/**
* fallback method for authenticating menu access on observe_table/observe_row level
* positive authentication if auth_parameter contains a table name found in the admins table access setting
*
* @param Menu $m
* @return boolean
*/
protected function authenticateMenuByTableRowAccess(Menu $m)
{
$p = $m->getAuthParameters();
if (empty($p)) {
return FALSE;
}
$admin = User::getSessionUser();
if (!$admin) {
return FALSE;
}
$tables = preg_split('/\\s*,\\s*/', trim($p));
$matching = array_intersect($tables, $admin->getTableAccess());
return !empty($matching);
}
/**
* Parse XML menu entries and creates menu instance
*
* @param simpleXmlElement $menu
* @return Menu
*/
private function parseMenu(\SimpleXMLElement $menu)
{
$a = $menu->attributes();
$root = isset($a->script) ? (string) $a->script : $this->site->root_document;
$type = isset($a->type) && (string) $a->type === 'dynamic' ? 'dynamic' : 'static';
$service = !empty($a->service) ? (string) $a->service : NULL;
$id = !empty($a->id) ? (string) $a->id : NULL;
if ($type === 'dynamic' && !$service) {
throw new ConfigException("A dynamic menu requires a configured service.");
}
$m = new Menu($root, $id, $type, $service);
if (isset($a->auth)) {
// set optional authentication level; if level is not defined, menu is locked for everyone
// if auth level is defined, additional authentication parameters can be set
$menuAuth = strtoupper(trim((string) $a->auth));
if (defined("vxPHP\\User\\User::AUTH_{$menuAuth}")) {
$m->setAuth(constant("vxPHP\\User\\User::AUTH_{$menuAuth}"));
if (isset($a->auth_parameters)) {
$m->setAuthParameters((string) $a->auth_parameters);
}
} else {
$m->setAuth(-1);
}
} else {
$menuAuth = NULL;
}
foreach ($menu->children() as $entry) {
if ($entry->getName() == 'menuentry') {
$a = $entry->attributes();
if (isset($a->page) && isset($a->path)) {
throw new ConfigException(sprintf("Menu entry with both page ('%s') and path ('%s') attribute found.", (string) $a->page, (string) $a->path));
}
// menu entry comes with a path attribute (which can also link an external resource)
if (isset($a->path)) {
$path = (string) $a->path;
$local = strpos($path, '/') !== 0 && !preg_match('~^[a-z]+://~', $path);
$e = new MenuEntry($path, $a, $local);
} else {
if (isset($a->page)) {
$page = (string) $a->page;
if (!isset($this->routes[$m->getScript()][$page])) {
throw new ConfigException(sprintf("No route for menu entry ('%s') found. Available routes for script '%s' are '%s'.", $page, $m->getScript(), empty($this->routes[$m->getScript()]) ? 'none' : implode("', '", array_keys($this->routes[$m->getScript()]))));
}
$e = new MenuEntry((string) $this->routes[$m->getScript()][$page]->getPath(NULL, TRUE), $a, TRUE);
}
}
// handle authentication settings of menu entry
if ($menuAuth || isset($a->auth)) {
// fallback to menu settings, when auth attribute is not set
if (!isset($a->auth)) {
$e->setAuth($m->getAuth());
$e->setAuthParameters($m->getAuthParameters());
} else {
// set optional authentication level; if level is not defined, entry is locked for everyone
// if auth level is defined, additional authentication parameters can be set
$auth = strtoupper(trim((string) $a->auth));
if (defined("UserAbstract::AUTH_{$auth}")) {
$e->setAuth(constant("UserAbstract::AUTH_{$auth}"));
if (isset($a->auth_parameters)) {
$e->setAuthParameters((string) $a->auth_parameters);
}
} else {
$e->setAuth(-1);
}
}
}
$m->appendEntry($e);
if (isset($entry->menu)) {
$e->appendMenu($this->parseMenu($entry->menu));
}
} else {
if ($entry->getName() == 'menuentry_placeholder') {
$a = $entry->attributes();
$e = new DynamicMenuEntry(NULL, $a);
$m->appendEntry($e);
}
}
}
return $m;
}