/**
* Is user allowed to perform given action with given resource.
*
* @param mixed
* @param string for example 'view', 'edit'
* @return bool
* @throws \NetteAddons\InvalidArgumentException
*/
public function isAllowed($resource, $action)
{
$moderator = $this->user->isInRole('administrators') || $this->user->isInRole('moderators');
if ($resource instanceof Addon) {
$ownerId = $resource->userId;
$resource = 'addon';
} elseif ($resource instanceof \Nette\Database\Table\ActiveRow) {
$ownerId = $resource->user->id;
$resource = 'addon';
} elseif ($resource == 'page' && $action == 'manage') {
return $moderator;
} elseif ($resource != 'addon') {
throw new \NetteAddons\InvalidArgumentException();
}
if ($resource === 'addon') {
if ($action === 'delete' || $action === 'reports') {
return $moderator;
}
if ($action === 'view') {
return TRUE;
} elseif ($action === 'manage') {
return $this->user->isLoggedIn() && $ownerId === $this->user->getId() || $moderator;
} elseif ($action === 'vote') {
// you can't vote for your own addons
return $this->user->isLoggedIn() && $ownerId !== $this->user->getId();
} elseif ($action === 'create') {
return $this->user->isLoggedIn();
}
}
throw new \NetteAddons\InvalidArgumentException();
}
/**
* Callback for Account Settings Form onSuccess event.
* @param Form $form
* @param ArrayHash $values
*/
public function formSucceeded(Form $form, $values)
{
if (!$this->userManager->checkPassword($this->user->getId(), $values->current)) {
$form->addError("Invalid current password");
}
$this->userManager->setNewPassword($this->user->getId(), $values->new);
}
/**
* @return mixed
*/
public function __invoke()
{
if ($this->user->isLoggedIn()) {
return $this->user->getId();
}
return NULL;
}
public function startup()
{
parent::startup();
if ($this->user->isLoggedIn()) {
if ($this->getParameter('id') != $this->user->getId()) {
$this->redirect('Sign:in');
}
}
}
public function __construct(Nette\Http\SessionSection $shopCart, Trejjam\Utils\Labels\Labels $labels, Nette\Security\User $user)
{
$this->shopCart = $shopCart;
$this->shopCart->setExpiration('14 days');
$this->labels = $labels;
$this->user = $user;
if (isset($this->shopCart->_userId) && $this->shopCart->_userId != $this->user->getId()) {
$this->cartClear();
}
if (!isset($this->shopCart->_userId)) {
$this->shopCart->_userId = $this->user->getId();
}
}
/**
* @param User $user
* @param callable|null $credentialsValidator
*/
public function __construct(User $user, callable $credentialsValidator = null)
{
$this->user = $user;
$this->credentialsValidator = $credentialsValidator ?: function () {
$this->user->logout(true);
try {
$this->user->login(...func_get_args());
} catch (\Exception $e) {
}
// Fail silently
return $this->user->isLoggedIn() ? new UserEntity($this->user->getId()) : null;
};
}
public function formSucceeded(Form $form, $values)
{
if ($values->remember) {
$this->user->setExpiration('14 days', FALSE);
} else {
$this->user->setExpiration('20 minutes', TRUE);
}
try {
$this->rating->setOldSessId();
$this->user->login($values->nick, $values->password);
$this->rating->synchronizeUnlogged($this->user->getId());
} catch (Nette\Security\AuthenticationException $e) {
$form->addError($e->getMessage());
}
}
public function __construct(DbTable\Oznam_ucast $oznam_ucast, DbTable\Oznam_volba $oznam_volba, Nette\Security\User $user)
{
parent::__construct();
$this->oznam_ucast = $oznam_ucast;
$this->oznam_volba = $oznam_volba;
$this->id_user_profiles = $user->getId();
}
/**
* Get event
* @param integer $eventId
* @return Event
*/
public function getEvent($eventId)
{
// Má právo na editaci? (výchozí: ano)
$canAccess = FALSE;
$hasAccess = FALSE;
$hasShare = FALSE;
/** @var null|Event $event */
$event = $this->eventDao->find($eventId);
if ($event->isDeleted()) {
throw new Nette\Application\BadRequestException($this->translator->translate('event.general.noId'));
}
// Is this api call?
if ($this->user->getId() === 0) {
$canAccess = TRUE;
} else {
/** @var \App\Model\Entity\User $userEntity */
$userEntity = $this->em->getDao('\\App\\Model\\Entity\\User')->find($this->user->getId());
/** @var \App\Model\Entity\Client $client */
$client = $userEntity->getClient();
// je uživatel ADMIN?
if (($this->user->isInRole('ADMIN') || $this->user->isInRole('ACCOUNTANT')) && $this->isClientsEvent($event, $client)) {
$canAccess = TRUE;
} elseif (($this->user->isInRole('USER') || $this->user->isInRole('ACCOUNTANT')) && $this->isClientsEvent($event, $client)) {
//požadavek klienta, aby šel
$canAccess = TRUE;
} else {
// pokud nemá přiřazené oprávnění, má přidělené sdílení?
if ($event->getShares() !== NULL) {
$hasShare = FALSE;
foreach ($event->getShares() as $clientShare) {
if ($client->getId() == $clientShare->getClient()->getId()) {
$hasShare = TRUE;
break;
}
}
}
// pokud ano, má přiřazená oprávnění pro event?
if ($event->getAccesses() !== NULL) {
foreach ($event->getAccesses() as $clientAccess) {
$hasAccess = FALSE;
if ($client->getId() == $clientAccess->getReceiver()->getId() || $client->getId() == $clientAccess->getCreator()->getId()) {
$hasAccess = TRUE;
break;
}
}
}
// pokud ne, patří událost klientovi nebo sdílení, anebo přístup?
if ($hasAccess || $hasShare) {
$canAccess = TRUE;
}
}
}
if ($canAccess) {
// má přístup do události?
return $event;
} else {
// jinak je přesměrován na dashboard s tím, že je upozorněn na to, že nemá oprávnění
throw new Nette\Application\ForbiddenRequestException($this->translator->translate('event.general.noRights'));
}
}
/**
* @param \Nette\Reflection\Method $element
*/
protected function checkMethod(Method $element)
{
$class = $element->class;
$name = $element->name;
$schema = $this->reader->getSchema($class);
$exception = null;
// users
if (isset($schema[$name]['users']) && count($schema[$name]['users']) > 0) {
$users = $schema[$name]['users'];
if (!in_array($this->user->getId(), $users)) {
$exception = sprintf('Access denied for your username: \'%s\'. Require: \'%s\'', $this->user->getId(), implode(', ', $users));
} else {
return;
}
} elseif (isset($schema[$name]['roles']) && count($schema[$name]['roles']) > 0) {
$userRoles = $this->user->getRoles();
$roles = $schema[$name]['roles'];
if (count(array_intersect($userRoles, $roles)) == 0) {
$exception = "Access denied for your roles: '" . implode(', ', $userRoles) . "'. Require one of: '" . implode(', ', $roles) . "'";
} else {
return;
}
} elseif (isset($schema[$name]['resource']) && $schema[$name]['resource']) {
if (!$this->user->isAllowed($schema[$name]['resource'], $schema[$name]['privilege'])) {
$exception = sprintf('Access denied for resource: \'%s\' and privilege: \'%s\'', $schema[$name]['resource'], $schema[$name]['privilege']);
} else {
return;
}
}
if ($exception) {
throw new ForbiddenRequestException($exception);
}
}
/**
* Stores current request to session.
* @param mixed optional expiration time
* @return string key
*/
public function storeRequest($expiration = '+ 10 minutes')
{
$session = $this->getSession('Nette.Application/requests');
do {
$key = Nette\Utils\Random::generate(5);
} while (isset($session[$key]));
$session[$key] = [$this->user ? $this->user->getId() : NULL, $this->request];
$session->setExpiration($expiration, $key);
return $key;
}
/**
* Restores request from session.
* @param string key
* @return void
*/
public function restoreRequest($key)
{
$session = $this->session->getSection('Nette.Application/requests');
if (!isset($session[$key]) || $session[$key][0] !== NULL && $session[$key][0] !== $this->user->getId()) {
return;
}
$request = clone $session[$key][1];
unset($session[$key]);
$request->setFlag(Application\Request::RESTORED, TRUE);
$params = $request->getParameters();
$params[self::FLASH_KEY] = $this->getParameter(self::FLASH_KEY);
$request->setParameters($params);
$this->sendResponse(new Responses\ForwardResponse($request));
}
/** Vytvoření komponenty
*
* @return \Nette\Application\UI\Form
*/
protected function createComponentForm()
{
$form = new Form();
$form->addText("login", "Přihlašovací jméno:")->setAttribute("autocomplete", "off")->setRequired("Prosím zadejte přihlašovací jméno.");
$form->addPassword("password1", "Heslo:")->setAttribute("class", "form-control")->setAttribute("autocomplete", "off");
$form->addPassword("password2", "Heslo pro kontrolu:")->setAttribute("class", "form-control")->setAttribute("autocomplete", "off");
$roles = $this->roleRepository->read()->where("name != ?", "root");
if (!$this->user->isInRole("root")) {
$roles->where("name NOT(?)", $this->user->getRoles());
}
$roles = $roles->fetchPairs("aclRoleID", "name");
$form->addSelect("role", "Oprávnění:", $roles)->setAttribute("class", "form-control");
$form->addCheckbox("active", "Aktivní");
$form->addButton("cancel", "Storno")->setHtmlId("cancel");
$form->addSubmit("sender", "Uložit změny")->setHtmlId("sender");
$form->addHidden("userID");
$form['password2']->addRule(Form::EQUAL, 'Hesla se neshodují', $form['password1']);
if ($this->rsuserID) {
$userEntity = $this->userRepository->get($this->rsuserID);
if ($userEntity) {
$form['login']->setValue($userEntity->login);
$form['login']->setAttribute("readonly");
$form['userID']->setValue($this->rsuserID);
$form['active']->setValue($userEntity->getActive());
if ($userEntity->getUserID() == $this->user->getId()) {
$form['role']->setDisabled();
}
if ($userEntity->getLogin() != "root" && $userEntity->getUserID() !== $this->user->getId()) {
$form['role']->setValue($userEntity->aclRoleID);
}
}
} else {
$form['password1']->setRequired("Prosím zadejte heslo.");
}
$form->onSuccess[] = callback($this, "Submit");
$form->onError[] = callback($this, "FormError");
return $form;
}
protected function createComponentModerateCommentForm()
{
return new Multiplier(function ($idsub) {
$idsubArr = explode('q', $idsub);
$id = (int) $idsubArr[0];
$sub = $idsubArr[1] === 'false' ? false : true;
$form = new Form();
$comment = $this->commentsManager->getSingleComment($id, $sub);
if (!(($comment->byUser && $comment->byUser === $this->user->getId() || $this->user->isAllowed('Comments', 'moderate')) && $this->user->isLoggedIn())) {
return $form;
}
$form->getElementPrototype()->class('ajax');
if (!$comment->byUser) {
$form->addText('unregName', 'Neregistrované jméno')->setRequired('Zadejte jméno')->setValue($comment->unregName);
}
$form->addTextArea('text', 'Text')->setRequired('Zadejte text')->setValue(preg_replace('$<p>\\d{1,2}.\\d{1,2}.\\d{4} \\d{1,2}:\\d{1,2} provedena poslední změna</p>$', '', $comment->text));
$form->addCheckbox('deleted', 'Smazaný')->setValue($comment->deleted);
$form->addHidden('id', $id);
$form->addHidden('sub', $sub ? 'true' : 'false');
$form->addSubmit('moderate', 'Změnit');
$form->onSuccess[] = [$this, 'moderateCommentFormSucceeded'];
return $form;
});
}
/**
* Return user's id.
* @return int
*/
public function getId()
{
$id = $this->user->getId();
return $id;
}
public function __construct(UserFacade $userFacade, \Nette\Security\User $user)
{
parent::__construct();
$this->userFacade = $userFacade;
$this->user = $this->userFacade->findOneById($user->getId());
}
/**
* Deletes pad with given id.
* @param int $id
* @return int
*/
public function delete($id)
{
return $this->getTable()->where(['id' => $id, 'user_id' => $this->user->getId()])->delete();
}
/**
* Return user's id.
* @return int
*/
public function getId()
{
return (int) $this->user->getId();
}
/**
* @param DbTable\Oznam_komentar $oznam_komentar
* @param Nette\Security\User $user
*/
public function __construct(DbTable\Oznam_komentar $oznam_komentar, Nette\Security\User $user)
{
parent::__construct();
$this->oznam_komentar = $oznam_komentar;
$this->id_user_profiles = $user->getId();
}
private $dokumenty; /** @var string */ private $prilohy_adresar; /** @var array */ private $prilohy_images; /** @var int */ private $id_user_profiles;
public function render()
{
$this->template->pads = $this->padRepository->findBy(['user' => $this->user->getId()]);
$this->template->render(__DIR__ . '/default.latte');
}
