function isAllowed($allowedGroups, $groups = null) { if ($allowedGroups == 'all') { return true; } if ($allowedGroups == 'none') { return false; } $my = JFactory::getUser(); if (empty($groups) and empty($my->id)) { return false; } if (empty($groups)) { if (version_compare(JVERSION, '1.6.0', '<')) { $groups = $my->gid; } else { $groups = JAccess::getGroupsByUser($my->id); } } if (!is_array($allowedGroups)) { $allowedGroups = explode(',', trim($allowedGroups, ',')); } if (is_array($groups)) { $inter = array_intersect($groups, $allowedGroups); if (empty($inter)) { return false; } return true; } else { return in_array($groups, $allowedGroups); } }
/** * display method of playjoom view * @return void */ public function display($tpl = null) { $dispatcher = JDispatcher::getInstance(); //Get User Objects $user = JFactory::getUser(); $canDo = PlayJoomHelper::getActions(); // get the Data $this->form = $this->get('Form'); $this->item = $this->get('Item'); $this->script = $this->get('Script'); $this->OptionsNewCover = $this->get('OptionsNewCover'); // Check for errors. if (count($errors = $this->get('Errors'))) { JError::raiseError(500, implode('<br />', $errors)); $dispatcher->trigger('onEventLogging', array(array('method' => __METHOD__ . ":" . __LINE__, 'message' => 'Problem with database query. Error500: ' . implode('<br />', $errors), 'priority' => JLog::ERROR, 'section' => 'admin'))); return false; } if ($canDo->get('core.edit') || $canDo->get('core.create') && !JRequest::getVar('id') || JAccess::check($user->get('id'), 'core.admin') == 1) { // Set the toolbar $this->addToolBar(); // Display the template $dispatcher->trigger('onEventLogging', array(array('method' => __METHOD__ . ":" . __LINE__, 'message' => 'Load template for cover viewer.', 'priority' => JLog::INFO, 'section' => 'admin'))); parent::display($tpl); } else { $dispatcher->trigger('onEventLogging', array(array('method' => __METHOD__ . ":" . __LINE__, 'message' => 'Can not displaying cover viewer. ' . JText::_('JERROR_ALERTNOAUTHOR'), 'priority' => JLog::WARNING, 'section' => 'admin'))); JError::raiseWarning(404, JText::_('JERROR_ALERTNOAUTHOR')); } // Set the document $this->setDocument(); }
/** * Overloaded bind function to pre-process the params. * * @param array $array Named array * @param mixed $ignore Optional array or list of parameters to ignore * * @return null|string null is operation was satisfactory, otherwise returns an error * * @see JTable:bind * @since 1.5 */ public function bind($array, $ignore = '') { $input = JFactory::getApplication()->input; $task = $input->getString('task', ''); if (($task == 'save' || $task == 'apply') && (!JFactory::getUser()->authorise('core.edit.state', 'com_autofilter') && $array['state'] == 1)) { $array['state'] = 0; } if ($array['id'] == 0) { $array['created_by'] = JFactory::getUser()->id; } if (isset($array['params']) && is_array($array['params'])) { $registry = new JRegistry(); $registry->loadArray($array['params']); $array['params'] = (string) $registry; } if (isset($array['metadata']) && is_array($array['metadata'])) { $registry = new JRegistry(); $registry->loadArray($array['metadata']); $array['metadata'] = (string) $registry; } if (!JFactory::getUser()->authorise('core.admin', 'com_autofilter.categorie.' . $array['id'])) { $actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_autofilter/access.xml', "/access/section[@name='categorie']/"); $default_actions = JAccess::getAssetRules('com_autofilter.categorie.' . $array['id'])->getData(); $array_jaccess = array(); foreach ($actions as $action) { $array_jaccess[$action->name] = $default_actions[$action->name]; } $array['rules'] = $this->JAccessRulestoArray($array_jaccess); } // Bind the rules for ACL where supported. if (isset($array['rules']) && is_array($array['rules'])) { $this->setRules($array['rules']); } return parent::bind($array, $ignore); }
/** * Check if a user can administer the community */ public static function isCommunityAdmin($userid = null) { static $resultArr; if (isset($resultArr[$userid])) { return $resultArr[$userid]; } //for Joomla 1.6 afterward checking $jUser = CFactory::getUser($userid); if ($jUser instanceof CUser && method_exists($jUser, 'authorise')) { // group 6 = manager, 7 = administrator if ($jUser->authorise('core.admin') || in_array('7', JAccess::getGroupsByUser($userid))) { $resultArr[$userid] = true; return true; } else { $resultArr[$userid] = false; return false; } } //for joomla 1.5 $my = CFactory::getUser($userid); $cacl = CACL::getInstance(); $usergroup = $cacl->getGroupsByUserId($my->id); $admingroups = array(0 => 'Super Administrator', 1 => 'Administrator', 2 => 'Manager', 3 => 'Super Users'); return in_array($usergroup, $admingroups); //return ( $my->usertype == 'Super Administrator' || $my->usertype == 'Administrator' || $my->usertype == 'Manager' ); }
/** * display method of playjoom view * @return void */ public function display($tpl = null) { //Get User Objects $user = JFactory::getUser(); $canDo = PlayJoomHelper::getActions(); // get the Data $form = $this->get('Form'); $item = $this->get('Item'); $script = $this->get('Script'); // Check for errors. if (count($errors = $this->get('Errors'))) { JError::raiseError(500, implode('<br />', $errors)); return false; } // Assign the Data $this->form = $form; $this->item = $item; $this->script = $script; if ($canDo->get('core.edit') || $canDo->get('core.create') && !JRequest::getVar('id') || JAccess::check($user->get('id'), 'core.admin') == 1) { // Set the toolbar $this->addToolBar(); // Display the template parent::display($tpl); } else { JError::raiseWarning(404, JText::_('JERROR_ALERTNOAUTHOR')); } // Set the document $this->setDocument(); }
public static function getList(&$params) { // Get the dbo $db = JFactory::getDbo(); // Get an instance of the generic tracks model $model = JModelLegacy::getInstance('Sections', 'PlayjoomModel', array('ignore_request' => true)); // Set application parameters in model $app = JFactory::getApplication(); $appParams = $app->getParams(); $model->setState('params', $appParams); // Set the filters based on the module params $model->setState('list.start', 0); $model->setState('list.limit', (int) $params->get('count', 5)); // Access filter $access = !JComponentHelper::getParams('com_playjoom')->get('show_noauth', 1); $authorised = JAccess::getAuthorisedViewLevels(JFactory::getUser()->get('id')); $ordering = 'a.access_datetime'; $dir = 'DESC'; $model->setState('list.ordering', $ordering); $model->setState('list.direction', $dir); $items = $model->getItems(); //create item link foreach ($items as &$item) { //Check for Trackcontrol if (JPluginHelper::isEnabled('playjoom', 'trackcontrol') == false) { $item->link = null; } else { $item->link = JRoute::_('index.php?option=com_playjoom&view=broadcast&id=' . $item->id); } $item->accessinfo = modLastPlayedHelper::GetTimeInfoList($item->access_datetime, $params, 'access'); } return $items; }
/** * Displays a list of user groups. * * @param boolean true to include super admin groups, false to exclude them * * @return array An array containing a list of user groups. * * @since 11.4 */ public static function groups($includeSuperAdmin = false) { $db = JFactory::getDbo(); $query = $db->getQuery(true); $query->select('a.id AS value, a.title AS text, COUNT(DISTINCT b.id) AS level'); $query->from($db->quoteName('#__usergroups') . ' AS a'); $query->join('LEFT', $db->quoteName('#__usergroups') . ' AS b ON a.lft > b.lft AND a.rgt < b.rgt'); $query->group('a.id, a.title, a.lft, a.rgt'); $query->order('a.lft ASC'); $db->setQuery($query); $options = $db->loadObjectList(); // Check for a database error. if ($db->getErrorNum()) { JError::raiseNotice(500, $db->getErrorMsg()); return null; } for ($i = 0, $n = count($options); $i < $n; $i++) { $options[$i]->text = str_repeat('- ', $options[$i]->level) . $options[$i]->text; $groups[] = JHtml::_('select.option', $options[$i]->value, $options[$i]->text); } // Exclude super admin groups if requested if (!$includeSuperAdmin) { $filteredGroups = array(); foreach ($groups as $group) { if (!JAccess::checkGroup($group->value, 'core.admin')) { $filteredGroups[] = $group; } } $groups = $filteredGroups; } return $groups; }
function edit() { JEVHelper::stylesheet('eventsadmin.css', 'administrator/components/' . JEV_COM_COMPONENT . '/assets/css/'); $document =& JFactory::getDocument(); $document->setTitle(JText::_('COM_JEVENTS_CONFIGURATION')); // Set toolbar items for the page JToolBarHelper::title(JText::_('COM_JEVENTS_CONFIGURATION'), 'jevents'); //APPLY BUTTON BY PRAKASH. JToolBarHelper::apply('params.apply'); //APPLY BUTTON JToolBarHelper::save('params.save'); JToolBarHelper::cancel('cpanel.cpanel'); $model = $this->getModel(); $this->params =& $model->getParams(); $component = JComponentHelper::getComponent(JEV_COM_COMPONENT); JHTML::_('behavior.tooltip'); if (JVersion::isCompatible("1.6.0")) { // Get the actions for the asset. $actions = JAccess::getActions(JEV_COM_COMPONENT, "component"); jimport('joomla.form.form'); // Add the search path for the admin component config.xml file. JForm::addFormPath(JPATH_ADMINISTRATOR . '/components/' . JEV_COM_COMPONENT); // Get the form. $modelForm = $model->getForm(); $this->assignRef("form", $modelForm); } }
protected function auth($area) { //echo '<pre>' . print_r(JAccess::getActions('com_chessvn','gamechat'),true).'</pre>';die(); $aclLocal = array(); foreach (JAccess::getActions('com_chessvn', 'gamechat') as $ar) { $aclLocal[] = $ar->name; } if (in_array($area, $aclLocal)) { return $this->user->authorise($area, 'com_chessvn', 'gamechat'); } else { $aclGlobal = array(); foreach (JAccess::getActions('com_chessvn') as $ar) { $aclGlobal[] = $ar->name; } if (in_array($area, $aclGlobal)) { if (!empty($aclLocal)) { JFactory::getApplication()->enqueueMessage('Undefined authorization area: ' . $area . ' -- fall back on component acl', 'Warning'); } return $this->user->authorise($area, 'com_chessvn'); } else { JFactory::getApplication()->enqueueMessage('Undefined authorization area: ' . $area . ' -- NO fall back found', 'Error'); return true; } } }
/** * Method to save the configuration data. * * @param array $data An array containing all global config data. * * @return boolean True on success, false on failure. * * @since 1.6 */ public function save($data) { $app = JFactory::getApplication(); // Save the rules if (isset($data['rules'])) { $rules = new JAccessRules($data['rules']); // Check that we aren't removing our Super User permission // Need to get groups from database, since they might have changed $myGroups = JAccess::getGroupsByUser(JFactory::getUser()->get('id')); $myRules = $rules->getData(); $hasSuperAdmin = $myRules['core.admin']->allow($myGroups); if (!$hasSuperAdmin) { $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_REMOVING_SUPER_ADMIN'), 'error'); return false; } $asset = JTable::getInstance('asset'); if ($asset->loadByName('root.1')) { $asset->rules = (string) $rules; if (!$asset->check() || !$asset->store()) { $app->enqueueMessage(JText::_('SOME_ERROR_CODE'), 'error'); return; } } else { $app->enqueueMessage(JText::_('COM_CONFIG_ERROR_ROOT_ASSET_NOT_FOUND'), 'error'); return false; } } // Clear cache of com_config component. $this->cleanCache('_system', 0); $this->cleanCache('_system', 1); }
/** * Prepare data hook. * * @return void */ protected function prepareData() { require_once JPATH_SITE . '/components/com_content/helpers/route.php'; $app = JFactory::getApplication(); $data = $this->getData(); $data->params = JComponentHelper::getParams('com_content'); $data->user = $user = JUser::getInstance($app->input->getUsername('username')); JModelLegacy::addIncludePath(\Windwalker\Helper\PathHelper::getSite('com_content') . '/models'); $model = JModelLegacy::getInstance('Articles', 'ContentModel', array('ignore_request' => true)); $model->setState('params', $data->params); $access = !JComponentHelper::getParams('com_content')->get('show_noauth'); $authorised = JAccess::getAuthorisedViewLevels(JFactory::getUser()->get('id')); $model->setState('filter.published', 1); $model->setState('filter.access', $access); $model->setState('filter.author_id', (int) $user->id); $model->setState('list.ordering', 'a.created'); $model->setState('list.direction', 'DESC'); $model->setState('list.limit', 10); $data->items = $model->getItems(); $data->pagination = $model->getPagination(); foreach ($data->items as &$item) { $item->slug = $item->id . ':' . $item->alias; $item->catslug = $item->catid . ':' . $item->category_alias; $item->params = $data->params; if ($access || in_array($item->access, $authorised)) { // We know that user has the privilege to view the article $item->link = JRoute::_(ContentHelperRoute::getArticleRoute($item->slug, $item->catid, $item->language)); } else { $item->link = JRoute::_('index.php?option=com_users&view=login'); } $item->parent_slug = $item->parent_alias ? $item->parent_id . ':' . $item->parent_alias : $item->parent_id; // No link for ROOT category if ($item->parent_alias == 'root') { $item->parent_slug = null; } $item->event = new stdClass(); $dispatcher = JEventDispatcher::getInstance(); // Old plugins: Ensure that text property is available if (!isset($item->text)) { $item->text = $item->introtext; } $app->input->set('option', 'com_content'); $app->input->set('view', 'category'); $app->input->set('layout', 'blog'); JPluginHelper::importPlugin('content'); $dispatcher->trigger('onContentPrepare', array('com_content.category', &$item, &$item->params, 0)); // Old plugins: Use processed text as introtext $item->introtext = $item->text; $results = $dispatcher->trigger('onContentAfterTitle', array('com_content.category', &$item, &$item->params, 0)); $item->event->afterDisplayTitle = trim(implode("\n", $results)); $results = $dispatcher->trigger('onContentBeforeDisplay', array('com_content.category', &$item, &$item->params, 0)); $item->event->beforeDisplayContent = trim(implode("\n", $results)); $results = $dispatcher->trigger('onContentAfterDisplay', array('com_content.category', &$item, &$item->params, 0)); $item->event->afterDisplayContent = trim(implode("\n", $results)); $app->input->set('option', 'com_userxtd'); $app->input->set('view', 'content'); $app->input->set('layout', 'default'); } $this->setTitle(); }
/** * Override getItems method. * * @return array * @since 1.6 */ public function getItems() { $groupId = $this->getState('filter.group_id'); if (($assets = parent::getItems()) && $groupId) { $actions = $this->getDebugActions(); foreach ($assets as &$asset) { $asset->checks = array(); foreach ($actions as $action) { $name = $action[0]; $level = $action[1]; // Check that we check this action for the level of the asset. if ($action[1] === null || $action[1] >= $asset->level) { // We need to test this action. $asset->checks[$name] = JAccess::checkGroup($groupId, $action[0], $asset->name); } else { // We ignore this action. $asset->checks[$name] = 'skip'; } } } } return $assets; }
public static function getList(&$params) { // Get the dbo $db = JFactory::getDbo(); // Get an instance of the generic articles model $model = JModelLegacy::getInstance('Articles', 'ContentModel', array('ignore_request' => true)); // Set application parameters in model $app = JFactory::getApplication(); $appParams = $app->getParams(); $model->setState('params', $appParams); // Set the filters based on the module params $model->setState('list.start', 0); $model->setState('list.limit', (int) $params->get('count', 10)); $model->setState('filter.published', 1); // Access filter $access = !JComponentHelper::getParams('com_content')->get('show_noauth'); $authorised = JAccess::getAuthorisedViewLevels(JFactory::getUser()->get('id')); $model->setState('filter.access', $access); // Category filter $model->setState('filter.category_id', $params->get('catid', array(), 'title')); // Ordering $model->setState('list.ordering', $params->get('article_ordering', 'a.ordering')); $model->setState('list.direction', $params->get('article_ordering_direction', 'ASC')); $items = $model->getItems(); return $items; }
/** * Получаем доступы для действий. * * @param int $categoryId Id категории. * @param int $messageId Id сообщения. * * @return object */ public static function getActions($categoryId = 0, $messageId = 0) { // Определяем имя ассета (ресурса). if (empty($messageId) && empty($categoryId)) { $assetName = 'com_helloworld'; $section = 'component'; } elseif (empty($messageId)) { $assetName = 'com_helloworld.category.' . (int) $categoryId; $section = 'category'; } else { $assetName = 'com_helloworld.message.' . (int) $messageId; $section = 'message'; } if (empty(self::$actions)) { // Получаем список доступных действий для компонента. $accessFile = JPATH_ADMINISTRATOR . '/components/com_helloworld/access.xml'; $actions = JAccess::getActionsFromFile($accessFile, "/access/section[@name='" . $section . "']/"); // Для сообщения и категорий добавляем действие core.admin. if ($section == 'category' || $section == 'message') { $adminAction = new stdClass(); $adminAction->name = 'core.admin'; array_push($actions, $adminAction); } self::$actions = new JObject(); foreach ($actions as $action) { // Устанавливаем доступы пользователя для действий. self::$actions->set($action->name, JFactory::getUser()->authorise($action->name, $assetName)); } } return self::$actions; }
/** * Method to check if a user is authorised to perform an action, optionally on an asset. * * @param integer Id of the user for which to check authorisation. * @param string The name of the action to authorise. * @param mixed Integer asset id or the name of the asset as a string. Defaults to the global asset node. * @return boolean True if authorised. * @since 1.6 */ public static function check($userId, $action, $asset = null) { if (self::$isRoot) { return true; } else { // Sanitize inputs. $userId = (int) $userId; $action = strtolower(preg_replace('#[\\s\\-]+#', '.', trim($action))); $asset = strtolower(preg_replace('#[\\s\\-]+#', '.', trim($asset))); // Default to the root asset node. if (empty($asset)) { $asset = 1; } // Get the rules for the asset recursively to root if not already retrieved. if (empty(self::$assetRules[$asset])) { self::$assetRules[$asset] = self::getAssetRules($asset, true); } // Get all groups against which the user is mapped. $identities = self::getGroupsByUser($userId); array_unshift($identities, $userId * -1); // Make sure we only check for core.admin once during the run. if (self::$isRoot === null) { if (self::getAssetRules(1)->allow('core.admin', $identities)) { self::$isRoot = true; return true; } else { self::$isRoot = false; } } return self::$assetRules[$asset]->allow($action, $identities); } }
/** * Load user list. * * @throws KunenaExceptionAuthorise */ protected function before() { parent::before(); $config = KunenaConfig::getInstance(); if ($config->userlist_allowed && JFactory::getUser()->guest) { throw new KunenaExceptionAuthorise(JText::_('COM_KUNENA_NO_ACCESS'), '401'); } require_once KPATH_SITE . '/models/user.php'; $this->model = new KunenaModelUser(array(), $this->input); $this->model->initialize($this->getOptions(), $this->getOptions()->get('embedded', false)); $this->state = $this->model->getState(); $this->me = KunenaUserHelper::getMyself(); $this->config = KunenaConfig::getInstance(); $start = $this->state->get('list.start'); $limit = $this->state->get('list.limit'); // Get list of super admins to exclude or not in filter by configuration. $filter = JAccess::getUsersByGroup(8); $finder = new KunenaUserFinder(); $finder->filterByConfiguration($filter)->filterByName($this->state->get('list.search')); $this->total = $finder->count(); $this->pagination = new KunenaPagination($this->total, $start, $limit); $alias = 'ku'; $aliasList = array('id', 'name', 'username', 'email', 'block', 'registerDate', 'lastvisitDate'); if (in_array($this->state->get('list.ordering'), $aliasList)) { $alias = 'a'; } $this->users = $finder->order($this->state->get('list.ordering'), $this->state->get('list.direction') == 'asc' ? 1 : -1, $alias)->start($this->pagination->limitstart)->limit($this->pagination->limit)->find(); }
/** * Gets a list of the actions that can be performed. * * @param integer The category ID. * * @return JObject * @since 1.6 */ public static function getActions($categoryId = 0) { $user = JFactory::getUser(); $result = new JObject; if (empty($categoryId)) { $assetName = 'com_mvceditor'; $level = 'component'; } else { $assetName = 'com_mvceditor.category.'.(int) $categoryId; $level = 'category'; } $actions = JAccess::getActions('com_mvceditor', $level); foreach ($actions as $action) { $result->set($action->name, $user->authorise($action->name, $assetName)); } return $result; }
/** * Overloaded bind function to pre-process the params. * * @param array Named array * * @return null|string null is operation was satisfactory, otherwise returns an error * @see JTable:bind * @since 1.5 */ public function bind($array, $ignore = '') { if (isset($array['params']) && is_array($array['params'])) { $registry = new JRegistry(); $registry->loadArray($array['params']); $array['params'] = (string) $registry; } if (isset($array['metadata']) && is_array($array['metadata'])) { $registry = new JRegistry(); $registry->loadArray($array['metadata']); $array['metadata'] = (string) $registry; } if (!JFactory::getUser()->authorise('core.admin', 'com_mapa.mapadevenezuela.' . $array['id'])) { $actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_mapa/access.xml', "/access/section[@name='mapadevenezuela']/"); $default_actions = JAccess::getAssetRules('com_mapa.mapadevenezuela.' . $array['id'])->getData(); $array_jaccess = array(); foreach ($actions as $action) { $array_jaccess[$action->name] = $default_actions[$action->name]; } $array['rules'] = $this->JAccessRulestoArray($array_jaccess); } //Bind the rules for ACL where supported. if (isset($array['rules']) && is_array($array['rules'])) { $this->setRules($array['rules']); } return parent::bind($array, $ignore); }
/** * Gets a list of the actions that can be performed. * * @param \JUser $user The user object. * @param string $component The component access file path, component base path or option name. * @param string $assetName The asset name * @param integer $categoryId The category ID. * @param integer $id The item ID. * * @return Object */ public static function getActions(\JUser $user, $component, $assetName, $categoryId = 0, $id = 0) { $result = new Object(); // New rules: If path is access file $path = $component; if (!is_file($path)) { // New rules: If path is component base path $path = $path . '/access.xml'; } if (!is_file($path)) { $path = PathHelper::getAdmin($component) . '/etc/access.xml'; } if (!is_file($path)) { $path = PathHelper::getAdmin($component) . '/access.xml'; } if (!$id && !$categoryId) { $section = 'component'; } elseif (!$id && $categoryId) { $section = 'category'; $assetName .= '.category.' . $categoryId; } elseif ($id && !$categoryId) { $section = $assetName; $assetName .= '.' . $assetName . '.' . $id; } else { $section = $assetName; $assetName .= '.' . $assetName; } $actions = \JAccess::getActionsFromFile($path, "/access/section[@name='" . $section . "']/"); foreach ($actions as $action) { $result->set($action->name, $user->authorise($action->name, $assetName)); } return $result; }
/** * Method to get the field options. * * @return array The field option objects. * @since 1.6 */ protected function getOptions() { $options = array(); $db = JFactory::getDbo(); $user = JFactory::getUser(); $query = $db->getQuery(true)->select('a.id AS value, a.title AS text, COUNT(DISTINCT b.id) AS level')->from('#__users_groups AS a')->join('LEFT', $db->quoteName('#__users_groups') . ' AS b ON a.lft > b.lft AND a.rgt < b.rgt'); // Prevent parenting to children of this item. if ($id = $this->form->getValue('id')) { $query->join('LEFT', $db->quoteName('#__users_groups') . ' AS p ON p.id = ' . (int) $id)->where('NOT(a.lft >= p.lft AND a.rgt <= p.rgt)'); } $query->group('a.id, a.title, a.lft, a.rgt')->order('a.lft ASC'); // Get the options. $db->setQuery($query); try { $options = $db->loadObjectList(); } catch (RuntimeException $e) { JError::raiseWarning(500, $e->getMessage()); } // Pad the option text with spaces using depth level as a multiplier. for ($i = 0, $n = count($options); $i < $n; $i++) { // Show groups only if user is super admin or group is not super admin if ($user->authorise('core.admin') || !JAccess::checkGroup($options[$i]->value, 'core.admin')) { $options[$i]->text = str_repeat('- ', $options[$i]->level) . $options[$i]->text; } else { unset($options[$i]); } } // Merge any additional options in the XML definition. $options = array_merge(parent::getOptions(), $options); return $options; }
public function __construct($id, $name, $lft, $rgt, $value, $chietKhau, $chucDanh, $ruleData = null) { $this->_id = $id; $this->_name = $name; $this->_lft = $lft; $this->_rgt = $rgt; $this->_value = $value; $this->_chietKhau = $chietKhau; $this->_chucDanh = $chucDanh; if (!empty($ruleData)) { foreach ($ruleData as $ruleDataItem) { $name = $ruleDataItem['name']; $value = $ruleDataItem['value']; $permissionStatus = JAccess::getPermissionStatusOnGroup($id, $name); if ($permissionStatus == 'inherited') { if (JAccess::checkGroup($id, $name)) { $status = 'allowed'; } else { $status = 'denied'; } } else { $status = $permissionStatus; } $permissionNode = new JPermissionNode($name, $value, $status, $permissionStatus); $this->_permissionNodes[] = $permissionNode; } } }
/** * Method to get the filtering groups (null means no filtering) * * @return array|null array of filtering groups or null. * * @since 1.6 */ protected function getGroups() { // Compute usergroups $db = JFactory::getDbo(); $query = $db->getQuery(true)->select('id')->from('#__usergroups'); $db->setQuery($query); try { $groups = $db->loadColumn(); } catch (RuntimeException $e) { JError::raiseNotice(500, $e->getMessage()); return null; } foreach ($groups as $i => $group) { if (JAccess::checkGroup($group, 'core.admin')) { continue; } if (!JAccess::checkGroup($group, 'core.manage', 'com_messages')) { unset($groups[$i]); continue; } if (!JAccess::checkGroup($group, 'core.login.admin')) { unset($groups[$i]); continue; } } return array_values($groups); }
/** * Creates the page's display * * @since 1.0 */ function display($tpl = null) { $user = JFactory::getUser(); $aid = JAccess::getAuthorisedViewLevels($user->id); // Get model $model = $this->getModel(); // Get category and set category parameters as VIEW's parameters (category parameters are merged with component/page/author parameters already) $category = $this->get('Category'); $params = $category->parameters; // Get various data from the model $items = $this->get('Data'); // Get field values $_vars = null; FlexicontentFields::getItemFields($items, $_vars, $_view = 'category', $aid); // Zero unneeded search index text foreach ($items as $item) { $item->search_index = ''; } // Use &test=1 to test / preview item data of first item if (JRequest::getCmd('test', 0)) { $item = reset($items); echo "<pre>"; print_r($item); exit; } // Output items in JSON FORMAT echo @json_encode($items); }
/** * This method should handle any login logic and report back to the subject * * @access public * @param array holds the user data * @param array array holding options (remember, autoregister, group) * @return boolean True on success * @since 1.5 */ function onLoginUser($user, $options = array()) { jimport('joomla.user.helper'); $instance =& $this->_getUser($user, $options); // if _getUser returned an error, then pass it back. if (JError::isError($instance)) { return $instance; } // If the user is blocked, redirect with an error if ($instance->get('block') == 1) { return JError::raiseWarning('SOME_ERROR_CODE', JText::_('E_NOLOGIN_BLOCKED')); } //Authorise the user based on the group information if (!isset($options['group'])) { $options['group'] = 'USERS'; } jimport('joomla.access.access'); $result = JAccess::check($instance->id, $options['action']); if (!$result) { return JError::raiseWarning(401, JText::_('JError_Login_denied')); } //Mark the user as logged in $instance->set('guest', 0); // Register the needed session variables $session =& JFactory::getSession(); $session->set('user', $instance); // Update the user related fields for the Joomla sessions table. $db = JFactory::getDBO(); $db->setQuery('UPDATE `#__session`' . ' SET `guest` = ' . $db->quote($instance->get('guest')) . ',' . ' `username` = ' . $db->quote($instance->get('username')) . ',' . ' `userid` = ' . (int) $instance->get('id') . ' WHERE `session_id` = ' . $db->quote($session->getId())); $db->query(); // Hit the user last visit field $instance->setLastVisit(); return true; }
/** * Method to get the filtering groups (null means no filtering) * * @return array|null array of filtering groups or null. * @since 1.6 */ protected function getGroups() { // Compute usergroups $db = JFactory::getDbo(); $query = $db->getQuery(true); $query->select('id'); $query->from('#__usergroups'); $db->setQuery($query); $groups = $db->loadColumn(); // Check for a database error. if ($db->getErrorNum()) { JError::raiseNotice(500, $db->getErrorMsg()); return null; } foreach ($groups as $i => $group) { if (JAccess::checkGroup($group, 'core.admin')) { continue; } if (!JAccess::checkGroup($group, 'core.manage', 'com_messages')) { unset($groups[$i]); continue; } if (!JAccess::checkGroup($group, 'core.login.admin')) { unset($groups[$i]); continue; } } return array_values($groups); }
public function members() { // Check for request forgeries. if (!JSession::checkToken('get')) { echo new JResponseJson(null, 'Invalid Token', true); jexit(); } $app = JFactory::getApplication(); $jinput = $app->input; $groups = $jinput->get('groups', null); if ($groups == null) { echo new JResponseJson(null, 'No given group', true); JFactory::getApplication()->close(); } try { //TODO: move this on ImcHelper so as to be used besides json $members = array(); $groupIds = explode('-', $groups); foreach ($groupIds as $groupId) { $membersIds = JAccess::getUsersByGroup($groupId); //getUsersByGroup($groupId, true) recursively foreach ($membersIds as $userId) { $user = JFactory::getUser($userId); array_push($members, array('name' => $user->name, 'email' => $user->email)); } } echo new JResponseJson($members); } catch (Exception $e) { echo new JResponseJson($e); } }
/** * Overloaded bind function to pre-process the params. * * @param array $array Named array * @param mixed $ignore Optional array or list of parameters to ignore * * @return null|string null is operation was satisfactory, otherwise returns an error * * @see JTable:bind * @since 1.5 */ public function bind($array, $ignore = '') { // Support for multiple or not foreign key field: ingredients_id if (!empty($array['ingredients_id'])) { if (is_array($array['ingredients_id'])) { $array['ingredients_id'] = implode(',', $array['ingredients_id']); } else { if (strrpos($array['ingredients_id'], ',') != false) { $array['ingredients_id'] = explode(',', $array['ingredients_id']); } } } else { $array['ingredients_id'] = ''; } // Support for multiple or not foreign key field: recipe_id if (!empty($array['recipe_id'])) { if (is_array($array['recipe_id'])) { $array['recipe_id'] = implode(',', $array['recipe_id']); } else { if (strrpos($array['recipe_id'], ',') != false) { $array['recipe_id'] = explode(',', $array['recipe_id']); } } } else { $array['recipe_id'] = ''; } $input = JFactory::getApplication()->input; $task = $input->getString('task', ''); if (($task == 'save' || $task == 'apply') && (!JFactory::getUser()->authorise('core.edit.state', 'com_akrecipes') && $array['state'] == 1)) { $array['state'] = 0; } if ($array['id'] == 0) { $array['created_by'] = JFactory::getUser()->id; } if (isset($array['params']) && is_array($array['params'])) { $registry = new JRegistry(); $registry->loadArray($array['params']); $array['params'] = (string) $registry; } if (isset($array['metadata']) && is_array($array['metadata'])) { $registry = new JRegistry(); $registry->loadArray($array['metadata']); $array['metadata'] = (string) $registry; } if (!JFactory::getUser()->authorise('core.admin', 'com_akrecipes.ingredient997479.' . $array['id'])) { $actions = JAccess::getActionsFromFile(JPATH_ADMINISTRATOR . '/components/com_akrecipes/access.xml', "/access/section[@name='ingredient997479']/"); $default_actions = JAccess::getAssetRules('com_akrecipes.ingredient997479.' . $array['id'])->getData(); $array_jaccess = array(); foreach ($actions as $action) { $array_jaccess[$action->name] = $default_actions[$action->name]; } $array['rules'] = $this->JAccessRulestoArray($array_jaccess); } // Bind the rules for ACL where supported. if (isset($array['rules']) && is_array($array['rules'])) { $this->setRules($array['rules']); } return parent::bind($array, $ignore); }
public static function getOptions($value, $artist) { //For getting the xml parameters $app = JFactory::getApplication(); $params = $app->getParams(); //Get User objects $user = JFactory::getUser(); $db = JFactory::getDbo(); $query = $db->getQuery(true); switch ($value) { case 'album': $query->select('album As value, album As text'); $query->where('artist = "' . $artist . '"'); $query->order('a.album'); $query->group('a.album'); break; case 'year': $query->select('year As value, year As text'); $query->where('artist = "' . $artist . '"'); $query->order('a.year DESC'); $query->group('a.year DESC'); break; default: return JText::_('TCE_PLG_ERROR_NO_VALUE_FOR_getOptions_FUNCTION'); } // Implement View Level Access if (!$user->authorise('core.admin') && !$params->get('show_noauth', 1)) { $groups = implode(',', $user->getAuthorisedViewLevels()); $groups = '0,' . $groups; $query->where('a.access IN (' . $groups . ')'); } //Filtering by user if (JAccess::check($user->get('id'), 'core.admin') != 1) { //Get user id $users = $user->get('id'); $userCheck = $params->get('show_all_users', 1); $userCheck = (int) $userCheck + $params->get('show_nobody', 1); if ($userCheck == 1) { if ($params->get('show_all_users', 1)) { $query->where('a.add_by >= 1'); } if ($params->get('show_nobody', 1)) { $users = '0,' . $users; $query->where('a.add_by IN (' . $users . ')'); } } elseif ($userCheck == 0) { $query->where('a.add_by = ' . $users . ''); } } $query->from('#__jpaudiotracks AS a'); // Get the options. $db->setQuery($query); $options = $db->loadObjectList(); // Check for a database error. if ($db->getErrorNum()) { JError::raiseWarning(500, $db->getErrorMsg()); } return $options; }
/** * Get a list of the latest articles from the article model * * @param \Joomla\Registry\Registry &$params object holding the models parameters * * @return mixed * * @since 1.6 */ public static function getList(&$params) { // Get an instance of the generic articles model $model = JModelLegacy::getInstance('Articles', 'ContentModel', array('ignore_request' => true)); // Set application parameters in model $app = JFactory::getApplication(); $appParams = $app->getParams(); $model->setState('params', $appParams); // Set the filters based on the module params $model->setState('list.start', 0); $model->setState('list.limit', (int) $params->get('count', 5)); $model->setState('filter.published', 1); // Access filter $access = !JComponentHelper::getParams('com_content')->get('show_noauth'); $authorised = JAccess::getAuthorisedViewLevels(JFactory::getUser()->get('id')); $model->setState('filter.access', $access); // Category filter $model->setState('filter.category_id', $params->get('catid', array())); // Filter by language $model->setState('filter.language', $app->getLanguageFilter()); // Set ordering $ordering = $params->get('ordering', 'a.publish_up'); $model->setState('list.ordering', $ordering); if (trim($ordering) == 'rand()') { $model->setState('list.ordering', JFactory::getDbo()->getQuery(true)->Rand()); } else { $direction = $params->get('direction', 1) ? 'DESC' : 'ASC'; $model->setState('list.direction', $direction); $model->setState('list.ordering', $ordering); } // Retrieve Content $items = $model->getItems(); foreach ($items as &$item) { $item->readmore = strlen(trim($item->fulltext)); $item->slug = $item->id . ':' . $item->alias; $item->catslug = $item->catid . ':' . $item->category_alias; if ($access || in_array($item->access, $authorised)) { // We know that user has the privilege to view the article $item->link = JRoute::_(ContentHelperRoute::getArticleRoute($item->slug, $item->catid, $item->language)); $item->linkText = JText::_('MOD_ARTICLES_NEWS_READMORE'); } else { $item->link = new JUri(JRoute::_('index.php?option=com_users&view=login', false)); $item->link->setVar('return', base64_encode(ContentHelperRoute::getArticleRoute($item->slug, $item->catid, $item->language))); $item->linkText = JText::_('MOD_ARTICLES_NEWS_READMORE_REGISTER'); } $item->introtext = JHtml::_('content.prepare', $item->introtext, '', 'mod_articles_news.content'); if (!$params->get('image')) { $item->introtext = preg_replace('/<img[^>]*>/', '', $item->introtext); } $results = $app->triggerEvent('onContentAfterTitle', array('com_content.article', &$item, &$params, 1)); $item->afterDisplayTitle = trim(implode("\n", $results)); $results = $app->triggerEvent('onContentBeforeDisplay', array('com_content.article', &$item, &$params, 1)); $item->beforeDisplayContent = trim(implode("\n", $results)); $results = $app->triggerEvent('onContentAfterDisplay', array('com_content.article', &$item, &$params, 1)); $item->afterDisplayContent = trim(implode("\n", $results)); } return $items; }
/** * Disables creating new admins or updating new ones */ public function onAfterInitialise() { $input = $this->input; $option = $input->getCmd('option', ''); $task = $input->getCmd('task', ''); $gid = $input->getInt('gid', 0); if ($option != 'com_users' && $option != 'com_admin') { return; } $jform = $this->input->get('jform', array(), 'array'); $allowedTasks = array('save', 'apply', 'user.apply', 'user.save', 'user.save2new', 'profile.apply', 'profile.save'); if (!in_array($task, $allowedTasks)) { return; } // Not editing, just core devs using the same task throughout the component, dammit if (empty($jform)) { return; } $groups = array(); if (isset($jform['groups'])) { $groups = $jform['groups']; } $user = JFactory::getUser((int) $jform['id']); // Sometimes $user->groups is null... let's be 100% sure that we loaded all the groups of the user if (empty($user->groups)) { $user->groups = JUserHelper::getUserGroups($user->id); } if (!empty($user->groups)) { foreach ($user->groups as $title => $gid) { if (!in_array($gid, $groups)) { $groups[] = $gid; } } } $isAdmin = false; if (!empty($groups)) { foreach ($groups as $group) { // First try to see if the group has explicit backend login privileges $backend = JAccess::checkGroup($group, 'core.login.admin', 1); // If not, is it a Super Admin (ergo inherited privileges)? if (is_null($backend)) { $backend = JAccess::checkGroup($group, 'core.admin', 1); } $isAdmin |= $backend; } } if ($isAdmin) { $jlang = JFactory::getLanguage(); $jlang->load('joomla', JPATH_ROOT, 'en-GB', true); $jlang->load('joomla', JPATH_ROOT, $jlang->getDefault(), true); $jlang->load('joomla', JPATH_ROOT, null, true); if (version_compare(JVERSION, '3.0', 'ge')) { throw new Exception(JText::_('JGLOBAL_AUTH_ACCESS_DENIED'), '403'); } else { JError::raiseError(403, JText::_('JGLOBAL_AUTH_ACCESS_DENIED')); } } }