/** * Assign current user as a resource object. * * @param Request $request Current Router Request. * * @return void */ protected function assignCurrentUserAsResource(Request $request) { if (in_array($request->action(), array('edit', 'delete', 'show', 'export'), true)) { $request->redirectTo('index'); } $this->resource = $this->user; $this->removeAccessibleAttributes(array('role_id')); }
/** * Preview action. * * @param Request $request Request instance. * * @return void */ public function preview(Request $request) { if ($request->is('xhr')) { $this->renderer->setLayout(null); $this->renderer->setView(null); $parser = new Parsedown(); $this->renderer->setOutput($parser->text($request->post('content'))); } }
/** * Verifies the current user cannot delete his role. * * Request current user password before deletion of any User Roles. * * @param Request $request Current router request. * * @return void */ protected function beforeDelete(Request $request) { if (!$request->post('password') || !Crypt::hashCompare($this->user->password, $request->post('password'))) { if (!$request->is('xhr')) { Helpers\FlashMessage::set($this->labels['general']['not_authorized'], 'danger'); } $request->redirectTo('index'); } if ($this->user->role_id == $this->resource->getPrimaryKeyValue()) { if (!$request->is('xhr')) { Helpers\FlashMessage::set($this->labels['errors']['delete']['self'], 'danger'); } $request->redirectTo('index'); } parent::beforeDelete($request); }
/** * Loads Resource object. * * @param Request $request Current router request. * * @return void */ protected function loadResource(Request $request) { if (!$this->resource->exists()) { if (!$request->get('id')) { $request->redirectTo('index'); } $resourceModel = $this->resource; $this->resource = $resourceModel::find()->where($resourceModel::primaryKeyField() . ' = ?', array($request->get('id')))->first(); if (!$this->resource) { Helpers\FlashMessage::set($this->labels['errors']['not_exists'], 'danger'); $request->redirectTo('index'); } } }
/** * Cookie wrapper for removal of a cookie. * * @param string $name Name of the cookie to remove. * * @access public * @uses Core\Config() * * @return boolean */ public function deleteCookie($name) { return setcookie($name, '', time() - 3600, Core\Config()->urls('relative'), $this->request->meta('SERVER_NAME'), Core\Config()->urls('protocol') === 'https', true); }
/** * Prevents Association of not owned resource. * * @param \Core\Modules\Router\Request $request Request object. * * @return void */ private function preventAssociationOfNotOwnedResource(Request $request) { foreach ($this->attributes as $attribute => $options) { if ($request->post($attribute)) { $association = $this->resource->getAssociationMetaDataByKey($attribute); if (!$association && isset($this->resource->hasAndBelongsToMany[$attribute])) { $association = $this->resource->hasAndBelongsToMany[$attribute]; } if ($association && $this->user->owns($association['class_name'])) { if (!Helpers\Ownership::checkIds($request->post($attribute), $association['class_name'])) { $this->resource->setError($attribute, 'not_exists'); } } } } }
/** * Reset access action. * * @param Request $request Current router request. * * @return void */ public function renew(Request $request) { $user = Models\CMSUser::find()->where('DATE_ADD(updated_on, INTERVAL 60 MINUTE) > UTC_TIMESTAMP() AND SHA1(CONCAT(password, ?, email)) = ?', array(Core\Config()->USER_AUTH['cookie_salt'], $request->get('id')))->first(); if ($user) { $new_password = Core\Utils::generatePassword(10); if ($user->save(array('password' => $new_password), true)) { $this->new_password = $new_password; } } else { $request->redirectTo(array('controller' => 'authentication')); } }
/** * Generate cache identifier value. * * @param Modules\Router\Request $request Request object. * * @see md5(), implode() * @return string */ protected static function generateOutputCacheId(Modules\Router\Request $request) { return md5('_silla_' . implode('', $request->get())); }