/**
  * Authorize the page.
  *
  * @param PageInterface $page
  */
 public function authorize(PageInterface $page)
 {
     /* @var UserInterface $user */
     $user = $this->guard->user();
     /**
      * If the page is not enabled and we
      * are not logged in then 404.
      */
     if (!$page->isEnabled() && !$user) {
         abort(404);
     }
     /**
      * If the page is not enabled and we are
      * logged in then make sure we have permission.
      */
     if (!$page->isEnabled()) {
         $this->authorizer->authorize('anomaly.module.pages::view_drafts');
     }
     /**
      * If the page is restricted to specific
      * roles then make sure our user is one of them.
      */
     $allowed = $page->getAllowedRoles();
     if (!$allowed->isEmpty() && (!$user || !$user->hasAnyRole($allowed))) {
         $page->setResponse($this->response->redirectTo('login'));
     }
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure                 $next
  * @return void|mixed
  */
 public function handle(Request $request, Closure $next)
 {
     if (!$this->app->isDownForMaintenance()) {
         return $next($request);
     }
     if ($request->segment(1) == 'admin') {
         return $next($request);
     }
     if (in_array($request->getClientIp(), $this->config->get('streams::maintenance.ip_whitelist', []))) {
         return $next($request);
     }
     /* @var UserInterface $user */
     $user = $this->guard->user();
     if ($user && $user->isAdmin()) {
         return $next($request);
     }
     if ($user && $this->authorizer->authorize('streams::maintenance.access')) {
         return $next($request);
     }
     if (!$user && $this->config->get('streams::maintenance.auth')) {
         /* @var Response|null $response */
         $response = $this->guard->onceBasic();
         if (!$response) {
             return $next($request);
         }
         $response->setContent(view('streams::errors.401'));
         return $response;
     }
     abort(503);
 }
示例#3
0
 /**
  * Authorize the post.
  *
  * @param PostInterface $post
  */
 public function authorize(PostInterface $post)
 {
     if (!$post->isEnabled() && !$this->guard->user()) {
         abort(404);
     }
     $this->authorizer->authorize('anomaly.module.posts::view_drafts');
 }
 /**
  * Authorize the table.
  *
  * @param TableBuilder $builder
  */
 public function authorize(TableBuilder $builder)
 {
     // Try the option first.
     $permission = $builder->getTableOption('permission');
     if ($permission && !$this->authorizer->authorize($permission)) {
         abort(403);
     }
 }
 /**
  * Activate the chosen theme.
  *
  * @param SettingRepositoryInterface $settings
  * @param Authorizer                 $authorizer
  * @param                            $namespace
  * @return \Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
  */
 public function activate(SettingRepositoryInterface $settings, Authorizer $authorizer, $namespace)
 {
     if (!$authorizer->authorize('anomaly.module.appearance::admin_theme.change')) {
         $this->messages->error('streams::message.access_denied');
         return $this->redirect->to('admin/appearance/admin');
     }
     $settings->set('streams::admin_theme', $namespace);
     return redirect('admin/appearance');
 }
 /**
  * Guess the HREF for a button.
  *
  * @param TableBuilder $builder
  */
 public function guess(TableBuilder $builder)
 {
     $buttons = $builder->getButtons();
     foreach ($buttons as &$button) {
         if (isset($button['permission']) && !$this->authorizer->authorize($button['permission'])) {
             $button['enabled'] = false;
         }
     }
     $builder->setButtons($buttons);
 }
 /**
  * Check the authorization of module access.
  *
  * @param  Request  $request
  * @param  \Closure $next
  * @return mixed
  */
 public function handle(Request $request, Closure $next)
 {
     if ($request->segment(1) !== 'admin') {
         return $next($request);
     }
     if (!$this->authorizer->authorize('streams::control_panel.access')) {
         abort(403);
     }
     return $next($request);
 }
 /**
  * Check the authorization of module access.
  *
  * @param  Request  $request
  * @param  \Closure $next
  * @return mixed
  */
 public function handle(Request $request, Closure $next)
 {
     if ($request->segment(1) !== 'admin' || in_array($request->path(), ['admin/login', 'admin/logout'])) {
         return $next($request);
     }
     if (!$this->authorizer->authorize('streams::control_panel.access')) {
         abort(403);
     }
     return $next($request);
 }
 /**
  * Check the authorization of module access.
  *
  * @param  Request  $request
  * @param  \Closure $next
  * @return mixed
  */
 public function handle(Request $request, Closure $next)
 {
     if ($request->segment(1) !== 'admin' || in_array($request->path(), ['admin/login', 'admin/logout'])) {
         return $next($request);
     }
     $module = $this->modules->active();
     if ($module && !$this->authorizer->authorize($module->getNamespace('*'))) {
         abort(403);
     }
     return $next($request);
 }
 /**
  * Build the sections and push them to the control_panel.
  *
  * @param ControlPanelBuilder $builder
  */
 public function build(ControlPanelBuilder $builder)
 {
     $controlPanel = $builder->getControlPanel();
     $this->input->read($builder);
     foreach ($builder->getSections() as $section) {
         if (!$this->authorizer->authorize($section['permission'])) {
             continue;
         }
         $controlPanel->addSection($this->factory->make($section));
     }
 }
 /**
  * Authorize the table.
  *
  * @param FormBuilder $builder
  */
 public function authorize(FormBuilder $builder)
 {
     // Try the option first.
     $permission = $builder->getFormOption('permission');
     if ($permission === false) {
         return;
     }
     if (!env('INSTALLED')) {
         return;
     }
     if ($permission && !$this->authorizer->authorizeAny((array) $permission)) {
         abort(403);
     }
 }
 /**
  * Authorize the tree.
  *
  * @param TreeBuilder $builder
  */
 public function authorize(TreeBuilder $builder)
 {
     // Try the option first.
     $permission = $builder->getTreeOption('permission');
     /*
      * If the option is not set then
      * try and automate the permission.
      */
     if (!$permission && ($module = $this->modules->active()) && ($stream = $builder->getTreeStream())) {
         $permission = $module->getNamespace($stream->getSlug() . '.read');
     }
     if (!$this->authorizer->authorize($permission)) {
         abort(403);
     }
 }
 /**
  * Export all entries.
  *
  * @param $addon
  * @param $namespace
  * @param $stream
  * @return \Illuminate\Http\RedirectResponse
  */
 public function export($addon, $namespace, $stream)
 {
     $addon = $this->addons->get($addon);
     /* @var StreamInterface $stream */
     $stream = $this->streams->findBySlugAndNamespace($stream, $namespace);
     /*
      * Resolve the model and set
      * it on the repository.
      */
     $this->repository->setModel($this->container->make($stream->getEntryModelName()));
     if (!$this->authorizer->authorize($addon->getNamespace($stream->getSlug() . '.export'))) {
         abort(403);
     }
     $headers = ['Content-Disposition' => 'attachment; filename=' . $stream->getSlug() . '.csv', 'Cache-Control' => 'must-revalidate, post-check=0, pre-check=0', 'Content-type' => 'text/csv', 'Pragma' => 'public', 'Expires' => '0'];
     $callback = function () {
         $output = fopen('php://output', 'w');
         foreach ($this->repository->all() as $k => $entry) {
             if ($k == 0) {
                 fputcsv($output, array_keys($entry->toArray()));
             }
             fputcsv($output, $entry->toArray());
         }
         fclose($output);
     };
     return $this->response->stream($callback, 200, $headers);
 }
 /**
  * Make a button.
  *
  * @param  array           $parameters
  * @return ButtonInterface
  */
 public function make(array $parameters)
 {
     $button = array_get($parameters, 'button');
     if ($button && ($registered = $this->buttons->get($button))) {
         $parameters = array_replace_recursive($registered, array_except($parameters, 'button'));
     }
     $parameters = $this->translator->translate($parameters);
     if (!array_get($parameters, 'button') || !class_exists(array_get($parameters, 'button'))) {
         array_set($parameters, 'button', $this->button);
     }
     /* @var ButtonInterface $button */
     $button = app()->make(array_get($parameters, 'button'), $parameters);
     $this->hydrator->hydrate($button, $parameters);
     if (($permission = $button->getPermission()) && !$this->authorizer->authorize($permission)) {
         $button->setEnabled(false);
     }
     return $button;
 }
 /**
  * Handle the command.
  *
  * @param Request              $request
  * @param Authorizer           $authorizer
  * @param BreadcrumbCollection $breadcrumbs
  */
 public function handle(Request $request, Authorizer $authorizer, BreadcrumbCollection $breadcrumbs)
 {
     $links = $this->builder->getControlPanelNavigation();
     /**
      * If we already have an active link
      * then we don't need to do this.
      */
     if ($active = $links->active()) {
         return;
     }
     /* @var NavigationLinkInterface $link */
     foreach ($links as $link) {
         /**
          * Get the HREF for both the active
          * and loop iteration link.
          */
         $href = array_get($link->getAttributes(), 'data-href', array_get($link->getAttributes(), 'href'));
         $activeHref = '';
         if ($active && $active instanceof NavigationLinkInterface) {
             $activeHref = array_get($active->getAttributes(), 'data-href', array_get($active->getAttributes(), 'href'));
         }
         /**
          * If the request URL does not even
          * contain the HREF then skip it.
          */
         if (!str_contains($request->url(), $href)) {
             continue;
         }
         /**
          * Compare the length of the active HREF
          * and loop iteration HREF. The longer the
          * HREF the more detailed and exact it is and
          * the more likely it is the active HREF and
          * therefore the active link.
          */
         $hrefLength = strlen($href);
         $activeHrefLength = strlen($activeHref);
         if ($hrefLength > $activeHrefLength) {
             $active = $link;
         }
     }
     // No active link!
     if (!$active) {
         return;
     }
     // Active navigation link!
     $active->setActive(true);
     // Authorize the active link.
     if (!$authorizer->authorize($active->getPermission())) {
         abort(403);
     }
     // Add the bread crumb.
     if (($breadcrumb = $active->getBreadcrumb()) !== false) {
         $breadcrumbs->put($breadcrumb ?: $active->getTitle(), $active->getHref());
     }
 }
 /**
  * Check the authorization of module access.
  *
  * @param  Request  $request
  * @param  \Closure $next
  * @return \Illuminate\Http\RedirectResponse
  */
 public function handle(Request $request, Closure $next)
 {
     if (in_array($request->path(), ['admin/login', 'admin/logout'])) {
         return $next($request);
     }
     if ($request->segment(1) == 'admin' && !$this->authorizer->authorize('anomaly.module.users::general.control_panel')) {
         abort(403);
     }
     if (!$this->authorizer->authorize(array_get($this->route->getAction(), 'anomaly.module.users::permission'))) {
         if ($message = array_get($this->route->getAction(), 'anomaly.module.users::message')) {
             $this->messages->error($message);
         }
         if ($redirect = array_get($this->route->getAction(), 'anomaly.module.users::redirect')) {
             return $this->redirect->to($redirect);
         }
         abort(403);
     }
     return $next($request);
 }
示例#17
0
 /**
  * Authorize the page.
  *
  * @param PageInterface $page
  */
 public function authorize(PageInterface $page)
 {
     /* @var UserInterface $user */
     $user = $this->guard->user();
     /**
      * If the page is not enabled and we
      * are not logged in then 404.
      */
     if (!$page->isEnabled() && !$user) {
         abort(404);
     }
     /**
      * If the page is not enabled and we are
      * logged in then make sure we have permission.
      */
     if (!$page->isEnabled() && !$this->authorizer->authorize('anomaly.module.pages::view_drafts')) {
         abort(403);
     }
     /**
      * If the page is restricted to specific
      * roles then make sure our user is one of them.
      */
     $allowed = $page->getAllowedRoles();
     /**
      * If there is a guest role and
      * there IS a user then this
      * page can NOT display.
      */
     if ($allowed->has('guest') && $user && !$user->isAdmin()) {
         abort(403);
     }
     // No longer needed.
     $allowed->forget('guest');
     /**
      * Check the roles against the
      * user if there are any.
      */
     if (!$allowed->isEmpty() && (!$user || !$user->hasAnyRole($allowed) && !$user->isAdmin())) {
         $page->setResponse($this->response->redirectGuest('login'));
     }
 }
 /**
  * Execute an action.
  *
  * @param  TableBuilder    $builder
  * @param  ActionInterface $action
  * @throws \Exception
  */
 public function execute(TableBuilder $builder, ActionInterface $action)
 {
     $options = $builder->getTableOptions();
     $handler = $action->getHandler();
     // Self handling implies @handle
     if (is_string($handler) && !str_contains($handler, '@')) {
         $handler .= '@handle';
     }
     /*
      * Authorize the action.
      */
     if (!$this->authorizer->authorize($action->getPermission())) {
         $this->messages->error('streams::message.403');
         return;
     }
     /*
      * Get the IDs of the selected rows.
      */
     $selected = $this->request->get($options->get('prefix') . 'id', []);
     /*
      * If the handler is a callable string or Closure
      * then call it using the IoC container.
      */
     if (is_string($handler) || $handler instanceof \Closure) {
         if (is_string($handler) && class_exists($handler)) {
             $handler .= '@handle';
         }
         app()->call($handler, compact('builder', 'selected'));
         return;
     }
     /*
      * If the handle is an instance of ActionHandlerInterface
      * simply call the handle method on it.
      */
     if ($handler instanceof ActionHandlerInterface) {
         $handler->handle($builder, $selected);
         return;
     }
     throw new \Exception('Action $handler must be a callable string, Closure or ActionHandlerInterface.');
 }
 /**
  * Delete a link and go back.
  *
  * @param LinkRepositoryInterface $links
  * @param Authorizer              $authorizer
  * @param                         $id
  * @return \Illuminate\Http\RedirectResponse
  */
 public function delete(LinkRepositoryInterface $links, Authorizer $authorizer, $id)
 {
     if (!$authorizer->authorize('anomaly.module.navigation::links.delete')) {
         $this->messages->error('streams::message.access_denied');
         return $this->redirect->back();
     }
     /**
      * Force delete until we get
      * views into the tree UI.
      */
     $links->forceDelete($links->find($id));
     return $this->redirect->back();
 }
 /**
  * Delete a category.
  *
  * @param CategoryRepositoryInterface $categories
  * @param Authorizer                  $authorizer
  * @param                             $id
  * @return \Illuminate\Http\RedirectResponse
  */
 public function delete(CategoryRepositoryInterface $categories, Authorizer $authorizer, $id)
 {
     $authorizer->authorize('anomaly.module.posts::categories.delete');
     $categories->delete($categories->find($id));
     return redirect()->back();
 }
 /**
  * Handle the command.
  *
  * @param Authorizer $authorizer
  * @return bool
  */
 public function handle(Authorizer $authorizer)
 {
     return $authorizer->authorize('anomaly.module.dashboard::dashboard.write');
 }
 /**
  * Delete a link and go back.
  *
  * @param LinkRepositoryInterface $links
  * @param Authorizer              $authorizer
  * @param                         $id
  * @return \Illuminate\Http\RedirectResponse
  */
 public function delete(LinkRepositoryInterface $links, Authorizer $authorizer, $id)
 {
     if (!$authorizer->authorize('anomaly.module.navigation::links.delete')) {
         $this->messages->error('streams::message.access_denied');
         return $this->redirect->back();
     }
     $links->delete($links->find($id));
     return $this->redirect->back();
 }
示例#23
0
 /**
  * Delete a page and go back.
  *
  * @param PageRepositoryInterface $pages
  * @param Authorizer              $authorizer
  * @param                         $id
  * @return \Illuminate\Http\RedirectResponse
  */
 public function delete(PageRepositoryInterface $pages, Authorizer $authorizer, $id)
 {
     $authorizer->authorize('anomaly.module.pages::pages.delete');
     $pages->delete($page = $pages->find($id));
     $page->entry->delete();
     return redirect()->back();
 }
 /**
  * Handle the command.
  *
  * @param Request              $request
  * @param Authorizer           $authorizer
  * @param BreadcrumbCollection $breadcrumbs
  */
 public function handle(Request $request, Authorizer $authorizer, BreadcrumbCollection $breadcrumbs)
 {
     $controlPanel = $this->builder->getControlPanel();
     $sections = $controlPanel->getSections();
     /*
      * If we already have an active section
      * then we don't need to do this.
      */
     if ($active = $sections->active()) {
         return;
     }
     /* @var SectionInterface $section */
     foreach ($sections as $section) {
         if (($matcher = $section->getMatcher()) && str_is($matcher, $request->path())) {
             $active = $section;
         }
         /*
          * Get the HREF for both the active
          * and loop iteration section.
          */
         $href = $section->getPermalink() ?: array_get($section->getAttributes(), 'href');
         $activeHref = '';
         if ($active && $active instanceof SectionInterface) {
             $activeHref = $active->getPermalink() ?: array_get($active->getAttributes(), 'href');
         }
         /*
          * If the request URL does not even
          * contain the HREF then skip it.
          */
         if (!str_contains($request->url(), $href)) {
             continue;
         }
         /*
          * Compare the length of the active HREF
          * and loop iteration HREF. The longer the
          * HREF the more detailed and exact it is and
          * the more likely it is the active HREF and
          * therefore the active section.
          */
         $hrefLength = strlen($href);
         $activeHrefLength = strlen($activeHref);
         if ($hrefLength > $activeHrefLength) {
             $active = $section;
         }
     }
     /**
      * If we have an active section determined
      * then mark it as such.
      *
      * @var SectionInterface $active
      * @var SectionInterface $section
      */
     if ($active) {
         if ($active->getParent()) {
             $active->setActive(true);
             $section = $sections->get($active->getParent(), $sections->first());
             $section->setHighlighted(true);
             $breadcrumbs->put($section->getBreadcrumb() ?: $section->getTitle(), $section->getHref());
         } else {
             $active->setActive(true)->setHighlighted(true);
         }
     } elseif ($active = $sections->first()) {
         $active->setActive(true)->setHighlighted(true);
     }
     // No active section!
     if (!$active) {
         return;
     }
     // Authorize the active section.
     if (!$authorizer->authorize($active->getPermission())) {
         abort(403);
     }
     // Add the bread crumb.
     if (($breadcrumb = $active->getBreadcrumb()) !== false) {
         $breadcrumbs->put($breadcrumb ?: $active->getTitle(), $active->getHref());
     }
 }
示例#25
0
 /**
  * Delete a post and go back.
  *
  * @param PostRepositoryInterface $posts
  * @param Authorizer              $authorizer
  * @param                         $id
  * @return \Illuminate\Http\RedirectResponse
  */
 public function delete(PostRepositoryInterface $posts, Authorizer $authorizer, $id)
 {
     $authorizer->authorize('anomaly.module.posts::posts.delete');
     $posts->delete($posts->find($id));
     return redirect()->back();
 }
示例#26
0
 /**
  * Handle the command.
  *
  * @param RoleRepositoryInterface $roles
  * @param Authorizer              $authorizer
  */
 public function handle(RoleRepositoryInterface $roles, Authorizer $authorizer)
 {
     if ($guest = $roles->findBySlug('guest')) {
         $authorizer->setGuest($guest);
     }
 }