'admin' will only allow users with the role admin to access action_adminpanel * 'moderatorpanel' => array('login', 'moderator') will only allow users with the roles login and moderator to access action_moderatorpanel * * @var array actions that require a valid user */ protected $secure_actions = array( ); public function __construct(Request $request,Response $response) { // Our Menu's can run without method authentication by default. if (! isset($this->secure_actions['menu'])) $this->secure_actions['menu'] = FALSE; return parent::__construct($request,$response); } /** * Check and see if this controller needs authentication * * if $this->auth_required is TRUE, then the user must be logged in only. * if $this->auth_required is FALSE, AND $this->secure_actions has an array of * methods set to TRUE, then the user must be logged in AND a member of the * role. * * @return boolean */ protected function _auth_required() { // If our global configurable is disabled, then continue if (! Kohana::Config('config.method_security')) return FALSE; return (($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE) || (is_array($this->secure_actions) && array_key_exists($this->request->action(),$this->secure_actions) && Auth::instance()->logged_in($this->secure_actions[$this->request->action()],get_class($this).'|'.__METHOD__) === FALSE)); } /** * Loads the template [View] object. * * Page information is provided by [meta]. * @uses meta */ public function before() { // Do not template media files if ($this->request->action() === 'media') { $this->auto_render = FALSE; return; } $TEST = FALSE; // Actions that start with ajax, should only be ajax if (preg_match('/^ajax/',Request::current()->action()) AND ! Request::current()->is_ajax() AND ! $TEST) die(); parent::before(); // Check user auth and role if ($this->_auth_required()) { if (Kohana::$is_cli) throw new Kohana_Exception('Cant run :method, authentication not possible',array(':method'=>$this->request->action())); // If auth is required and the user is logged in, then they dont have access. // (We have already checked authorisation.) if (Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__)) { if (Config::sitemode() == Kohana::DEVELOPMENT) SystemMessage::add(array( 'title'=>_('Insufficient Access'), 'type'=>'debug', 'body'=>Debug::vars(array('required'=>$this->auth_required,'action'=>$this->request->action(),'user'=>Auth::instance()->get_user()->username)), )); // @todo Login No Access redirects are not handled in JS? if ($this->request->is_ajax()) { echo _('You dont have enough permissions.'); die(); } else Request::current()->redirect('login/noaccess'); } else { Session::instance()->set('afterlogin',Request::detect_uri()); Request::current()->redirect($this->noauth_redirect); } } // For AJAX calls, we dont need to render the complete page. if ($this->request->is_ajax()) { $this->auto_render = FALSE; return; } // Bind our template meta variable $this->meta = new meta; View::bind_global('meta',$this->meta); // Add our logo Style::add(array( 'type'=>'stdin', 'data'=>'h1 span{background:url('.Config::logo_uri().') no-repeat;}', )); // Our default script(s) foreach (array('file'=>array_reverse(array( 'js/jquery-1.6.4.min.js', 'js/jquery.jstree-1.0rc3.js', 'js/jquery.cookie.js', ))) as $type => $datas) { foreach ($datas as $data) { Script::add(array( 'type'=>$type, 'data'=>$data, ),TRUE); } } // Initialise our content $this->template->left = ''; $this->template->content = ''; $this->template->right = ''; } public function after() { if (! is_string($this->template) AND empty($this->template->content)) $this->template->content = Block::factory(); if ($this->auto_render) { // Application Title if ($mo=ORM::factory('module',array('name'=>Request::current()->controller())) AND $mo->loaded()) $this->meta->title = sprintf('%s: %s',Kohana::Config('config.appname'),$mo->display('name')); else $this->meta->title = Kohana::Config('config.appname'); $this->template->title = ''; // Language $this->meta->language = Config::instance()->so->language->iso; // Description $this->meta->description = sprintf('%s::%s',$this->request->controller(),$this->request->action()); // Link images on the header line $this->template->headimages = $this->_headimages(); // System Messages line $this->template->sysmsg = $this->_sysmsg(); // Left Item $this->template->left = $this->_left(); // Right Item $this->template->right = $this->_right(); // Footer $this->template->footer = $this->_footer(); // For any ajax rendered actions, we'll need to capture the content and put it in the response } elseif ($this->request->is_ajax() && isset($this->template->content) && ! $this->response->body()) { // @todo move this formatting to a view? if ($s = $this->_sysmsg() AND (string)$s) $this->response->body(sprintf('
%s
',$s)); // In case there any style sheets for this render. $this->response->bodyadd(Style::factory()); // Since we are ajax, we should re-render the breadcrumb Session::instance()->set('breadcrumb',(string)Breadcrumb::factory()); $this->response->bodyadd(Script::add(array('type'=>'stdin','data'=>'$().ready($("#ajCONTROL").load("'.URL::site('welcome/breadcrumb').'",null,function(x,s,r) {}));'))); // In case there any javascript for this render. $this->response->bodyadd(Script::factory()); // Get the response body $this->response->bodyadd(sprintf('
%s
',$this->template->content)); } parent::after(); // Generate and check the ETag for this file if (Kohana::$environment === Kohana::PRODUCTION) $this->response->check_cache(NULL,$this->request); } /** * Default Method to call from the tree menu */ public function action_menu() { $this->template->content = _('Please choose from the menu on the left - you may need to expand the items by pressing on the plus.'); } protected function _headimages() { HeadImages::add(array( 'url'=>'http://dev.leenooks.net', 'img'=>'img/forum-big.png', 'attrs'=>array('onclick'=>"target='_blank';",'title'=>'Link') )); return HeadImages::factory(); } protected function _sysmsg() { return SystemMessage::factory(); } protected function _left() { return empty($this->template->left) ? Controller_Tree::js() : $this->template->left; } protected function _right() { return empty($this->template->right) ? '' : $this->template->right; } public function _footer() { return sprintf('© %s',Config::SiteName()); } /** * Generate a view path to help View::factory() calls * * The purpose of this method is to ensure that we have a consistant * layout for our view files, including those that are needed by * plugins * * @param string Plugin Name (optional) */ public function viewpath($plugin='') { $request = Request::current(); $path = ''; $path .= $request->controller(); if ($request->directory()) $path .= ($path ? '/' : '').$request->directory(); if ($plugin) $path .= ($path ? '/' : '').$plugin; $path .= ($path ? '/' : '').$request->action();; return $path; } } ?>