public static function getCurrentUserInfo()
{
if (SJB_Admin::admin_authed()) {
return SJB_Authorization::getCurrentUserInfo();
}
return null;
}
public function execute()
{
if (SJB_System::getSystemSettings('SYSTEM_ACCESS_TYPE') == 'admin') {
if (!SJB_SubAdmin::admin_authed() && !SJB_Admin::admin_authed()) {
if (SJB_Admin::NeedShowSplashScreen()) {
SJB_Admin::ShowSplashScreen();
exit;
}
if (!SJB_Admin::admin_auth()) {
exit;
}
}
}
}
/**
*
* @return bool
*/
public function isAccessible()
{
// admin can do everything
if (SJB_System::getSystemSettings('SYSTEM_ACCESS_TYPE') == 'admin' && SJB_Admin::admin_authed()) {
return true;
}
if (!$this->permissionLabel) {
return $this->allowed;
}
$result = false;
if (is_array($this->permissionLabel)) {
foreach ($this->permissionLabel as $permission) {
if ($this->acl->isAllowed($permission, $this->getAclRoleID())) {
$result = true;
}
}
} else {
$result = (bool) $this->acl->isAllowed($this->permissionLabel, $this->getAclRoleID());
}
return $result;
}
/**
* authorizing administrator
*
* Function checks if there's active administrator.
* If it is, then it return true. If it's not it outputs
* form for logging into system untill administrator logins system
*
* @return bool 'true' administrator has authorized or 'false' otherwise
*/
public static function admin_auth()
{
$error = array();
$tp = SJB_System::getTemplateProcessor();
$params = SJB_HelperFunctions::form(array('action' => 'login') + SJB_HelperFunctions::get_request_data_params());
if (SJB_Request::getVar('action') == 'login') {
if (!SJB_Admin::isAdminExist(SJB_Request::getVar('username', ''), SJB_Request::getVar('password')) && !SJB_SubAdmin::isSubAdminExist()) {
if (is_null(SJB_Session::getValue('adminLoginCounter'))) {
SJB_Session::setValue('adminLoginCounter', 1);
} else {
SJB_Session::setValue('adminLoginCounter', SJB_Session::getValue('adminLoginCounter') + 1);
}
$error['LOGIN_PASS_NOT_CORRECT'] = true;
}
if (SJB_Captcha::getInstance($tp, $_REQUEST)->isValid($error) && empty($error)) {
return SJB_SubAdmin::isSubAdminExist() ? SJB_SubAdmin::admin_auth() : SJB_Admin::admin_login(SJB_Request::getVar('username', ''));
}
}
header('Content-type: text/html;charset=utf-8', true);
$tp->assign('form_hidden_params', $params);
$tp->assign('ERROR', $error);
$tp->display('auth.tpl');
return false;
}
public function execute()
{
SJB_Admin::admin_log_out();
SJB_HelperFunctions::redirect(SJB_System::getSystemSettings("SITE_URL"));
}
/**
* Можно ли?
* @param $resource
* @param $roleId
*/
public function isAllowed($resource, $roleId = null, $type = 'user', $returnParams = false, $returnMessage = false)
{
$resource = strtolower($resource);
$userInfo = array();
if (null === $roleId) {
// если не задан пользователь, то попробуем использовать текущего
$userInfo = SJB_UserManager::getCurrentUserInfo();
if (!empty($userInfo)) {
$roleId = $userInfo['sid'];
}
if (null === $roleId) {
if (SJB_Admin::admin_authed() && SJB_System::getSystemSettings('SYSTEM_ACCESS_TYPE') == 'admin') {
if ($returnParams) {
return '';
}
if ($returnMessage) {
return '';
}
return true;
}
$roleId = 'guest';
}
} else {
$cacheId = 'SJB_Acl::SJB_UserManager::getUserInfoBySID' . $roleId;
if (SJB_MemoryCache::has($cacheId)) {
$userInfo = SJB_MemoryCache::get($cacheId);
} else {
$userInfo = SJB_UserManager::getUserInfoBySID($roleId);
SJB_MemoryCache::set($cacheId, $userInfo);
}
}
$role = $type . '_' . $roleId;
if ($resource == 'use_screening_questionnaires' && intval($userInfo['parent_sid']) > 0) {
if ($this->isAllowed($resource, $userInfo['parent_sid'])) {
return $this->isAllowed('subuser_use_screening_questionnaires', $userInfo['sid']);
}
return false;
}
if (!isset($this->permissions[$role])) {
switch ($type) {
case 'user':
case 'guest':
if ($roleId == 'guest' || $type == 'guest') {
$role = 'user_guest';
if (empty($this->permissions[$role])) {
$this->permissions[$role] = $this->getPermissions('guest', 'guest');
}
} else {
$permissions = $this->getPermissions('user', $roleId);
$groupPermissions = $this->getPermissions('group', $userInfo['user_group_sid']);
$this->permissions['group_' . $userInfo['user_group_sid']] = $groupPermissions;
$contracts = SJB_ContractManager::getAllContractsSIDsByUserSID($roleId);
if (!empty($contracts)) {
foreach ($contracts as $contract) {
$contractPermissions = $this->mergePermissionsWithGroup($this->getPermissions('contract', $contract), $groupPermissions);
$this->permissions['contract_' . $contract] = $contractPermissions;
$permissions = $this->mergePermissions($contractPermissions, $permissions);
}
} else {
$permissions = $this->mergePermissionsWithGroup($permissions, $groupPermissions);
}
$this->permissions[$role] = $permissions;
}
break;
case 'group':
$this->permissions[$role] = $this->getPermissions($type, $roleId);
break;
case 'product':
$productInfo = SJB_ProductsManager::getProductInfoBySID($roleId);
if (!empty($productInfo['user_group_sid'])) {
$groupRole = 'group_' . $productInfo['user_group_sid'];
if (empty($this->permissions[$groupRole])) {
$this->permissions[$groupRole] = $this->getPermissions('group', $productInfo['user_group_sid']);
}
$this->permissions[$role] = $this->mergePermissionsWithGroup($this->getPermissions('product', $roleId), $this->permissions[$groupRole]);
} else {
$this->permissions[$role] = $this->getPermissions('product', $roleId);
}
break;
case 'contract':
$this->permissions[$role] = $this->getPermissions('contract', $roleId);
break;
}
}
if (!isset($userInfo)) {
$userInfo = SJB_UserManager::getCurrentUserInfo();
}
$is_display_resume = !preg_match_all("/.*\\/(?:display_resume|display_job)\\/(\\d*)/i", $_SERVER['REQUEST_URI'], $match) ? isset($_SERVER['REDIRECT_URL']) ? preg_match_all("/.*\\/(?:display_resume|display_job)\\/(\\d*)/i", $_SERVER['REDIRECT_URL'], $match) : false : true;
// Allow access to Resume/Job Details page if an employer has an application linked to the resume
if (isset($userInfo) && $is_display_resume) {
$apps = SJB_DB::query("SELECT `a`.resume FROM `applications` `a`\n\t\t\t\t\t\t INNER JOIN `listings` l ON\n\t\t\t\t\t\t `l`.`sid` = `a`.`listing_id`\n\t\t\t\t\t\t WHERE `l`.`user_sid` = ?n AND `a`.`show_emp` = 1 ORDER BY a.`date` DESC", $userInfo['sid']);
if (isset($match[1]) && in_array(array("resume" => array_pop($match[1])), $apps)) {
$this->permissions[$role][$resource]['value'] = 'allow';
$this->permissions[$role][$resource]['params'] = '';
}
}
if ($returnParams) {
return empty($this->permissions[$role][$resource]['params']) ? '' : $this->permissions[$role][$resource]['params'];
} elseif ($returnMessage) {
$message = empty($this->permissions[$role][$resource]['message']) ? '' : $this->permissions[$role][$resource]['message'];
if (!$message) {
if (!empty($userInfo)) {
$groupRole = 'group_' . $userInfo['user_group_sid'];
$message = empty($this->permissions[$groupRole][$resource]['message']) ? '' : $this->permissions[$groupRole][$resource]['message'];
}
}
return $message;
}
return isset($this->permissions[$role][$resource]['value']) && $this->permissions[$role][$resource]['value'] == 'allow';
}
private function isOwner($listingSid)
{
$ownerSid = SJB_ListingManager::getUserSIDByListingSID($listingSid);
$currentUserSid = SJB_UserManager::getCurrentUserSID();
if ($ownerSid != $currentUserSid && !SJB_Admin::admin_authed() && !SJB_SubAdmin::admin_authed()) {
return false;
}
return true;
}
public static function getIfAdminIsLoggedIn()
{
return SJB_Admin::admin_authed() || SJB_SubAdmin::admin_authed();
}
