function smarty_block_isAllowed($params, $content, $smarty, $repeat) { $tpl_vars = $smarty->_tpl_vars; // only output on the closing tag if (!$repeat) { if (isset($content) && isset($params['controller'])) { if (Bolts_ResourceCheck::isAllowed($params['resource'], $params['module'], $params['username'], $params['controller'])) { return $content; } else { return null; } } if (isset($content) && !isset($params['controller'])) { if (Bolts_ResourceCheck::isAllowed($params['resource'], $params['module'], $params['username'])) { return $content; } else { return null; } } } }
function init() { $params = array('username' => null); $modules_table = new Modules("core"); $roles_table = new Roles(); $enabled_modules = $modules_table->getEnabledModules(); foreach ($enabled_modules as $enabled_module) { $this->view->{"module_" . $enabled_module} = true; } if (!empty($_SERVER['HTTPS'])) { $this->view->is_ssl = true; $this->_is_ssl = true; } else { $this->view->is_ssl = false; $this->_is_ssl = false; } $this->_uri = $_SERVER['REQUEST_URI']; $this->_host_id = Zend_Registry::get('host_id'); $this->view->host_id = $this->_host_id; $this->view->session_id = Zend_Session::getId(); $this->view->site_url = Bolts_Registry::get('site_url'); $this->view->site_name = Bolts_Registry::get('site_name'); $this->registry = Zend_Registry::getInstance(); $this->session = new Zend_Session_Namespace('Default'); $this->_mca = $this->_request->getModuleName() . "_" . $this->_request->getControllerName() . "_" . $this->_request->getActionName(); $this->view->mca = str_replace("_", "-", $this->_mca); $this->view->controller_name = $this->_request->getControllerName(); $this->module_name = $this->_request->getModuleName(); $this->view->module_name = $this->_request->getModuleName(); $this->view->action_name = $this->_request->getActionName(); $this->_auth = Zend_Auth::getInstance(); if ($this->_auth->hasIdentity()) { $this->_identity = $this->_auth->getIdentity(); $this->view->isLoggedIn = true; $params['username'] = $this->_identity->username; $users_table = new Users(); $loggedInUser = $users_table->fetchByUsername($this->_identity->username); if (!is_null($loggedInUser)) { $this->_loggedInUser = $loggedInUser; $this->view->loggedInUser = $loggedInUser->toArray(); } $this->view->loggedInUsername = $this->_identity->username; $this->view->loggedInFullName = $this->_identity->full_name; $loggedInRoleIds = $roles_table->getRoleIdsByUsername($this->_identity->username); $this->view->loggedInRoleIds = $loggedInRoleIds; foreach ($loggedInRoleIds as $role_id) { $role = $roles_table->fetchRow('id = ' . $role_id); if ((bool) $role->isadmin) { $this->view->isAdmin = true; $this->_identity->isAdmin = true; } } } else { $this->_identity = null; $this->view->isLoggedIn = false; } $appNamespace = new Zend_Session_Namespace('Bolts_Temp'); $this->view->last_login = $appNamespace->last_login; $this->_Bolts_plugin = Bolts_Plugin::getInstance(); $this->_theme_locations = Zend_Registry::get('theme_locations'); // Theme filter block: Allow plugin's to alter the current theme based on request, locale, etc. $theme_params = array('request' => $this->_request, 'admin' => array('current_theme' => $this->_theme_locations['admin']['current_theme']), 'frontend' => array('current_theme' => $this->_theme_locations['frontend']['current_theme'])); $theme_params = $this->_Bolts_plugin->doFilter('current_themes', $theme_params); // FILTER HOOK if (file_exists($theme_params['admin']['current_theme']['path'])) { $this->_theme_locations['admin']['current_theme'] = $theme_params['admin']['current_theme']; } if (file_exists($theme_params['frontend']['current_theme']['path'])) { $this->_theme_locations['frontend']['current_theme'] = $theme_params['frontend']['current_theme']; $template_path = $this->_theme_locations['frontend']['current_theme']['path'] . "/modules/" . $this->getRequest()->getModuleName(); $this->view->setScriptPath($template_path); } // Theme filter block: End. $this->view->theme_path = $this->_theme_locations['frontend']['current_theme']['path']; $this->view->theme_url = $this->_theme_locations['frontend']['current_theme']['url']; $this->view->theme_global_path = $this->_theme_locations['frontend']['current_theme']['path'] . "/global"; $this->view->theme_global = $this->view->theme_global_path; $this->view->theme_controller_path = $this->_theme_locations['frontend']['current_theme']['path'] . '/modules/' . $this->getRequest()->getModuleName() . "/" . $this->getRequest()->getControllerName(); $this->view->theme_module_path = $this->_theme_locations['frontend']['current_theme']['path'] . '/modules/' . $this->getRequest()->getModuleName(); $this->view->default_theme_path = $this->_theme_locations['frontend']['default_theme']['path']; $this->view->default_theme_url = $this->_theme_locations['frontend']['default_theme']['url']; $this->view->default_theme_global_path = $this->_theme_locations['frontend']['default_theme']['path'] . "/global"; $this->view->default_theme_controller_path = $this->_theme_locations['frontend']['default_theme']['path'] . '/modules/' . $this->getRequest()->getModuleName() . "/" . $this->getRequest()->getControllerName(); $this->view->default_theme_module_path = $this->_theme_locations['frontend']['default_theme']['path'] . '/modules/' . $this->getRequest()->getModuleName(); Bolts_Log::report("Current path " . $this->_mca, null, Zend_Log::INFO); $this->view->isAdminController = false; $this->view->title_prefix = Bolts_Registry::get('title_prefix'); $locale_is_valid = true; $default_locale_code = str_replace('_', '-', trim(strtolower(Bolts_Registry::get('default_locale')))); $this->locale_code = $default_locale_code; if (Bolts_Registry::get('enable_localization') == '1') { // to set the locale code, look in the URL, not in the cookie // the only thing that should check the cookie is the home page and optionally the locale chooser page $locales_table = new Locales(); $db_locales_full = $locales_table->getLocaleCodesArray(true); $db_locales = array_keys($db_locales_full); // Get the locales allowed in the config $allowed_locales = explode(',', Bolts_Registry::get('allowed_locales')); if (!empty($allowed_locales) && (bool) array_filter($allowed_locales)) { $allowed_locales = array_map('trim', $allowed_locales); $allowed_locales = array_map('strtolower', $allowed_locales); $allowed_locales = str_replace('_', '-', $allowed_locales); } else { throw new Exception('Localization is enabled, but no locales are set in `allowed_locales`'); } // Load the allowed locales into Smarty for the admin drop down $all_locales = array(); foreach ($db_locales_full as $code => $name) { if (in_array($code, $allowed_locales)) { $all_locales[$code] = $name; } } $this->view->locale_codes = $all_locales; // Get the locales allowed on the frontend in the config $live_locales = explode(',', Bolts_Registry::get('live_locales')); if (!empty($live_locales) && (bool) array_filter($live_locales)) { $live_locales = array_map('trim', $live_locales); $live_locales = array_map('strtolower', $live_locales); $live_locales = str_replace('_', '-', $live_locales); $this->live_locales = $live_locales; } else { throw new Exception('Localization is enabled, but no locales are set in `live_locales`'); } if ($this->_request->has('locale') && $this->_request->locale != '') { $locale_code = $this->_request->get('locale'); if ($locale_code !== $default_locale_code) { if (ereg("^..-.{2,5}", $locale_code) !== false) { // Get the locales out of the database if (!in_array($locale_code, $db_locales) || !in_array($locale_code, $allowed_locales)) { $locale_is_valid = false; } if ($this->view->isAdmin !== true) { if (!in_array($locale_code, $this->live_locales)) { $locale_is_valid = false; } } } else { $locale_is_valid = false; } } if ($locale_is_valid) { $store_locales = explode(',', Bolts_Registry::get('store_enabled_locales')); if (!empty($store_locales) && (bool) array_filter($store_locales)) { $store_locales = array_map('trim', $store_locales); $store_locales = array_map('strtolower', $store_locales); $store_locales = str_replace('_', '-', $store_locales); if (!in_array($locale_code, $store_locales)) { $this->view->store_enabled = false; } else { $this->view->store_enabled = true; } } else { $this->view->store_enabled = false; } } $locale_params = array('request' => $this->_request, 'locale_code' => $locale_code, 'locale_is_valid' => $locale_is_valid); $locale_params = $this->_Bolts_plugin->doFilter('validate_locale', $locale_params); // FILTER HOOK $locale_code = $locale_params['locale_code']; $locale_is_valid = $locale_params['locale_is_valid']; if ($locale_is_valid == true) { // The locale is good. $this->locale_code = $locale_code; $this->default_locale_code = $default_locale_code; $this->view->locale_code = $locale_code; $this->view->default_locale_code = $default_locale_code; $this->view->request_locale = $locale_code; $this->view->default_locale_code = $default_locale_code; } else { if (strtolower($locale_code) !== $locale_code) { // The locale is probably just upper case. Try lower case. $this->locale_code = strtolower($locale_code); $url = str_replace("/{$locale_code}/", '/', $_SERVER['REDIRECT_URL']); // See Apache Quirks: http://framework.zend.com/manual/en/zend.controller.request.html $this->_redirect($url, array('code' => 301)); } else { // This locale is just bad. $this->locale_code = $default_locale_code; $this->view->locale_code = $default_locale_code; // Checking hasIdentity() here would be incorrect, as guests do not have identities, but may have access to this action if (@Bolts_ResourceCheck::isAllowed("choose", "default", $this->_identity->username, 'Locale')) { $this->_redirect("/bolts/locale/choose/"); } else { if (empty($this->_request->locale)) { $this->_redirect("/", array('code' => 301)); } else { $this->_redirect("/bolts/auth/missing/"); } } } } } elseif ($this->_mca == "default_index_index" && isset($_COOKIE['locale_code'])) { $this->_redirect("/" . $_COOKIE['locale_code'] . "/", array(), false); } else { // Checking hasIdentity() here would be incorrect, as guests do not have identities, but may have access to this action if (@Bolts_ResourceCheck::isAllowed("choose", "default", $this->_identity->username, 'Locale')) { $this->_redirect($default_locale_code . "/bolts/locale/choose/"); } else { $this->_redirect($default_locale_code . "/bolts/auth/missing/"); } } } $this->view->custom_metadata = Bolts_Registry::get('custom_metadata'); $language = substr($this->locale_code, 0, strpos($this->locale_code, '-')); // TODO - these should not be hardcoded here switch ($language) { case 'de': $this->view->format_date = "%e. %b. %Y, %l:%M Uhr"; $this->view->format_datetime = "%A, %e. %B %Y um %l:%M:%S%p Uhr"; $this->view->format_datetime_small = "%e %b %Y, %l:%M%p"; break; case 'fr': $this->view->format_date = "%e %b %Y, %l:%M:%S"; $this->view->format_datetime = "%A %e %B %Y à %l:%M:%S%p"; $this->view->format_datetime_small = "%e %b %Y, %l:%M%p"; break; default: $this->view->format_date = Bolts_Registry::get('format_date'); $this->view->format_datetime = Bolts_Registry::get('format_datetime'); $this->view->format_datetime_small = Bolts_Registry::get('format_datetime_small'); break; } $this->view->current_year = date("Y"); // SAVED FOR FUTURE USE - changing the language pack based on locale // $locale_table = new Locales(); // $locale_data = $locale_table->fetchByLocaleCode($this->view->locale_code); // if (count($locale_data) > 0) { // $this->locale_data = $locale_data['0']; // $this->view->locale_data = $this->locale_data; // $lan_pk = $this->locale_data['language_code'].'_'.$this->locale_data['country_code'].'.UTF-8'; // setlocale(LC_ALL, $lan_pk); // setlocale(LC_NUMERIC, 'en_US.UTF-8'); // setlocale(LC_COLLATE, 'en_US.UTF-8'); // } // this is a way to force the browser to reload some scripts if (Bolts_Registry::get('uncache_css_js_version')) { $this->view->uncache_version = "?v=" . Bolts_Registry::get('uncache_css_js_version'); } if (Bolts_Registry::get('uncache_flash_version')) { $this->view->uncache_flash = "?v=" . Bolts_Registry::get('uncache_flash_version'); } // Set the content type to UTF-8 header('Content-type: text/html; charset=UTF-8'); // get navigation items from database or cache // check for role of identity, if we don't have one, use guest. // TODO - move this to the place where role is determined, there should only be one place if ($this->_auth->hasIdentity()) { $tmp_ids = $loggedInRoleIds; $this->my_roles = $roles_table->fetchRolesByUsername($this->_identity->username)->toArray(); $username = $this->_identity->username; $this->view->username = $username; } else { $tmp_ids = array($roles_table->getIdByShortname("guest")); $this->my_roles = array(0 => array("id" => "1", "shortname" => "guest", "description" => "Guest", "is_admin" => "0", "isguest" => "1", "isdefault" => "0")); } $this->view->my_roles = $this->my_roles; // find the parent roles, add the parent role IDs to the nav_role_ids for inheritance. $nav_parent_role_ids = array(); foreach ($tmp_ids as $nav_role) { $nav_parent_role_ids = array_merge($nav_parent_role_ids, $roles_table->getAllAncestors($nav_role)); } $nav_role_ids = array(); $nav_role_ids = array_merge($nav_parent_role_ids, $tmp_ids); $unique_ids = array_unique($nav_role_ids); sort($unique_ids); $nav_table = new Navigation($unique_ids, $this->locale_code); $cache_name = 'navigation_' . $this->locale_code . '-' . md5(implode($unique_ids, "-")); // MD5 The Unique IDs to shorten the cache name $cache_tags = array('navigation', $this->locale_code); $nav_items_temp = false; if (Bolts_Registry::get('enable_navigation_cache') == '1') { $nav_items_temp = Bolts_Cache::load($cache_name); } if ($nav_items_temp === false || !isset($nav_items_temp)) { $nav_items_temp = array(); foreach ($unique_ids as $nav_role_id) { $nav_items_temp = array_merge($nav_items_temp, $nav_table->getNavTree($nav_role_id)); } if (Bolts_Registry::get('enable_navigation_cache') == '1') { Bolts_Cache::save($nav_items_temp, $cache_name, $cache_tags); } } $navparams = array('nav_items' => $nav_items_temp, 'request' => $this->_request, 'locale_code' => $this->locale_code); $navparams = $this->_Bolts_plugin->doFilter('controller_nav', $navparams); // FILTER HOOK $this->view->nav_items = $navparams['nav_items']; // TODO - Rich fix this // // VIEW STATES // if (!$this->session->view_states) { // $this->session->view_states = array(); // } // // TODO - allow use of regular expressions such as /auth/* // $last_visited_pages_filter = explode('|', Bolts_Registry::get('last_visited_pages_filter')); // if (!in_array($this->_uri, $last_visited_pages_filter)) { // $this->session->view_states['last_visited'] = $this->_uri; // } // $this->view->view_states = $this->session->view_states; // CONTROLLER INIT HOOK $params['request'] = $this->_request; $params['locale_code'] = $this->locale_code; $params['session'] = $this->session; $additional = $this->_Bolts_plugin->doFilter('controller_init', $params); // FILTER HOOK unset($additional['request']); // we don't want to send the request to the view if (isset($additional['filter_redirect'])) { $this->_redirect($additional['filter_redirect']); } foreach ($additional as $key => $value) { $this->view->{$key} = $value; } }
public function _bumpRegionalAccess($bypass = null) { $roles_table = new Roles(); $roles_resources_table = new RolesResources(); if (isset($this->resource_locale)) { $resource_locale = $this->resource_locale; } else { $resource_locale = $this->locale_code; } $role_lock = array(); if ($this->_identity->isAdmin) { $role_lock = @Bolts_ResourceCheck::isAllowed("locale_specific_admin_role", "default", $this->_identity->username); } if (count($role_lock) > 0) { //user is under some type of locale restriction $shortnames = array(); if (is_array($role_lock)) { foreach ($role_lock as $i) { $shortnames[] = $roles_table->getShortnameById($i); //get the shortnames of the locked roles } } $match = array(); foreach ($shortnames as $sn) { if (stristr($sn, $resource_locale)) { //we've got an access match to a shortname locale $match[] = array("id" => $roles_table->getIdByShortname($sn), "shortname" => $sn); } else { $no_match[] = array("id" => $roles_table->getIdByShortname($sn), "shortname" => $sn); } } $access = array(); if (count($match) > 0 || count($bypass) > 0) { if (count($match) > 0) { foreach ($match as $m) { $m_in = $this->_checkMatch($m['id']); if (count($m_in) > 0) { foreach ($m_in as $m) { $access[] = array("id" => $m, "shortname" => $roles_table->getShortnameById($m)); } } } } if (count($bypass) > 0) { foreach ($bypass as $bp) { $b_in = $this->_checkMatch($bp); if (count($b_in) > 0) { foreach ($b_in as $b) { $access[] = array("id" => $b, "shortname" => $roles_table->getShortnameById($b)); } } } } } if (count($access) === 0) { //if no access we have to put them somewhere they belong. $allowed = array(); foreach ($shortnames as $allowed_locales) { $allowed[] = strtolower(substr($allowed_locales, -5)); } if (!in_array($this->locale_code, $allowed) && count($allowed) > 0) { $this->locale_code = $allowed[0]; } $this->_redirect('/bolts/admin/index'); // bump to dashboard. } else { $this->restricted_role_id = $access; return $access; } } }