Exemplo n.º 1
 function finishedAction()
     $request = new Bolts_Request($this->getRequest());
     $username = $request->username;
     $users_table = new Users();
     $user = $users_table->fetchByUsername($username);
     $password = substr(md5(rand(50000, 100000)), 0, 8);
     if (!is_null($user)) {
         $user->password = $password;
         $this->view->username = $username;
         $this->view->password = $password;
         // we should never need this again, so we remove access to it.
         $roles_resources_table = new RolesResources();
         $where = $roles_resources_table->getAdapter()->quoteInto("module = ? ", "bolts");
         $where .= $roles_resources_table->getAdapter()->quoteInto(" and controller = ? ", "Install");
         $modules_table = new Modules("core");
     } else {
         die("Somehow the admin user didn't get created or didn't get sent with the request. This is bad. Really, really bad.");
Exemplo n.º 2
	function editAction()
		$request = new RivetyCore_Request($this->getRequest());

		$modules_table = new Modules('modules');
		$modules_table_core = new Modules('core');

		$roles_resources_table = new RolesResources();
		$roles_res_extra_table = new RolesResourcesExtra();

		if ($request->has("id"))
			$role_id = $request->id;
			$roles_table = new Roles();
			$role = $roles_table->fetchRow("id = " . $role_id);
			if (!is_null($role))
				$this->view->role = $role->toArray();
				$this->view->roleshortname = $role->shortname;

		if ($request->has("modid"))
			if ($modules_table->exists($request->modid))
				$module_id = $request->modid;
				$module_id = "default";
			$module_id = "default";

		if ($this->getRequest()->isPost())
			$resources = $this->getRequest()->getPost('resource');

			// Hose everything for this role and module
			$where = $roles_resources_table->getAdapter()->quoteInto("role_id = ? and ", $role_id);
			$where .= $roles_resources_table->getAdapter()->quoteInto("module = ? ", $module_id);

			foreach ($resources as $resource)
				$resource_array = explode("-", $resource);
				$resource_module = $resource_array[0];
				$resource_controller = $resource_array[1];
				$resource_action = $resource_array[2];
				$data = array(
					'role_id' => $role_id,
					'module' => $resource_module,
					'controller' => $resource_controller,
					'action' => $resource_action,

			$where = $roles_res_extra_table->getAdapter()->quoteInto("role_id = ? and ", $role_id);
			$where .= $roles_res_extra_table->getAdapter()->quoteInto("module = ? ", $module_id);

			if ($request->has("extra_resource"))
				foreach ($request->extra_resource as $extra_resource_item)
					$data = array(
						'role_id' => $role_id,
						'module'  => $module_id,
						'resource'=> $extra_resource_item,
			$this->view->success = $this->_T("Resources updated.");

		$db_roles_resources = $roles_resources_table->fetchAll('role_id = ' . $role_id );

		$resources = array();

		foreach ($db_roles_resources as $resource)
			if (!array_key_exists($resource->module, $resources))
				$resources[$resource->module] = array();
			if (!array_key_exists($resource->controller, $resources[$resource->module]))
				$resources[$resource->module][$resource->controller] = array();
			$resources[$resource->module][$resource->controller][] = $resource->action;

		* This is a poor man's introspector. The reflection API needs the classes actually available,
		* which creates naming conflicts between modules. What I do instead is read the physical files,
		* line by line, find the lines with "function fooAction" and determine that the action name is
		* "foo". It's a hack, but it works.

		$all_actions = array();
		$modules = array();
		$controllerdirs = array();

		$enabled_modules = $modules_table->getEnabledModules();

		foreach ($enabled_modules as $enabled_module)
			$module_dir = 'modules';
			if ($enabled_module == 'default') $module_dir = 'core';
			$controllerdirs[$enabled_module] = Zend_Registry::get("basepath") . DIRECTORY_SEPARATOR . $module_dir . DIRECTORY_SEPARATOR . $enabled_module . DIRECTORY_SEPARATOR . "controllers";

		$controllerdir = $controllerdirs[$module_id];

		$d = dir($controllerdir);
		$modules[] = $module_id;

		while (($entry = $d->read()) !== false)
			if ($entry != '.' and $entry != '..' and $entry != '.svn')
				$controller_name = substr($entry, 0, stripos($entry, 'Controller.php'));
				if ($module_id != "default" && substr($controller_name, 0, 1) == "_")
					$controller_name = substr($controller_name, stripos($controller_name, '_') + 1);
				$lines = file($controllerdir . DIRECTORY_SEPARATOR . $entry);
				foreach ($lines as $line)
					if (preg_match('/function.*Action.*\(.*\).*\{?/', $line))
						$action_name = trim(preg_replace('/Action.*/', '', preg_replace('/^.*function/', '', $line)));

						$allowed = false;
						if (array_key_exists($module_id, $resources))
							if (array_key_exists($controller_name, $resources[$module_id]))
								if (in_array($action_name, $resources[$module_id][$controller_name]))
									$allowed = true;
						$inherited = false;
						if (count($roles_table->getInheritedRoles($role_id)) > 0)
							$inherited = $this->isResourceInherited($module_id, $controller_name, $action_name, $role_id);
						$all_actions[$module_id][$controller_name][$action_name] = array(
							'allowed' => $allowed,
							'inherited' => $inherited,

		$this->view->modid = $module_id;

		if ($module_id == 'default') $mod_cfg = $modules_table_core->parseIni($module_id);
		else $mod_cfg = $modules_table->parseIni($module_id);

		$this->view->module_title = $mod_cfg['general']['name'];
		$this->view->actions = $all_actions;
		$this->view->modules = $enabled_modules;

		// get "extra" resources
		$extra_resources = array();
		if (array_key_exists('resources', $mod_cfg))
			foreach ($mod_cfg['resources'] as $resource_name => $nicename)
				$extra_resources[$resource_name]['nicename'] = $nicename;
				$extra_resources[$resource_name]['inherited'] = $this->isExtraResourceInherited($module_id, $resource_name, $role_id);
				$extra_resources[$resource_name]['allowed'] = $roles_res_extra_table->isAllowed($role_id, $module_id, $resource_name);
		$this->view->extra_resources = $extra_resources;

		$this->view->breadcrumbs = array(
			'Roles' => '/default/role/index',
			$role['shortname'] => '/default/role/edit/id/' . $role['id'],
			'Resources' => null,
Exemplo n.º 3
	function finishedAction()
		$request = new RivetyCore_Request($this->getRequest());
		$username = $request->username;
		$users_table = new Users();
		$user = $users_table->fetchByUsername($username);
		$password = substr(md5(rand(50000, 100000)), 0, 8);
		if (!is_null($user))
			// TODO: check the referrer !
			// if this page is reloaded, the admin password is going to get reset to something random, and this page is going to get redirected - CRITICAL FIX

			$user->password = $password;
			$this->view->username = $username;
			$this->view->password = $password;

			// we should never need this again, so we remove access to it.
			$roles_resources_table = new RolesResources();
			$where  = $roles_resources_table->getAdapter()->quoteInto("module = ? ", "default");
			$where .= $roles_resources_table->getAdapter()->quoteInto(" and controller = ? ", "Install");
			$modules_table = new Modules('core');
			die("Error creating admin user. Please check for errors in /logs/RivetyCore_log");
		$this->view->admin_theme_url = "/core/default/views/admin/default";
		$this->view->admin_theme_global_path = Zend_Registry::get('basepath') . "/themes/admin/default/global";