/** * listener version of redirect on fail acl validity check method * * @return void * @author Andy Bennett */ public static function fail() { // redirect if user doesn't have correct permissions if (!Acl::instance()->check(Event::$data['role'], Event::$data['name'], Event::$data['action'])) { throw new Kohana_403_Exception(Event::$data['name'], 'common/error_403'); } }
/** * init: check if user is logged in * * if not: redirect to login */ public function init() { // call parent before first parent::init(); // only check if the controller is not auth if (Request::initial()->controller() != 'Auth') { // url to loginpage $url = URL::to('Auth@login'); // init identity $identity = Identity::instance(); //revert identity to original user (maybe assume was called somewhere else) $identity->revert(); // check authentication if (!$identity->authenticated()) { // if user is not allready authenticated, redirect to login page $this->redirect($url); } else { $website = Website::instance(); // else: initialise acl Acl::init($identity, new Model_Rights($website->websites())); // set current environment Acl::environment($website->id()); // if user is not entitled to access backend if (!Acl::instance()->allowed('Backend', 'access')) { $this->redirect($url); } // if user is not entitled to access controller if (!Acl::instance()->allowed(Request::initial()->controller(), 'access')) { $this->redirect($url); } } } }
/** * Returns an instance of Acl object * * @return Acl */ public static function getInstance() { if (self::$instance === null) { self::$instance = new self(); } return self::$instance; }
public static function user_streams($user = null, $course_id = null, $batch_id = null) { // first get the relevant user, if not the current user if ($user === null) { $user = Acl::instance()->relevant_user(); if (!$user) { $user = Auth::instance()->get_user(); } } $role = $user->role(); if ($course_id === null) { $courses = $user->courses->find_all()->as_array(null, 'id'); $courses[] = 0; } else { $courses = array($course_id); } if ($batch_id === null) { $batches = $user->batches->find_all()->as_array(null, 'id'); $batches[] = 0; } else { $batches = array($batch_id); } $streams = ORM::factory('feedstream')->where('user_id', ' IN', array($user->id, 0))->and_where('role_id', ' IN ', array($role->id, 0))->and_where('course_id', ' IN ', $courses)->and_where('batch_id', ' IN ', $batches)->find_all(); return $streams; }
/** * Default action in default controller */ public function action_index() { // get acl $acl = Acl::instance(); // get first allowed module // get modules $modules = Settings::factory('modules')->as_array(); $modules = array_keys($modules); $module = State::instance()->get('active.module'); if ($module !== FALSE && $module !== 'Default') { if ($acl->allowed($module, 'access', FALSE, $this->_website) === TRUE) { $url = URL::to($module, array('website' => $this->_website)); $this->redirect($url); exit; } } // find the first allowed module & redirect foreach ($modules as $module) { if ($acl->allowed($module, 'access', FALSE, $this->_website) === TRUE) { $url = URL::to($module, array('website' => $this->_website)); $this->redirect($url); exit; } } }
public function action_index() { // get acl $acl = Acl::instance(); // get modules $modules = Settings::factory('modules')->as_array(); // get navigation $settings = Settings::factory('navigation', array('settings' . DIRECTORY_SEPARATOR . Website::instance()->id() . DIRECTORY_SEPARATOR, 'settings')); $navigation = $settings->get('menu'); // filter out allowed modules $allowedModules = array(); foreach ($modules as $module => $data) { if ($acl->allowed($module, 'access')) { $allowedModules[$module] = $data; } } // fill up sections $sections = array(); foreach ($navigation as $section => $modules) { foreach ($modules as $module) { if (isset($allowedModules[$module])) { // section has a allowed module, so include it if (!isset($sections[$section])) { $sections[$section] = array(); } // add module to section $sections[$section][$module] = $allowedModules[$module]; } } } $view = View::factory('start', array('sections' => $sections)); $this->response->body($view->render()); }
public function action_details() { $relevant_user = Acl::instance()->relevant_user(); // check if admin in which _case_ a user_id in the get param is required if (!$relevant_user) { $user_id = $this->request->param('user_id'); $relevant_user = ORM::factory('user', $user_id); } if (!$relevant_user) { echo 'Not allowed'; exit; } $user_id = $relevant_user->id; $examgroup_id = $this->request->param('examgroup_id'); $marksheet = ORM::factory('exam'); $marksheet->select('marks')->join('examresults', 'left')->on('examresults.exam_id', '=', 'id'); $marksheet->and_where_open()->where('examresults.user_id', '=', $user_id)->or_where('examresults.user_id', 'IS', NULL)->and_where_close()->and_where_open()->and_where('exams.examgroup_id', '=', $examgroup_id)->and_where_close(); $marksheet = $marksheet->find_all(); $flg = 0; foreach ($marksheet as $mark) { if ($mark->marks != NULL) { $flg++; } //echo "<br>"; } $view = View::factory('examresult/exammarksheet')->bind('marksheets', $marksheet)->bind('flg', $flg)->bind('relevant_user', $relevant_user); $this->content = $view; }
/** * acl single point of entry. * * @static * @access public * @return Acl */ public static function acl() { if (empty(self::$instance)) { self::$instance = new Acl(); } return self::$instance; }
/** * upload files */ protected function create($model, $form) { // check rights if (!Acl::instance()->allowed($this->_controller, 'create')) { throw HTTP_Exception::factory(403, 'Create not allowed on :controller', array(':controller' => $this->_controller)); } $hash = FALSE; Event::raise($this, Event::BEFORE_CREATE_FORM_PARSE, array('model' => NULL, 'form' => $form)); if ($form->valid()) { $hash = Upload::process('file', $this->_settings->get('path_temp'), $this->_settings->get('extensions'), $this->_settings->get('unzip')); } if ($hash !== FALSE) { return $hash; } else { if ($form->submitted()) { // set error in form $form->element('file', 0)->error('not_empty'); } // create viewer $viewer = Viewer::factory('Form', $form)->text(Text::instance()); // render form $view = View::factory($this->_settings->get('view.create'), array('viewer' => $viewer)); // event Event::raise($this, Event::BEFORE_CREATE_RENDER, array('model' => NULL, 'form' => $form, 'viewer' => $viewer, 'view' => $view)); // render $this->response->body($view->render()); return FALSE; } }
/** * constructor, acl check * * @author Andy Bennett */ function __construct() { parent::__construct(); parent::init(); Acl::instance()->redirect(steamauth_helper::get_role(), 'admin'); Display::instance()->set_template('template-admin'); }
/** * constructor; set display template * * @author Andy Bennett */ function __construct() { Acl::instance()->redirect(Steamauth::instance()->get_role(), 'edit', null, '../'); parent::__construct(); parent::init(); $tpl = request::is_ajax() || isset($_GET['ajax']) ? 'template-ajax' : 'template-admin'; Display::instance()->set_template($tpl); }
/** * constructor, check acl * * @author Andy Bennett */ function __construct() { parent::__construct(); parent::init(); Acl::instance()->redirect(steamauth_helper::get_role(), 'admin'); Display::instance()->append_data('page_id', 'containers-admin'); Display::instance()->set_template('template-admin'); }
/** * constructor; check ACL * * @author Dan Chadwick */ function __construct() { if (!User::instance()->id) { url::redirect('/auth/login'); } Acl::instance()->redirect(User::instance()->get_role(), 'admin', null, '/auth/login'); parent::__construct(); }
public function editLink() { if (Acl::instance()->is_allowed('document_edit')) { return '[<a href="#" onclick="KODELEARN.modules.get(\'document\').edit(' . $this->id . ')"> Edit </a>]'; //send link if permission is there } return ''; }
/** * In the add link filter we check if the role of the current user * can access this url * @param String url * @param String title * @return Boolean */ protected function filter_add_link($args) { $url = $args[0]; $controller = explode("/", $url); if ($url === 'auth/logout') { return True; } return Acl::instance()->has_access($controller[0]); }
/** * check acl (used by xsl) * * @param string $acl * @return void * @author Andy Bennett */ public static function check_acl($acl) { $acl = (string) $acl; // if no role is specified return true if (empty($acl)) { return true; } return Acl::instance()->check(Steamauth::instance()->get_role(), null, $acl); }
/** * Method to return an anchor tag with exam name the text and * link to the exam details page */ public function toLink() { if (Acl::instance()->is_allowed('exam_edit')) { $url = Url::site('exam/edit/id/'); } else { $url = Url::site('exam'); } return Html::anchor($url, (string) $this); }
public function action_index() { $relevant_user = Acl::instance()->relevant_user(); if ($relevant_user) { $this->get_schedule(); } else { $this->get_list(); } }
/** * Method to return an anchor tag with room_name as the text and * link to the room as href */ public function toLink() { if (Acl::instance()->is_allowed('exam_edit')) { $url = Url::site('room/edit/id/' . $this->id); return Html::anchor($url, (string) $this); } else { return Html::anchor('#', (string) $this, array('onclick' => 'javascript:KODELEARN.modules.get("rooms").showMap("' . $this->id . '");return false;')); } }
function __construct() { if (!User::instance()->id) { url::redirect('/auth/login'); } Acl::instance()->redirect(User::instance()->get_role(), 'admin', null, '/auth/login'); parent::__construct(); $type = '-' . Input::instance()->get('type', ''); Display::instance()->set_template($type == '-' ? 'template' : 'template' . $type); }
/** * undocumented function * * @param string $acl * @return void * @author Andy Bennett */ public static function check_acl($acl) { if (Kohana::find_file('libraries', 'Acl')) { $acl = (string) $acl; // if no role is specified return true if (empty($acl)) { return true; } return Acl::instance()->check(User::instance()->get_role(), null, $acl); } }
/** * constructor; check acl, set display * * @author Andy Bennett */ public function __construct() { parent::__construct(); $this->setup['status_states'] = 2; if (!User::instance()->id) { url::redirect('/auth/login'); } Acl::instance()->redirect(User::instance()->get_role(), 'admin', null, '/auth/login'); $tpl = (request::is_ajax() or isset($_GET['ajax'])) ? 'template-ajax' : 'template-admin'; Display::instance()->set_template($tpl); Assets::instance()->add_css('admin'); }
/** * Method to get all the events happening on a date * including the cancelled events and indicate if its cancelled * @param date format: 'YYYY-mm-dd' * @return Database_MySQL_Result */ public static function daily_events($date) { $user = Acl::instance()->relevant_user(); if ($user instanceof Model_User) { $courses = $user->courses->find_all()->as_array(null, 'id'); $courses[] = 0; $event = ORM::factory('event')->where(DB::expr('DATE(FROM_UNIXTIME(eventstart))'), ' = ', $date)->where('events.course_id', 'IN', DB::expr('(' . implode(", ", $courses) . ')'))->order_by('eventstart', 'ASC')->find_all(); } else { $event = ORM::factory('event')->where(DB::expr('DATE(FROM_UNIXTIME(eventstart))'), ' = ', $date)->order_by('eventstart', 'ASC')->find_all(); } return $event; }
public function action_index() { $submitted = false; $view = View::factory('system/form')->bind('form', $form)->bind('image', $image)->bind('success', $success)->bind('upload_url', $upload_url)->bind('permission_msg', $permission_msg); $institution = ORM::factory('institution', $id = 1); $config = Config::instance(); $config_settings = $config->load('config')->as_array(); $permission_msg = ''; // if post, validate, save and redirect if ($this->request->method() === 'POST' && $this->request->post()) { if (Acl::instance()->is_allowed('system_edit')) { $submitted = true; $config_post = $this->request->post('config'); if (isset($config_post['membership'])) { $config_post['membership']; } else { $config_post['membership'] = 0; } if (isset($config_post['user_approval'])) { $config_post['user_approval']; } else { $config_post['user_approval'] = 0; } //echo $config_post['membership']; //exit; $validator = $institution->validator($this->request->post()); if ($validator->check()) { $institution->name = $this->request->post('name'); $institution->institution_type_id = $this->request->post('institutiontype_id'); $institution->logo = $this->request->post('logo'); $institution->website = $this->request->post('website'); $institution->address = $this->request->post('address'); $institution->save(); $config->load('config')->setMany($config_post); Session::instance()->set('success', 'Setting saved successfully.'); Request::current()->redirect('system'); exit; } else { $this->_errors = $validator->errors('institution'); } } else { $permission_msg = '<div class="formMessages"><span class="fmIcon bad"></span> <span class="fmText">Permission denied for editing this page.</span><span class="clear"> </span></div>'; } } $upload_url = URL::site('system/uploadinst'); $images = CacheImage::instance(); $image = $images->resize($institution->logo, 100, 100); $form = $this->form(array('name' => $institution->name, 'institutiontype_id' => $institution->institution_type_id, 'logo' => $institution->logo, 'website' => $institution->website, 'address' => $institution->address, 'config' => $config_settings), $submitted); Breadcrumbs::add(array('System', Url::site('system'))); $success = Session::instance()->get('success'); Session::instance()->delete('success'); $this->content = $view; }
public function action_get_attendance_exam_lecture() { $user = Acl::instance()->relevant_user(); $course = $this->request->post('course'); $date_from = $this->request->post('date_from'); $date_to = $this->request->post('date_to'); $date_from_string = strtotime($date_from); $date_to_string = strtotime($date_to) + 86400; $attendance = $this->get_atendence_data($user->id, $date_from_string, $date_to_string, $course); $view = View::factory('attendance/user_view_list')->bind('attendance', $attendance); $response = $this->response->body($view)->body(); echo json_encode(array('response' => $response)); }
/** * Overwrite delete * dont check on owner id, as the entire tree will be gone * deleted is an array with items */ protected function delete($model) { // check rights if (!Acl::instance()->allowed($this->_controller, 'delete', $model->owner_id, $model->website_id)) { throw HTTP_Exception::factory(403, 'Delete not allowed on :controller :id', array(':controller' => $this->_controller, ':id' => $model->id)); } // call hook Event::raise($this, Event::BEFORE_DELETE, array('model' => $model)); //delete $deleted = $model->delete(); // call hook Event::raise($this, Event::AFTER_DELETE, array('deleted' => $deleted)); }
public function action_index() { $sort = $this->request->param('sort', 'name'); $order = $this->request->param('order', 'ASC'); Session::instance()->delete('course_id'); $criteria = array('user' => Acl::instance()->relevant_user(), 'filters' => array('name' => $this->request->param('filter_name'), 'access_code' => $this->request->param('filter_access_code'), 'start_date' => $this->request->param('filter_start_date'), 'end_date' => $this->request->param('filter_end_date'))); $total = Model_Course::courses_total($criteria); $pagination = Pagination::factory(array('total_items' => $total, 'items_per_page' => 5)); $criteria = array_merge($criteria, array('sort' => $sort, 'order' => $order, 'limit' => $pagination->items_per_page, 'offset' => $pagination->offset)); $courses = Model_Course::courses($criteria); $sorting = new Sort(array('Course' => 'name', 'Access Code' => 'access_code', 'Start Date' => 'start_date', 'End Date' => 'end_date', 'Actions' => '')); $url = 'course/index'; if ($this->request->param('filter_name')) { $url .= '/filter_name/' . $this->request->param('filter_name'); $filter = $this->request->param('filter_name'); $filter_select = 'filter_name'; } if ($this->request->param('filter_access_code')) { $url .= '/filter_access_code/' . $this->request->param('filter_access_code'); $filter = $this->request->param('filter_access_code'); $filter_select = 'filter_access_code'; } if ($this->request->param('filter_start_date')) { $url .= '/filter_start_date/' . $this->request->param('filter_start_date'); $filter = $this->request->param('filter_start_date'); $filter_select = 'filter_start_date'; } if ($this->request->param('filter_end_date')) { $url .= '/filter_end_date/' . $this->request->param('filter_end_date'); $filter = $this->request->param('filter_end_date'); $filter_select = 'filter_end_date'; } $sorting->set_link($url); $sorting->set_order($order); $sorting->set_sort($sort); $heading = $sorting->render(); // Render the pagination links $pagination = $pagination->render(); $links = array('add' => Html::anchor('/course/add/', 'Create a course', array('class' => 'createButton l')), 'delete' => URL::site('/course/delete/'), 'join' => Html::anchor('/course/join/', 'Join Course', array('class' => 'pageAction c'))); $table = array('heading' => $heading, 'data' => $courses); $filter_name = $this->request->param('filter_name'); $filter_access_code = $this->request->param('filter_access_code'); $filter_start_date = $this->request->param('filter_start_date'); $filter_end_date = $this->request->param('filter_end_date'); $filter_url = URL::site('course/index'); $success = Session::instance()->get('success'); Session::instance()->delete('success'); $view = View::factory('course/list')->bind('table', $table)->bind('count', $total)->bind('links', $links)->bind('pagination', $pagination)->bind('filter', $filter)->bind('filter_select', $filter_select)->bind('filter_url', $filter_url)->bind('success', $success); Breadcrumbs::add(array('Courses', Url::site('course'))); $this->content = $view; }
public static function get_total_feeds($data = array()) { $user = Acl::instance()->relevant_user(); if (!$user) { $user = Auth::instance()->get_user(); } // TODO the streams for the current user can be cached $user_streams = Model_Feedstream::user_streams(null, Arr::get($data, 'course_id')); $streams = $user_streams->as_array(null, 'id'); if (!$streams) { return array(); } $feed = ORM::factory('feed')->join('feeds_feedstreams')->on('feeds.id', ' = ', 'feeds_feedstreams.feed_id')->where('feedstream_id', ' IN ', $streams); return $feed->count_all(); }
/** * Get module navigation */ public function action_module() { // get request $request = Request::initial(); // get settings $settings = Settings::factory($request->controller()); // navigation viewer $navigation = Viewer::instance('Navigation')->settings($settings->get('navigation'))->request(Request::initial())->acl(Acl::instance()); // create view $view = View::factory($settings->get('view.navigation'), array('navigation' => $navigation)); // raise event Event::raise($this, Event::BEFORE_NAVIGATION_RENDER, array('navigation' => $navigation)); // render view $this->response->body($view->render()); }
/** * 用户 acl对象初始化 * @return acl */ public static function acl_init() { /* 用户详情 */ $manager = role::get_manager(); $username = $manager["username"]; $action_resourses = role::get_action_resources(); // Role 权限注册表 $acl = Acl::instance(); $acl->add_role($username); for ($i = 0; $i < count($action_resourses); $i++) { $acl->allow($username, null, $action_resourses[$i]); } self::_cache($acl); return $acl; }