/**
* Default action for TinyMCE Responsive File Manager. Config file available
* via <code>\ResponsiveFileManager::$aConfig</code> variable. For
* non-commercial usage only.
*
* @access public
* @since 1.0.0-dev
* @version 1.0.1
*/
public function actionDefault()
{
$sFileManagerAction = Router::getParam('fmaction');
if (!in_array($sFileManagerAction, ['dialog', 'ajax_calls', 'execute', 'force_download', 'upload'])) {
throw new Code404Exception();
}
if (!\UserPermissions::hasPerm('wysiwyg_filemanager')) {
throw new Code401Exception();
}
$sLang = Router::getLang();
\ResponsiveFileManager::$aConfig['default_language'] = $sLang;
}
/**
* Action used to do multileveled sort on model entities.
*
* @access public
* @since 1.0.0-alpha
* @version 1.0.0-alpha
*/
public function actionSortList()
{
// check access
if (!\UserPermissions::hasPerm('backend_ajax_sort_list')) {
Route::factory('home')->redirectTo();
}
// @TODO: check permissions
$sObjects = filter_input(INPUT_POST, 'objects');
$sModel = filter_input(INPUT_POST, 'model');
$aObjectsTmp = [];
$aOrderNumber = [];
// if list of objects is empty
if (empty($sObjects)) {
$this->setStatus('error');
return __('List of objects is empty.');
}
// parse objects array from query string
parse_str($sObjects, $aObjectsTmp);
$aObjects = $aObjectsTmp['object'];
// rewrite each object
foreach ($aObjects as $iID => $sParentID) {
if ($sParentID === 'null') {
$sParentID = 0;
}
$iParentID = (int) $sParentID;
if (!isset($aOrderNumber[$iParentID])) {
$aOrderNumber[$iParentID] = 0;
}
$aObjects[$iID] = ['order_parent' => $iParentID, 'order' => $aOrderNumber[$iParentID]];
$aOrderNumber[$iParentID]++;
}
// check if particular model has `order` property
if (!property_exists($sModel, 'order_number')) {
$this->setStatus('error');
return __('Wrong node type.');
}
// get all model instances
$aEntities = DB::query('SELECT t FROM ' . $sModel . ' t WHERE t.id IN (:list)')->param('list', array_keys($aObjects))->execute();
foreach ($aEntities as $oEntity) {
/* @var $oEntity ModelCore|ModelCore\Traits\Sortable */
$aObjData = $aObjects[$oEntity->getId()];
$oEntity->setOrderNumber($aObjData['order']);
$oEntity->setOrderParent($aObjData['order_parent']);
$oEntity->save();
DB::flush();
}
return 'saved';
}
/**
* Constructor.
*
* @access public
* @since 1.0.0-alpha
* @version 1.0.0-alpha
*/
public function __construct()
{
# initialize theme
Theme::initBackend();
# call parent
parent::__construct();
if ($this->sModel !== NULL) {
$this->setModel(new $this->sModel());
}
if (!User::isLogged() || !\UserPermissions::hasPerm(static::PERM_ADMIN_ACCESS)) {
Route::factory('home')->redirectTo();
}
// set body classes
$this->addBodyClass('skin-red');
// add main breadcrumbs and title
$this->alterBreadcrumbsTitleMain();
// reset JavaScripts and CSS
$this->resetCss();
$this->resetJs();
// add CSS and JavaScript files
$this->addCss('https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&subset=latin,latin-ext');
$this->addCss('https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css');
$this->addCss('https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css');
$this->addCssByTheme('/bootstrap/css/bootstrap.min.css');
$this->addCssByTheme('/css/backend.css');
$this->addJsByTheme('/plugins/jQuery/jQuery-2.1.4.min.js');
$this->addJsByTheme('/plugins/jQueryUI/jquery-ui.min.js');
$this->addJsByTheme('/bootstrap/js/bootstrap.min.js');
$this->addJsByTheme('/js/backend.js');
$this->addJsByTheme('/js/jquery.mjs.nestedSortable.js');
$this->addJsByTheme('/js/app.min.js');
$this->addJsByTheme('/js/backend_after_theme_load.js');
# add viewport
$this->addMetaTagRegular('viewport', 'width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no');
// generate menu
$menuView = $this->generateMenu();
$this->oViewBody->bind('menu', $menuView);
}
/**
* Fields config for backend.
*
* @access public
* @return MConfig
* @since 1.0.0
* @version 2.1.0-dev
*/
protected static function generateConfig()
{
# get all permissions list
$aRoles = [];
$aResult = DB::queryList('\\Model\\User\\Role')->execute();
foreach ($aResult as $oRole) {
/* @var $oRole User\Role */
$aRoles[] = ['value' => $oRole->getId(), 'label' => $oRole->getName()];
}
# get config from parent
$config = parent::generateConfig();
# create fields
$config->addField(FormField\Hidden::singleton('id')->setLabel(__('ID'))->setDisabled());
$config->addField(FormFieldPassword::singleton('password')->setLabel(__('Password'))->addRulesSet(RulesSetBuilder\String::factory()->containNumbers(':value')->containText(':value')->containUppercase(':value')->containCustomCharacters(':value')));
$config->addField(FormField\Text::singleton('login')->setLabel('Login')->addTipParagraph(__('This value can contain only letters, numbers and "-" or "_" characters.'))->setDisabled()->addRulesSet(RulesSetBuilder\String::factory()->onlyLettersNumsAndChars(':value', '\\-_', __('This value can contain only letters, numbers and "-" or "_" characters.')))->addRulesSet(RulesSetBuilder\Database::factory()->unique(':value', ':valuefrom:id', '\\Model\\User', 'login')));
$config->addField(FormField\Text::singleton('email')->setLabel('E-mail')->setDisabled()->addRulesSet(RulesSetBuilder\String::factory()->email(':value'))->addRulesSet(RulesSetBuilder\Database::factory()->unique(':value', ':valuefrom:id', '\\Model\\User', 'email')));
$config->addField(FormField\Text::singleton('firstname')->setLabel(__('Firstname'))->addRulesSet(RulesSetBuilder\String::factory()->onlyLetters(':value')));
$config->addField(FormField\Text::singleton('lastname')->setLabel(__('Lastname'))->addRulesSet(RulesSetBuilder\String::factory()->onlyLetters(':value')));
$config->addField(FormField\Text::singleton('nickname')->setLabel(__('Nickname')));
$config->addField(FormField\ImageModel::singleton('image')->setBrokerModel('\\Model\\User\\Image')->setUploadPath('uploads/users/image')->setLabel(__('Image'))->addRulesSet(RulesSetBuilder\FileModel::factory()->allowedExt(':value', ['jpg', 'png', 'gif'])->maxSize(':value', 1024)));
$config->addField(FormField\Text::singleton('city')->setLabel(__('City'))->addRulesSet(RulesSetBuilder\String::factory()->onlyLetters(':value')));
$config->addField(FormField\Textarea::singleton('description')->setLabel(__('Description')));
if (\UserPermissions::hasPerm('users_edit')) {
$config->addField(CheckboxRelationFormField::singleton('roles')->setRelatedModelName('\\Model\\User\\Role')->setOptions($aRoles)->setLabel(__('Roles')));
}
$config->addFieldFormatter('registration_date', FieldFormatterDate::factory());
$config->addFieldFormatter('login_date', FieldFormatterDate::factory());
# return config
return $config;
}
/**
* Check if currently logged user has access to this route.
*
* @access public
* @param array $aParams
* @return bool
* @sicne 1.0.0-alpha
* @version 1.0.0-alpha
*/
public function hasAccess(array $aParams = [])
{
// check if access was verified previously
if ($this->hasAccess !== NULL) {
return $this->hasAccess;
}
// firstly, check required permissions
foreach ($this->getPermissions() as $sPermission) {
if (\UserPermissions::hasPerm($sPermission) === FALSE) {
return $this->hasAccess = FALSE;
}
}
// secondly, check access functions
foreach ($this->getAccessFunctions() as $oFunction) {
/* @var $oFunction \Closure */
if ($oFunction($this, $aParams) === FALSE) {
return $this->hasAccess = FALSE;
}
}
// return TRUE = has access
return $this->hasAccess = TRUE;
}
/**
* Method which can be used to overwrite of access checking operation..
*
* @access protected
* @throws Exception\Fatal
* @throws Exception\Code403
* @since 1.0.0-alpha
* @version 1.0.0-alpha
*/
protected function alterListAccess()
{
if (!$this->getModel() instanceof ModelCore) {
throw new Exception\Fatal('Model of this backend site is not defined. Set `$sModel` variable in your backend controller.');
}
if (!\UserPermissions::hasPerm($this->getPermissionPrefix() . 'edit_own') && !\UserPermissions::hasPerm($this->getPermissionPrefix() . 'delete_own')) {
throw new Exception\Code403(__('Permission denied.'));
}
}
<?php
use Plethora\Route;
use Plethora\Router;
# home
Router::addRoute('home', '/');
# 404
Router::addRoute('err404', '/err404')->setController('Frontend\\Error404');
# cron
Router::addRoute('cron', '/cron/{token}')->setController('Cron');
# cron - clear temp directory
Router::addRoute('cron_clear_temp', '/cron_clear_temp')->setController('Cron')->setAction('ClearTemp');
# changelog
Router::addRoute('framework_changelog', '/fw/changelog')->setController('Base')->setAction('Changelog')->addDefault('package', 'Backend');
# backend
Router::addRoute('backend', '/a(/{controller}(/{action}(/{id}(/{extra}))))')->setController('Dashboard')->addParameterType('id', '[a-zA-Z0-9]+')->addParameterType('extra', '[a-zA-Z0-9]+')->addParameterType('controller', '[a-zA-Z0-9_]+')->addParameterType('action', '[a-zA-Z0-9_]+')->addDefault('package', 'Backend')->addDefault('css', 'backend')->addDefault('id', NULL)->addDefault('extra', NULL)->addAccessFunction(function (Route $oRoute, array $aParams = []) {
$sClass = '\\Controller\\Backend\\' . str_replace('_', '\\', ucfirst($aParams['controller']));
$sPrefix = call_user_func([$sClass, 'getPermissionPrefix']);
$sPermission = $sPrefix . $aParams['action'];
return UserPermissions::hasPerm($sPermission);
});
# AJAX
Router::addRoute('ajax', '/ajax(/{controller}(/{action}(/{id}(/{extra}))))')->setController('Dashboard')->addParameterType('id', '[a-zA-Z0-9]+')->addParameterType('extra', '[a-zA-Z0-9]+')->addParameterType('controller', '[a-zA-Z0-9_]+')->addParameterType('action', '[a-zA-Z0-9_]+')->addDefault('package', 'Ajax')->addDefault('css', 'backend')->addDefault('id', NULL)->addDefault('extra', NULL)->addAccessFunction(function (Route $oRoute, array $aParams = []) {
$sClass = '\\Controller\\Backend\\' . str_replace('_', '\\', ucfirst($aParams['controller']));
$sPrefix = call_user_func([$sClass, 'getPermissionPrefix']);
$sPermission = $sPrefix . $aParams['action'];
return UserPermissions::hasPerm($sPermission);
});
/**
* Create response for particular Controller.
*
* @access public
* @param View $oContent
* @return Response
* @since 1.0.0-alpha
* @version 1.0.0-alpha
*/
public function createResponse(View $oContent = NULL)
{
if (is_null($oContent)) {
$oContent = $this->{Router::getActionName()}();
$this->afterAction();
}
$sContent = '';
if ($oContent !== NULL) {
$this->oView->bind('oContent', $oContent);
// developers toolbar - CSS
if (Router::hasModule('dev_toolbar') && \UserPermissions::hasPerm('dev_toolbar')) {
$this->addJs('/themes/_common/js/dev_toolbar.js');
$this->addCss('/themes/backend/css/dev_toolbar.css');
$this->addBodyClass('dev_toolbar');
}
// render page View
$sContent = $this->oViewMain->render();
// add last benchmark
Benchmark::mark('end');
// developers toolbar
if (Router::hasModule('dev_toolbar') && \UserPermissions::hasPerm('dev_toolbar')) {
$sToolbar = \DevToolbar\Toolbar::factory()->render();
$sContent = str_replace('</body>', $sToolbar . '</body>', $sContent);
}
}
// create response
$oResponse = new Response();
$oResponse->setContent($sContent);
// clear temp data after response creation
Session::clearTempData();
// return response
return $oResponse;
}