Пример #1
0
 public function before()
 {
     parent::before();
     if (!Group::current('allow_finance') || !Group::current('show_all_jobs')) {
         throw new HTTP_Exception_403('Forbidden');
     }
 }
Пример #2
0
	function before()
	{
		parent::before();

		\Config::load('rest', true);

		if (\Config::get('rest.auth') == 'basic')
		{
			$this->_prepare_basic_auth();
		}

		elseif (\Config::get('rest.auth') == 'digest')
		{
			$this->_prepare_digest_auth();
		}

		// Some Methods cant have a body
		$this->request->body = NULL;

		// Which format should the data be returned in?
		$this->request->format = $this->_detect_format();

		// Which format should the data be returned in?
		$this->request->lang = $this->_detect_lang();
	}
Пример #3
0
 public function before()
 {
     parent::before();
     $this->params = Arr::extract($this->request->param(), array('year', 'month', 'day'));
     View::bind_global('params', $this->params);
     View::bind_global('content', $this->content);
 }
Пример #4
0
 /**
  * Construct controller
  */
 public function before()
 {
     // Log request
     Jelly::factory('api_request')->set(array('ip' => Request::$client_ip, 'request' => $this->request->uri . (empty($_GET) ? '' : '?' . http_build_query($_GET))))->save();
     // Rate limit
     $rate_span = Kohana::config('api.rate_span');
     $rate_limit = Kohana::config('api.rate_limit');
     $requests = Model_API_Request::request_count(time() - $rate_span, Request::$client_ip);
     $requests_left = $rate_limit - $requests;
     if ($requests_left < 0) {
         throw new Controller_API_Exception('Request limit reached');
     }
     // Check version
     $this->version = $this->request->param('version');
     if (!in_array($this->version, self::$_versions)) {
         throw new Controller_API_Exception('Invalid version');
     }
     // Check format
     $this->format = $this->request->param('format');
     !$this->format and $this->format = self::FORMAT_JSON;
     if (!in_array($this->format, self::$_formats)) {
         throw new Controller_API_Exception('Invalid format');
     }
     // Set result defaults
     $this->data = array('version' => $this->version, 'requests' => $requests, 'requests_left' => $requests_left, 'request_window' => $rate_span);
     return parent::before();
 }
Пример #5
0
 public function before()
 {
     parent::before();
     header("Last-Modified: " . gmdate('D, d M Y H:i:s T', time()));
     header("Expires: " . gmdate('D, d M Y H:i:s T', time() + 315360000));
     header("Cache-Control: max-age=315360000");
 }
Пример #6
0
 /**
  * @throws HTTP_Exception_401
  * @since 1.0
  */
 public function before()
 {
     parent::before();
     // Check request signature
     if (Kohana::$config->load('hapi.require_signature') && !HAPI_Security::is_request_signature_valid($this->request)) {
         HAPI_Security::require_auth('Request signature was invalid');
     }
     // Login using basic auth
     if (array_key_exists('authorization', $this->request->headers())) {
         HAPI_Security::login($this->request->headers('authorization'));
     }
     // Check that user is authenticated
     if ($this->_require_login && !HAPI_Security::is_request_authenticated($this->request)) {
         HAPI_Security::require_auth();
     }
     // Instantiate the encoder object for the response (based on the Accept header)
     $this->response_encoder = $this->_get_response_encoder();
     // Set current language
     $supported_languages = Kohana::$config->load('hapi.supported_languages');
     $preferred_language = $this->request->headers()->preferred_language($supported_languages);
     if ($preferred_language) {
         I18n::lang($preferred_language);
     }
     $extract_array = function ($keys) {
         if (empty($keys)) {
             return [];
         }
         return explode(',', $keys);
     };
     // Filter response keys
     $this->_paths = $extract_array($this->request->query('paths'));
 }
Пример #7
0
 /**
  * The before() method is called before controller action
  *
  * @uses  Request::param
  * @uses  Theme::set_theme
  */
 public function before()
 {
     if ($theme = $this->request->param('theme', FALSE)) {
         Theme::set_theme($theme);
     }
     parent::before();
 }
Пример #8
0
 public function before()
 {
     parent::before();
     // Borrowed from userguide
     if (isset($_GET['lang'])) {
         $lang = $_GET['lang'];
         // Make sure the translations is valid
         $translations = Kohana::message('langify', 'translations');
         if (in_array($lang, array_keys($translations))) {
             // Set the language cookie
             Cookie::set('langify_language', $lang, Date::YEAR);
         }
         // Reload the page
         $this->request->redirect($this->request->uri());
     }
     // Set the translation language
     I18n::$lang = Cookie::get('langify_language', Kohana::config('langify')->lang);
     // Borrowed from Vendo
     // Automaticly load a view class based on action.
     $view_name = $this->view_prefix . Request::current()->action();
     if (Kohana::find_file('classes', strtolower(str_replace('_', '/', $view_name)))) {
         $this->view = new $view_name();
         $this->view->set('version', $this->version);
     }
 }
Пример #9
0
 public function before()
 {
     parent::before();
     $this->detect_language();
     /* Вспомогательный класс */
     $this->api = new Api();
     $this->auth_token = $this->request->headers('tokenAuth');
     /* Обрабатываем POST со строкой json */
     $this->post = json_decode($HTTP_RAW_POST_DATA = file_get_contents('php://input'), true);
     /* Инициализация параметров limit и offset для запроса, по умолчанию limit = 10, offset = 0 */
     $this->offset = Security::xss_clean(Arr::get($this->post, 'offset', 0));
     $this->limit = Security::xss_clean(Arr::get($this->post, 'limit', 10));
     //Инициализация типа для запроса и id Для запроса
     $option = Security::xss_clean(Arr::get($this->post, 'option', array()));
     $this->entryType = strtolower(Security::xss_clean(Arr::get($option, 'entryType', '')));
     $this->entryId = Security::xss_clean(Arr::get($option, 'entryId', ''));
     /* строка поиска */
     $this->searchText = Security::xss_clean(Arr::get($option, 'searchText', ''));
     /* текст коммента */
     $this->text = Security::xss_clean(Arr::get($this->post, 'text', ''));
     $this->id = (int) $this->request->param('id', 0);
     /* обновление времени жизни токена     если он существует и если его ещё надо обновлять (живой ли?) */
     if (!empty($this->auth_token)) {
         if ($this->api->token_expires($this->auth_token)) {
             $token_auth = Security::xss_clean(Arr::get($this->post, 'tokenAuth', ''));
             $this->api->update_token($token_auth);
         }
     }
 }
Пример #10
0
Файл: api.php Проект: anqh/core
 /**
  * Construct controller.
  *
  * @throws  Controller_API_Exception  on invalid version, rate limit exceeded, invalid format
  */
 public function before()
 {
     // Log request
     $api_request = Model_API_Request::factory();
     $api_request->ip = Request::$client_ip;
     $api_request->request = $this->request->uri() . (empty($_REQUEST) ? '' : '?' . http_build_query($_REQUEST));
     $api_request->created = time();
     $api_request->save();
     // Check version
     $this->version = $this->request->param('version');
     if (!in_array($this->version, self::$_versions)) {
         throw new Controller_API_Exception('Invalid version');
     }
     $this->data['version'] = $this->version;
     // Rate limit
     $rate_limit = (int) Kohana::$config->load('api.rate_limit');
     $rate_span = (int) Kohana::$config->load('api.rate_span');
     if ($rate_limit) {
         $requests = Model_API_Request::request_count(time() - $rate_span, Request::$client_ip);
         $requests_left = $rate_limit - $requests;
         if ($requests_left < 0) {
             throw new Controller_API_Exception('Request limit reached');
         }
         $this->data['requests'] = $requests;
         $this->data['requests_left'] = $requests_left;
         $this->data['request_window'] = $rate_span;
     }
     // Check format
     $this->format = $this->request->param('format');
     !$this->format and $this->format = self::FORMAT_JSON;
     if (!in_array($this->format, self::$_formats)) {
         throw new Controller_API_Exception('Invalid format');
     }
     parent::before();
 }
Пример #11
0
 public function before()
 {
     if (Kohana::find_file('views', $this->main_template)) {
         $this->main_template = View::factory($this->main_template);
         $system_settings = ORM::factory('Systemsetting')->where('name', 'IN', array('language', 'title', 'keywords', 'description', 'copyright'))->find_all()->as_array('name', 'value');
         $language_parts = explode('-', $system_settings['language']);
         $this->main_template->head_style = '';
         $this->main_template->html_lang = $language_parts[0];
         /* Print language as ISO: from "en-us" only "en", described at: http://www.w3schools.com/Tags/ref_language_codes.asp */
         $this->main_template->title = $system_settings['title'];
         $this->main_template->meta_keywords = $system_settings['keywords'];
         $this->main_template->meta_description = $system_settings['description'];
         $this->main_template->meta_copyright = $system_settings['copyright'];
         $this->main_template->content = '';
     }
     $dir = strtolower($this->request->directory()) . "/" . str_replace('_', '/', strtolower($this->request->controller()));
     $file = $this->request->action();
     if (Kohana::find_file('views/' . $dir, $file)) {
         $this->template = View::factory($dir . '/' . $file);
         $this->template->data = array();
         $this->template->data["errors"] = array();
         $this->template->data["values"] = array();
     }
     parent::before();
 }
Пример #12
0
 public function before()
 {
     if ($this->request->method() == HTTP_Request::OPTIONS) {
         $this->request->action('options');
     }
     parent::before();
 }
Пример #13
0
 public function before()
 {
     parent::before();
     if (!Group::current('is_admin')) {
         throw new HTTP_Exception_403('Forbidden');
     }
 }
Пример #14
0
 public function before()
 {
     parent::before();
     // Save the old action so it can be brought back on after
     $this->_action = $this->request->action;
     // Set the current action
     $current_action = $this->request->action;
     $id = $this->request->param('id', NULL);
     // Let's guess the action based on the params
     if (!in_array($this->request->action, array('edit', 'add', 'delete')) and (!is_null($id) or !empty($id))) {
         $current_action = 'read';
     }
     if (!method_exists($this, 'action_' . $this->request->action)) {
         $model = Jelly::select(Inflector::singular($this->request->controller));
         foreach ($model->get_state() as $key => $value) {
             $param = $this->request->param($key, NULL);
             if (!is_null($param)) {
                 $model->set_state($key, $param);
             }
         }
         $this->request->response = Kostache::factory($this->request->controller . '/' . $current_action)->set_model($model);
         // Since the magic has been executed, just execute an empty action
         $this->request->action = 'default';
     }
 }
Пример #15
0
 public function before()
 {
     parent::before();
     if (!Group::current('allow_assign')) {
         throw new HTTP_Exception_403();
     }
 }
Пример #16
0
 public function before()
 {
     if (!Group::current('allow_reports')) {
         throw new HTTP_Exception_403('Forbidden');
     }
     parent::before();
 }
Пример #17
0
 public function before()
 {
     parent::before();
     if (!Auth::instance()->logged_in("admin")) {
         $this->redirect("/");
     }
 }
Пример #18
0
 public function before()
 {
     parent::before();
     if (!Auth::check()) {
         Response::redirect('login');
     }
 }
Пример #19
0
 public function before()
 {
     parent::before();
     if ($this->auto_render === TRUE) {
         $this->template = View::factory($this->template);
     }
 }
Пример #20
0
 public function before()
 {
     parent::before();
     if (!Group::current('allow_custom_forms')) {
         throw new HTTP_Exception_403('Forbidden');
     }
 }
Пример #21
0
 /**
  * Automatically executed before the controller action. Can be used to set
  * class properties, do authorization checks, and execute other custom code.
  *
  * @return  void
  */
 public function before()
 {
     parent::before();
     if ($this->_check_auth) {
         $this->check_auth();
     }
 }
Пример #22
0
 /**
  *
  */
 public function before()
 {
     parent::before();
     // load deputy library, ACL
     $this->Deputy = Deputy::instance();
     // load config model, access to mysql config
     $this->config = Model::factory('config');
     // load global allowed routes
     $global_access = Kohana::$config->load('access')->as_array();
     $this->Deputy->set_role('user', $global_access);
     // check for authenticated user
     $this->AuthUser = Auth::instance()->get_user(false);
     if ($this->AuthUser !== FALSE) {
         // get logged in users allowed and disallowed routes
         $this->Deputy->set_role('user', $this->AuthUser['access']);
     }
     // check to see if user has full access to controller
     $allowed = $this->Deputy->allowed($this->request->controller());
     if ($allowed !== TRUE) {
         // check again to see if they have access to current action
         $allowed = $this->Deputy->allowed($this->request->controller() . '/' . $this->request->action());
         if ($allowed !== TRUE) {
             // 401 Unauthorized Error
             return $this->error(401);
         }
     }
 }
Пример #23
0
 public function before()
 {
     if (!$this->request->is_ajax()) {
         throw new HTTP_Exception_404();
     }
     parent::before();
 }
Пример #24
0
 /**
  * Load the template and create the $this->template object
  */
 public function before()
 {
     if (!empty($this->template) and is_string($this->template)) {
         // Load the template
         $this->template = \View::forge($this->template);
     }
     return parent::before();
 }
Пример #25
0
 /**
  * Loads the template [View] object.
  */
 public function before()
 {
     if ($this->auto_render === TRUE) {
         // Load the template
         $this->template = View::factory($this->template);
     }
     return parent::before();
 }
Пример #26
0
 /**
  * Prevent direct viewing of the mail queue in production environments.
  *
  * @throws HTTP_Exception_403
  */
 public function before()
 {
     parent::before();
     $is_prod = Kohana::$environment == Kohana::PRODUCTION;
     if ($is_prod and $this->request->is_initial()) {
         throw new HTTP_Exception_403('MailQueue should only accessed directly in development environments.');
     }
 }
Пример #27
0
 public function before()
 {
     parent::before();
     $this->_oauth = OAuth2_Provider::factory($this->request);
     if ($this->_oauth_verify) {
         $this->_oauth_verify_token();
     }
 }
Пример #28
0
 public function before()
 {
     $this->deny_direct_access();
     parent::before();
     if (isset($_GET['log_id'])) {
         $this->request->action = 'show';
     }
 }
Пример #29
0
 function before()
 {
     parent::before();
     $this->response->headers('Pragma', 'no-cache');
     $last_modified = Date::formatted_time();
     $this->response->headers('Cache-Control', 'no-store, no-cache, must-revalidate');
     $this->response->headers('Last-Modified', gmdate("D, d M Y H:i:s \\G\\M\\T", strtotime($last_modified)));
 }
Пример #30
0
 public function before()
 {
     parent::before();
     $this->config = Kohana::$config->load('logsqlite');
     if ($this->config['authentication']) {
         $this->check_auth();
     }
 }