/**
* listener version of redirect on fail acl validity check method
*
* @return void
* @author Andy Bennett
*/
public static function fail()
{
// redirect if user doesn't have correct permissions
if (!Acl::instance()->check(Event::$data['role'], Event::$data['name'], Event::$data['action'])) {
throw new Kohana_403_Exception(Event::$data['name'], 'common/error_403');
}
}
/**
* init: check if user is logged in
*
* if not: redirect to login
*/
public function init()
{
// call parent before first
parent::init();
// only check if the controller is not auth
if (Request::initial()->controller() != 'Auth') {
// url to loginpage
$url = URL::to('Auth@login');
// init identity
$identity = Identity::instance();
//revert identity to original user (maybe assume was called somewhere else)
$identity->revert();
// check authentication
if (!$identity->authenticated()) {
// if user is not allready authenticated, redirect to login page
$this->redirect($url);
} else {
$website = Website::instance();
// else: initialise acl
Acl::init($identity, new Model_Rights($website->websites()));
// set current environment
Acl::environment($website->id());
// if user is not entitled to access backend
if (!Acl::instance()->allowed('Backend', 'access')) {
$this->redirect($url);
}
// if user is not entitled to access controller
if (!Acl::instance()->allowed(Request::initial()->controller(), 'access')) {
$this->redirect($url);
}
}
}
}
/**
* Returns an instance of Acl object
*
* @return Acl
*/
public static function getInstance()
{
if (self::$instance === null) {
self::$instance = new self();
}
return self::$instance;
}
public static function user_streams($user = null, $course_id = null, $batch_id = null)
{
// first get the relevant user, if not the current user
if ($user === null) {
$user = Acl::instance()->relevant_user();
if (!$user) {
$user = Auth::instance()->get_user();
}
}
$role = $user->role();
if ($course_id === null) {
$courses = $user->courses->find_all()->as_array(null, 'id');
$courses[] = 0;
} else {
$courses = array($course_id);
}
if ($batch_id === null) {
$batches = $user->batches->find_all()->as_array(null, 'id');
$batches[] = 0;
} else {
$batches = array($batch_id);
}
$streams = ORM::factory('feedstream')->where('user_id', ' IN', array($user->id, 0))->and_where('role_id', ' IN ', array($role->id, 0))->and_where('course_id', ' IN ', $courses)->and_where('batch_id', ' IN ', $batches)->find_all();
return $streams;
}
/**
* Default action in default controller
*/
public function action_index()
{
// get acl
$acl = Acl::instance();
// get first allowed module
// get modules
$modules = Settings::factory('modules')->as_array();
$modules = array_keys($modules);
$module = State::instance()->get('active.module');
if ($module !== FALSE && $module !== 'Default') {
if ($acl->allowed($module, 'access', FALSE, $this->_website) === TRUE) {
$url = URL::to($module, array('website' => $this->_website));
$this->redirect($url);
exit;
}
}
// find the first allowed module & redirect
foreach ($modules as $module) {
if ($acl->allowed($module, 'access', FALSE, $this->_website) === TRUE) {
$url = URL::to($module, array('website' => $this->_website));
$this->redirect($url);
exit;
}
}
}
public function action_index()
{
// get acl
$acl = Acl::instance();
// get modules
$modules = Settings::factory('modules')->as_array();
// get navigation
$settings = Settings::factory('navigation', array('settings' . DIRECTORY_SEPARATOR . Website::instance()->id() . DIRECTORY_SEPARATOR, 'settings'));
$navigation = $settings->get('menu');
// filter out allowed modules
$allowedModules = array();
foreach ($modules as $module => $data) {
if ($acl->allowed($module, 'access')) {
$allowedModules[$module] = $data;
}
}
// fill up sections
$sections = array();
foreach ($navigation as $section => $modules) {
foreach ($modules as $module) {
if (isset($allowedModules[$module])) {
// section has a allowed module, so include it
if (!isset($sections[$section])) {
$sections[$section] = array();
}
// add module to section
$sections[$section][$module] = $allowedModules[$module];
}
}
}
$view = View::factory('start', array('sections' => $sections));
$this->response->body($view->render());
}
public function action_details()
{
$relevant_user = Acl::instance()->relevant_user();
// check if admin in which _case_ a user_id in the get param is required
if (!$relevant_user) {
$user_id = $this->request->param('user_id');
$relevant_user = ORM::factory('user', $user_id);
}
if (!$relevant_user) {
echo 'Not allowed';
exit;
}
$user_id = $relevant_user->id;
$examgroup_id = $this->request->param('examgroup_id');
$marksheet = ORM::factory('exam');
$marksheet->select('marks')->join('examresults', 'left')->on('examresults.exam_id', '=', 'id');
$marksheet->and_where_open()->where('examresults.user_id', '=', $user_id)->or_where('examresults.user_id', 'IS', NULL)->and_where_close()->and_where_open()->and_where('exams.examgroup_id', '=', $examgroup_id)->and_where_close();
$marksheet = $marksheet->find_all();
$flg = 0;
foreach ($marksheet as $mark) {
if ($mark->marks != NULL) {
$flg++;
}
//echo "<br>";
}
$view = View::factory('examresult/exammarksheet')->bind('marksheets', $marksheet)->bind('flg', $flg)->bind('relevant_user', $relevant_user);
$this->content = $view;
}
/**
* acl single point of entry.
*
* @static
* @access public
* @return Acl
*/
public static function acl()
{
if (empty(self::$instance)) {
self::$instance = new Acl();
}
return self::$instance;
}
/**
* upload files
*/
protected function create($model, $form)
{
// check rights
if (!Acl::instance()->allowed($this->_controller, 'create')) {
throw HTTP_Exception::factory(403, 'Create not allowed on :controller', array(':controller' => $this->_controller));
}
$hash = FALSE;
Event::raise($this, Event::BEFORE_CREATE_FORM_PARSE, array('model' => NULL, 'form' => $form));
if ($form->valid()) {
$hash = Upload::process('file', $this->_settings->get('path_temp'), $this->_settings->get('extensions'), $this->_settings->get('unzip'));
}
if ($hash !== FALSE) {
return $hash;
} else {
if ($form->submitted()) {
// set error in form
$form->element('file', 0)->error('not_empty');
}
// create viewer
$viewer = Viewer::factory('Form', $form)->text(Text::instance());
// render form
$view = View::factory($this->_settings->get('view.create'), array('viewer' => $viewer));
// event
Event::raise($this, Event::BEFORE_CREATE_RENDER, array('model' => NULL, 'form' => $form, 'viewer' => $viewer, 'view' => $view));
// render
$this->response->body($view->render());
return FALSE;
}
}
/**
* constructor, acl check
*
* @author Andy Bennett
*/
function __construct()
{
parent::__construct();
parent::init();
Acl::instance()->redirect(steamauth_helper::get_role(), 'admin');
Display::instance()->set_template('template-admin');
}
/**
* constructor; set display template
*
* @author Andy Bennett
*/
function __construct()
{
Acl::instance()->redirect(Steamauth::instance()->get_role(), 'edit', null, '../');
parent::__construct();
parent::init();
$tpl = request::is_ajax() || isset($_GET['ajax']) ? 'template-ajax' : 'template-admin';
Display::instance()->set_template($tpl);
}
/**
* constructor, check acl
*
* @author Andy Bennett
*/
function __construct()
{
parent::__construct();
parent::init();
Acl::instance()->redirect(steamauth_helper::get_role(), 'admin');
Display::instance()->append_data('page_id', 'containers-admin');
Display::instance()->set_template('template-admin');
}
/**
* constructor; check ACL
*
* @author Dan Chadwick
*/
function __construct()
{
if (!User::instance()->id) {
url::redirect('/auth/login');
}
Acl::instance()->redirect(User::instance()->get_role(), 'admin', null, '/auth/login');
parent::__construct();
}
public function editLink()
{
if (Acl::instance()->is_allowed('document_edit')) {
return '[<a href="#" onclick="KODELEARN.modules.get(\'document\').edit(' . $this->id . ')"> Edit </a>]';
//send link if permission is there
}
return '';
}
/**
* In the add link filter we check if the role of the current user
* can access this url
* @param String url
* @param String title
* @return Boolean
*/
protected function filter_add_link($args)
{
$url = $args[0];
$controller = explode("/", $url);
if ($url === 'auth/logout') {
return True;
}
return Acl::instance()->has_access($controller[0]);
}
/**
* check acl (used by xsl)
*
* @param string $acl
* @return void
* @author Andy Bennett
*/
public static function check_acl($acl)
{
$acl = (string) $acl;
// if no role is specified return true
if (empty($acl)) {
return true;
}
return Acl::instance()->check(Steamauth::instance()->get_role(), null, $acl);
}
/**
* Method to return an anchor tag with exam name the text and
* link to the exam details page
*/
public function toLink()
{
if (Acl::instance()->is_allowed('exam_edit')) {
$url = Url::site('exam/edit/id/');
} else {
$url = Url::site('exam');
}
return Html::anchor($url, (string) $this);
}
public function action_index()
{
$relevant_user = Acl::instance()->relevant_user();
if ($relevant_user) {
$this->get_schedule();
} else {
$this->get_list();
}
}
/**
* Method to return an anchor tag with room_name as the text and
* link to the room as href
*/
public function toLink()
{
if (Acl::instance()->is_allowed('exam_edit')) {
$url = Url::site('room/edit/id/' . $this->id);
return Html::anchor($url, (string) $this);
} else {
return Html::anchor('#', (string) $this, array('onclick' => 'javascript:KODELEARN.modules.get("rooms").showMap("' . $this->id . '");return false;'));
}
}
function __construct()
{
if (!User::instance()->id) {
url::redirect('/auth/login');
}
Acl::instance()->redirect(User::instance()->get_role(), 'admin', null, '/auth/login');
parent::__construct();
$type = '-' . Input::instance()->get('type', '');
Display::instance()->set_template($type == '-' ? 'template' : 'template' . $type);
}
/**
* undocumented function
*
* @param string $acl
* @return void
* @author Andy Bennett
*/
public static function check_acl($acl)
{
if (Kohana::find_file('libraries', 'Acl')) {
$acl = (string) $acl;
// if no role is specified return true
if (empty($acl)) {
return true;
}
return Acl::instance()->check(User::instance()->get_role(), null, $acl);
}
}
/**
* constructor; check acl, set display
*
* @author Andy Bennett
*/
public function __construct()
{
parent::__construct();
$this->setup['status_states'] = 2;
if (!User::instance()->id) {
url::redirect('/auth/login');
}
Acl::instance()->redirect(User::instance()->get_role(), 'admin', null, '/auth/login');
$tpl = (request::is_ajax() or isset($_GET['ajax'])) ? 'template-ajax' : 'template-admin';
Display::instance()->set_template($tpl);
Assets::instance()->add_css('admin');
}
/**
* Method to get all the events happening on a date
* including the cancelled events and indicate if its cancelled
* @param date format: 'YYYY-mm-dd'
* @return Database_MySQL_Result
*/
public static function daily_events($date)
{
$user = Acl::instance()->relevant_user();
if ($user instanceof Model_User) {
$courses = $user->courses->find_all()->as_array(null, 'id');
$courses[] = 0;
$event = ORM::factory('event')->where(DB::expr('DATE(FROM_UNIXTIME(eventstart))'), ' = ', $date)->where('events.course_id', 'IN', DB::expr('(' . implode(", ", $courses) . ')'))->order_by('eventstart', 'ASC')->find_all();
} else {
$event = ORM::factory('event')->where(DB::expr('DATE(FROM_UNIXTIME(eventstart))'), ' = ', $date)->order_by('eventstart', 'ASC')->find_all();
}
return $event;
}
public function action_index()
{
$submitted = false;
$view = View::factory('system/form')->bind('form', $form)->bind('image', $image)->bind('success', $success)->bind('upload_url', $upload_url)->bind('permission_msg', $permission_msg);
$institution = ORM::factory('institution', $id = 1);
$config = Config::instance();
$config_settings = $config->load('config')->as_array();
$permission_msg = '';
// if post, validate, save and redirect
if ($this->request->method() === 'POST' && $this->request->post()) {
if (Acl::instance()->is_allowed('system_edit')) {
$submitted = true;
$config_post = $this->request->post('config');
if (isset($config_post['membership'])) {
$config_post['membership'];
} else {
$config_post['membership'] = 0;
}
if (isset($config_post['user_approval'])) {
$config_post['user_approval'];
} else {
$config_post['user_approval'] = 0;
}
//echo $config_post['membership'];
//exit;
$validator = $institution->validator($this->request->post());
if ($validator->check()) {
$institution->name = $this->request->post('name');
$institution->institution_type_id = $this->request->post('institutiontype_id');
$institution->logo = $this->request->post('logo');
$institution->website = $this->request->post('website');
$institution->address = $this->request->post('address');
$institution->save();
$config->load('config')->setMany($config_post);
Session::instance()->set('success', 'Setting saved successfully.');
Request::current()->redirect('system');
exit;
} else {
$this->_errors = $validator->errors('institution');
}
} else {
$permission_msg = '<div class="formMessages"><span class="fmIcon bad"></span> <span class="fmText">Permission denied for editing this page.</span><span class="clear"> </span></div>';
}
}
$upload_url = URL::site('system/uploadinst');
$images = CacheImage::instance();
$image = $images->resize($institution->logo, 100, 100);
$form = $this->form(array('name' => $institution->name, 'institutiontype_id' => $institution->institution_type_id, 'logo' => $institution->logo, 'website' => $institution->website, 'address' => $institution->address, 'config' => $config_settings), $submitted);
Breadcrumbs::add(array('System', Url::site('system')));
$success = Session::instance()->get('success');
Session::instance()->delete('success');
$this->content = $view;
}
public function action_get_attendance_exam_lecture()
{
$user = Acl::instance()->relevant_user();
$course = $this->request->post('course');
$date_from = $this->request->post('date_from');
$date_to = $this->request->post('date_to');
$date_from_string = strtotime($date_from);
$date_to_string = strtotime($date_to) + 86400;
$attendance = $this->get_atendence_data($user->id, $date_from_string, $date_to_string, $course);
$view = View::factory('attendance/user_view_list')->bind('attendance', $attendance);
$response = $this->response->body($view)->body();
echo json_encode(array('response' => $response));
}
/**
* Overwrite delete
* dont check on owner id, as the entire tree will be gone
* deleted is an array with items
*/
protected function delete($model)
{
// check rights
if (!Acl::instance()->allowed($this->_controller, 'delete', $model->owner_id, $model->website_id)) {
throw HTTP_Exception::factory(403, 'Delete not allowed on :controller :id', array(':controller' => $this->_controller, ':id' => $model->id));
}
// call hook
Event::raise($this, Event::BEFORE_DELETE, array('model' => $model));
//delete
$deleted = $model->delete();
// call hook
Event::raise($this, Event::AFTER_DELETE, array('deleted' => $deleted));
}
public function action_index()
{
$sort = $this->request->param('sort', 'name');
$order = $this->request->param('order', 'ASC');
Session::instance()->delete('course_id');
$criteria = array('user' => Acl::instance()->relevant_user(), 'filters' => array('name' => $this->request->param('filter_name'), 'access_code' => $this->request->param('filter_access_code'), 'start_date' => $this->request->param('filter_start_date'), 'end_date' => $this->request->param('filter_end_date')));
$total = Model_Course::courses_total($criteria);
$pagination = Pagination::factory(array('total_items' => $total, 'items_per_page' => 5));
$criteria = array_merge($criteria, array('sort' => $sort, 'order' => $order, 'limit' => $pagination->items_per_page, 'offset' => $pagination->offset));
$courses = Model_Course::courses($criteria);
$sorting = new Sort(array('Course' => 'name', 'Access Code' => 'access_code', 'Start Date' => 'start_date', 'End Date' => 'end_date', 'Actions' => ''));
$url = 'course/index';
if ($this->request->param('filter_name')) {
$url .= '/filter_name/' . $this->request->param('filter_name');
$filter = $this->request->param('filter_name');
$filter_select = 'filter_name';
}
if ($this->request->param('filter_access_code')) {
$url .= '/filter_access_code/' . $this->request->param('filter_access_code');
$filter = $this->request->param('filter_access_code');
$filter_select = 'filter_access_code';
}
if ($this->request->param('filter_start_date')) {
$url .= '/filter_start_date/' . $this->request->param('filter_start_date');
$filter = $this->request->param('filter_start_date');
$filter_select = 'filter_start_date';
}
if ($this->request->param('filter_end_date')) {
$url .= '/filter_end_date/' . $this->request->param('filter_end_date');
$filter = $this->request->param('filter_end_date');
$filter_select = 'filter_end_date';
}
$sorting->set_link($url);
$sorting->set_order($order);
$sorting->set_sort($sort);
$heading = $sorting->render();
// Render the pagination links
$pagination = $pagination->render();
$links = array('add' => Html::anchor('/course/add/', 'Create a course', array('class' => 'createButton l')), 'delete' => URL::site('/course/delete/'), 'join' => Html::anchor('/course/join/', 'Join Course', array('class' => 'pageAction c')));
$table = array('heading' => $heading, 'data' => $courses);
$filter_name = $this->request->param('filter_name');
$filter_access_code = $this->request->param('filter_access_code');
$filter_start_date = $this->request->param('filter_start_date');
$filter_end_date = $this->request->param('filter_end_date');
$filter_url = URL::site('course/index');
$success = Session::instance()->get('success');
Session::instance()->delete('success');
$view = View::factory('course/list')->bind('table', $table)->bind('count', $total)->bind('links', $links)->bind('pagination', $pagination)->bind('filter', $filter)->bind('filter_select', $filter_select)->bind('filter_url', $filter_url)->bind('success', $success);
Breadcrumbs::add(array('Courses', Url::site('course')));
$this->content = $view;
}
public static function get_total_feeds($data = array())
{
$user = Acl::instance()->relevant_user();
if (!$user) {
$user = Auth::instance()->get_user();
}
// TODO the streams for the current user can be cached
$user_streams = Model_Feedstream::user_streams(null, Arr::get($data, 'course_id'));
$streams = $user_streams->as_array(null, 'id');
if (!$streams) {
return array();
}
$feed = ORM::factory('feed')->join('feeds_feedstreams')->on('feeds.id', ' = ', 'feeds_feedstreams.feed_id')->where('feedstream_id', ' IN ', $streams);
return $feed->count_all();
}
/**
* Get module navigation
*/
public function action_module()
{
// get request
$request = Request::initial();
// get settings
$settings = Settings::factory($request->controller());
// navigation viewer
$navigation = Viewer::instance('Navigation')->settings($settings->get('navigation'))->request(Request::initial())->acl(Acl::instance());
// create view
$view = View::factory($settings->get('view.navigation'), array('navigation' => $navigation));
// raise event
Event::raise($this, Event::BEFORE_NAVIGATION_RENDER, array('navigation' => $navigation));
// render view
$this->response->body($view->render());
}
/**
* 用户 acl对象初始化
* @return acl
*/
public static function acl_init()
{
/* 用户详情 */
$manager = role::get_manager();
$username = $manager["username"];
$action_resourses = role::get_action_resources();
// Role 权限注册表
$acl = Acl::instance();
$acl->add_role($username);
for ($i = 0; $i < count($action_resourses); $i++) {
$acl->allow($username, null, $action_resourses[$i]);
}
self::_cache($acl);
return $acl;
}
