function json()
{
$this->requiring();
$authority = new Authority();
$authorized = $authority->authorize();
if ($authorized !== true) {
die('認証に失敗しました。ログインし直してください。');
} else {
return $this->execute();
}
}
/**
* We can override a method to add, for example, authorisation
*/
public function update($id)
{
if (Authority::cannot('update', 'product', $id)) {
return Response::json(array('message' => 'You are not allowed to update this product'), 401);
}
parent::update($id);
}
/**
* Logs one user on the admin panel
*
*/
public function login()
{
$default_admin_lang = Settings::get_default_admin_lang();
// TODO :
// - Replace by : config_item('uri_lang_code');
// - Remove / Rewrite Settings::get_uri_lang()
$uri_lang = Settings::get_uri_lang();
// If the user is already logged and if he is in the correct minimum group, go to Admin
if (User()->logged_in() && Authority::can('access', 'admin')) {
redirect(base_url() . $uri_lang . '/' . config_item('admin_url'));
}
if (User()->logged_in() && !Authority::can('access', 'admin')) {
redirect(base_url());
}
if (!empty($_POST)) {
unset($_POST['submit']);
if ($this->_try_validate_login()) {
// User can log with email OR username
if (strpos($_POST['username'], '@') !== FALSE) {
$email = $_POST['username'];
unset($_POST['username']);
$_POST['email'] = $email;
}
try {
User()->login($_POST);
redirect(base_url() . $uri_lang . '/' . config_item('admin_url') . '/auth/login');
} catch (Exception $e) {
$this->login_errors = $e->getMessage();
}
} else {
$this->login_errors = lang('ionize_login_error');
}
} else {
if ($this->is_xhr()) {
$html = '
<script type="text/javascript">
var url = "' . config_item('admin_url') . '";
top.location.href = url;
</script>';
echo $html;
exit;
/*
// Save options : as callback
$this->callback[] = array(
'fn' => 'ION.reload',
'args' => array('url'=> config_item('admin_url'))
);
$this->response();
*/
} else {
if (!in_array($uri_lang, Settings::get('displayed_admin_languages')) or $uri_lang != $default_admin_lang) {
redirect(base_url() . $default_admin_lang . '/' . config_item('admin_url') . '/auth/login');
}
}
}
$this->output('auth/login');
}
public function _initialize()
{
header("Content-Type:text/html; charset=utf-8");
import('ORG.Util.Authority');
//加载类库
$auth = new Authority();
//后台 admin_name
$uid = $this->_session('admin_uid');
$user = $this->_session('admin_name');
$prompt = $uid ? "你没有权限" : "请登陆";
$url = $uid ? "" : "__ROOT__/Admin/Logo.html";
if ($user != "admin") {
if (!$auth->getAuth(GROUP_NAME . '/' . MODULE_NAME . '/' . ACTION_NAME, $uid)) {
//echo $user;
$this->error($prompt, $url);
}
}
$system = $this->systems();
$this->assign('s', $system);
}
/**
* Tree init.
* Displays the tree view, which will call each menu tree builder
*
*/
public function index()
{
// TODO : Limit the number of displayed articles in the tree
// $nb_elements = $this->page_model->count_all() + $this->article_model->count_all();
if (Authority::can('access', 'admin/tree')) {
// Menus : All menus
$menus = $this->menu_model->get_list(array('order_by' => 'ordering ASC'));
$this->template['menus'] = $menus;
$this->output('tree/tree');
}
}
/**
* Update one menu
*
*/
public function update()
{
$id = $this->input->post('id_menu');
if ($id) {
$this->menu_model->update($id, $this->input->post());
if (Authority::can('access', 'admin/menu/permissions/backend')) {
$resource = 'backend/menu/' . $id;
$this->rule_model->save_element_roles_rules($resource, $this->input->post('backend_rule'));
}
}
// UI update panels
$this->_update_panels();
$this->success(lang('ionize_message_menu_updated'));
}
/**
* @param FTL_Binding $tag
*
* @return string
*/
public static function tag_authority_can(FTL_Binding $tag)
{
$action = $tag->getAttribute('action');
$resource = $tag->getAttribute('resource');
if (empty($action) && empty($resource)) {
return self::show_tag_error($tag, 'Feed the "action" and "resource" attributes');
}
if (Authority::can($action, $resource)) {
return $tag->expand();
} else {
// Else
self::$trigger_else++;
}
return '';
}
/**
* Returns one definition fields list
*
*
*/
function get_field_list()
{
$fields = array();
if (Authority::can('edit', 'admin/item/definition')) {
$id_definition = $this->input->post('id_item_definition');
$fields = $this->extend_field_model->get_lang_list(array('parent' => 'item', 'id_parent' => $id_definition), Settings::get_lang('default'));
}
//
$this->template['id_item_definition'] = $id_definition;
$this->template['fields'] = $fields;
$this->output('item/definition/fields');
}
</ul>
<script type="text/javascript">
/**
* Types list itemManager
*
*/
typesManager = new ION.ItemManager({ element: 'article_type', container: 'article_typeList' });
typesManager.makeSortable();
<?php
if (Authority::can('edit', 'admin/article/type')) {
?>
// Type editable
$$('#article_typeList .title').each(function(item, idx)
{
var id = item.getProperty('data-id');
item.addEvent('click', function(e){
ION.formWindow('article_type' + id, 'article_typeForm' + id, Lang.get('ionize_title_type_edit'), 'article_type/edit/' + id);
});
});
<?php
}
?>
</script>
mediaManager.toggleFileManager();
});
// Init the staticItemManager
staticItemManager.init({
'parent': 'article',
'id_parent': id_article,
'parentListContainer': 'articleTab'
});
// Get Static Items
staticItemManager.getParentItemList();
// Add video button
<?php
if (Authority::can('link', 'admin/page/media')) {
?>
$('btnAddVideoUrl').addEvent('click', function()
{
ION.dataWindow(
'addExternalMedia',
'ionize_label_add_video',
'media/add_external_media_window',
{width:600, height:150},
{
'parent': 'article',
'id_parent': id_article
}
)
});
require __DIR__ . DS . 'helpers' . EXT;
// --------------------------------------------------------------
// Load bundles
// --------------------------------------------------------------
//Bundle::start('thirdparty_dbmanager');
Bundle::start('thirdparty_bootsparks');
// --------------------------------------------------------------
// Load namespaces
// --------------------------------------------------------------
Autoloader::namespaces(array('Domain' => __DIR__));
// --------------------------------------------------------------
// Filters
// --------------------------------------------------------------
Route::filter('authority', function ($resource) {
$action = Request::$route->parameters['0'];
if (Authority::cannot($action, $resource)) {
return Response::make('', 401);
}
});
Route::filter('auth', function () {
if (Auth::guest()) {
return Redirect::make('', 401);
}
});
// --------------------------------------------------------------
// Setting system tables
// --------------------------------------------------------------
DBManager::$hidden = Config::get('domain::dbmanager.hidden');
$api_version = Config::get('layla.domain.api.version');
// --------------------------------------------------------------
// Map the Base Controller
{
ION.formWindow(
'user', // Window ID
'userForm', // Form ID
'ionize_title_add_user', // Window title
'user/create', // Window content URL
{width: 400, resize:true} // Window options
);
});
<?php
}
?>
<?php
if (Authority::can('create', 'admin/role')) {
?>
// New Role
$('newRoleToolbarButton').addEvent('click', function(e)
{
ION.formWindow(
'role',
'roleForm',
'ionize_title_add_role',
'role/create',
{width: 420, resize:true}
);
});
<?php
function delete($id = false)
{
Authority::is_logged_in();
if (Authority::checkAuthority('Managecareer.delete') == true) {
redirect('index.php/Loginpg');
}
$filter = array('career_id' => $id);
$this->Careerpg_model->delete('career_detail', 'career_master', $filter);
$this->session->set_flashdata('message_type', 'success');
$this->session->set_flashdata('message', $this->config->item("index") . " Data deleted Successfully!!");
$this->parser->parse('Adminheader', $this->data);
$this->load->view('Mngcareer');
$this->parser->parse('Adminfooter', $this->data);
redirect('index.php/Careerpg/Mngcaindex');
}
">
<?php
foreach ($fields as $field) {
?>
<li class="sortme element_field" data-id="<?php
echo $field['id_extend_field'];
?>
" id="element_field<?php
echo $field['id_extend_field'];
?>
">
<span class="icon left drag"></span>
<?php
if (Authority::can('edit', 'admin/element')) {
?>
<a class="icon delete right" data-id="<?php
echo $field['id_extend_field'];
?>
"></a>
<?php
}
?>
<span class="lite right mr10" data-id="<?php
echo $field['id_extend_field'];
?>
">
<?php
echo $field['type_name'];
function resolveLSID($l)
{
global $config;
$rdf = '';
$xml = '<?xml version="1.0" encoding="utf-8" ?>' . "\n";
$xml .= "<result>\n";
$xml .= "<lsid>" . $l . "</lsid>\n";
$lsid = new LSID($l);
$proxy = '';
if ($config['proxy_name'] != '') {
$proxy = $config['proxy_name'] . ":" . $config['proxy_port'];
}
$authority = new Authority($proxy);
$ok = false;
if (!$lsid->isValid()) {
$xml .= "<error>LSID is not validly formed</error>\n";
} else {
$ok = $authority->Resolve($l);
if (!$ok) {
$xml .= "<error>DNS lookup for " . $lsid->getAuthority() . " failed</error>\n";
} else {
$authority->GetAuthorityWSDL();
$ok = $authority->GetHTTPBinding();
if (!$ok) {
$xml .= "<error>No HTTP binding found</error>\n";
}
$ok = $authority->GetServiceWSDL($l);
if (!$ok) {
$xml .= "<error>Error retrieving service WSDL</error>";
} else {
$authority->GetMetadataHTTPLocation();
$rdf = $authority->GetHTTPMetadata($l);
$ok = $rdf != '';
}
}
}
if ($ok) {
return $rdf;
} else {
$xml .= "<error_codes" . " HTTP=\"" . $authority->http_code . "\"" . " LSID=\"" . $authority->lsid_code . "\"" . " CURL=\"" . $authority->curl_code . "\"" . " />\n";
$xml .= "</result>\n";
return $xml;
}
}
$sel = new selectlist('Instrument_Type_ID', $inst->getInstrumentTypeList(), 'Select Instrument Type', 'Instrument_Type_ID', 'Instrument', 'class="required"', '', '');
break;
case 'skillgroup':
//machine list
$sg = new SkillGroup();
$sg->createSkillGroupList();
if (isset($_GET['class'])) {
$class = 'class="required"';
} else {
$class = '';
}
$sel = new selectlist('Skill_Group_ID', $sg->getSkillGroupList(), 'Select Skill Group', 'Skill_Group_ID', 'Group_Desc', $class, '', '1');
break;
case 'auth':
//machine list
$au = new Authority();
$au->createAuthorityList();
$sel = new selectlist('Authority_ID', $au->getAuthorityList(), 'Select Authority Group', 'Authority_ID', 'Authority', '', '', '1');
break;
case 'approval':
//machine list
$app = new Approval();
$app->setValue('skillgroup', $_GET['sgid']);
$app->createApprovarList();
$sel = new selectlist('Approver_ID', $app->getApprovarList(), 'Select Approver', 'Operator_ID', 'Operator_Name', '', '', '1');
break;
case 'idle':
//machine list
$act = new Activitylog();
$act->createReasonList();
$sel = new selectlist('Idle_ID', $act->getReasonList(), 'Select Idle Reason', 'Idle_ID', 'Idle_Reason', 'class="required"', '', '1');
?>
<?php
if (Authority::can('access', 'admin/settings/website')) {
?>
<li class="divider"><a class="navlink" href="setting" title="<?php
echo lang('ionize_menu_site_settings');
?>
"><?php
echo lang('ionize_menu_site_settings');
?>
</a></li>
<?php
}
?>
<?php
if (Authority::can('access', 'admin/settings/technical')) {
?>
<li><a class="navlink" href="setting/technical" title="<?php
echo lang('ionize_menu_site_settings_technical');
?>
"><?php
echo lang('ionize_menu_site_settings_technical');
?>
</a></li>
<?php
}
?>
</ul>
</li>
<?php
}
">
<p class="lite"><?php
echo lang('ionize_help_notify_user_account_updated');
?>
</p>
<textarea name="message" class="autogrow"></textarea>
</div>
</form>
<div class="buttons">
<?php
if (Authority::can('edit', 'admin/user')) {
?>
<button id="bSaveuser<?php
echo $user['id_user'];
?>
" type="button" class="button yes right"><?php
echo lang('ionize_button_save_close');
?>
</button>
<?php
}
?>
<button id="bCanceluser<?php
echo $user['id_user'];
?>
" type="button" class="button no right"><?php
/**
* Switch the publish filter off
*
*/
public function unlock_publish_filter()
{
$uri_string_to_array = explode('/', preg_replace("|^\\/?|", '/', self::$ci->uri->uri_string));
if (!in_array(config_item('admin_url'), $uri_string_to_array)) {
// Settings::get('display_front_offline_content') not available here
$this->{$this->db_group}->where('name', 'display_front_offline_content');
$query = $this->{$this->db_group}->get('setting');
$result = $query->row_array();
if (Authority::can('access', 'admin') && (!empty($result['content']) && $result['content'] == '1')) {
self::$publish_filter = FALSE;
}
} else {
self::$publish_filter = FALSE;
}
}
public static function get_base_url()
{
if (Authority::can('access', 'admin') && Settings::get('display_front_offline_content') == 1) {
Settings::set_all_languages_online();
}
if (count(Settings::get_online_languages()) > 1) {
return base_url() . Settings::get_lang() . '/';
}
return base_url();
}
/**
* Get the current page.
*
* @return array Array of the page data. Can be empty.
*
*/
public static function get_current_page()
{
$page = NULL;
$uri = self::$ci->uri->uri_string();
// Ignore the page named 'page' and get the home page
if ($uri == '') {
$page = self::get_home_page();
} else {
if (config_item('url_mode') == 'short') {
$page = self::get_page_by_short_url(self::$ci->uri->segment(3));
} else {
// Asked entity : Page or article
$entity = self::get_entity();
// Article
if (!empty($entity['type']) && $entity['type'] == 'article') {
$paths = explode('/', $entity['path_ids']);
$id_page = $paths[count($paths) - 2];
$page = self::get_page_by_id($id_page);
} else {
if (!is_null(self::get_special_uri_array())) {
$uri = self::get_page_path_from_special_uri();
if ($uri == '') {
$page = self::get_home_page();
} else {
$page = self::get_page_by_url($uri);
}
} else {
if (!empty($entity['id_entity'])) {
$page = self::get_page_by_id($entity['id_entity']);
} else {
$page = self::get_module_page();
}
}
}
}
}
if (is_null($page) or empty($page)) {
$page = self::get_page_by_code('404');
self::set_400_output(404);
} else {
$resource = 'frontend/page/' . $page['id_page'];
if (Authority::cannot('access', $resource, NULL, TRUE)) {
$http_code = $page['deny_code'];
$page = self::get_page_by_code($page['deny_code']);
self::set_400_output($http_code);
}
}
// Add index to identify current page
$page['__current__'] = TRUE;
return $page;
}
],
'rules' : <?php
echo json_encode($role_resources['rules'], true);
?>
}
);
<?php
}
?>
<?php
}
?>
<?php
if (Authority::can('access', 'admin/page/permissions/frontend')) {
?>
<?php
foreach ($frontend_roles_resources as $id_role => $role_resources) {
?>
var modRules<?php
echo $id_role;
?>
= new ION.PermissionTree(
'roleRulesContainer<?php
echo $id_role;
?>
',
<?php
echo json_encode($role_resources['resources'], true);
<?php /* * Copyright(c) 2009 limitlink,Inc. All Rights Reserved. * http://limitlink.jp/ * 文字コード UTF-8 */ require_once 'application/loader.php'; $authority = new Authority(); $error = $authority->login(); $caption = APP_TYPE; $onload = ' onload="document.forms[\'login\'].elements[\'userid\'].focus()"'; require_once DIR_VIEW . 'header.php'; ?> <div class="header"> <div class="headertitle"> <a href="<?php echo $root; ?> index.php"><img src="<?php echo $root; ?> images/title.gif" /></a> </div> <div class="clearer"></div> </div> <form class="login" method="post" name="login" action="login.php"> <h1>ログイン</h1> <?php echo $view->error($error); ?>
<p class="icons">
<?php
if (Authority::can('unlink', 'admin/' . $parent . '/media')) {
?>
<a class="icon unlink right help" data-id="<?php
echo $media['id_media'];
?>
" title="<?php
echo lang('ionize_label_detach_media');
?>
"></a>
<?php
}
?>
<?php
if (Authority::can('edit', 'admin/' . $parent . '/media')) {
?>
<a class="icon edit left mr5" data-id="<?php
echo $media['id_media'];
?>
" data-title="<?php
echo $title;
?>
" title="<?php
echo lang('ionize_label_edit');
?>
"></a>
<?php
}
?>
<?php
|
*/
Route::filter('csrf', function () {
if (Session::token() != Input::get('_token')) {
throw new Illuminate\Session\TokenMismatchException();
}
});
/*
|--------------------------------------------------------------------------
| Resource-based Permissions
|--------------------------------------------------------------------------
|
| Checks if the logged in user can perform the requested action on the
| requested resource item.
| Gets resource type (e.g. User) action (e.g. delete) and item id from request.
|
*/
Route::filter('permission', function ($route, $request) {
// convert dotted route name into array
$routeName = explode('.', $route->getName());
// take the last part as the action
$action = array_pop($routeName);
// get the resource name (without action)
$resource = implode('.', $routeName);
// get resource ids as array
$parameters = $route->parameters();
// test if current user has permission to perform {action} on {resource} with {parameters}
if (Authority::cannot($action, $resource, $parameters)) {
return App::abort(403);
}
});
echo lang('ionize_help_denied_action_404');
?>
"><?php
echo lang('ionize_label_denied_action_404');
?>
</a></label>
</dd>
</dl>
</div>
<?php
}
?>
<?php
if (Authority::can('access', 'admin/article/permissions/backend')) {
?>
<?php
if (!empty($backend_roles_resources)) {
?>
<dl class="x-small">
<dt><label><?php
echo lang('ionize_label_backend');
?>
</label></dt>
<dd>
<?php
foreach ($backend_roles_resources as $id_role => $role_resources) {
?>
<div id="roleRulesContainer<?php
/**
* Returns the Home URL
*
* @return string
*
*/
public static function get_home_url()
{
// Set all languages online if connected as editor or more
if (Authority::can('access', 'admin') && Settings::get('display_front_offline_content') == 1) {
Settings::set_all_languages_online();
}
if (count(Settings::get_online_languages()) > 1) {
// if the current lang is the default one : don't return the lang code
if (Settings::get_lang() != Settings::get_lang('default')) {
return base_url() . Settings::get_lang() . '/';
}
}
return base_url();
}
/**
* @param $user
*
*/
protected static function set_rules($user)
{
// Always get again the rules
// To comment if rules should be placed in session
// (will need logout / login) to set new rules.
// self::on_logout();
// Rules : From Session
if (self::$session->userdata('authority_rules')) {
$rules = self::$session->userdata('authority_rules');
} else {
// Models
self::$ci->load->model(array('role_model', 'rule_model'), '', TRUE);
// Roles rules
$rules = self::$ci->rule_model->get_from_role($user->get_role());
// To Session
self::$session->set_userdata('authority_rules', $rules);
}
// Check for Super Admin role
foreach ($rules as $rule) {
if ($rule['resource'] == 'all') {
self::$has_all = TRUE;
Authority::allow('manage', 'all');
break;
}
}
// Other role
if (!self::$has_all) {
foreach ($rules as $rule) {
// Read action
$rule['permission'] == 1 ? Authority::allow('access', $rule['resource']) : Authority::deny('access', $rule['resource']);
// Other actions
if (!empty($rule['actions'])) {
$actions = explode(',', $rule['actions']);
foreach ($actions as $action) {
$rule['permission'] == 1 ? Authority::allow($action, $rule['resource']) : Authority::deny($action, $rule['resource']);
}
}
}
}
}
/**
* Saves page ordering
*
*/
public function save_ordering()
{
if (!Authority::can('edit', 'admin/page')) {
$this->error(lang('permission_denied'));
}
$order = $this->input->post('order');
if ($order !== FALSE) {
// Clear the cache
Cache()->clear_cache();
// Saves the new ordering
$this->page_model->save_ordering($order);
// Answer sent
$this->success(lang('ionize_message_page_ordered'));
} else {
$this->error(lang('ionize_message_operation_nok'));
}
}
public function get_rules()
{
$rules = Authority::get_rules_array();
if ($this->is_xhr()) {
$data = array('rules' => $rules);
$this->xhr_output($data);
}
}
