {
         if ($this->logger) {
             $this->logger->debug("Vote does not implement SignedVoteInterface, skipping");
         }
         return;
     }
     if (null === $this->securityContext->getToken()) {
         if ($this->logger) {
             $this->logger->debug("There is no firewall configured. We cant get a user.");
         }
         return;
     }
     if ($this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
         $vote->setVoter($this->securityContext->getToken()->getUser());
     }
 }
예제 #4
0
 /**
  * {@inheritdoc}
  */
 public function buildForm(FormBuilderInterface $builder, array $options)
 {
     $builder->add('gridName', 'hidden', ['required' => false])->add('entityClass', 'hidden', ['required' => false])->add('entityId', 'hidden', ['required' => false])->add('from', 'oro_email_email_address_from', ['required' => true, 'label' => 'oro.email.from_email_address.label', 'attr' => ['class' => 'from taggable-field']])->add('to', 'oro_email_email_address_recipients', ['required' => false, 'attr' => ['class' => 'taggable-field forged-required']])->add('cc', 'oro_email_email_address_recipients', ['required' => false, 'attr' => ['class' => 'taggable-field']])->add('bcc', 'oro_email_email_address_recipients', ['required' => false, 'attr' => ['class' => 'taggable-field']])->add('subject', 'text', ['required' => true, 'label' => 'oro.email.subject.label'])->add('body', 'oro_resizeable_rich_text', ['required' => false, 'label' => 'oro.email.email_body.label'])->add('template', 'oro_email_template_list', ['label' => 'oro.email.template.label', 'required' => false, 'depends_on_parent_field' => 'entityClass', 'configs' => ['allowClear' => true]])->add('type', 'choice', ['label' => 'oro.email.type.label', 'required' => true, 'data' => 'html', 'choices' => ['html' => 'oro.email.datagrid.emailtemplate.filter.type.html', 'txt' => 'oro.email.datagrid.emailtemplate.filter.type.txt'], 'expanded' => true])->add('attachments', 'oro_email_attachments', ['type' => 'oro_email_attachment', 'required' => false, 'allow_add' => true, 'prototype' => false, 'options' => ['required' => false]])->add('bodyFooter', 'hidden')->add('parentEmailId', 'hidden')->add('signature', 'hidden')->add('contexts', 'oro_activity_contexts_select', ['tooltip' => 'oro.email.contexts.tooltip', 'read_only' => !$this->securityContext->isGranted('EDIT', 'entity:Oro\\Bundle\\EmailBundle\\Entity\\EmailUser'), 'configs' => ['containerCssClass' => 'taggable-email', 'route_name' => 'oro_activity_form_autocomplete_search', 'route_parameters' => ['activity' => 'emails', 'name' => 'emails']]]);
     $builder->addEventListener(FormEvents::PRE_SET_DATA, [$this, 'initChoicesByEntityName']);
     $builder->addEventListener(FormEvents::PRE_SET_DATA, [$this, 'fillFormByTemplate']);
     $builder->addEventListener(FormEvents::PRE_SUBMIT, [$this, 'initChoicesByEntityName']);
 }
 /**
  * Render js inclusion for create.js and dependencies and bootstrap code.
  *
  * THe hallo editor is bundled with create.js and available automatically.
  * To use aloha, you need to download the zip, as explained in step 8 of
  * the README.
  *
  * @param string $editor the name of the editor to load, currently hallo and aloha are supported
  */
 public function includeJSFilesAction($editor = 'hallo')
 {
     if ($this->securityContext && false === $this->securityContext->isGranted($this->requiredRole)) {
         return new Response('');
     }
     // We could inject a list of names to template mapping for this
     // to allow adding other editors without changing this bundle
     $view = new View();
     switch ($editor) {
         case 'hallo':
             if ($this->coffee) {
                 $view->setTemplate('SymfonyCmfCreateBundle::includecoffeefiles-hallo.html.twig');
             } else {
                 $view->setTemplate('SymfonyCmfCreateBundle::includejsfiles-hallo.html.twig');
             }
             break;
         case 'aloha':
             $view->setTemplate('SymfonyCmfCreateBundle::includejsfiles-aloha.html.twig');
             break;
         default:
             throw new \InvalidArgumentException("Unknown editor '{$editor}' requested");
     }
     $view->setData(array('cmfCreateStanbolUrl' => $this->stanbolUrl, 'cmfCreateImageUploadEnabled' => (bool) $this->imageClass));
     return $this->viewHandler->handle($view);
 }
예제 #6
0
 /**
  * Get the customer.
  *
  * @throws \RuntimeException
  *
  * @return \Sonata\Component\Customer\CustomerInterface
  */
 public function get()
 {
     $customer = null;
     $user = null;
     if (true === $this->securityContext->isGranted('IS_AUTHENTICATED_FULLY')) {
         // user is authenticated
         $user = $this->securityContext->getToken()->getUser();
         if (!$user instanceof UserInterface) {
             throw new \RuntimeException('User must be an instance of FOS\\UserBundle\\Model\\UserInterface');
         }
         $customer = $this->customerManager->findOneBy(array('user' => $user->getId()));
     }
     if (!$customer) {
         $basket = $this->getBasket();
         if ($basket && $basket->getCustomer()) {
             $customer = $basket->getCustomer();
         }
     }
     if (!$customer) {
         $customer = $this->customerManager->create();
     }
     if (!$customer->getLocale()) {
         $customer->setLocale($this->locale);
     }
     if ($user && $customer) {
         $customer->setUser($user);
     }
     return $customer;
 }
예제 #7
0
    public function previewContentAction( $contentId, $versionNo, $language, $siteAccessName = null )
    {
        try
        {
            $content = $this->contentService->loadContent( $contentId, array( $language ), $versionNo );
            $location = $this->previewHelper->getPreviewLocation( $contentId );
        }
        catch ( UnauthorizedException $e )
        {
            throw new AccessDeniedException();
        }

        if ( !$this->securityContext->isGranted( new AuthorizationAttribute( 'content', 'versionread', array( 'valueObject' => $content ) ) ) )
        {
            throw new AccessDeniedException();
        }

        $siteAccess = $this->previewHelper->getOriginalSiteAccess();
        // Only switch if $siteAccessName is set and different from original
        if ( $siteAccessName !== null && $siteAccessName !== $siteAccess->name )
        {
            $siteAccess = $this->previewHelper->changeConfigScope( $siteAccessName );
        }

        $response = $this->kernel->handle(
            $this->getForwardRequest( $location, $content, $siteAccess ),
            HttpKernelInterface::SUB_REQUEST
        );
        $response->headers->remove( 'cache-control' );
        $response->headers->remove( 'expires' );

        $this->previewHelper->restoreConfigScope();

        return $response;
    }
 /**
  * Check if the node on the event is published, otherwise skip it.
  *
  * @param CreateMenuItemFromNodeEvent $event
  */
 public function onCreateMenuItemFromNode(CreateMenuItemFromNodeEvent $event)
 {
     $node = $event->getNode();
     if (!$this->publishWorkflowChecker->isGranted($this->publishWorkflowPermission, $node)) {
         $event->setSkipNode(true);
     }
 }
예제 #9
0
 /**
  * @return bool
  */
 private function isUserAuthenticated()
 {
     // IS_AUTHENTICATED_FULLY inherits from IS_AUTHENTICATED_REMEMBERED.
     // User can be either authenticated by providing credentials during current session
     // or by "remember me" if available.
     return $this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED');
 }
 /**
  * @inheritdoc
  */
 public function consume(TokenInterface $token, Request $request)
 {
     if (!$this->security->isGranted(AbstractTokenVoter::CONSUME, $token)) {
         throw new AccessDeniedException();
     }
     return parent::consume($token, $request);
 }
예제 #11
0
 /**
  * @param string $role
  *
  * @return bool
  */
 protected function isGranted($role)
 {
     if (!$this->securityContext) {
         $this->securityContext = $this->getSecurityContext();
     }
     return $this->securityContext->isGranted($role);
 }
예제 #12
0
 /**
  * Gets customer based on currently logged user.
  *
  * @return CustomerInterface|null
  */
 public function getCustomer()
 {
     if ($this->securityContext->getToken() && $this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED') && $this->securityContext->getToken()->getUser() instanceof UserInterface) {
         return $this->securityContext->getToken()->getUser()->getCustomer();
     }
     return null;
 }
예제 #13
0
 /**
  * @{inheritDoc}
  */
 public function can($transition)
 {
     $transition = $transition instanceof TransitionInterface ? $transition : $this->getTransition($transition);
     if (!$this->securityContext->isGranted($transition->getName(), $this->getObject())) {
         return false;
     }
     return parent::can($transition);
 }
예제 #14
0
 public function countImagesList($listParams)
 {
     if ($this->securityContext->isGranted('IS_AUTHENTICATED_FULLY')) {
         return $this->imgRepository->count($listParams);
     } else {
         return 0;
     }
 }
예제 #15
0
 private function addConfiguration()
 {
     if ($this->securityContext->isGranted("ROLE_SUPER_ADMIN")) {
         $configuration = $this->menu->addChild($this->translator->trans('Configuration'), array('route' => 'HexMediaConfigurationDisplay'))->setAttribute('icon', 'fa fa-cogs');
         //			$configuration->addChild($this->translator->trans("List"), array('route' => 'HexMediaConfigurationDisplay'));
         $configuration->addChild($this->translator->trans("Add"), array('route' => 'HexMediaConfigurationAdd'));
     }
 }
예제 #16
0
 /**
  * @return Boolean - returns if a user is logged in
  */
 public function isLoggedIn()
 {
     if ($this->getUser() && $this->security->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
         return true;
     } else {
         return false;
     }
 }
 /**
  * {@inheritdoc}
  */
 public function isGranted(MediaInterface $media, Request $request)
 {
     try {
         return $this->security->isGranted($this->roles);
     } catch (AuthenticationCredentialsNotFoundException $e) {
         // The token is not set in an AuthorizationCheckerInterface object
         return false;
     }
 }
예제 #18
0
 public function viewPostAction(Post $contentDocument, $contentTemplate = null)
 {
     $post = $contentDocument;
     if (true !== $this->securityContext->isGranted($this->publishWorkflowPermission, $post)) {
         throw new NotFoundHttpException(sprintf('Post "%s" is not published', $post->getTitle()));
     }
     $contentTemplate = $contentTemplate ?: 'CmfBlogBundle:Blog:view_post.html.twig';
     return $this->renderResponse($contentTemplate, array('post' => $post));
 }
예제 #19
0
 public function blame(EventInterface $event)
 {
     $token = $this->securityContext->getToken();
     if (null === $token) {
         throw new \RuntimeException('You must configure a firewall for this route');
     }
     if ($this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
         $event->setOrganizer($token->getUser());
     }
 }
 /**
  * @param GetResponseEvent $event
  */
 public function onKernelRequest(GetResponseEvent $event)
 {
     if (null === $this->securityContext) {
         return;
     }
     $token = $this->securityContext->getToken();
     if (null !== $token && $this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
         $this->versionManager->setUsername($token->getUser()->getUsername());
     }
 }
 /**
  * @param mixed $attributes
  * @param object $object
  * @return bool
  * @throws MissingDependencyException
  * @throws NotAuthenticatedException
  */
 public function isGranted($attributes, $object = null)
 {
     if (null === $this->securityContext) {
         throw new MissingDependencyException('No security context present.');
     }
     if (!$this->securityContext->getToken()) {
         throw new NotAuthenticatedException('User not authenticated.');
     }
     return $this->securityContext->isGranted($attributes, $object);
 }
 /**
  * @param BuildVersionEvent $event
  *
  * @return BuildVersionEvent
  */
 public function preBuild(BuildVersionEvent $event)
 {
     if (null === $this->securityContext) {
         return $event;
     }
     $token = $this->securityContext->getToken();
     if (null !== $token && $this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
         $event->setUsername($token->getUser()->getUsername());
     }
     return $event;
 }
예제 #23
0
 /**
  * Handle article PUT
  */
 public function putDocumentAction(Request $request, $subject)
 {
     if ($this->securityContext && false === $this->securityContext->isGranted($this->requiredRole)) {
         throw new AccessDeniedException();
     }
     $model = $this->getModelBySubject($request, $subject);
     $type = $this->typeFactory->getTypeByObject($model);
     $result = $this->restHandler->run($request->request->all(), $type, null, RestService::HTTP_PUT);
     $view = View::create($result)->setFormat('json');
     return $this->viewHandler->handle($view, $request);
 }
 public function testIgnoreRoleNotHas()
 {
     $doc = $this->getMock('Symfony\\Cmf\\Bundle\\CoreBundle\\Tests\\Functional\\PublishWorkflow\\PublishModel');
     $doc->expects($this->any())->method('isPublishable')->will($this->returnValue(false));
     $roles = array(new Role('OTHER_ROLE'));
     $token = new UsernamePasswordToken('test', 'pass', 'testprovider', $roles);
     $tokenStorage = $this->getContainer()->get('security.token_storage');
     $tokenStorage->setToken($token);
     $this->assertFalse($this->publishWorkflowChecker->isGranted(PublishWorkflowChecker::VIEW_ATTRIBUTE, $doc));
     $this->assertFalse($this->publishWorkflowChecker->isGranted(PublishWorkflowChecker::VIEW_ANONYMOUS_ATTRIBUTE, $doc));
 }
예제 #25
0
 /**
  * Assigns the Security token's user to the vote.
  *
  * @throws InvalidArgumentException when the vote does not implement SignedVoteInterface
  * @throws RuntimeException When the firewall is not properly configured
  * @param VoteInterface $vote
  * @return void
  */
 public function blame(VoteInterface $vote)
 {
     if (!$vote instanceof SignedVoteInterface) {
         throw new InvalidArgumentException('The vote must implement SignedVoteInterface');
     }
     if (null === $this->securityContext->getToken()) {
         throw new RuntimeException('You must configure a firewall for this route');
     }
     if ($this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
         $vote->setVoter($this->securityContext->getToken()->getUser());
     }
 }
예제 #26
0
 /**
  * Actions may be performed if there is a securityContext having a token
  * and granting the required role.
  *
  * {@inheritDoc}
  */
 public function check(Request $request)
 {
     try {
         return $this->securityContext && $this->securityContext->getToken() && $this->securityContext->isGranted($this->requiredRole);
     } catch (\Exception $e) {
         if ($this->logger) {
             $this->logger->error($e, array('exception' => $e));
         }
         // ignore and return false
     }
     return false;
 }
예제 #27
0
파일: ApiListener.php 프로젝트: symbb/symbb
 public function topicData(\Symbb\Core\EventBundle\Event\ApiDataEvent $event)
 {
     $topic = $event->getObject();
     if (is_object($topic)) {
         $forum = $topic->getForum();
         $createSurvey = $this->securityContext->isGranted(RatingVoter::CREATE_RATING, $forum);
         $event->addAccessData('createRating', $createSurvey);
         $createSurvey = $this->securityContext->isGranted(RatingVoter::VIEW_RATING, $forum);
         $event->addAccessData('viewRating', $createSurvey);
         $this->addExtensionData($event, $topic->getMainPost());
     }
 }
 /**
  * In this method you can add children for a specific parent, but also remove and change the already created children
  *
  * @param MenuBuilder $menu The MenuBuilder
  * @param MenuItem[] &$children The current children
  * @param MenuItem $parent The parent Menu item
  * @param Request $request The Request
  */
 public function adaptChildren(MenuBuilder $menu, array &$children, MenuItem $parent = null, Request $request = null)
 {
     if (!is_null($parent) && 'KunstmaanAdminBundle_settings' == $parent->getRoute() && $this->security->isGranted('ROLE_SUPER_ADMIN')) {
         $menuItem = new MenuItem($menu);
         $menuItem->setRoute('KunstmaanSeoBundle_settings_robots')->setLabel('Robots')->setUniqueId('robots_settings')->setParent($parent);
         if (stripos($request->attributes->get('_route'), $menuItem->getRoute()) === 0) {
             $menuItem->setActive(true);
             $parent->setActive(true);
         }
         $children[] = $menuItem;
     }
 }
예제 #29
0
 /**
  * @param Request $request
  * @param string  $name
  * @param string  $redirectUrl     Optional
  * @param array   $extraParameters Optional
  *
  * @return string
  */
 public function getAuthorizationUrl(Request $request, $name, $redirectUrl = null, array $extraParameters = array())
 {
     $resourceOwner = $this->getResourceOwner($name);
     if (null === $redirectUrl) {
         if (!$this->connect || !$this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
             $redirectUrl = $this->httpUtils->generateUri($request, $this->ownerMap->getResourceOwnerCheckPath($name));
         } else {
             $redirectUrl = $this->getServiceAuthUrl($request, $resourceOwner);
         }
     }
     return $resourceOwner->getAuthorizationUrl($redirectUrl, $extraParameters);
 }
예제 #30
0
 /**
  * Present a form to the user to accept or not to share
  * its information with the consumer.
  */
 public function allowAction(Request $request)
 {
     $oauth_token = $request->get('oauth_token', null);
     $oauth_callback = $request->get('oauth_callback', null);
     if ($this->securityContext->isGranted('IS_AUTHENTICATED_FULLY')) {
         $token = $this->tokenProvider->loadRequestTokenByToken($oauth_token);
         if ($token instanceof RequestTokenInterface) {
             $this->tokenProvider->setUserForRequestToken($token, $this->securityContext->getToken()->getUser());
             return new Response($this->engine->render('BazingaOAuthServerBundle::authorize.html.twig', array('consumer' => $token->getConsumer(), 'oauth_token' => $oauth_token, 'oauth_callback' => $oauth_callback)));
         }
     }
     throw new HttpException(404);
 }