function __construct() { parent::__construct(); // Load in the admin helper functions if the current user is an administrator if ($this->secure->group_types(array(ADMINISTRATOR))->is_auth()) { $this->load->helper('admin_helper'); } $this->cms_parameters = array(); $this->cms_base_route = ''; // Check if to force ssl on controller if (in_uri($this->config->item('ssl_pages'))) { force_ssl(); } else { remove_ssl(); } // Create Dynamic Page Title if (!($title = str_replace('-', ' ', $this->uri->segment(1)))) { $title = 'Home'; } if ($segment2 = str_replace('-', ' ', $this->uri->segment(2))) { $title = $segment2 . " - " . $title; } $this->template->set_meta_title(ucwords($title) . " | " . $this->settings->site_name); // Set Group if ($this->session->userdata('user_session')) { $this->group_id = $this->session->userdata('user_session')->group_id; $this->Group_session = $this->session->userdata('group_session'); } }
function admin_is_permitted($uri) { $CI =& get_instance(); $permissions = unserialize($CI->Group_session->permissions); $permissions = isset($permissions['access']) ? $permissions['access'] : array(); $access_options = unserialize(ADMIN_ACCESS_OPTIONS); if (!in_uri($permissions, $uri) && $CI->Group_session->type == ADMINISTRATOR && in_uri($access_options, $uri, TRUE)) { return false; } return true; }
public function _remap($method, $params = array()) { // Check group type Administrator's permissions for access if ($this->Group_session->type == ADMINISTRATOR) { $permissions = unserialize($this->Group_session->permissions); $access_options = unserialize(ADMIN_ACCESS_OPTIONS); // If page is set as a permission access option but not in groups permissions, show permission denied if ((!isset($permissions['access']) || !in_uri($permissions['access'])) && in_uri($access_options, null, TRUE)) { // Access forbidden: header('HTTP/1.1 403 Forbidden'); return $this->template->view('users/admin/permission_denied'); } } // User has permission, continue like normal $method = $method; if (method_exists($this, $method)) { return call_user_func_array(array($this, $method), $params); } show_404(); }