Пример #1
0
function _modProcessMenus(modX &$modx, &$output, $menus, &$childrenCt, $showDescriptions = true)
{
    foreach ($menus as $menu) {
        if (!empty($menu['permissions'])) {
            $permissions = array();
            $exploded = explode(',', $menu['permissions']);
            foreach ($exploded as $permission) {
                $permissions[trim($permission)] = true;
            }
            if (!empty($permissions) && !$modx->hasPermission($permissions)) {
                continue;
            }
        }
        $smTpl = '<li>' . "\n";
        $description = !empty($menu['description']) ? '<span class="description">' . $menu['description'] . '</span>' . "\n" : '';
        if (!empty($menu['handler'])) {
            $smTpl .= '<a href="javascript:;" onclick="' . str_replace('"', '\'', $menu['handler']) . '">' . $menu['text'] . ($showDescriptions ? $description : '') . '</a>' . "\n";
        } else {
            $url = '?a=' . $menu['action'] . $menu['params'];
            $smTpl .= '<a href="' . $url . '">' . $menu['text'] . ($showDescriptions ? $description : '') . '</a>' . "\n";
        }
        if (!empty($menu['children'])) {
            $smTpl .= '<ul class="modx-subsubnav">' . "\n";
            _modProcessMenus($modx, $smTpl, $menu['children'], $childrenCt, $showDescriptions);
            $smTpl .= '</ul>' . "\n";
        }
        $smTpl .= '</li>';
        $output .= $smTpl;
        $childrenCt++;
    }
}
Пример #2
0
 /**
  * Checks whether or not the user has access to the specified permission.
  * 
  * @param string $permission
  * @return boolean True if user has permission
  */
 public function checkPolicy($permission)
 {
     $access = true;
     /* first check moderator access */
     if ($this->get('moderated')) {
         $moderatorGroups = $this->trimArray($this->get('moderator_group'));
         $moderators = $this->trimArray($this->get('moderators'));
         $inModeratorGroup = !empty($moderatorGroups) && !empty($this->xpdo->user) ? $this->xpdo->user->isMember($moderatorGroups) : false;
         $access = $inModeratorGroup || in_array($this->xpdo->user->get('username'), $moderators);
     } else {
         $access = $this->xpdo->user->isMember('Administrator');
     }
     /* now check global access */
     switch ($permission) {
         case 'view':
             $access = $this->xpdo->hasPermission('quip.thread_view');
             break;
         case 'truncate':
             $access = $this->xpdo->hasPermission('quip.thread_truncate');
             break;
         case 'remove':
             $access = $this->xpdo->hasPermission('quip.thread_remove');
             break;
         case 'comment_approve':
             $access = $this->xpdo->hasPermission('quip.comment_approve');
             break;
         case 'comment_remove':
             $access = $this->xpdo->hasPermission('quip.comment_approve');
             break;
         case 'comment_update':
             $access = $this->xpdo->hasPermission('quip.comment_approve');
             break;
     }
     return $access;
 }
Пример #3
0
 /**
  * Check if the current user is allowed to view the menu record
  *
  * @param string $perms
  *
  * @return bool
  */
 public function hasPermission($perms)
 {
     if (empty($perms)) {
         return true;
     }
     $permissions = array();
     $exploded = explode(',', $perms);
     foreach ($exploded as $permission) {
         $permissions[trim($permission)] = true;
     }
     return $this->modx->hasPermission($permissions);
 }
 /**
  * This runs each time the tree is drawn.
  * @param array $node
  * @return array
  */
 public function prepareTreeNode(array $node = array())
 {
     $this->xpdo->lexicon->load('articles:default');
     $menu = array();
     $idNote = $this->xpdo->hasPermission('tree_show_resource_ids') ? ' <span dir="ltr">(' . $this->id . ')</span>' : '';
     // Template ID should 1st default to the container settings for articleTemplate,
     // then to system settings for articles.default_article_template.
     // getContainerSettings() is not in scope here.
     // System Default
     $template_id = $this->getOption('articles.default_article_template');
     // Attempt to override for this container
     $container = $this->xpdo->getObject('modResource', $this->id);
     if ($container) {
         $props = $container->get('properties');
         if ($props) {
             if (isset($props['articles']['articleTemplate']) && !empty($props['articles']['articleTemplate'])) {
                 $template_id = $props['articles']['articleTemplate'];
             }
         }
     }
     $menu[] = array('text' => '<b>' . $this->get('pagetitle') . '</b>' . $idNote, 'handler' => 'Ext.emptyFn');
     $menu[] = '-';
     $menu[] = array('text' => $this->xpdo->lexicon('articles.articles_manage'), 'handler' => 'this.editResource');
     $menu[] = array('text' => $this->xpdo->lexicon('articles.articles_write_new'), 'handler' => "function(itm,e) { \n\t\t\t\tvar at = this.cm.activeNode.attributes;\n\t\t        var p = itm.usePk ? itm.usePk : at.pk;\n\t\n\t            Ext.getCmp('modx-resource-tree').loadAction(\n\t                'a='+MODx.action['resource/create']\n\t                + '&class_key='+itm.classKey\n\t                + '&parent='+p\n\t                + '&template=" . $template_id . "'\n\t                + (at.ctx ? '&context_key='+at.ctx : '')\n                );\n        \t}");
     $menu[] = array('text' => $this->xpdo->lexicon('articles.container_duplicate'), 'handler' => 'function(itm,e) { itm.classKey = "ArticlesContainer"; this.duplicateResource(itm,e); }');
     $menu[] = '-';
     if ($this->get('published')) {
         $menu[] = array('text' => $this->xpdo->lexicon('articles.container_unpublish'), 'handler' => 'this.unpublishDocument');
     } else {
         $menu[] = array('text' => $this->xpdo->lexicon('articles.container_publish'), 'handler' => 'this.publishDocument');
     }
     if ($this->get('deleted')) {
         $menu[] = array('text' => $this->xpdo->lexicon('articles.container_undelete'), 'handler' => 'this.undeleteDocument');
     } else {
         $menu[] = array('text' => $this->xpdo->lexicon('articles.container_delete'), 'handler' => 'this.deleteDocument');
     }
     $menu[] = '-';
     $menu[] = array('text' => $this->xpdo->lexicon('articles.articles_view'), 'handler' => 'this.preview');
     $node['menu'] = array('items' => $menu);
     $node['hasChildren'] = true;
     return $node;
 }
Пример #5
0
 /**
  * Get a list of permissions for browsing and utilizing the source. May be overridden to provide a custom
  * list of permissions.
  * @return array
  */
 public function getPermissions()
 {
     $this->permissions = array('directory_chmod' => $this->xpdo->hasPermission('directory_chmod'), 'directory_create' => $this->xpdo->hasPermission('directory_create'), 'directory_list' => $this->xpdo->hasPermission('directory_list'), 'directory_remove' => $this->xpdo->hasPermission('directory_remove'), 'directory_update' => $this->xpdo->hasPermission('directory_update'), 'file_list' => $this->xpdo->hasPermission('file_list'), 'file_remove' => $this->xpdo->hasPermission('file_remove'), 'file_update' => $this->xpdo->hasPermission('file_update'), 'file_upload' => $this->xpdo->hasPermission('file_upload'), 'file_view' => $this->xpdo->hasPermission('file_view'), 'file_create' => $this->xpdo->hasPermission('file_create'));
     return $this->permissions;
 }
Пример #6
0
 /**
  * Gets a requested resource and all required data.
  *
  * @param string $method The method, 'id', or 'alias', by which to perform
  * the resource lookup.
  * @param string|integer $identifier The identifier with which to search.
  * @param array $options An array of options for the resource fetching
  * @return modResource The requested modResource instance or request
  * is forwarded to the error page, or unauthorized page.
  */
 public function getResource($method, $identifier, array $options = array())
 {
     $resource = null;
     if ($method == 'alias') {
         $resourceId = $this->modx->aliasMap[$identifier];
     } else {
         $resourceId = $identifier;
     }
     if (!is_numeric($resourceId)) {
         $this->modx->sendErrorPage();
     }
     $isForward = array_key_exists('forward', $options) && !empty($options['forward']);
     $fromCache = false;
     $cacheKey = $this->modx->context->get('key') . "/resources/{$resourceId}";
     $cachedResource = $this->modx->cacheManager->get($cacheKey, array(xPDO::OPT_CACHE_KEY => $this->modx->getOption('cache_resource_key', null, 'resource'), xPDO::OPT_CACHE_HANDLER => $this->modx->getOption('cache_resource_handler', null, $this->modx->getOption(xPDO::OPT_CACHE_HANDLER)), xPDO::OPT_CACHE_FORMAT => (int) $this->modx->getOption('cache_resource_format', null, $this->modx->getOption(xPDO::OPT_CACHE_FORMAT, null, xPDOCacheManager::CACHE_PHP))));
     if (is_array($cachedResource) && array_key_exists('resource', $cachedResource) && is_array($cachedResource['resource'])) {
         /** @var modResource $resource */
         $resource = $this->modx->newObject($cachedResource['resourceClass']);
         if ($resource) {
             $resource->fromArray($cachedResource['resource'], '', true, true, true);
             $resource->_content = $cachedResource['resource']['_content'];
             $resource->_isForward = isset($cachedResource['resource']['_isForward']) && !empty($cachedResource['resource']['_isForward']);
             if (isset($cachedResource['contentType'])) {
                 $contentType = $this->modx->newObject('modContentType');
                 $contentType->fromArray($cachedResource['contentType'], '', true, true, true);
                 $resource->addOne($contentType, 'ContentType');
             }
             if (isset($cachedResource['resourceGroups'])) {
                 $rGroups = array();
                 foreach ($cachedResource['resourceGroups'] as $rGroupKey => $rGroup) {
                     $rGroups[$rGroupKey] = $this->modx->newObject('modResourceGroupResource', $rGroup);
                 }
                 $resource->addMany($rGroups);
             }
             if (isset($cachedResource['policyCache'])) {
                 $resource->setPolicies(array($this->modx->context->get('key') => $cachedResource['policyCache']));
             }
             if (isset($cachedResource['elementCache'])) {
                 $this->modx->elementCache = $cachedResource['elementCache'];
             }
             if (isset($cachedResource['sourceCache'])) {
                 $this->modx->sourceCache = $cachedResource['sourceCache'];
             }
             if ($resource->get('_jscripts')) {
                 $this->modx->jscripts = $this->modx->jscripts + $resource->get('_jscripts');
             }
             if ($resource->get('_sjscripts')) {
                 $this->modx->sjscripts = $this->modx->sjscripts + $resource->get('_sjscripts');
             }
             if ($resource->get('_loadedjscripts')) {
                 $this->modx->loadedjscripts = array_merge($this->modx->loadedjscripts, $resource->get('_loadedjscripts'));
             }
             $isForward = $resource->_isForward;
             $resource->setProcessed(true);
             $fromCache = true;
         }
     }
     if (!$fromCache || !is_object($resource)) {
         $criteria = $this->modx->newQuery('modResource');
         $criteria->select(array($this->modx->escape('modResource') . '.*'));
         $criteria->where(array('id' => $resourceId, 'deleted' => '0'));
         if (!$this->modx->hasPermission('view_unpublished') || $this->modx->getSessionState() !== modX::SESSION_STATE_INITIALIZED) {
             $criteria->where(array('published' => 1));
         }
         if ($resource = $this->modx->getObject('modResource', $criteria)) {
             if ($resource instanceof modResource) {
                 if ($resource->get('context_key') !== $this->modx->context->get('key')) {
                     if (!$isForward || $isForward && !$this->modx->getOption('allow_forward_across_contexts', $options, false)) {
                         if (!$this->modx->getCount('modContextResource', array($this->modx->context->get('key'), $resourceId))) {
                             return null;
                         }
                     }
                 }
                 $resource->_isForward = $isForward;
                 if (!$resource->checkPolicy('view')) {
                     $this->modx->sendUnauthorizedPage();
                 }
                 if ($tvs = $resource->getMany('TemplateVars', 'all')) {
                     /** @var modTemplateVar $tv */
                     foreach ($tvs as $tv) {
                         $resource->set($tv->get('name'), array($tv->get('name'), $tv->getValue($resource->get('id')), $tv->get('display'), $tv->get('display_params'), $tv->get('type')));
                     }
                 }
                 $this->modx->resourceGenerated = true;
             }
         }
     } elseif ($fromCache && $resource instanceof modResource && !$resource->get('deleted')) {
         if ($resource->checkPolicy('load') && ($resource->get('published') || $this->modx->getSessionState() === modX::SESSION_STATE_INITIALIZED && $this->modx->hasPermission('view_unpublished'))) {
             if ($resource->get('context_key') !== $this->modx->context->get('key')) {
                 if (!$isForward || $isForward && !$this->modx->getOption('allow_forward_across_contexts', $options, false)) {
                     if (!$this->modx->getCount('modContextResource', array($this->modx->context->get('key'), $resourceId))) {
                         return null;
                     }
                 }
             }
             if (!$resource->checkPolicy('view')) {
                 $this->modx->sendUnauthorizedPage();
             }
         } else {
             return null;
         }
         $this->modx->invokeEvent('OnLoadWebPageCache');
     }
     return $resource;
 }
Пример #7
0
 $options = array('log_level' => xPDO::LOG_LEVEL_INFO, 'log_target' => array('target' => 'FILE', 'options' => array('filename' => 'vapor-' . strftime('%Y%m%dT%H%M%S', $startTime) . '.log')), xPDO::OPT_CACHE_DB => false, xPDO::OPT_SETUP => true);
 $modx = new modX('', $options);
 $modx->setLogTarget($options['log_target']);
 $modx->setLogLevel($options['log_level']);
 $modx->setOption(xPDO::OPT_CACHE_DB, false);
 $modx->setOption(xPDO::OPT_SETUP, true);
 $modx->setDebug(-1);
 $modx->startTime = $startTime;
 $modx->getVersionData();
 $modxVersion = $modx->version['full_version'];
 if (version_compare($modxVersion, '2.2.1-pl', '>=')) {
     $modx->initialize('mgr', $options);
 } else {
     $modx->initialize('mgr');
 }
 if (!$modx->hasPermission('Vapor')) {
     die('Access denied');
 }
 $modx->setLogTarget($options['log_target']);
 $modx->setLogLevel($options['log_level']);
 $modx->setOption(xPDO::OPT_CACHE_DB, false);
 $modx->setOption(xPDO::OPT_SETUP, true);
 $modx->setDebug(-1);
 $modxDatabase = $modx->getOption('dbname', $options, $modx->getOption('database', $options));
 $modxTablePrefix = $modx->getOption('table_prefix', $options, '');
 $core_path = realpath($modx->getOption('core_path', $options, MODX_CORE_PATH)) . '/';
 $assets_path = realpath($modx->getOption('assets_path', $options, MODX_ASSETS_PATH)) . '/';
 $manager_path = realpath($modx->getOption('manager_path', $options, MODX_MANAGER_PATH)) . '/';
 $base_path = realpath($modx->getOption('base_path', $options, MODX_BASE_PATH)) . '/';
 $modx->log(modX::LOG_LEVEL_INFO, "core_path=" . $core_path);
 $modx->log(modX::LOG_LEVEL_INFO, "assets_path=" . $assets_path);
Пример #8
0
 /**
  * @param $pm
  *
  * @return bool
  */
 public function hasPermission($pm)
 {
     return $this->modx->hasPermission($pm);
 }
Пример #9
0
 /**
  * @return boolean
  */
 public function canViewEmails()
 {
     return $this->isLoggedIn && $this->xpdo->hasPermission('discuss.view_emails');
 }
Пример #10
0
 /**
  * Determines whether or not the current active user can unsubscribe the thread
  * @return bool
  */
 public function canUnsubscribe()
 {
     return $this->hasSubscription() && $this->xpdo->hasPermission('discuss.thread_subscribe');
 }
Пример #11
0
 /**
  * @param modX $modx
  * @param array $config
  */
 function __construct(modX &$modx, array $config = array())
 {
     $this->modx =& $modx;
     $corePath = $this->getOption('core_path', $config, $this->modx->getOption('core_path') . 'components/moddevtools/');
     $assetsUrl = $this->getOption('assets_url', $config, $this->modx->getOption('assets_url') . 'components/moddevtools/');
     $debug = $this->getOption('debug', $config, false);
     // Load some default paths for easier management
     $this->config = array_merge(array('namespace' => $this->namespace, 'version' => $this->version, 'assetsUrl' => $assetsUrl, 'cssUrl' => $assetsUrl . 'css/', 'jsUrl' => $assetsUrl . 'js/', 'imagesUrl' => $assetsUrl . 'images/', 'connectorUrl' => $assetsUrl . 'connector.php', 'corePath' => $corePath, 'modelPath' => $corePath . 'model/', 'chunksPath' => $corePath . 'elements/chunks/', 'templatesPath' => $corePath . 'elements/templates/', 'chunkSuffix' => '.chunk.tpl', 'snippetsPath' => $corePath . 'elements/snippets/', 'processorsPath' => $corePath . 'processors/'), $config);
     // set default options
     $this->config = array_merge($this->config, array('debug' => $debug, 'accessRegenerate' => $this->modx->user->get('sudo') || $this->modx->hasPermission('system_perform_maintenance_tasks'), 'viewChunk' => $this->modx->user->get('sudo') || $this->modx->hasPermission('view_chunk'), 'saveChunk' => $this->modx->user->get('sudo') || $this->modx->hasPermission('save_chunk'), 'viewTemplate' => $this->modx->user->get('sudo') || $this->modx->hasPermission('view_template'), 'saveTemplate' => $this->modx->user->get('sudo') || $this->modx->hasPermission('save_template'), 'viewSnippet' => $this->modx->user->get('sudo') || $this->modx->hasPermission('view_snippet'), 'editSnippet' => $this->modx->user->get('sudo') || $this->modx->hasPermission('edit_snippet'), 'saveSnippet' => $this->modx->user->get('sudo') || $this->modx->hasPermission('save_snippet'), 'viewResource' => $this->modx->user->get('sudo') || $this->modx->hasPermission('view_document'), 'saveResource' => $this->modx->user->get('sudo') || $this->modx->hasPermission('save_document'), 'extractLines' => 6, 'extractEllips' => '...', 'extractSeparator' => '<br>', 'extractQuantity' => 1, 'pcreModifier' => 'u'));
     $this->modx->addPackage('moddevtools', $this->config['modelPath']);
     $this->modx->lexicon->load('moddevtools:default');
 }