/**
* Overloaded bind function to pre-process the params.
*
* @param array Named array
*
* @return null|string null is operation was satisfactory, otherwise returns an error
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_mapa.mapadevenezuela.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_mapa/access.xml', "/access/section[@name='mapadevenezuela']/");
$default_actions = JAccess::getAssetRules('com_mapa.mapadevenezuela.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
//Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
/**
* Gets a list of the actions that can be performed.
*
* @param \JUser $user The user object.
* @param string $component The component access file path, component base path or option name.
* @param string $assetName The asset name
* @param integer $categoryId The category ID.
* @param integer $id The item ID.
*
* @return Object
*/
public static function getActions(\JUser $user, $component, $assetName, $categoryId = 0, $id = 0)
{
$result = new Object();
// New rules: If path is access file
$path = $component;
if (!is_file($path)) {
// New rules: If path is component base path
$path = $path . '/access.xml';
}
if (!is_file($path)) {
$path = PathHelper::getAdmin($component) . '/etc/access.xml';
}
if (!is_file($path)) {
$path = PathHelper::getAdmin($component) . '/access.xml';
}
if (!$id && !$categoryId) {
$section = 'component';
} elseif (!$id && $categoryId) {
$section = 'category';
$assetName .= '.category.' . $categoryId;
} elseif ($id && !$categoryId) {
$section = $assetName;
$assetName .= '.' . $assetName . '.' . $id;
} else {
$section = $assetName;
$assetName .= '.' . $assetName;
}
$actions = \JAccess::getActionsFromFile($path, "/access/section[@name='" . $section . "']/");
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, $assetName));
}
return $result;
}
/**
* Overloaded bind function to pre-process the params.
*
* @param array $array Named array
* @param mixed $ignore Optional array or list of parameters to ignore
*
* @return null|string null is operation was satisfactory, otherwise returns an error
*
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if (($task == 'save' || $task == 'apply') && (!JFactory::getUser()->authorise('core.edit.state', 'com_autofilter') && $array['state'] == 1)) {
$array['state'] = 0;
}
if ($array['id'] == 0) {
$array['created_by'] = JFactory::getUser()->id;
}
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_autofilter.categorie.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_autofilter/access.xml', "/access/section[@name='categorie']/");
$default_actions = JAccess::getAssetRules('com_autofilter.categorie.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
// Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
/**
* Получаем доступы для действий.
*
* @param int $categoryId Id категории.
* @param int $messageId Id сообщения.
*
* @return object
*/
public static function getActions($categoryId = 0, $messageId = 0)
{
// Определяем имя ассета (ресурса).
if (empty($messageId) && empty($categoryId)) {
$assetName = 'com_helloworld';
$section = 'component';
} elseif (empty($messageId)) {
$assetName = 'com_helloworld.category.' . (int) $categoryId;
$section = 'category';
} else {
$assetName = 'com_helloworld.message.' . (int) $messageId;
$section = 'message';
}
if (empty(self::$actions)) {
// Получаем список доступных действий для компонента.
$accessFile = JPATH_ADMINISTRATOR . '/components/com_helloworld/access.xml';
$actions = JAccess::getActionsFromFile($accessFile, "/access/section[@name='" . $section . "']/");
// Для сообщения и категорий добавляем действие core.admin.
if ($section == 'category' || $section == 'message') {
$adminAction = new stdClass();
$adminAction->name = 'core.admin';
array_push($actions, $adminAction);
}
self::$actions = new JObject();
foreach ($actions as $action) {
// Устанавливаем доступы пользователя для действий.
self::$actions->set($action->name, JFactory::getUser()->authorise($action->name, $assetName));
}
}
return self::$actions;
}
/**
* Overloaded bind function to pre-process the params.
*
* @param array $array Named array
* @param mixed $ignore Optional array or list of parameters to ignore
*
* @return null|string null is operation was satisfactory, otherwise returns an error
*
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
// Support for multiple or not foreign key field: ingredients_id
if (!empty($array['ingredients_id'])) {
if (is_array($array['ingredients_id'])) {
$array['ingredients_id'] = implode(',', $array['ingredients_id']);
} else {
if (strrpos($array['ingredients_id'], ',') != false) {
$array['ingredients_id'] = explode(',', $array['ingredients_id']);
}
}
} else {
$array['ingredients_id'] = '';
}
// Support for multiple or not foreign key field: recipe_id
if (!empty($array['recipe_id'])) {
if (is_array($array['recipe_id'])) {
$array['recipe_id'] = implode(',', $array['recipe_id']);
} else {
if (strrpos($array['recipe_id'], ',') != false) {
$array['recipe_id'] = explode(',', $array['recipe_id']);
}
}
} else {
$array['recipe_id'] = '';
}
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if (($task == 'save' || $task == 'apply') && (!JFactory::getUser()->authorise('core.edit.state', 'com_akrecipes') && $array['state'] == 1)) {
$array['state'] = 0;
}
if ($array['id'] == 0) {
$array['created_by'] = JFactory::getUser()->id;
}
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_akrecipes.ingredient997479.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_akrecipes/access.xml', "/access/section[@name='ingredient997479']/");
$default_actions = JAccess::getAssetRules('com_akrecipes.ingredient997479.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
// Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
/**
* Gets a list of the actions that can be performed.
*
* @return JObject
*/
public static function getActions()
{
$user = JFactory::getUser();
$result = new JObject();
$actions = JAccess::getActionsFromFile('com_modules');
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, 'com_modules'));
}
return $result;
}
/**
* Get the actions for ACL
*/
public static function getActions()
{
$user = JFactory::getUser();
$result = new JObject();
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_sichtweiten/access.xml', "/access/section[@name='component']/");
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, 'com_sichtweiten'));
}
return $result;
}
/**
* Gets a list of the actions that can be performed.
*
* @return JObject
*/
public static function getActions()
{
$result = new JObject();
$actions = JAccess::getActionsFromFile(JPATH_COMPONENT_ADMINISTRATOR . '/access.xml');
if ($actions !== false) {
$user = JFactory::getUser();
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, 'com_proofreader'));
}
}
return $result;
}
/**
* Gets a list of the actions that can be performed.
*
* @param integer The module ID.
*
* @return JObject
*/
public static function getActions($moduleId = 0)
{
$user = JFactory::getUser();
$result = new JObject();
if (empty($moduleId)) {
$assetName = 'com_modules';
} else {
$assetName = 'com_modules.module.' . (int) $moduleId;
}
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_modules/access.xml', "/access/section[@name='component']/");
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, $assetName));
}
return $result;
}
/**
* Gets a list of the actions that can be performed.
*
* @param string $component The component name.
* @param string $section The access section name.
* @param integer $id The item ID.
*
* @return JObject
*
* @since 3.2
*/
public static function getActions($component = '', $section = '', $id = 0)
{
$user = JFactory::getUser();
$result = new JObject();
$path = JPATH_ADMINISTRATOR . '/components/' . $component . '/access.xml';
if ($section && $id) {
$assetName = $component . '.' . $section . '.' . (int) $id;
} else {
$assetName = $component;
}
$actions = JAccess::getActionsFromFile($path, "/access/section[@name='component']/");
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, $assetName));
}
return $result;
}
public static function getActions()
{
$user = JFactory::getUser();
$result = new JObject();
$assetName = 'com_jcomments';
$actions = JAccess::getActionsFromFile(JPATH_COMPONENT_ADMINISTRATOR . '/access.xml');
if (is_array($actions)) {
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, $assetName));
}
} else {
$actions = array('core.admin', 'core.manage', 'core.create', 'core.delete', 'core.edit', 'core.edit.state');
foreach ($actions as $action) {
$result->set($action, $user->authorise($action, $assetName));
}
}
return $result;
}
/**
* Gets a list of the actions that can be performed.
*
* @param int The category ID.
* @param int The article ID.
*
* @return JObject
* @since 1.6
*/
public static function getActions($formId = 0, $fieldId = 0)
{
$user = JFactory::getUser();
$result = new JObject();
if (empty($formId) && empty($fieldId)) {
$assetName = 'com_visforms';
} else {
if (empty($fieldId)) {
$assetName = 'com_visforms.visform.' . (int) $formId;
} else {
$assetName = 'com_visforms.visform.' . (int) $formId . '.visfield.' . (int) $fieldId;
}
}
$actions = JAccess::getActionsFromFile(JPath::clean(JPATH_ADMINISTRATOR . '/components/com_visforms/access.xml'), "/access/section[@name='component']/");
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, $assetName));
}
return $result;
}
/**
* Overloaded bind function to pre-process the params.
*
* @param array $array Named array
* @param mixed $ignore Optional array or list of parameters to ignore
*
* @return null|string null is operation was satisfactory, otherwise returns an error
*
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if ($array['id'] == 0) {
$array['created_by'] = JFactory::getUser()->id;
}
if ($array['id'] == 0) {
$array['modified_by'] = JFactory::getUser()->id;
}
// Support for alias field: alias
if (empty($array['alias'])) {
if (empty($array['brand_name'])) {
$array['alias'] = JFilterOutput::stringURLSafe(date('Y-m-d H:i:s'));
} else {
$array['alias'] = JFilterOutput::stringURLSafe(trim($array['brand_name']));
}
}
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_akrecipes.brand.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_akrecipes/access.xml', "/access/section[@name='brand']/");
$default_actions = JAccess::getAssetRules('com_akrecipes.brand.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
// Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
/**
* Method to get the list of possible permission action names for the form field.
*
* @param SimpleXMLElement $element The SimpleXMLElement object representing the <field /> tag for the
* form field object.
*
* @return array A list of permission action names from the form field element definition.
*
* @since 11.1
*/
protected function getFieldActions(SimpleXMLElement $element)
{
$actions = array();
// Initialise some field attributes.
$section = $element['section'] ? (string) $element['section'] : '';
$component = $element['component'] ? (string) $element['component'] : '';
// Get the asset actions for the element.
$elActions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/' . $component . '/access.xml', "/access/section[@name='" . $section . "']/");
// Iterate over the asset actions and add to the actions.
foreach ($elActions as $item) {
$actions[] = $item->name;
}
// Iterate over the children and add to the actions.
foreach ($element->children() as $el) {
if ($el->getName() == 'action') {
$actions[] = (string) $el['name'];
}
}
return $actions;
}
public static function getActions($component = '', $section = '', $id = 0)
{
if (is_int($component) || is_null($component) || (empty($section) || $section == 'component')) {
$result = JHelperContent::getActions($component, $section, $id);
return $result;
}
$user = JFactory::getUser();
$result = new JObject();
$path = JPATH_ADMINISTRATOR . '/components/' . $component . '/access.xml';
if ($section && $id) {
$assetName = $component . '.' . $section . '.' . (int) $id;
} else {
$assetName = $component;
}
$actions = JAccess::getActionsFromFile($path, "/access/section[@name='" . $section . "']/");
//linha modificada em relacao a funcao original
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, $assetName));
}
return $result;
}
/**
* Gets a list of the actions that can be performed.
*
* @param integer $categoryId The category ID.
* @param integer $id The item ID.
* @param string $assetName The asset name
*
* @return JObject
*
* @since 3.1
*/
public static function getActions($categoryId = 0, $id = 0, $assetName = '')
{
// Reverted a change for version 2.5.6
$user = JFactory::getUser();
$result = new JObject();
$path = JPATH_ADMINISTRATOR . '/components/' . $assetName . '/access.xml';
if (empty($id) && empty($categoryId)) {
$section = 'component';
} elseif (empty($id)) {
$section = 'category';
$assetName .= '.category.' . (int) $categoryId;
} else {
// Used only in com_content
$section = 'article';
$assetName .= '.article.' . (int) $id;
}
$actions = JAccess::getActionsFromFile($path, "/access/section[@name='" . $section . "']/");
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, $assetName));
}
return $result;
}
/**
* Overloaded bind function to pre-process the params.
*
* @param array Named array
*
* @return null|string null is operation was satisfactory, otherwise returns an error
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
//Support for alias field: alias
if (empty($array['alias'])) {
if (empty($array['name'])) {
$array['alias'] = JFilterOutput::stringURLSafe(date('Y-m-d H:i:s'));
} else {
$array['alias'] = JFilterOutput::stringURLSafe(trim($array['name']));
}
}
//Support for file field: filename
$input = JFactory::getApplication()->input;
$files = $input->files->get('jform');
if (!empty($files['filename'])) {
jimport('joomla.filesystem.file');
$file = $files['filename'];
//Check if the server found any error.
$fileError = $file['error'];
$message = '';
if ($fileError > 0 && $fileError != 4) {
switch ($fileError) {
case 1:
$message = JText::_('File size exceeds allowed by the server');
break;
case 2:
$message = JText::_('File size exceeds allowed by the html form');
break;
case 3:
$message = JText::_('Partial upload error');
break;
}
if ($message != '') {
JError::raiseWarning(500, $message);
return false;
}
} else {
if ($fileError == 4) {
if (isset($array['filename_hidden'])) {
$array['filename'] = $array['filename_hidden'];
}
} else {
//Replace any special characters in the filename
$filename = explode('.', $file['name']);
$filename[0] = preg_replace("/[^A-Za-z0-9]/i", "-", $filename[0]);
//Add Timestamp MD5 to avoid overwriting
$filename = md5(time()) . '-' . implode('.', $filename);
$uploadPath = JPATH_ADMINISTRATOR . '/components/com_db8download/com_db8download/' . $filename;
$fileTemp = $file['tmp_name'];
if (!JFile::exists($uploadPath)) {
if (!JFile::upload($fileTemp, $uploadPath)) {
JError::raiseWarning(500, 'Error moving file');
return false;
}
}
$array['filename'] = $filename;
}
}
}
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if (($task == 'save' || $task == 'apply') && (!JFactory::getUser()->authorise('core.edit.state', 'com_db8download') && $array['state'] == 1)) {
$array['state'] = 0;
}
if ($array['id'] == 0) {
$array['created'] = JFactory::getDate()->toSql();
}
if ($array['id'] == 0) {
$array['created_by'] = JFactory::getUser()->id;
}
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_db8download.file.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_db8download/access.xml', "/access/section[@name='file']/");
$default_actions = JAccess::getAssetRules('com_db8download.file.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
//Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
/**
* Tests the JAccess::getActionsFromFile method.
*
* @return void
*
* @since 12.1
*/
public function testGetActionsFromFile()
{
$this->assertThat(JAccess::getActionsFromFile('/path/to/unexisting/file'), $this->equalTo(false), 'Line:' . __LINE__ . ' Getting actions from an unexisting file must return false');
file_put_contents(JPATH_TESTS . '/tmp/access/access.xml', '<access component="com_banners">
<section name="component">
<action name="core.admin" title="JACTION_ADMIN" description="JACTION_ADMIN_COMPONENT_DESC" />
<action name="core.manage" title="JACTION_MANAGE" description="JACTION_MANAGE_COMPONENT_DESC" />
<action name="core.create" title="JACTION_CREATE" description="JACTION_CREATE_COMPONENT_DESC" />
<action name="core.delete" title="JACTION_DELETE" description="JACTION_DELETE_COMPONENT_DESC" />
<action name="core.edit" title="JACTION_EDIT" description="JACTION_EDIT_COMPONENT_DESC" />
<action name="core.edit.state" title="JACTION_EDITSTATE" description="JACTION_EDITSTATE_COMPONENT_DESC" />
</section>
<section name="category">
<action name="core.create" title="JACTION_CREATE" description="COM_CATEGORIES_ACCESS_CREATE_DESC" />
<action name="core.delete" title="JACTION_DELETE" description="COM_CATEGORIES_ACCESS_DELETE_DESC" />
<action name="core.edit" title="JACTION_EDIT" description="COM_CATEGORIES_ACCESS_EDIT_DESC" />
<action name="core.edit.state" title="JACTION_EDITSTATE" description="COM_CATEGORIES_ACCESS_EDITSTATE_DESC" />
</section>
</access>');
$this->assertThat(JAccess::getActionsFromFile(JPATH_TESTS . '/tmp/access/access.xml'), $this->equalTo(array((object) array('name' => "core.admin", 'title' => "JACTION_ADMIN", 'description' => "JACTION_ADMIN_COMPONENT_DESC"), (object) array('name' => "core.manage", 'title' => "JACTION_MANAGE", 'description' => "JACTION_MANAGE_COMPONENT_DESC"), (object) array('name' => "core.create", 'title' => "JACTION_CREATE", 'description' => "JACTION_CREATE_COMPONENT_DESC"), (object) array('name' => "core.delete", 'title' => "JACTION_DELETE", 'description' => "JACTION_DELETE_COMPONENT_DESC"), (object) array('name' => "core.edit", 'title' => "JACTION_EDIT", 'description' => "JACTION_EDIT_COMPONENT_DESC"), (object) array('name' => "core.edit.state", 'title' => "JACTION_EDITSTATE", 'description' => "JACTION_EDITSTATE_COMPONENT_DESC"))), 'Line:' . __LINE__ . ' Getting actions from an xml file must return correct array.');
}
/**
* Overloaded bind function to pre-process the params.
*
* @param array $array Named array
* @param mixed $ignore Optional array or list of parameters to ignore
*
* @return null|string null is operation was satisfactory, otherwise returns an error
*
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
// Support for multiple or not foreign key field: subject
if (!empty($array['subject'])) {
if (is_array($array['subject'])) {
$array['subject'] = implode(',', $array['subject']);
} else {
if (strrpos($array['subject'], ',') != false) {
$array['subject'] = explode(',', $array['subject']);
}
}
} else {
$array['subject'] = '';
}
// Support for multiple or not foreign key field: category
if (!empty($array['category'])) {
if (is_array($array['category'])) {
$array['category'] = implode(',', $array['category']);
} else {
if (strrpos($array['category'], ',') != false) {
$array['category'] = explode(',', $array['category']);
}
}
} else {
$array['category'] = '';
}
// Support for checkbox field: keyness
if (!isset($array['keyness'])) {
$array['keyness'] = 0;
}
// Support for multiple or not foreign key field: frequency
if (!empty($array['frequency'])) {
if (is_array($array['frequency'])) {
$array['frequency'] = implode(',', $array['frequency']);
} else {
if (strrpos($array['frequency'], ',') != false) {
$array['frequency'] = explode(',', $array['frequency']);
}
}
} else {
$array['frequency'] = '';
}
// Support for multiple or not foreign key field: pos
if (!empty($array['pos'])) {
if (is_array($array['pos'])) {
$array['pos'] = implode(',', $array['pos']);
} else {
if (strrpos($array['pos'], ',') != false) {
$array['pos'] = explode(',', $array['pos']);
}
}
} else {
$array['pos'] = '';
}
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if ($array['id'] == 0) {
$array['created_by'] = JFactory::getUser()->id;
}
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_vocab.content.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_vocab/access.xml', "/access/section[@name='content']/");
$default_actions = JAccess::getAssetRules('com_vocab.content.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
// Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* JMFramework is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with JMFramework. If not, see <http://www.gnu.org/licenses/>.
*
*/
defined('_JEXEC') or die('Restricted access');
$user = JFactory::getUser();
$result = new JObject();
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_templates/access.xml', "/access/section[@name='component']/");
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, 'com_templates'));
}
$hasAccess = false;
$isLoggedIn = $user->guest ? false : true;
if ($result->get('core.edit')) {
$hasAccess = true;
}
$display_login_form = JFactory::getApplication()->input->getInt('jmthemerlogin', 0);
?>
<span id="jmtheme-logo">Theme Customizer</span>
<div class="inside" id="jmtheme-inside">
<form name="jmtheme" id="jmtheme" action="" method="post">
<?php
foreach ($fieldSets as $fieldset) {
/**
* Overloaded bind function to pre-process the params.
*
* @param array $array Named array
* @param mixed $ignore Optional array or list of parameters to ignore
*
* @return null|string null is operation was satisfactory, otherwise returns an error
*
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
//error_log("AKRecipesTable::bind array = " . print_r($array,true));
//Support for alias field: alias
if (empty($array['alias'])) {
if (empty($array['recipe_name'])) {
$array['alias'] = JFilterOutput::stringURLSafe(date('Y-m-d H:i:s'));
} else {
$array['alias'] = JFilterOutput::stringURLSafe(trim($array['recipe_name']));
}
}
if (!empty($array['ingredients_list']) && is_array($array['ingredients_list'])) {
$ingredients_list_string = json_encode($array['ingredients_list']);
$array['ingredients_list'] = $ingredients_list_string;
}
$social_media_images = array();
if (!empty($array['facebook_image'])) {
$social_media_images['facebook_image'] = $array['facebook_image'];
}
if (!empty($array['twitter_image'])) {
$social_media_images['twitter_image'] = $array['twitter_image'];
}
if (!empty($array['pinterest_image'])) {
$social_media_images['pinterest_image'] = $array['pinterest_image'];
}
if (count($social_media_images) > 0) {
$array['social_media_image'] = json_encode($social_media_images);
}
/*
if ( isset($array['tags']) && !empty($array['tags']) ) {
// Load the tags helper.
require_once JPATH_ADMINISTRATOR . '/components/com_tags/helpers/tags.php';
// Get the allowed actions for the user
$canDo = TagsHelper::getActions('com_tags'); // The helper get the user and the component name itself
// Load the tags model.
require_once JPATH_ADMINISTRATOR . '/components/com_tags/models/tag.php';
JTable::addIncludePath(JPATH_ADMINISTRATOR . '/components/com_tags/tables');
// Get an instance of the table for insertion the new tags
$tagsModel = TagsModelTag::getInstance('Tag','TagsModel');
$tags = array(); // Initialization of the tag container must be processed
// If tags is an array, store-mode
if ( is_array($array['tags']) ) {
// "Allow user creation" mode must be activated (default) in the component creation field
// Save the tags does not exist into the table tags and get its id for save the entire Item with the proper data
foreach ($array['tags'] as $singleTag) {
// If there is any new tag... create it to get the id and save into the table #__COMPONENT_NAME_TABLE_NAME
if ( strpos($singleTag, "#new#") !== FALSE ) {
$user = JFactory::getUser();
$userId = $user->id; // For writting permissions
$tagName = str_replace("#new#", "", $singleTag);
$tagAlias = $tagPath = preg_replace('/[\s\W\.]+/', '-', $tagName); // Tags alias filter
$tagMetadata = array(
"author"=>""
, "robots"=>""
, "tags"=>null
);
// The data tag field row
$data = array(
"parent_id" => 0
, "path" => $tagPath
, "title" => $tagName
, "alias" => $tagAlias
, "created_by_alias" => $user
, "created_user_id" => $userId
, "published" => 1
, "checked_out"=> 0
, "metadata" => json_encode($tagMetadata)
);
// Finally, store the tag if the user is granted for that
if ( $canDo->get('core.create') ) {
$table = $tagsModel->getTable();
$table->bind($data) ? $table->store($data) : exit;
$tags[] = $table->id; // And store the insert_id
}
}
// NOT new Tag (already exists)
// $singleTag is the tag id
else
$tags[] = intval($singleTag);
}
// Overrride the tags array, because we should need to change the id before field saving
// The field in database will look like "299,345,567,567"
$array['tags'] = implode(',',$tags);
}
}
else {
$array['tags'] = '';
}
*/
// Support for multiple or not foreign key field: cuisines_id
if (!empty($array['cuisines_id'])) {
if (is_array($array['cuisines_id'])) {
$array['cuisines_id'] = implode(',', $array['cuisines_id']);
} else {
if (strrpos($array['cuisines_id'], ',') != false) {
$array['cuisines_id'] = explode(',', $array['cuisines_id']);
}
}
} else {
$array['cuisines_id'] = '';
}
// Support for multiple or not foreign key field: meal_course_id
if (!empty($array['meal_course_id'])) {
if (is_array($array['meal_course_id'])) {
$array['meal_course_id'] = implode(',', $array['meal_course_id']);
} else {
if (strrpos($array['meal_course_id'], ',') != false) {
$array['meal_course_id'] = explode(',', $array['meal_course_id']);
}
}
} else {
$array['meal_course_id'] = '';
}
//error_log("Saving product_ids " . print_r($array['product_id'],true));
// one to many support for products
if (!empty($array['product_id'])) {
if (is_array($array['product_id'])) {
$array['product_id'] = implode(',', $array['product_id']);
} else {
if (strrpos($array['product_id'], ',') != false) {
$array['product_id'] = explode(',', $array['product_id']);
}
}
} else {
$array['product_id'] = '';
}
// Support for multiple or not foreign key field: diet_id
if (!empty($array['diet_id'])) {
if (is_array($array['diet_id'])) {
$array['diet_id'] = implode(',', $array['diet_id']);
} else {
if (strrpos($array['diet_id'], ',') != false) {
$array['diet_id'] = explode(',', $array['diet_id']);
}
}
} else {
$array['diet_id'] = '';
}
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if (($task == 'save' || $task == 'apply') && (!JFactory::getUser()->authorise('core.edit.state', 'com_akrecipes') && $array['state'] == 1)) {
$array['state'] = 0;
}
if ($array['id'] == 0 && empty($array['created_by'])) {
$array['created_by'] = JFactory::getUser()->id;
}
if ($array['id'] == 0 && empty($array['modified_by'])) {
$array['modified_by'] = JFactory::getUser()->id;
}
// Support for checkbox field: sponsored
if (!isset($array['sponsored'])) {
$array['sponsored'] = 0;
}
// Support for checkbox field: featured
if (!isset($array['featured'])) {
$array['featured'] = 0;
}
// // Support for checkbox field: featured
// if (!isset($array['show_brand']))
// {
// $array['show_brand'] = 0;
// }
// if ( !isset($array['params'])) {
// $array['params'] = array();
// }
// $array['params']['show_brand'] = $array['show_brand'];
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_akrecipes.recipe.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_akrecipes/access.xml', "/access/section[@name='recipe']/");
$default_actions = JAccess::getAssetRules('com_akrecipes.recipe.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
// Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
/**
* Returns a UL list of actions with check boxes
*
* @param string $name The name of the checkbox controls array
* @param array $selected An array of the checked boxes
* @param string $component The component the permissions apply to
* @param string $section The section (within a component) the permissions apply to
*
* @return string
*
* @see JAccess
* @since 1.6
*/
public static function actions($name, $selected, $component, $section = 'global')
{
static $count;
$count++;
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/' . $component . '/access.xml', "/access/section[@name='" . $section . "']/");
$html = array();
$html[] = '<ul class="checklist access-actions">';
for ($i = 0, $n = count($actions); $i < $n; $i++) {
$item =& $actions[$i];
// Setup the variable attributes.
$eid = $count . 'action_' . $item->id;
$checked = in_array($item->id, $selected) ? ' checked="checked"' : '';
// Build the HTML for the item.
$html[] = ' <li>';
$html[] = ' <input type="checkbox" name="' . $name . '[]" value="' . $item->id . '" id="' . $eid . '"';
$html[] = ' ' . $checked . ' />';
$html[] = ' <label for="' . $eid . '">';
$html[] = ' ' . JText::_($item->title);
$html[] = ' </label>';
$html[] = ' </li>';
}
$html[] = '</ul>';
return implode("\n", $html);
}
/**
* Method to get the field input markup for Access Control Lists.
* Optionally can be associated with a specific component and section.
*
* TODO: Add access check.
*
* @return string The field input markup.
*
* @since 11.1
*/
protected function getInput()
{
JHtml::_('behavior.tooltip');
// Initialise some field attributes.
$section = $this->element['section'] ? (string) $this->element['section'] : '';
$component = $this->element['component'] ? (string) $this->element['component'] : '';
$assetField = $this->element['asset_field'] ? (string) $this->element['asset_field'] : 'asset_id';
// Get the actions for the asset.
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/' . $component . '/access.xml', "/access/section[@name='" . $section . "']/");
// Iterate over the children and add to the actions.
foreach ($this->element->children() as $el) {
if ($el->getName() == 'action') {
$actions[] = (object) array('name' => (string) $el['name'], 'title' => (string) $el['title'], 'description' => (string) $el['description']);
}
}
// Get the explicit rules for this asset.
if ($section == 'component') {
// Need to find the asset id by the name of the component.
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select($db->quoteName('id'));
$query->from($db->quoteName('#__assets'));
$query->where($db->quoteName('name') . ' = ' . $db->quote($component));
$db->setQuery($query);
$assetId = (int) $db->loadResult();
} else {
// Find the asset id of the content.
// Note that for global configuration, com_config injects asset_id = 1 into the form.
$assetId = $this->form->getValue($assetField);
}
// Use the compact form for the content rules (deprecated).
/* @todo remove code:
if (!empty($component) && $section != 'component') {
return JHtml::_('rules.assetFormWidget', $actions, $assetId, $assetId ? null : $component, $this->name, $this->id);
}
*/
// Full width format.
// Get the rules for just this asset (non-recursive).
$assetRules = JAccess::getAssetRules($assetId);
// Get the available user groups.
$groups = $this->getUserGroups();
// Build the form control.
$curLevel = 0;
// Prepare output
$html = array();
$html[] = '<div id="permissions-sliders" class="pane-sliders">';
$html[] = '<p class="rule-desc">' . JText::_('JLIB_RULES_SETTINGS_DESC') . '</p>';
$html[] = '<ul id="rules">';
// Start a row for each user group.
foreach ($groups as $group) {
$difLevel = $group->level - $curLevel;
if ($difLevel > 0) {
$html[] = '<li><ul>';
} elseif ($difLevel < 0) {
$html[] = str_repeat('</ul></li>', -$difLevel);
}
$html[] = '<li>';
$html[] = '<div class="panel">';
$html[] = '<h3 class="pane-toggler title"><a href="javascript:void(0);"><span>';
$html[] = str_repeat('<span class="level">|–</span> ', $curLevel = $group->level) . $group->text;
$html[] = '</span></a></h3>';
$html[] = '<div class="pane-slider content pane-hide">';
$html[] = '<div class="mypanel">';
$html[] = '<table class="group-rules">';
$html[] = '<thead>';
$html[] = '<tr>';
$html[] = '<th class="actions" id="actions-th' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_ACTION') . '</span>';
$html[] = '</th>';
$html[] = '<th class="settings" id="settings-th' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_SELECT_SETTING') . '</span>';
$html[] = '</th>';
// The calculated setting is not shown for the root group of global configuration.
$canCalculateSettings = $group->parent_id || !empty($component);
if ($canCalculateSettings) {
$html[] = '<th id="aclactionth' . $group->value . '">';
$html[] = '<span class="acl-action">' . JText::_('JLIB_RULES_CALCULATED_SETTING') . '</span>';
$html[] = '</th>';
}
$html[] = '</tr>';
$html[] = '</thead>';
$html[] = '<tbody>';
foreach ($actions as $action) {
$html[] = '<tr>';
$html[] = '<td headers="actions-th' . $group->value . '">';
$html[] = '<label class="hasTip" for="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="' . htmlspecialchars(JText::_($action->title) . '::' . JText::_($action->description), ENT_COMPAT, 'UTF-8') . '">';
$html[] = JText::_($action->title);
$html[] = '</label>';
$html[] = '</td>';
$html[] = '<td headers="settings-th' . $group->value . '">';
$html[] = '<select name="' . $this->name . '[' . $action->name . '][' . $group->value . ']" id="' . $this->id . '_' . $action->name . '_' . $group->value . '" title="' . JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', JText::_($action->title), trim($group->text)) . '">';
$inheritedRule = JAccess::checkGroup($group->value, $action->name, $assetId);
// Get the actual setting for the action for this group.
$assetRule = $assetRules->allow($action->name, $group->value);
// Build the dropdowns for the permissions sliders
// The parent group has "Not Set", all children can rightly "Inherit" from that.
$html[] = '<option value=""' . ($assetRule === null ? ' selected="selected"' : '') . '>' . JText::_(empty($group->parent_id) && empty($component) ? 'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') . '</option>';
$html[] = '<option value="1"' . ($assetRule === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED') . '</option>';
$html[] = '<option value="0"' . ($assetRule === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED') . '</option>';
$html[] = '</select>  ';
// If this asset's rule is allowed, but the inherited rule is deny, we have a conflict.
if ($assetRule === true && $inheritedRule === false) {
$html[] = JText::_('JLIB_RULES_CONFLICT');
}
$html[] = '</td>';
// Build the Calculated Settings column.
// The inherited settings column is not displayed for the root group in global configuration.
if ($canCalculateSettings) {
$html[] = '<td headers="aclactionth' . $group->value . '">';
// This is where we show the current effective settings considering currrent group, path and cascade.
// Check whether this is a component or global. Change the text slightly.
if (JAccess::checkGroup($group->value, 'core.admin', $assetId) !== true) {
if ($inheritedRule === null) {
$html[] = '<span class="icon-16-unset">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
} elseif ($inheritedRule === true) {
$html[] = '<span class="icon-16-allowed">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
} elseif ($inheritedRule === false) {
if ($assetRule === false) {
$html[] = '<span class="icon-16-denied">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
} else {
$html[] = '<span class="icon-16-denied"><span class="icon-16-locked">' . JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED') . '</span></span>';
}
}
} elseif (!empty($component)) {
$html[] = '<span class="icon-16-allowed"><span class="icon-16-locked">' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span></span>';
} else {
// Special handling for groups that have global admin because they can't be denied.
// The admin rights can be changed.
if ($action->name === 'core.admin') {
$html[] = '<span class="icon-16-allowed">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
} elseif ($inheritedRule === false) {
// Other actions cannot be changed.
$html[] = '<span class="icon-16-denied"><span class="icon-16-locked">' . JText::_('JLIB_RULES_NOT_ALLOWED_ADMIN_CONFLICT') . '</span></span>';
} else {
$html[] = '<span class="icon-16-allowed"><span class="icon-16-locked">' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span></span>';
}
}
$html[] = '</td>';
}
$html[] = '</tr>';
}
$html[] = '</tbody>';
$html[] = '</table></div>';
$html[] = '</div></div>';
$html[] = '</li>';
}
$html[] = str_repeat('</ul></li>', $curLevel);
$html[] = '</ul><div class="rule-notes">';
if ($section == 'component' || $section == null) {
$html[] = JText::_('JLIB_RULES_SETTING_NOTES');
} else {
$html[] = JText::_('JLIB_RULES_SETTING_NOTES_ITEM');
}
$html[] = '</div></div>';
// Get the JInput object
$input = JFactory::getApplication()->input;
$js = "window.addEvent('domready', function(){ new Fx.Accordion(\$\$('div#permissions-sliders.pane-sliders .panel h3.pane-toggler')," . "\$\$('div#permissions-sliders.pane-sliders .panel div.pane-slider'), {onActive: function(toggler, i) {toggler.addClass('pane-toggler-down');" . "toggler.removeClass('pane-toggler');i.addClass('pane-down');i.removeClass('pane-hide');Cookie.write('jpanesliders_permissions-sliders" . $component . "',\$\$('div#permissions-sliders.pane-sliders .panel h3').indexOf(toggler));}," . "onBackground: function(toggler, i) {toggler.addClass('pane-toggler');toggler.removeClass('pane-toggler-down');i.addClass('pane-hide');" . "i.removeClass('pane-down');}, duration: 300, display: " . $input->cookie->get('jpanesliders_permissions-sliders' . $component, 0, 'integer') . ", show: " . $input->cookie->get('jpanesliders_permissions-sliders' . $component, 0, 'integer') . ", alwaysHide:true, opacity: false}); });";
JFactory::getDocument()->addScriptDeclaration($js);
return implode("\n", $html);
}
public static function getActions($component = 'com_judirectory', $section = '', $id = 0)
{
if (!$component) {
$component = 'com_judirectory';
}
$user = JFactory::getUser();
$result = new JObject();
$path = JPATH_ADMINISTRATOR . '/components/' . $component . '/access.xml';
switch ($section) {
case 'component':
$actionsComponent = JAccess::getActionsFromFile($path, "/access/section[@name='component']/");
$actionsCategory = JAccess::getActionsFromFile($path, "/access/section[@name='component_category']/");
$actionsListing = JAccess::getActionsFromFile($path, "/access/section[@name='component_listing']/");
$actionsComment = JAccess::getActionsFromFile($path, "/access/section[@name='component_comment']/");
$actionsSingleRating = JAccess::getActionsFromFile($path, "/access/section[@name='component_single_rating']/");
$actionsFieldValue = JAccess::getActionsFromFile($path, "/access/section[@name='component_field_value']/");
$actionsModerator = JAccess::getActionsFromFile($path, "/access/section[@name='component_moderator']/");
$actionsCriteria = JAccess::getActionsFromFile($path, "/access/section[@name='component_criteria']/");
$actions = array_merge($actionsComponent, $actionsCategory, $actionsListing, $actionsComment, $actionsSingleRating, $actionsFieldValue, $actionsModerator, $actionsCriteria);
break;
case 'category':
case 'listing':
$actionsComponent = JAccess::getActionsFromFile($path, "/access/section[@name='component']/");
$actionsCategory = JAccess::getActionsFromFile($path, "/access/section[@name='component_category']/");
$actionsListing = JAccess::getActionsFromFile($path, "/access/section[@name='component_listing']/");
$actionsComment = JAccess::getActionsFromFile($path, "/access/section[@name='component_comment']/");
$actionsSingleRating = JAccess::getActionsFromFile($path, "/access/section[@name='component_single_rating']/");
$actions = array_merge($actionsComponent, $actionsCategory, $actionsListing, $actionsComment, $actionsSingleRating);
break;
case 'fieldgroup':
case 'field':
$actionsComponent = JAccess::getActionsFromFile($path, "/access/section[@name='component']/");
$actionsFieldValue = JAccess::getActionsFromFile($path, "/access/section[@name='component_field_value']/");
$actions = array_merge($actionsComponent, $actionsFieldValue);
break;
case 'moderator':
$actionsComponent = JAccess::getActionsFromFile($path, "/access/section[@name='component']/");
$actionsModerator = JAccess::getActionsFromFile($path, "/access/section[@name='component_moderator']/");
$actions = array_merge($actionsComponent, $actionsModerator);
break;
case 'criteriagroup':
$actionsComponent = JAccess::getActionsFromFile($path, "/access/section[@name='component']/");
$actionsCriteria = JAccess::getActionsFromFile($path, "/access/section[@name='component_criteria']/");
$actions = array_merge($actionsComponent, $actionsCriteria);
break;
default:
$actionsComponent = JAccess::getActionsFromFile($path, "/access/section[@name='component']/");
$actionsCategory = JAccess::getActionsFromFile($path, "/access/section[@name='component_category']/");
$actionsListing = JAccess::getActionsFromFile($path, "/access/section[@name='component_listing']/");
$actionsComment = JAccess::getActionsFromFile($path, "/access/section[@name='component_comment']/");
$actionsSingleRating = JAccess::getActionsFromFile($path, "/access/section[@name='component_single_rating']/");
$actionsFieldValue = JAccess::getActionsFromFile($path, "/access/section[@name='component_field_value']/");
$actionsModerator = JAccess::getActionsFromFile($path, "/access/section[@name='component_moderator']/");
$actionsCriteria = JAccess::getActionsFromFile($path, "/access/section[@name='component_criteria']/");
$actions = array_merge($actionsComponent, $actionsCategory, $actionsListing, $actionsComment, $actionsSingleRating, $actionsFieldValue, $actionsModerator, $actionsCriteria);
}
if ($section && $id) {
$assetName = $component . '.' . $section . '.' . (int) $id;
} else {
$assetName = $component;
}
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, $assetName));
}
return $result;
}
/**
* Overloaded bind function to pre-process the params.
*
* @param array $array Named array
* @param mixed $ignore Optional array or list of parameters to ignore
*
* @return null|string null is operation was satisfactory, otherwise returns an error
*
* @see JTable:bind
* @since 1.5
*/
public function bind($array, $ignore = '')
{
$input = JFactory::getApplication()->input;
$task = $input->getString('task', '');
if ($array['id'] == 0) {
$array['created_by'] = JFactory::getUser()->id;
}
// Support for multiple or not foreign key field: gender
if (!empty($array['gender'])) {
if (is_array($array['gender'])) {
$array['gender'] = implode(',', $array['gender']);
} else {
if (strrpos($array['gender'], ',') != false) {
$array['gender'] = explode(',', $array['gender']);
}
}
} else {
$array['gender'] = '';
}
// Support for multiple or not foreign key field: event
if (!empty($array['event'])) {
if (is_array($array['event'])) {
$array['event'] = implode(',', $array['event']);
} else {
if (strrpos($array['event'], ',') != false) {
$array['event'] = explode(',', $array['event']);
}
}
} else {
$array['event'] = '';
}
// Support for multiple or not foreign key field: tshirt
if (!empty($array['tshirt'])) {
if (is_array($array['tshirt'])) {
$array['tshirt'] = implode(',', $array['tshirt']);
} else {
if (strrpos($array['tshirt'], ',') != false) {
$array['tshirt'] = explode(',', $array['tshirt']);
}
}
} else {
$array['tshirt'] = '';
}
// Support for multiple or not foreign key field: blood_type
if (!empty($array['blood_type'])) {
if (is_array($array['blood_type'])) {
$array['blood_type'] = implode(',', $array['blood_type']);
} else {
if (strrpos($array['blood_type'], ',') != false) {
$array['blood_type'] = explode(',', $array['blood_type']);
}
}
} else {
$array['blood_type'] = '';
}
if (isset($array['params']) && is_array($array['params'])) {
$registry = new JRegistry();
$registry->loadArray($array['params']);
$array['params'] = (string) $registry;
}
if (isset($array['metadata']) && is_array($array['metadata'])) {
$registry = new JRegistry();
$registry->loadArray($array['metadata']);
$array['metadata'] = (string) $registry;
}
if (!JFactory::getUser()->authorise('core.admin', 'com_mundial_cozumel_2016.inscription.' . $array['id'])) {
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_mundial_cozumel_2016/access.xml', "/access/section[@name='inscription']/");
$default_actions = JAccess::getAssetRules('com_mundial_cozumel_2016.inscription.' . $array['id'])->getData();
$array_jaccess = array();
foreach ($actions as $action) {
$array_jaccess[$action->name] = $default_actions[$action->name];
}
$array['rules'] = $this->JAccessRulestoArray($array_jaccess);
}
// Bind the rules for ACL where supported.
if (isset($array['rules']) && is_array($array['rules'])) {
$this->setRules($array['rules']);
}
return parent::bind($array, $ignore);
}
/**
* Stores configuration created with Theme Customiser. Not for template developers.
* @param (bool) If true, configuration will be stored in JSON file. If not - in the database.
*/
public function saveThemerConfig($save_to_file = true)
{
$app = JFactory::getApplication();
$input = $app->input;
$db = JFactory::getDbo();
$user = JFactory::getUser();
$result = new JObject();
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_templates/access.xml', "/access/section[@name='component']/");
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, 'com_templates'));
}
$hasAccess = false;
$isLoggedIn = $user->guest ? false : true;
if ($result->get('core.edit')) {
$hasAccess = true;
}
if (!$isLoggedIn) {
$msg = JText::_('PLG_SYSTEM_JMFRAMEWORK_THEME_LOGIN_ERROR');
throw new Exception($msg, 403);
return false;
} else {
if (!$hasAccess) {
$msg = JText::_('PLG_SYSTEM_JMFRAMEWORK_THEME_ACCESS_ERROR');
throw new Exception($msg, 401);
return false;
}
}
$style_id = $input->getInt('jmstyleid', 0);
if (!$style_id) {
$msg = JText::_('PLG_SYSTEM_JMFRAMEWORK_THEME_BAD_REQUEST_ERROR');
throw new Exception($msg, 400);
return false;
}
$data = $input->get('jmvars', array(), 'array');
if (empty($data)) {
return false;
}
$db->setQuery('SELECT params FROM #__template_styles WHERE id=' . (int) $style_id . ' LIMIT 1');
$params = $db->loadResult();
$params = !empty($params) ? json_decode($params, true) : false;
if (empty($params)) {
return false;
}
foreach ($data as $k => $v) {
if (is_scalar($v)) {
$params[$k] = $v;
}
}
$this->purgeStyleSheets($style_id);
if ($save_to_file) {
$path = JMF_TPL_PATH . DIRECTORY_SEPARATOR . 'assets' . DIRECTORY_SEPARATOR . 'config';
if (JFolder::exists($path) == false) {
JFolder::create($path);
}
$base_name = 'custom_style';
if (!empty($params['templateStyle'])) {
$base_name .= '_' . $params['templateStyle'];
} else {
$base_name .= '_0';
}
$iterator = 0;
$file_name = $base_name . '.cfg.json';
while (JFile::exists($path . DIRECTORY_SEPARATOR . $file_name)) {
$iterator++;
$suffix = '_' . $iterator;
$file_name = $base_name . $suffix . '.cfg.json';
}
$params = json_encode($params);
if (JFile::write($path . DIRECTORY_SEPARATOR . $file_name, $params)) {
return JText::sprintf('PLG_SYSTEM_JMFRAMEWORK_THEME_SETTINGS_SAVED_TO_FILE', $file_name);
} else {
return JText::_('PLG_SYSTEM_JMFRAMEWORK_THEME_SETTINGS_SAVING_ERROR');
}
} else {
$params = json_encode($params);
$db->setQuery('UPDATE #__template_styles SET params=' . $db->quote($params) . ' WHERE id=' . (int) $style_id);
if ($db->query() == false) {
return $db->getErrorMsg();
}
if (defined('JMF_TPL')) {
// dump CSS sheets which were made from LESS files
$suffix = $style_id > 0 ? '.' . $style_id : '';
$less_files = JFolder::files(JPath::clean(JPATH_ROOT . '/templates/' . JMF_TPL . '/less'), '\\.less$');
$css_files = JFolder::files(JPath::clean(JPATH_ROOT . '/templates/' . JMF_TPL . '/css'), '\\.css$');
foreach ($less_files as $less) {
$name = JFile::stripExt($less);
/*if (in_array($name.'.css', $css_files)) {
JFile::delete(JPath::clean(JPATH_ROOT.'/templates/'.JMF_TPL.'/css/').$name.'.css');
}*/
if (in_array($name . $suffix . '.css', $css_files)) {
JFile::delete(JPath::clean(JPATH_ROOT . '/templates/' . JMF_TPL . '/css/') . $name . $suffix . '.css');
}
}
}
return JText::_('PLG_SYSTEM_JMFRAMEWORK_THEME_SETTINGS_SAVED_TO_DB');
}
}
/**
* Method to get the field input markup for Access Control Lists.
* Optionally can be associated with a specific component and section.
*
* @return string The field input markup.
*
* @since 11.1
* @todo: Add access check.
*/
protected function getInput()
{
JHtml::_('bootstrap.tooltip');
// Initialise some field attributes.
$section = 'category';
$component = 'com_k2';
$groupId = (int) (string) $this->element->attributes()->groupId;
if (!$groupId) {
return null;
}
// Get the actions for the asset.
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/' . $component . '/access.xml', "/access/section[@name='" . $section . "']/");
// Iterate over the children and add to the actions.
foreach ($this->element->children() as $el) {
if ($el->getName() == 'action') {
$actions[] = (object) array('name' => (string) $el['name'], 'title' => (string) $el['title'], 'description' => (string) $el['description']);
}
}
// Get database
$db = JFactory::getDBO();
// Get group
$query = $db->getQuery(true);
// Select rows
$query->select('*');
$query->from($db->quoteName('#__usergroups'));
$query->where($db->quoteName('id') . ' = ' . (int) $groupId);
$db->setQuery($query);
$group = $db->loadObject();
// Get categories assets
$query = $db->getQuery(true);
// Select rows
$query->select('*');
$query->from($db->quoteName('#__assets'));
$query->where($db->quoteName('name') . ' LIKE ' . $db->quote('%' . $db->escape('com_k2.category') . '%'));
$query->order($db->quoteName('lft') . ' ASC');
// Set query
$db->setQuery($query);
$assets = $db->loadObjectList();
// Prepare output
$html = array();
// Description
$html[] = '<p class="rule-desc">' . JText::_('JLIB_RULES_SETTINGS_DESC') . '</p>';
$html[] = '<table class="table table-striped"><thead>';
$html[] = '<tr><th></th>';
foreach ($actions as $action) {
$html[] = '<th>' . JText::_($action->title) . '</th>';
}
$html[] = '</tr>';
$html[] = '<tbody>';
foreach ($assets as $asset) {
$assetRules = JAccess::getAssetRules($asset->id);
$html[] = '<tr>';
$html[] = '<td>';
$html[] = '<span>' . str_repeat('-', $asset->level - 1) . $asset->title . '</span><input type="hidden" name="' . $this->name . '[assets][]" value="' . $asset->id . '" />';
$html[] = '</td>';
foreach ($actions as $action) {
$inheritedRule = JAccess::checkGroup($group->id, $action->name, $asset->id);
$assetRule = $assetRules->allow($action->name, $group->id);
$html[] = '<td>';
$html[] = '<select class="input-small" name="' . $this->name . '[actions][' . $asset->id . '][' . $action->name . ']" id="' . $this->id . '_' . $action->name . '_' . $group->id . '" title="' . JText::sprintf('JLIB_RULES_SELECT_ALLOW_DENY_GROUP', JText::_($action->title), trim($group->title)) . '">';
$html[] = '<option value=""' . ($assetRule === null ? ' selected="selected"' : '') . '>' . JText::_(empty($group->parent_id) && empty($component) ? 'JLIB_RULES_NOT_SET' : 'JLIB_RULES_INHERITED') . '</option>';
$html[] = '<option value="1"' . ($assetRule === true ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_ALLOWED') . '</option>';
$html[] = '<option value="0"' . ($assetRule === false ? ' selected="selected"' : '') . '>' . JText::_('JLIB_RULES_DENIED') . '</option>';
$html[] = '</select>  ';
// If this asset's rule is allowed, but the inherited rule is deny, we have a conflict.
if ($assetRule === true && $inheritedRule === false) {
$html[] = JText::_('JLIB_RULES_CONFLICT');
}
// This is where we show the current effective settings considering currrent group, path and cascade.
// Check whether this is a component or global. Change the text slightly.
if (JAccess::checkGroup($group->id, 'core.admin', $asset->id) !== true) {
if ($inheritedRule === null) {
$html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
} elseif ($inheritedRule === true) {
$html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
} elseif ($inheritedRule === false) {
if ($assetRule === false) {
$html[] = '<span class="label label-important">' . JText::_('JLIB_RULES_NOT_ALLOWED') . '</span>';
} else {
$html[] = '<span class="label"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_LOCKED') . '</span>';
}
}
} elseif (!empty($component)) {
$html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span>';
} else {
// Special handling for groups that have global admin because they can't be denied.
// The admin rights can be changed.
if ($action->name === 'core.admin') {
$html[] = '<span class="label label-success">' . JText::_('JLIB_RULES_ALLOWED') . '</span>';
} elseif ($inheritedRule === false) {
// Other actions cannot be changed.
$html[] = '<span class="label label-important"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_NOT_ALLOWED_ADMIN_CONFLICT') . '</span>';
} else {
$html[] = '<span class="label label-success"><i class="icon-lock icon-white"></i> ' . JText::_('JLIB_RULES_ALLOWED_ADMIN') . '</span>';
}
}
$html[] = '</td>';
}
$html[] = '</tr>';
}
$html[] = '</tbody>';
$html[] = '</table>';
$html[] = '<div class="alert">';
if ($section == 'component' || $section == null) {
$html[] = JText::_('JLIB_RULES_SETTING_NOTES');
} else {
$html[] = JText::_('JLIB_RULES_SETTING_NOTES_ITEM');
}
$html[] = '</div>';
return implode("\n", $html);
}
/**
* Gets a list of the actions that can be performed.
*
* @param string $component The component name.
* @param string $section The access section name.
* @param integer $id The item ID.
*
* @return JObject
*
* @since 3.2
*/
public static function getActions($component = '', $section = '', $id = 0)
{
// Check for deprecated arguments order
if (is_int($component) || is_null($component)) {
$result = self::_getActions($component, $section, $id);
return $result;
}
$user = JFactory::getUser();
$result = new JObject();
$path = JPATH_ADMINISTRATOR . '/components/' . $component . '/access.xml';
if ($section && $id) {
$assetName = $component . '.' . $section . '.' . (int) $id;
} else {
$assetName = $component;
}
if (empty($section)) {
$section = 'component';
}
$actions = JAccess::getActionsFromFile($path, "/access/section[@name='" . $section . "']/");
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, $assetName));
}
return $result;
}
public static function getActions($type = 'component', $id = 0)
{
jimport('joomla.access.access');
$componentName = 'com_imageshow';
$user = JFactory::getUser();
$result = new JObject();
$actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/' . $componentName . '/access.xml');
if ($type != 'component') {
$assetName = $componentName . '.' . $type . '.' . $id;
} else {
$assetName = $componentName;
}
foreach ($actions as $action) {
$result->set($action->name, $user->authorise($action->name, $assetName));
}
return $result;
}
/**
* Helper wrapper method for getActionsFromFile
*
* @param string $file The path to the XML file.
* @param string $xpath An optional xpath to search for the fields.
*
* @return boolean|array False if case of error or the list of actions available.
*
* @see JAccess::getActionsFromFile()
* @since 3.4
*/
public function getActionsFromFile($file, $xpath = '/access/section[@name=\'component\']/')
{
return JAccess::getActionsFromFile($file, $xpath);
}
