public function authenticate($admin_panel = false) { $user = User::model()->findByAttributes(array("email" => $this->username)); if (!$user || $user->password != md5($this->password)) { $this->errorCode = self::ERROR_UNKNOWN; return; } switch ($user->status) { case User::STATUS_ACTIVE: $this->errorCode = self::ERROR_NONE; $this->_id = $user->id; if ($this->remember_me) { Yii::app()->user->login($this, 3600 * 24 * 7); } else { Yii::app()->user->login($this); } break; case User::STATUS_BLOCKED: $this->errorCode = self::ERROR_BLOCKED; break; case User::STATUS_NEW: $this->errorCode = self::ERROR_NOT_ACTIVE; break; } if (!$this->errorCode && $admin_panel) { WebUser::setRole($user->role); if (!RbacModule::isAllow('Admin_Main')) { Yii::app()->user->logout(); $this->errorCode = self::ERROR_UNKNOWN; return false; } } return !$this->errorCode; }
public function beforeAction($action) { $item_name = AuthItem::constructName(Yii::app()->controller->id, $action->id); if (!RbacModule::isAllow($item_name)) { $this->forbidden(); } if (isset(Yii::app()->params->save_site_actions) && Yii::app()->params->save_site_actions) { MainModule::saveSiteAction(); } $this->setTitle($action); $this->_setMetaTags($action); return true; }
public static function getModulesData($active = null, $check_allowed_links = false) { $modules = array(); $modules_dirs = scandir(MODULES_PATH); foreach ($modules_dirs as $ind => $module_dir) { if ($module_dir[0] == '.') { continue; } $module_class = ucfirst($module_dir) . 'Module'; $module_path = MODULES_PATH . $module_dir . '/' . $module_class . '.php'; if (!file_exists($module_path)) { continue; } require_once $module_path; $vars = get_class_vars($module_class); if ($active !== null) { if (!array_key_exists('active', $vars)) { continue; } if ($active && !$vars['active']) { continue; } } $module = array('description' => call_user_func(array($module_class, 'description')), 'version' => call_user_func(array($module_class, 'version')), 'name' => call_user_func(array($module_class, 'name')), 'class' => $module_class, 'dir' => $module_dir); if (method_exists($module_class, 'adminMenu')) { $module['admin_menu'] = call_user_func(array($module_class, 'adminMenu')); $settins_count = Setting::model()->count("module_id = '{$module_dir}'"); if ($settins_count) { $module['admin_menu']['Настройки'] = '/main/SettingAdmin/manage/module_id/' . $module_dir; } if ($check_allowed_links) { foreach ($module['admin_menu'] as $title => $url) { $url = explode('/', trim($url, '/')); if (count($url) < 3) { continue; } list($module_name, $controller, $action) = $url; $auth_item = ucfirst($controller) . '_' . $action; if (!RbacModule::isAllow($auth_item)) { unset($module['admin_menu'][$title]); } } } } $modules[$module_class] = $module; } return $modules; }