public function showRoles()
{
if (!$this->hasPermission(self::PERMISSION_ROLES)) {
throw new Exception('You dont have permission to access this view.');
}
$this->addMenu();
$user = User::getUser();
$backendModules = Curry_Backend::getBackendList();
$disable = array();
$backend = array("*" => "All");
if (!$user->hasAccess('*')) {
$disable[] = '*';
}
foreach ($backendModules as $backendClass => $backendName) {
$backend[$backendClass] = $backendName;
$permissions = method_exists($backendClass, 'getPermissions') ? call_user_func(array($backendClass, 'getPermissions')) : array();
foreach ($permissions as $permission) {
$backend[$backendClass . "/" . $permission] = Curry_Core::SELECT_TREE_PREFIX . $permission;
if (!$user->hasAccess($backendClass . "/" . $permission)) {
$disable[] = $backendClass . "/" . $permission;
}
}
if (!$user->hasAccess($backendClass)) {
$disable[] = $backendClass;
}
}
$content = array();
$contentAccess = array("*" => "All") + Curry_Module::getModuleList();
$allContentAccess = $user->hasAccess('Curry_Backend_Content/*');
foreach ($contentAccess as $k => $v) {
$content['Curry_Backend_Content/' . $k] = $v;
if (!$allContentAccess && !$user->hasAccess('Curry_Backend_Content/' . $k)) {
$disable[] = 'Curry_Backend_Content/' . $k;
}
}
$form = new Curry_ModelView_Form('UserRole', array('elements' => array('backend' => array('multiselect', array('label' => 'Backend access', 'multiOptions' => $backend, 'size' => 10, 'order' => 1, 'disable' => $disable, 'validators' => array(array('InArray', true, array(array_diff(array_keys($backend), $disable)))))), 'content' => array('multiselect', array('label' => 'Content access', 'multiOptions' => $content, 'size' => 10, 'order' => 2, 'disable' => $disable, 'validators' => array(array('InArray', true, array(array_diff(array_keys($content), $disable))))))), 'onFillForm' => function (UserRole $role, $form) {
$access = UserRoleAccessQuery::create()->filterByUserRole($role)->select('Module')->find()->getArrayCopy();
$form->backend->setValue($access);
$form->content->setValue($access);
}, 'onFillModel' => function (UserRole $role, $form, $values) {
$access = array_merge((array) $values['backend'], (array) $values['content']);
$collection = new PropelObjectCollection();
$collection->setModel('UserRoleAccess');
foreach ($access as $a) {
$ura = new UserRoleAccess();
$ura->setModule($a);
$collection->append($ura);
}
$role->setUserRoleAccesss($collection);
}));
$q = UserRoleQuery::create();
$list = new Curry_ModelView_List($q, array('modelForm' => $form));
$list->addAction('file_permissions', array('action' => $this->getFileAccessList(), 'class' => 'inline', 'single' => true));
$list->show($this);
}
/**
* Shows the backend. This is the main method of this class.
*/
public function show()
{
$twig = $this->getTwig();
$templateFile = 'main.html';
$backendList = null;
// Set content-type with charset (some webservers may otherwise override the charset)
$encoding = Curry_Core::$config->curry->outputEncoding;
header("Content-type: text/html; charset=" . $encoding);
$htmlHead = $this->getHtmlHead();
$htmlHead->addStylesheet('shared/css/icons.css');
$htmlHead->addScript('shared/libs/jquery-ui-1.8.17/js/jquery-1.7.1.min.js');
$htmlHead->addScript('shared/backend/common/js/core.js');
$htmlHead->addScript('shared/backend/common/js/plugins.js');
$htmlHead->addScript('shared/backend/common/js/main.js');
$htmlHead->addScript('shared/backend/common/js/finder.js');
$htmlHead->addScript('shared/js/URI.js');
// Project backend css/js
if (file_exists(Curry_Core::$config->curry->wwwPath . '/css/backend.css')) {
$htmlHead->addStylesheet('css/backend.css');
}
if (file_exists(Curry_Core::$config->curry->wwwPath . '/js/backend.js')) {
$htmlHead->addScript('js/backend.js');
}
// Set language
if (Curry_Core::$config->curry->fallbackLanguage) {
Curry_Language::setLanguage(Curry_Core::$config->curry->fallbackLanguage);
}
// Globals
$twig->addGlobal('ProjectName', Curry_Core::$config->curry->name);
$twig->addGlobal('Encoding', $encoding);
$twig->addGlobal('Version', Curry_Core::VERSION);
// Logotype
if (Curry_Core::$config->curry->backend->logotype) {
$twig->addGlobal('Logotype', Curry_Core::$config->curry->backend->logotype);
}
// Current module
$currentModule = 'Curry_Backend_Page';
if (isset($_GET['module'])) {
$currentModule = $_GET['module'];
}
if (Curry_Core::$config->curry->setup) {
if ($currentModule !== 'Curry_Backend_Setup') {
url('', array('module' => 'Curry_Backend_Setup'))->redirect();
}
if (!class_exists('User')) {
eval("class User { public static function getUser(){ return new self; } public function hasAccess() { return true; } public function getName() { return 'Dummy'; } }");
} else {
User::dummyAuth();
}
$backendList = array('Curry_Backend_Setup' => 'Setup');
} else {
if (Curry_Core::$config->curry->backend->noauth) {
User::dummyAuth();
}
}
$user = User::getUser();
if (!$user) {
$loginRedirect = '';
if (isset($_POST['login_redirect'])) {
$loginRedirect = $_POST['login_redirect'];
} else {
if (!isset($_GET['logout']) && count($_GET)) {
$loginRedirect = (string) url('', $_GET);
}
}
$twig->addGlobal('LoginRedirect', $loginRedirect);
$this->addBodyClass('tpl-login');
$templateFile = 'login.html';
} else {
$twig->addGlobal('user', array('Name' => $user->getName()));
// Current module
if ($backendList === null) {
$backendList = Curry_Backend::getBackendList();
}
if ($currentModule != 'Curry_Backend_Setup') {
unset($backendList['Curry_Backend_Setup']);
}
if (!array_key_exists($currentModule, $backendList)) {
throw new Exception('Backend module "' . $currentModule . '" not found');
}
// Do we need to upgrade?
$systemModules = array('Curry_Backend_System', 'Curry_Backend_Database', 'Curry_Backend_Setup');
if (Curry_Core::requireMigration() && !in_array($currentModule, $systemModules)) {
url('', array('module' => 'Curry_Backend_System', 'view' => 'Upgrade'))->redirect();
}
// Modules
$backendGroups = array('Content' => array(), 'Appearance' => array(), 'Accounts' => array(), 'System' => array());
foreach ($backendList as $module => $moduleName) {
if (!$user->hasAccess($module)) {
continue;
}
$group = "Other";
if (method_exists($module, 'getGroup')) {
$group = call_user_func(array($module, 'getGroup'));
}
$name = $moduleName;
if (method_exists($module, 'getName')) {
$n = call_user_func(array($module, 'getName'));
if ($n) {
$name = $n;
}
}
$message = '';
if (method_exists($module, 'getMessage')) {
$message = call_user_func(array($module, 'getMessage'));
}
$notifications = '';
if (method_exists($module, 'getNotifications')) {
try {
$notifications = call_user_func(array($module, 'getNotifications'));
if (!isset($backendGroups[$group]['Notifications'])) {
$backendGroups[$group]['Notifications'] = 0;
}
$backendGroups[$group]['Notifications'] += (int) $notifications;
} catch (Exception $e) {
}
}
$moduleProperties = array('Module' => $module, 'Active' => $module === $currentModule, 'Url' => url('', array("module" => $module)), 'Name' => $name, 'Title' => $message, 'Notifications' => $notifications);
if ($group) {
if (!isset($backendGroups[$group])) {
$backendGroups[$group] = array();
}
if (!isset($backendGroups[$group]['modules'])) {
$backendGroups[$group]['modules'] = array();
}
$backendGroups[$group]['modules'][$module] = $moduleProperties;
$backendGroups[$group]['Name'] = $group;
$backendGroups[$group]['Active'] = $module == $currentModule;
}
if ($module == $currentModule) {
$twig->addGlobal('module', $moduleProperties);
}
}
$twig->addGlobal('moduleGroups', $backendGroups);
if ($currentModule && class_exists($currentModule)) {
if ($user->hasAccess($currentModule)) {
$this->backend = new $currentModule($this);
if ($this->backend) {
if (!in_array($currentModule, $systemModules)) {
if (self::isPropelBuildInvalid()) {
$this->backend->addMessage('Propel has been upgraded and you need to rebuild your database, use <a href="' . url('', array('module' => 'Curry_Backend_Database', 'view' => 'Propel')) . '">auto rebuild</a>.', Curry_Backend::MSG_WARNING, false);
}
if (Curry_Core::$config->curry->backend->noauth) {
$this->backend->addMessage('Authorization has been disabled for backend. You can re-enable it if you go to <a href="' . url('', array('module' => 'Curry_Backend_System')) . '">System Settings</a>.', Curry_Backend::MSG_WARNING, false);
}
if (Curry_Core::$config->curry->maintenance->enabled) {
$this->backend->addMessage('Site has been disabled for maintenance. You can re-enable it in <a href="' . url('', array('module' => 'Curry_Backend_System')) . '">System Settings</a>.', Curry_Backend::MSG_WARNING, false);
}
$this->doAutoBackup();
}
$twig->addGlobal('content', $this->backend->show());
}
} else {
header('HTTP/1.1 403 Forbidden');
header('Status: 403 Forbidden');
$twig->addGlobal('content', 'Access denied');
}
}
}
// Finalize HtmlHead and add global
$htmlHead->addInlineScript('$.registerLibrary(' . Zend_Json::encode($this->libraries, false, array('enableJsonExprFinder' => true)) . ');');
$twig->addGlobal('HtmlHead', $htmlHead->getContent());
$twig->addGlobal('BodyClass', $this->getBodyClass());
// Render template
$template = $twig->loadTemplate($templateFile);
$template->display(array());
}
