|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* DefaultAcl |
|
5
|
|
|
* @copyright Copyright (c) 2011 - 2015 Aleksandr Torosh (http://wezoom.com.ua) |
|
6
|
|
|
* @author Aleksandr Torosh <[email protected]> |
|
7
|
|
|
*/ |
|
8
|
|
|
|
|
9
|
|
|
namespace YonaCMS\Plugin; |
|
10
|
|
|
|
|
11
|
|
|
use Phalcon\Mvc\Dispatcher, |
|
12
|
|
|
Phalcon\Mvc\User\Plugin, |
|
13
|
|
|
Phalcon\Mvc\View, |
|
14
|
|
|
Application\Acl\DefaultAcl; |
|
15
|
|
|
|
|
16
|
|
|
class Acl extends Plugin |
|
17
|
|
|
{ |
|
18
|
|
|
|
|
19
|
|
|
public function __construct(DefaultAcl $acl, Dispatcher $dispatcher, View $view) |
|
20
|
|
|
{ |
|
21
|
|
|
$role = $this->getRole(); |
|
22
|
|
|
|
|
23
|
|
|
$module = $dispatcher->getModuleName(); |
|
|
|
|
|
|
24
|
|
|
$controller = $dispatcher->getControllerName(); |
|
|
|
|
|
|
25
|
|
|
$action = $dispatcher->getActionName(); |
|
|
|
|
|
|
26
|
|
|
|
|
27
|
|
|
$resourceKey = $module . '/' . $controller; |
|
28
|
|
|
$resourceVal = $action; |
|
29
|
|
|
|
|
30
|
|
|
if ($acl->isResource($resourceKey)) { |
|
31
|
|
|
if (!$acl->isAllowed($role, $resourceKey, $resourceVal)) { |
|
32
|
|
|
$this->accessDenied($role, $resourceKey, $resourceVal, $view); |
|
33
|
|
|
} |
|
34
|
|
|
} else { |
|
35
|
|
|
$this->resourceNotFound($resourceKey, $view); |
|
36
|
|
|
} |
|
37
|
|
|
|
|
38
|
|
|
} |
|
39
|
|
|
|
|
40
|
|
|
private function getRole() |
|
41
|
|
|
{ |
|
42
|
|
|
$auth = $this->session->get('auth'); |
|
43
|
|
|
if (!$auth) { |
|
44
|
|
|
$role = 'guest'; |
|
45
|
|
|
} else { |
|
46
|
|
|
if ($auth->admin_session == true) { |
|
47
|
|
|
$role = \Admin\Model\AdminUser::getRoleById($auth->id); |
|
48
|
|
|
} else { |
|
49
|
|
|
$role = 'member'; |
|
50
|
|
|
} |
|
51
|
|
|
} |
|
52
|
|
|
return $role; |
|
53
|
|
|
|
|
54
|
|
|
} |
|
55
|
|
|
|
|
56
|
|
|
private function accessDenied($role, $resourceKey = null, $resourceVal = null, View $view) |
|
57
|
|
|
{ |
|
58
|
|
|
if (in_array($role, ['guest', 'member'])) { |
|
59
|
|
|
return $this->redirect('/admin'); |
|
60
|
|
|
} |
|
61
|
|
|
|
|
62
|
|
|
$view->setViewsDir(__DIR__ . '/../modules/Index/views/'); |
|
63
|
|
|
$view->setPartialsDir(''); |
|
64
|
|
|
$view->message = "$role - Access Denied to resource <b>$resourceKey::$resourceVal</b>"; |
|
65
|
|
|
$view->partial('error/error403'); |
|
66
|
|
|
|
|
67
|
|
|
$response = new \Phalcon\Http\Response(); |
|
68
|
|
|
$response->setHeader(403, 'Forbidden'); |
|
69
|
|
|
$response->sendHeaders(); |
|
70
|
|
|
echo $response->getContent(); |
|
71
|
|
|
exit; |
|
72
|
|
|
} |
|
73
|
|
|
|
|
74
|
|
|
private function resourceNotFound($resourceKey, View $view) |
|
75
|
|
|
{ |
|
76
|
|
|
$view->setViewsDir(__DIR__ . '/../modules/Index/views/'); |
|
77
|
|
|
$view->setPartialsDir(''); |
|
78
|
|
|
$view->message = "Acl resource <b>$resourceKey</b> in <b>/app/config/acl.php</b> not exists"; |
|
79
|
|
|
$view->partial('error/error404'); |
|
80
|
|
|
$response = new \Phalcon\Http\Response(); |
|
81
|
|
|
$response->setHeader(404, 'Not Found'); |
|
82
|
|
|
$response->sendHeaders(); |
|
83
|
|
|
echo $response->getContent(); |
|
84
|
|
|
exit; |
|
85
|
|
|
} |
|
86
|
|
|
|
|
87
|
|
View Code Duplication |
private function redirect($url, $code = 302) |
|
88
|
|
|
{ |
|
89
|
|
|
switch ($code) { |
|
90
|
|
|
case 301 : |
|
91
|
|
|
header('HTTP/1.1 301 Moved Permanently'); |
|
92
|
|
|
break; |
|
93
|
|
|
case 302 : |
|
94
|
|
|
header('HTTP/1.1 302 Moved Temporarily'); |
|
95
|
|
|
break; |
|
96
|
|
|
} |
|
97
|
|
|
header('Location: ' . $url); |
|
98
|
|
|
exit; |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
} |
alexander-torosh /
yona-cms
Loading history...
This check looks for function or method calls that always return null and whose return value is assigned to a variable.
The method
getObject()can return nothing but null, so it makes no sense to assign that value to a variable.The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.