示例#1
0
 /**
  * Assign current user as a resource object.
  *
  * @param Request $request Current Router Request.
  *
  * @return void
  */
 protected function assignCurrentUserAsResource(Request $request)
 {
     if (in_array($request->action(), array('edit', 'delete', 'show', 'export'), true)) {
         $request->redirectTo('index');
     }
     $this->resource = $this->user;
     $this->removeAccessibleAttributes(array('role_id'));
 }
示例#2
0
 /**
  * Preview action.
  *
  * @param Request $request Request instance.
  *
  * @return void
  */
 public function preview(Request $request)
 {
     if ($request->is('xhr')) {
         $this->renderer->setLayout(null);
         $this->renderer->setView(null);
         $parser = new Parsedown();
         $this->renderer->setOutput($parser->text($request->post('content')));
     }
 }
示例#3
0
 /**
  * Verifies the current user cannot delete his role.
  *
  * Request current user password before deletion of any User Roles.
  *
  * @param Request $request Current router request.
  *
  * @return void
  */
 protected function beforeDelete(Request $request)
 {
     if (!$request->post('password') || !Crypt::hashCompare($this->user->password, $request->post('password'))) {
         if (!$request->is('xhr')) {
             Helpers\FlashMessage::set($this->labels['general']['not_authorized'], 'danger');
         }
         $request->redirectTo('index');
     }
     if ($this->user->role_id == $this->resource->getPrimaryKeyValue()) {
         if (!$request->is('xhr')) {
             Helpers\FlashMessage::set($this->labels['errors']['delete']['self'], 'danger');
         }
         $request->redirectTo('index');
     }
     parent::beforeDelete($request);
 }
示例#4
0
 /**
  * Loads Resource object.
  *
  * @param Request $request Current router request.
  *
  * @return void
  */
 protected function loadResource(Request $request)
 {
     if (!$this->resource->exists()) {
         if (!$request->get('id')) {
             $request->redirectTo('index');
         }
         $resourceModel = $this->resource;
         $this->resource = $resourceModel::find()->where($resourceModel::primaryKeyField() . ' = ?', array($request->get('id')))->first();
         if (!$this->resource) {
             Helpers\FlashMessage::set($this->labels['errors']['not_exists'], 'danger');
             $request->redirectTo('index');
         }
     }
 }
示例#5
0
 /**
  * Cookie wrapper for removal of a cookie.
  *
  * @param string $name Name of the cookie to remove.
  *
  * @access public
  * @uses   Core\Config()
  *
  * @return boolean
  */
 public function deleteCookie($name)
 {
     return setcookie($name, '', time() - 3600, Core\Config()->urls('relative'), $this->request->meta('SERVER_NAME'), Core\Config()->urls('protocol') === 'https', true);
 }
示例#6
0
 /**
  * Prevents Association of not owned resource.
  *
  * @param \Core\Modules\Router\Request $request Request object.
  *
  * @return void
  */
 private function preventAssociationOfNotOwnedResource(Request $request)
 {
     foreach ($this->attributes as $attribute => $options) {
         if ($request->post($attribute)) {
             $association = $this->resource->getAssociationMetaDataByKey($attribute);
             if (!$association && isset($this->resource->hasAndBelongsToMany[$attribute])) {
                 $association = $this->resource->hasAndBelongsToMany[$attribute];
             }
             if ($association && $this->user->owns($association['class_name'])) {
                 if (!Helpers\Ownership::checkIds($request->post($attribute), $association['class_name'])) {
                     $this->resource->setError($attribute, 'not_exists');
                 }
             }
         }
     }
 }
示例#7
0
 /**
  * Reset access action.
  *
  * @param Request $request Current router request.
  *
  * @return void
  */
 public function renew(Request $request)
 {
     $user = Models\CMSUser::find()->where('DATE_ADD(updated_on, INTERVAL 60 MINUTE) > UTC_TIMESTAMP() AND SHA1(CONCAT(password, ?, email)) = ?', array(Core\Config()->USER_AUTH['cookie_salt'], $request->get('id')))->first();
     if ($user) {
         $new_password = Core\Utils::generatePassword(10);
         if ($user->save(array('password' => $new_password), true)) {
             $this->new_password = $new_password;
         }
     } else {
         $request->redirectTo(array('controller' => 'authentication'));
     }
 }
示例#8
0
 /**
  * Generate cache identifier value.
  *
  * @param Modules\Router\Request $request Request object.
  *
  * @see    md5(), implode()
  * @return string
  */
 protected static function generateOutputCacheId(Modules\Router\Request $request)
 {
     return md5('_silla_' . implode('', $request->get()));
 }