Пример #1
0
 /**
  * can i add or edit account
  *
  * @param array $level_groups target level groups
  * @return boolean
  */
 public function canIAddEditAccount($level_groups)
 {
     if (!is_array($level_groups) || is_array($level_groups) && empty($level_groups)) {
         return false;
     }
     // get account id
     $cookie = $this->getAccountCookie('admin');
     if (!isset($cookie['account_id'])) {
         return false;
     }
     $account_id = $cookie['account_id'];
     unset($cookie);
     // get site id and set table prefix for site
     $site_id = \Model_Sites::getSiteId(false);
     $table_site_prefix = '';
     if ($site_id != '1') {
         $table_site_prefix = $site_id . '_';
     }
     unset($site_id);
     // get current user level group priority
     $my_level = \DB::select()->from($table_site_prefix . 'account_level')->as_object('\\Model_AccountLevel')->join($table_site_prefix . 'account_level_group', 'LEFT')->on($table_site_prefix . 'account_level_group.level_group_id', '=', $table_site_prefix . 'account_level.level_group_id')->where('account_id', $account_id)->order_by('level_priority', 'ASC')->execute();
     $my_level = $my_level->current();
     if ($my_level == null || $my_level->count() == '0') {
         return false;
     }
     $my_level_priority = $my_level->account_level_group->level_priority;
     // loop check each target level group.
     foreach ($level_groups as $level_group_id) {
         // get target level group priority
         $target_level = \Model_AccountLevelGroup::query()->where('level_group_id', $level_group_id)->get_one();
         if ($target_level == null) {
             return false;
         }
         // check if target level is higher than current user level (priority of target is less than my)
         if ($target_level->level_priority < $my_level_priority) {
             return false;
         }
     }
     unset($level_group_id, $my_level, $my_level_priority, $target_level);
     // all checked pass!
     return true;
 }
Пример #2
0
 public function action_index()
 {
     // clear redirect referrer
     \Session::delete('submitted_redirect');
     // check permission
     if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_viewusers_perm') == false) {
         \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
         \Response::redirect(\Uri::create('admin'));
     }
     // load language
     \Lang::load('account');
     // read flash message for display errors.
     $form_status = \Session::get_flash('form_status');
     if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) {
         $output['form_status'] = $form_status['form_status'];
         $output['form_status_message'] = $form_status['form_status_message'];
     }
     unset($form_status);
     // get levels to select
     $account_levels = \Model_AccountLevelGroup::listLevels(array('no_guest' => false));
     $select_lvls = array();
     if (!empty($account_levels['items']) && is_array($account_levels)) {
         foreach ($account_levels['items'] as $lvr) {
             $select_lvls[$lvr->level_group_id] = $lvr->level_name;
         }
     }
     $output['account_levels'] = $select_lvls;
     unset($account_levels, $select_lvls);
     // set sort variable for sortable in views.
     $sort = \Security::strip_tags(trim(\Input::get('sort')));
     if ($sort == null || $sort == 'ASC') {
         $next_sort = 'DESC';
     } else {
         $next_sort = 'ASC';
     }
     $output['next_sort'] = $next_sort;
     unset($next_sort, $sort);
     // search query
     $output['q'] = trim(\Input::get('q'));
     // filters
     $output['filter_account_id'] = trim(\Input::get('filter_account_id'));
     $output['filter_account_username'] = trim(\Input::get('filter_account_username'));
     $output['filter_account_email'] = trim(\Input::get('filter_account_email'));
     $output['filter_level_group_id'] = trim(\Input::get('filter_level_group_id'));
     $output['filter_account_create'] = trim(\Input::get('filter_account_create'));
     $output['filter_account_last_login'] = trim(\Input::get('filter_account_last_login'));
     $output['filter_account_status'] = trim(\Input::get('filter_account_status'));
     // list accounts --------------------------------------------------------------------------------------------------
     $option['limit'] = \Model_Config::getval('content_admin_items_perpage');
     $option['offset'] = trim(\Input::get('page')) != null ? ((int) \Input::get('page') - 1) * $option['limit'] : 0;
     if (trim(\Input::get('q')) != null) {
         $option['search'] = trim(\Input::get('q'));
     }
     if ($output['filter_account_id'] != null) {
         $option['filter_account_id'] = $output['filter_account_id'];
     }
     if ($output['filter_account_username'] != null) {
         $option['filter_account_username'] = $output['filter_account_username'];
     }
     if ($output['filter_account_email'] != null) {
         $option['filter_account_email'] = $output['filter_account_email'];
     }
     if ($output['filter_level_group_id'] != null) {
         $option['filter_level_group_id'] = $output['filter_level_group_id'];
     }
     if ($output['filter_account_create'] != null) {
         $option['filter_account_create'] = $output['filter_account_create'];
     }
     if ($output['filter_account_last_login'] != null) {
         $option['filter_account_last_login'] = $output['filter_account_last_login'];
     }
     if ($output['filter_account_status'] != null) {
         $option['filter_account_status'] = $output['filter_account_status'];
     }
     if (\Security::strip_tags(trim(\Input::get('orders'))) != null) {
         $option['orders'] = \Security::strip_tags(trim(\Input::get('orders')));
     }
     if (\Security::strip_tags(trim(\Input::get('sort'))) != null) {
         $option['sort'] = \Security::strip_tags(trim(\Input::get('sort')));
     }
     $list_accounts = \Model_Accounts::listAccounts($option);
     // pagination config
     $config['pagination_url'] = \Uri::main() . \Uri::getCurrentQuerystrings(true, true, false);
     $config['total_items'] = $list_accounts['total'];
     $config['per_page'] = $option['limit'];
     $config['uri_segment'] = 'page';
     $config['num_links'] = 3;
     $config['show_first'] = true;
     $config['show_last'] = true;
     $config['first-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>";
     $config['first-inactive-link'] = '<a href="#">{page}</a>';
     $config['first-marker'] = '&laquo;';
     $config['last-inactive'] = "\n\t\t<li class=\"disabled\">{link}</li>";
     $config['last-inactive-link'] = '<a href="#">{page}</a>';
     $config['last-marker'] = '&raquo;';
     $config['previous-marker'] = '&lsaquo;';
     $config['next-marker'] = '&rsaquo;';
     $pagination = \Pagination::forge('viewlogins_pagination', $config);
     $output['list_accounts'] = $list_accounts;
     $output['pagination'] = $pagination;
     unset($config, $list_accounts, $option, $pagination);
     // <head> output ----------------------------------------------------------------------------------------------
     $output['page_title'] = $this->generateTitle(\Lang::get('account_accounts'));
     $theme = \Theme::instance();
     $theme->asset->css('datepicker.css', array(), 'fuelstart');
     unset($theme);
     // <head> output ----------------------------------------------------------------------------------------------
     // breadcrumb -------------------------------------------------------------------------------------------------
     $page_breadcrumb = [];
     $page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')];
     $page_breadcrumb[1] = ['name' => \Lang::get('account_accounts'), 'url' => \Uri::create('admin/account')];
     $output['page_breadcrumb'] = $page_breadcrumb;
     unset($page_breadcrumb);
     // breadcrumb -------------------------------------------------------------------------------------------------
     return $this->generatePage('admin/templates/account/index_v', $output, false);
 }
Пример #3
0
 /**
  * copy new site tables and set default values for some table.
  *
  * @param integer $site_id
  * @return boolean
  */
 public function copyNewSiteTable($site_id = '')
 {
     if (!is_numeric($site_id)) {
         return false;
     }
     // get module's multisite tables.
     $this->hookGetMultisiteTables();
     // copy tables
     foreach ($this->multisite_tables as $table) {
         $table_withprefix = \DB::table_prefix($table);
         $table_site_withprefix = \DB::table_prefix($site_id . '_' . $table);
         if ($table == 'config') {
             $sql = 'CREATE TABLE IF NOT EXISTS ' . $table_site_withprefix . ' SELECT * FROM ' . $table_withprefix . ' WHERE config_core = 1';
         } else {
             $sql = 'CREATE TABLE IF NOT EXISTS ' . $table_site_withprefix . ' LIKE ' . $table_withprefix;
         }
         \DB::query($sql)->execute();
         // create default values
         if ($table == 'account_level_group') {
             $sql = "INSERT INTO `" . $table_site_withprefix . "` (`level_group_id`, `level_name`, `level_description`, `level_priority`) VALUES\n                    (1, 'Super administrator', 'For site owner or super administrator.', 1),\n                    (2, 'Administrator', NULL, 2),\n                    (3, 'Member', 'For registered user.', 999),\n                    (4, 'Guest', 'For non register user.', 1000);";
             \DB::query($sql)->execute();
         }
     }
     unset($sql, $table, $table_site_withprefix, $table_withprefix);
     // loop get account and add default levels
     $exist_account_id = array();
     $result = \DB::select('*')->from('account_level')->as_object()->execute();
     foreach ($result as $row) {
         // check and set level group id
         $lvg = \Model_AccountLevelGroup::getHighestPriorityAccountLevel($row->account_id);
         if ($lvg !== false && $lvg->level_group_id == '1') {
             $level_group_id = '1';
         } else {
             $level_group_id = '3';
             // 3 is just member. always set to 3 for non super-administrator for safety.
         }
         if (!in_array($row->account_id, $exist_account_id)) {
             \DB::insert($site_id . '_account_level')->set(array('level_group_id' => $level_group_id, 'account_id' => $row->account_id))->execute();
             $exist_account_id = array_merge($exist_account_id, array($row->account_id));
         }
     }
     // done
     return true;
 }
Пример #4
0
        echo $row->account_id;
        ?>
</td>
                    <td><?php 
        echo \Security::htmlentities($row->account_username);
        ?>
</td>
                    <td><?php 
        echo $row->account_email;
        ?>
</td>
                    <td>
                        <?php 
        $i = 1;
        foreach ($row->account_level as $lvl) {
            $lvg = \Model_AccountLevelGroup::find($lvl->level_group_id);
            echo $lvg->level_name;
            if (end($row->account_level) != $lvl) {
                echo ', ';
            }
            if ($i > 5) {
                echo '...';
                break;
            }
            $i++;
        }
        unset($lvg, $lvl);
        ?>
                    </td>
                    <td><?php 
        echo \Extension\Date::gmtDate('', $row->account_create);
Пример #5
0
 public function action_module($module_system_name = '')
 {
     // clear redirect referrer
     \Session::delete('submitted_redirect');
     // check permission
     if (\Model_AccountLevelPermission::checkAdminPermission('acperm_perm', 'acperm_manage_level_perm') == false) {
         \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
         \Response::redirect(\Uri::create('admin'));
     }
     // check if this module really has permission.
     if (\Library\Modules::forge()->hasPermission($module_system_name) == false) {
         \Response::redirect(\Uri::create('admin/account-level-permission'));
     }
     // read flash message for display errors.
     $form_status = \Session::get_flash('form_status');
     if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) {
         $output['form_status'] = $form_status['form_status'];
         $output['form_status_message'] = $form_status['form_status_message'];
     }
     unset($form_status);
     // set to make sure these are NOT core controllers permissions
     $output['permission_core'] = 0;
     $output['module_system_name'] = $module_system_name;
     // list permissions, levels, checked permissions ------------------------------------------------------------
     $output['list_permissions'] = \Library\Modules::forge()->fetchPermissionModule($module_system_name);
     $output['list_permissions_check'] = \Model_AccountLevelPermission::listPermissionChecked(0, $module_system_name);
     $output['list_levels'] = \Model_AccountLevelGroup::listLevels();
     // read module data from file
     $output['module'] = \Library\Modules::forge()->readModuleMetadataFromModuleName($module_system_name);
     // <head> output ----------------------------------------------------------------------------------------------
     $output['page_title'] = $this->generateTitle(\Lang::get('acperm_level_permission'));
     // <head> output ----------------------------------------------------------------------------------------------
     // breadcrumb -------------------------------------------------------------------------------------------------
     $page_breadcrumb = [];
     $page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')];
     $page_breadcrumb[1] = ['name' => \Lang::get('acperm_level_permission'), 'url' => \Uri::create('admin/account-level-permission')];
     $page_breadcrumb[2] = ['name' => \Lang::get('acperm_module_permissison'), 'url' => \Uri::main()];
     $output['page_breadcrumb'] = $page_breadcrumb;
     unset($page_breadcrumb);
     // breadcrumb -------------------------------------------------------------------------------------------------
     return $this->generatePage('admin/templates/accountlevelpermission/module_v', $output, false);
 }
Пример #6
0
 public function action_multiple()
 {
     $ids = \Input::post('id');
     $act = trim(\Input::post('act'));
     // set redirect url
     $redirect = $this->getAndSetSubmitRedirection();
     if (\Extension\NoCsrf::check()) {
         if ($act == 'del') {
             // check permission.
             if (\Model_AccountLevelPermission::checkAdminPermission('accountlv_perm', 'accountlv_delete_perm') == false) {
                 \Response::redirect($redirect);
             }
             if (is_array($ids)) {
                 foreach ($ids as $id) {
                     if (in_array($id, $this->disallowed_edit_delete)) {
                         continue;
                     }
                     \Model_AccountLevelGroup::deleteLevel($id);
                 }
             }
         }
     }
     // go back
     \Response::redirect($redirect);
 }