/**
* Load all needed things (configs, api).
* @throws PHPMinerException
*/
public function setup_controller()
{
global $system_conf;
// Process updates.
new Update();
if (isset($system_conf['directory'])) {
$this->assign('docroot', $system_conf['directory']);
$this->js_config('docroot', $system_conf['directory']);
}
// Get the own config.
$this->config = Config::getInstance();
$this->access_control = AccessControl::getInstance();
// We only enable access control in a real web request, from cron we have to let it disabled.
if ($this->config->enable_access_control && !defined('IS_CRON')) {
$this->access_control->enable();
if (!$this->access_control->get_config()->is_empty() && !$this->access_control->check_login()) {
$this->fatal_error('You are not logged in. Access denied!');
}
}
if ($this->controller_name === 'access' && !$this->access_control->is_enabled()) {
$this->fatal_error('Access control is disabled, to view this page you have to enable it first under main settings. If you run this on your local machine and only you have access, this is not required.', Controller::MESSAGE_TYPE_ERROR);
}
$this->assign('current_version', implode('.', $system_conf['version']));
if (isset($system_conf['directory']) && !empty($this->config->latest_version) && $system_conf['version'] !== $this->config->latest_version) {
$this->add_message('A new version is available, current version <b>' . implode('.', $system_conf['version']) . '</b> - latest version <b>' . implode('.', $this->config->latest_version) . '</b>. <a href="https://phpminer.com" target="_blank">Download</a>. After updating to a new version, do not forget to copy the new index.php from the phpminer_rpcclient and restart the service."', Controller::MESSAGE_TYPE_INFO);
}
if (empty($this->config->cron_last_run)) {
$this->add_message('The cronjob never ran! If you configurated it correctly, just wait 1 or 2 minutes, after the cronjob was executed, this message will disappear. If not configurated please have a look at the <a href="' . $system_conf['directory'] . '/README.md" target="_blank">Readme</a>', Controller::MESSAGE_TYPE_INFO);
} else {
if (round((TIME_NOW - $this->config->cron_last_run) / 60) > 5) {
$this->add_message('The cronjob has not been executed since 5 minutes. Please check your cronjob config.', Controller::MESSAGE_TYPE_INFO);
}
}
// We can not process as a normal controller action when we check for connection within the setup or in case of disconnected connection while reconnecting.
if ($this->controller_name === 'main' && ($this->action_name === 'check_connection' || $this->action_name === 'connection_reconnect')) {
return;
}
}
/**
* Checks if the given user has the given permission.
*
* @param string $permission
* The permission string to check-
* @param array $user
* If not provided current logged in user will be used. (Optional, default = null)
*
* @return boolean
* True if the user has the permission, else false. If access control is not enabled or was just enabled without any config it returns also true.
*/
public function has_permission($permission, $user = null)
{
static $perms = array();
if (AccessControl::is_enabled()) {
if (!$this->access_config->is_empty()) {
if ($user === null) {
$user = $this->user;
}
if (empty($user)) {
return false;
}
if (!isset($perms[$user['username']])) {
$res = db::getInstance()->query('SELECT "permission" FROM "group2perm" WHERE "group_name" = :group', array(':group' => $user['group']));
$perms[$user['username']] = array();
while ($row = $res->fetch(PDO::FETCH_ASSOC)) {
$perms[$user['username']][$row['permission']] = $row['permission'];
}
}
return isset($perms[$user['username']]) && (!empty($perms[$user['username']]['*']) || !empty($perms[$user['username']]['is_admin']) || !empty($perms[$user['username']][$permission]));
}
}
return true;
}
