/** * Checks if the user is allowed to perform the given task with its associated permissions * * @param string $task The task to execute * @param array $permissions The permissions given * @return bool True if authorized. False if not. */ protected function authorizeTask($task = '', $permissions = []) { if (!$this->admin->authorize($permissions)) { if ($this->grav['uri']->extension() === 'json') { $this->admin->json_response = ['status' => 'unauthorized', 'message' => $this->admin->translate('PLUGIN_ADMIN.INSUFFICIENT_PERMISSIONS_FOR_TASK') . ' ' . $task . '.']; } else { $this->admin->setMessage($this->admin->translate('PLUGIN_ADMIN.INSUFFICIENT_PERMISSIONS_FOR_TASK') . ' ' . $task . '.', 'error'); } return false; } return true; }
/** * Checks if the user is allowed to perform the given task with its associated permissions * * @param string $task The task to execute * @param array $permissions The permissions given * @return bool True if authorized. False if not. */ protected function authoriseTask($task = '', $permissions = []) { if (!$this->admin->authorise($permissions)) { if ($this->grav['uri']->extension() === 'json') { $this->admin->json_response = ['status' => 'unauthorized', 'message' => 'You have insufficient permissions for task ' . $task . '.']; } else { $this->admin->setMessage('You have insufficient permissions for task ' . $task . '.', 'error'); } return false; } return true; }
/** * Sets longer path to the home page allowing us to have list of pages when we enter to pages section. */ public function onPagesInitialized() { $this->session = $this->grav['session']; // Set original route for the home page. $home = '/' . trim($this->config->get('system.home.alias'), '/'); // set the default if not set before $this->session->expert = $this->session->expert ?: false; // set session variable if it's passed via the url if ($this->uri->param('mode') == 'expert') { $this->session->expert = true; } elseif ($this->uri->param('mode') == 'normal') { $this->session->expert = false; } // check for existence of a user account $account_dir = $file_path = $this->grav['locator']->findResource('account://'); $user_check = (array) glob($account_dir . '/*.yaml'); if (!count($user_check) > 0) { $this->admin->setMessage($this->admin->translate('PLUGIN_ADMIN.NO_USER_ACCOUNTS'), 'info'); } /** @var Pages $pages */ $pages = $this->grav['pages']; $this->grav['admin']->routes = $pages->routes(); // Remove default route from routes. if (isset($this->grav['admin']->routes['/'])) { unset($this->grav['admin']->routes['/']); } $page = $pages->dispatch('/', true); // If page is null, the default page does not exist, and we cannot route to it if ($page) { $page->route($home); } // Make local copy of POST. $post = !empty($_POST) ? $_POST : array(); // Handle tasks. $this->admin->task = $task = !empty($post['task']) ? $post['task'] : $this->uri->param('task'); if ($task) { require_once __DIR__ . '/classes/controller.php'; $controller = new AdminController($this->grav, $this->template, $task, $this->route, $post); $controller->execute(); $controller->redirect(); } elseif ($this->template == 'logs' && $this->route) { // Display RAW error message. echo $this->admin->logEntry(); exit; } $self = $this; // Replace page service with admin. $this->grav['page'] = function () use($self) { $page = new Page(); if (file_exists(__DIR__ . "/pages/admin/{$self->template}.md")) { $page->init(new \SplFileInfo(__DIR__ . "/pages/admin/{$self->template}.md")); $page->slug(basename($self->template)); return $page; } // If the page cannot be found, try looking in plugins. // Allows pages added by plugins in admin $plugins = Grav::instance()['config']->get('plugins', []); foreach ($plugins as $plugin => $data) { $folder = GRAV_ROOT . "/user/plugins/" . $plugin . "/admin"; if (file_exists($folder)) { $file = $folder . "/pages/{$self->template}.md"; if (file_exists($file)) { $page->init(new \SplFileInfo($file)); $page->slug(basename($self->template)); return $page; } } } }; }