sourceforge/freenetis/branches/testing/application/libraries/MY_Controller.php @ 1234
150 | bonerek | <?php defined('SYSPATH') or die('No direct script access.');
|
|
1128 | dzolo | /*
|
|
* This file is part of open source system FreeNetIS
|
|||
* and it is released under GPLv3 licence.
|
|||
*
|
|||
* More info about licence can be found:
|
|||
* http://www.gnu.org/licenses/gpl-3.0.html
|
|||
*
|
|||
* More info about project can be found:
|
|||
* http://www.freenetis.org/
|
|||
*
|
|||
*/
|
|||
86 | tomas_duli | ||
407 | jsvitak | // numbers of errors
|
|
define("ACCESS", "1");
|
|||
define("EMAIL", "2");
|
|||
define("DATABASE", "3");
|
|||
define("RECORD", "4");
|
|||
define("PAGE", "5");
|
|||
472 | jsvitak | define("UPGRADE", "6");
|
|
702 | jsvitak | define("WRITABLE", "7");
|
|
791 | michalklim | define("READONLY", "8");
|
|
407 | jsvitak | ||
737 | jsvitak | // numbers of warnings, their identifier numbers have to differ from error messages
|
|
// for example when programmer misleads error and warning
|
|||
define("PARAMETER", "1001");
|
|||
407 | jsvitak | ||
/**
|
|||
* Main controller creates menu, handles changes in svn repository (database upgrade), ...
|
|||
*
|
|||
*/
|
|||
class Controller extends Controller_Core
|
|||
{
|
|||
1234 | dzolo | /** @var integer */
|
|
const ICON_ERROR = 1;
|
|||
/** @var integer */
|
|||
const ICON_GOOD = 2;
|
|||
/** @var integer */
|
|||
const ICON_HELP = 3;
|
|||
/** @var integer */
|
|||
const ICON_INFO = 4;
|
|||
/** @var integer */
|
|||
const ICON_WARNING = 5;
|
|||
127 | tomas_duli | ||
1142 | dzolo | /**
|
|
* Controller singleton
|
|||
*
|
|||
* @var Controller
|
|||
*/
|
|||
715 | michalklim | private static $instance;
|
|
1142 | dzolo | ||
/**
|
|||
* Paths for which login is not required
|
|||
*
|
|||
* @var array
|
|||
*/
|
|||
private static $login_not_required = array
|
|||
(
|
|||
'login',
|
|||
'forgotten_password',
|
|||
'registration',
|
|||
'registration/complete',
|
|||
1186 | dzolo | 'registration/complete',
|
|
'address_points/get_gps_by_street_street_number_town_country',
|
|||
1142 | dzolo | 'scheduler/run',
|
|
'installation'
|
|||
);
|
|||
779 | dzolo | /** @var unknown_type */
|
|
715 | michalklim | public $arr;
|
|
779 | dzolo | /** @var Setting_Model Settings */
|
|
715 | michalklim | public $settings = NULL;
|
|
779 | dzolo | /** @var array */
|
|
715 | michalklim | public $upgrade_sql = array();
|
|
779 | dzolo | /** @var integer */
|
|
715 | michalklim | public $current_svn_db_schema_version = 0;
|
|
1142 | dzolo | /** @var integer */
|
|
997 | michalklim | public $current_svn_revision = 0;
|
|
779 | dzolo | /** @var integer */
|
|
715 | michalklim | public $popup = 0;
|
|
779 | dzolo | /** @var integer */
|
|
715 | michalklim | public $dialog = 0;
|
|
900 | michalklim | /** @var boolean */
|
|
public $user_has_phone_invoices = 0;
|
|||
/** @var boolean */
|
|||
public $user_has_voip = 0;
|
|||
1142 | dzolo | /** @var string */
|
|
997 | michalklim | public $ip_address_span = '';
|
|
1173 | dzolo | /** @var integer */
|
|
public $unread_user_mails = 0;
|
|||
1234 | dzolo | /** @var integer */
|
|
public $count_of_registered_members = 0;
|
|||
/** @var integer */
|
|||
public $count_of_unvoted_works_of_voter = 0;
|
|||
/** @var integer */
|
|||
public $count_of_unvoted_works_reports_of_voter = 0;
|
|||
/** @var integer */
|
|||
public $count_unfilled_phone_invoices = 0;
|
|||
1142 | dzolo | /** @var array */
|
|
1013 | michalklim | public $svn = array();
|
|
1234 | dzolo | /** @var integer $member_id ID of logged member */
|
|
protected $member_id;
|
|||
/** @var integer $user_id ID of logged user */
|
|||
1230 | dzolo | protected $user_id;
|
|
1234 | dzolo | /** @var integer $account_id ID of logged member account */
|
|
protected $member_account_id = 1;
|
|||
1147 | dzolo | /** @var Session */
|
|
protected $session;
|
|||
/** @var $groups_aro_map Groups_aro_map_Model */
|
|||
private $groups_aro_map;
|
|||
715 | michalklim | ||
1142 | dzolo | /**
|
|
* Contruct of controller, creates singleton or return it
|
|||
*/
|
|||
407 | jsvitak | public function __construct()
|
|
{
|
|||
1142 | dzolo | parent::__construct();
|
|
632 | michalklim | ||
715 | michalklim | // This part only needs to be run once
|
|
if (self::$instance === NULL)
|
|||
{
|
|||
1147 | dzolo | // init sessions
|
|
$this->session = Session::instance();
|
|||
632 | michalklim | ||
1147 | dzolo | // test if visitor is logged in, or he accesses public
|
|
// controllers like registration, redirect, installation, etc.
|
|||
if (!in_array(url_lang::current(), self::$login_not_required) &&
|
|||
strpos(url_lang::current(), 'web_interface') === false &&
|
|||
url_lang::current(true) != 'web_interface' &&
|
|||
!$this->session->get('user_id', 0))
|
|||
{
|
|||
// Not logged in - redirect to login page
|
|||
$this->session->set_flash('err_message', __('Must be logged in'));
|
|||
// Do not logout after login
|
|||
if (url_lang::current() != 'login/logout')
|
|||
{
|
|||
$this->session->set('referer', url_lang::current());
|
|||
}
|
|||
// Redirect to login
|
|||
url::redirect(url_lang::base() . 'login');
|
|||
// Die
|
|||
die();
|
|||
}
|
|||
// init settings
|
|||
715 | michalklim | $this->settings = new Settings();
|
|
647 | michalklim | ||
715 | michalklim | // if true, freenetis will run in popup mode (without header and menu)
|
|
$this->popup = (isset($_GET['popup']) && $_GET['popup']) ? 1 : 0;
|
|||
710 | michalklim | ||
715 | michalklim | // if true, freenetis will run in text mod for dialog
|
|
$this->dialog = (isset($_GET['dialog']) && $_GET['dialog']) ? 1 : 0;
|
|||
1142 | dzolo | ||
715 | michalklim | // database upgrade goes here
|
|
$this->get_current_svn_db_schema_info();
|
|||
1142 | dzolo | // svn informations for errors and info
|
|
1013 | michalklim | $this->svn_info();
|
|
715 | michalklim | // config file doesn't exist, we must create it
|
|
if (!file_exists('config.php'))
|
|||
{
|
|||
// protection before loop
|
|||
if (url_lang::current(1) == 'setup_config')
|
|||
return;
|
|||
1142 | dzolo | ||
url::redirect(url_lang::base() . 'setup_config');
|
|||
715 | michalklim | }
|
|
632 | michalklim | // protection before loop
|
|
715 | michalklim | if (url_lang::current(1) == 'installation')
|
|
return;
|
|||
632 | michalklim | ||
715 | michalklim | // test database connection
|
|
if (!db::test())
|
|||
Controller::error(DATABASE);
|
|||
632 | michalklim | ||
715 | michalklim | // db schema version is null
|
|
if (!$this->settings->get('db_schema_version'))
|
|||
779 | dzolo | {
|
|
// we must run install
|
|||
1142 | dzolo | url::redirect(url_lang::base() . 'installation');
|
|
779 | dzolo | }
|
|
715 | michalklim | // db schema is not up to date
|
|
1142 | dzolo | else if ($this->current_svn_db_schema_version !=
|
|
$this->settings->get('db_schema_version'))
|
|||
715 | michalklim | {
|
|
// we must run upgrade
|
|||
$this->upgrade_sql($this->settings->get('db_schema_version'));
|
|||
}
|
|||
1142 | dzolo | ||
// load these variables only for logged user
|
|||
if ($this->session->get('user_id', 0))
|
|||
{
|
|||
// for preprocessing some variable
|
|||
$this->preprocessor();
|
|||
}
|
|||
715 | michalklim | ||
// Singleton instance
|
|||
self::$instance = $this;
|
|||
479 | michalklim | }
|
|
715 | michalklim | }
|
|
479 | michalklim | ||
715 | michalklim | /**
|
|
1142 | dzolo | * Singleton instance of Controller.
|
|
*
|
|||
715 | michalklim | * @author Michal Kliment
|
|
* @return Controller object
|
|||
*/
|
|||
1195 | dzolo | public static function & instance()
|
|
715 | michalklim | {
|
|
// Create the instance if it does not exist
|
|||
empty(self::$instance) and new Controller;
|
|||
return self::$instance;
|
|||
127 | tomas_duli | }
|
|
1142 | dzolo | ||
407 | jsvitak | /**
|
|
* Function shows error of given message number.
|
|||
1142 | dzolo | *
|
|
407 | jsvitak | * @param $message
|
|
* @param $content
|
|||
*/
|
|||
715 | michalklim | public function error($message_type, $content = NULL)
|
|
1142 | dzolo | {
|
|
702 | jsvitak | switch ($message_type)
|
|
425 | jsvitak | {
|
|
case ACCESS:
|
|||
$message = url_lang::lang('states.Access denied');
|
|||
1234 | dzolo | $this->showbox($message, self::ICON_ERROR, $content);
|
|
1142 | dzolo | break;
|
|
425 | jsvitak | case EMAIL:
|
|
1142 | dzolo | $message = url_lang::lang('states.Failed to send e-mail') . '<br />' .
|
|
url_lang::lang('states.Please check settings.');
|
|||
1234 | dzolo | $this->showbox($message, self::ICON_ERROR, $content);
|
|
1142 | dzolo | break;
|
|
425 | jsvitak | case DATABASE:
|
|
1142 | dzolo | $message = url_lang::lang('states.Failed to connect to database') .
|
|
'<br />' . url_lang::lang('states.Please check settings.');
|
|||
1234 | dzolo | $this->showbox($message, self::ICON_ERROR, $content);
|
|
1142 | dzolo | break;
|
|
425 | jsvitak | case RECORD:
|
|
$message = url_lang::lang('states.This record does not exist');
|
|||
1234 | dzolo | $this->showbox($message, self::ICON_ERROR, $content);
|
|
1142 | dzolo | break;
|
|
425 | jsvitak | case PAGE:
|
|
$message = url_lang::lang('states.Page not found');
|
|||
1234 | dzolo | $this->showbox($message, self::ICON_ERROR, $content);
|
|
1142 | dzolo | break;
|
|
472 | jsvitak | case UPGRADE:
|
|
497 | jsvitak | $message = url_lang::lang('states.Database upgrade failed');
|
|
1234 | dzolo | $this->showbox($message, self::ICON_ERROR, $content);
|
|
1142 | dzolo | break;
|
|
702 | jsvitak | case WRITABLE:
|
|
$message = url_lang::lang('states.Directory or file is not writable.');
|
|||
1234 | dzolo | $this->showbox($message, self::ICON_ERROR, $content);
|
|
1142 | dzolo | break;
|
|
791 | michalklim | case READONLY:
|
|
$message = url_lang::lang('states.Item is read only.');
|
|||
1234 | dzolo | $this->showbox($message, self::ICON_ERROR, $content);
|
|
1142 | dzolo | break;
|
|
737 | jsvitak | default:
|
|
$message = url_lang::lang('states.Unknown error message');
|
|||
1234 | dzolo | $this->showbox($message, self::ICON_WARNING, $content);
|
|
1142 | dzolo | break;
|
|
425 | jsvitak | }
|
|
154 | bonerek | }
|
|
1142 | dzolo | ||
407 | jsvitak | /**
|
|
* Function shows warning of given message number.
|
|||
1142 | dzolo | *
|
|
* @param integer $message
|
|||
* @param string $content
|
|||
407 | jsvitak | */
|
|
779 | dzolo | public function warning($message, $content = NULL)
|
|
154 | bonerek | {
|
|
407 | jsvitak | switch ($message)
|
|
{
|
|||
case PARAMETER:
|
|||
$message = url_lang::lang('states.Parameter required');
|
|||
1234 | dzolo | $this->showbox($message, self::ICON_WARNING, $content);
|
|
407 | jsvitak | break;
|
|
737 | jsvitak | default:
|
|
$message = url_lang::lang('states.Unknown warning message');
|
|||
1234 | dzolo | $this->showbox($message, self::ICON_WARNING, $content);
|
|
737 | jsvitak | break;
|
|
}
|
|||
154 | bonerek | }
|
|
407 | jsvitak | /**
|
|
* Function renders error and warning messages.
|
|||
1142 | dzolo | *
|
|
* @param string $message
|
|||
* @param integer $type
|
|||
* @param string $content
|
|||
407 | jsvitak | */
|
|
779 | dzolo | private function showbox($message, $type, $content = NULL)
|
|
{
|
|||
$view = new View('main');
|
|||
$view->content = new View('statesbox');
|
|||
632 | michalklim | ||
1142 | dzolo | $src = NULL;
|
|
779 | dzolo | switch ($type)
|
|
{
|
|||
1234 | dzolo | case self::ICON_ERROR:
|
|
1142 | dzolo | $view->title = __('Error');
|
|
$src = 'media/images/states/error.png';
|
|||
779 | dzolo | break;
|
|
1234 | dzolo | case self::ICON_GOOD:
|
|
1142 | dzolo | $view->title = __('Good');
|
|
$src = 'media/images/states/good.png';
|
|||
779 | dzolo | break;
|
|
1234 | dzolo | case self::ICON_HELP:
|
|
1142 | dzolo | $view->title = __('Help');
|
|
$src = 'media/images/states/help.png';
|
|||
779 | dzolo | break;
|
|
1234 | dzolo | case self::ICON_INFO:
|
|
1142 | dzolo | $view->title = __('Info');
|
|
$src = 'media/images/states/info.png';
|
|||
779 | dzolo | break;
|
|
1234 | dzolo | case self::ICON_WARNING:
|
|
1142 | dzolo | $view->title = __('Warning');
|
|
$src = 'media/images/states/warning.png';
|
|||
779 | dzolo | break;
|
|
}
|
|||
1142 | dzolo | ||
$view->content->icon = html::image(array
|
|||
(
|
|||
'src' => $src,
|
|||
'width' => '100',
|
|||
'height' => '100',
|
|||
'alt' => 'Image',
|
|||
'class' => 'noborder'
|
|||
));
|
|||
779 | dzolo | $view->content->message = $message;
|
|
1142 | dzolo | ||
779 | dzolo | if (isset($content))
|
|
1142 | dzolo | {
|
|
779 | dzolo | $view->content->content = $content;
|
|
1142 | dzolo | }
|
|
779 | dzolo | $view->render(TRUE);
|
|
1142 | dzolo | ||
779 | dzolo | // must be die() - else it will be render twice !
|
|
die();
|
|||
}
|
|||
216 | michalklim | ||
779 | dzolo | /**
|
|
* Setup revision database schema.
|
|||
*/
|
|||
1142 | dzolo | public function get_current_svn_db_schema_info()
|
|
779 | dzolo | {
|
|
require_once("application/upgrade_sql/upgrade_sql.php");
|
|||
1142 | dzolo | ||
779 | dzolo | $this->current_svn_db_schema_version = get_SVN_rev();
|
|
1147 | dzolo | ||
1142 | dzolo | $this->upgrade_sql[$this->current_svn_db_schema_version] =
|
|
$upgrade_sql[$this->current_svn_db_schema_version];
|
|||
779 | dzolo | }
|
|
/**
|
|||
* Upgrade database from current version to latest version.
|
|||
1142 | dzolo | *
|
|
779 | dzolo | * @param integer $from_version From which version(revision) upgrade starts
|
|
*/
|
|||
1142 | dzolo | public function upgrade_sql($from_version = 0)
|
|
779 | dzolo | {
|
|
$ok = true;
|
|||
1212 | dzolo | $this->db = Database::instance();
|
|
779 | dzolo | $config = new Config_Model();
|
|
1147 | dzolo | $query = '';
|
|
779 | dzolo | ||
// for each revision
|
|||
1142 | dzolo | for ($i = ($from_version + 1); $i < ($this->current_svn_db_schema_version); $i++)
|
|
779 | dzolo | {
|
|
1142 | dzolo | if (file_exists("application/upgrade_sql/upgrade_sql_" . $i . ".php"))
|
|
214 | michalklim | {
|
|
1142 | dzolo | require("application/upgrade_sql/upgrade_sql_" . $i . ".php");
|
|
485 | jsvitak | // database transaction
|
|
779 | dzolo | try
|
|
{
|
|||
837 | dzolo | // upgrade function before
|
|
if (function_exists('upgrade_sql_' . $i . '_before'))
|
|||
{
|
|||
if (!call_user_func('upgrade_sql_' . $i . '_before'))
|
|||
{
|
|||
throw new Exception('upgrade_sql_' . $i . '_before');
|
|||
}
|
|||
}
|
|||
535 | michalklim | foreach ($upgrade_sql[$i] as $query)
|
|
779 | dzolo | {
|
|
1142 | dzolo | if (!$this->db->query($query))
|
|
779 | dzolo | {
|
|
throw new Kohana_Database_Exception();
|
|||
}
|
|||
}
|
|||
837 | dzolo | // upgrade function after
|
|
if (function_exists('upgrade_sql_' . $i . '_after'))
|
|||
{
|
|||
if (!call_user_func('upgrade_sql_' . $i . '_after'))
|
|||
{
|
|||
throw new Exception('upgrade_sql_' . $i . '_after');
|
|||
}
|
|||
}
|
|||
779 | dzolo | }
|
|
837 | dzolo | catch (Exception $e)
|
|
{
|
|||
$message = "SVN: $i <br />"
|
|||
1142 | dzolo | . __('file') . ": upgrade_sql_$i.php<br /><br />Function: " .
|
|
$e->getMessage();
|
|||
837 | dzolo | $this->error(UPGRADE, $message);
|
|
}
|
|||
779 | dzolo | // set up db schema
|
|
485 | jsvitak | $config->set_db_schema_version($i);
|
|
214 | michalklim | }
|
|
485 | jsvitak | }
|
|
787 | michalklim | ||
// do SQL queries from upgrade_sql file
|
|||
try
|
|||
{
|
|||
837 | dzolo | // upgrade function before
|
|
if (function_exists('upgrade_sql_before'))
|
|||
{
|
|||
if (!call_user_func('upgrade_sql_before'))
|
|||
{
|
|||
throw new Exception('upgrade_sql_before');
|
|||
}
|
|||
}
|
|||
787 | michalklim | foreach ($this->upgrade_sql[$this->current_svn_db_schema_version] as $query)
|
|
{
|
|||
1142 | dzolo | if (!$this->db->query($query))
|
|
787 | michalklim | {
|
|
throw new Kohana_Database_Exception();
|
|||
}
|
|||
}
|
|||
837 | dzolo | // upgrade function after
|
|
if (function_exists('upgrade_sql_after'))
|
|||
{
|
|||
if (!call_user_func('upgrade_sql_after'))
|
|||
{
|
|||
throw new Exception('upgrade_sql_after');
|
|||
}
|
|||
}
|
|||
787 | michalklim | }
|
|
catch (Kohana_Database_Exception $e)
|
|||
{
|
|||
1147 | dzolo | $message = "SVN: $i <br />" . __('file') .
|
|
": upgrade_sql.php<br /><br />$query";
|
|||
787 | michalklim | $this->error(UPGRADE, $message);
|
|
}
|
|||
837 | dzolo | catch (Exception $e)
|
|
{
|
|||
$message = "SVN: $i <br />"
|
|||
1142 | dzolo | . __('file') . ": upgrade_sql_$i.php<br /><br />Function: " .
|
|
$e->getMessage();
|
|||
837 | dzolo | }
|
|
1142 | dzolo | ||
787 | michalklim | // set up db schema
|
|
$config->set_db_schema_version($this->current_svn_db_schema_version);
|
|||
779 | dzolo | }
|
|
1147 | dzolo | ||
779 | dzolo | /**
|
|
1147 | dzolo | * Checks user's access to system
|
|
1156 | dzolo | *
|
|
* @author Ondřej Fibich
|
|||
1147 | dzolo | *
|
|
* @param type $axo_section_value AXO section value - Controller name
|
|||
* @param type $axo_value AXO value - part of Controller
|
|||
* @param type $aco_type ACO type of action (view, new, edit, delete, confirm)
|
|||
* @param integer $member_id Member to check access
|
|||
1156 | dzolo | * @param boolean $force_own Force to use own rules for not logged user
|
|
* Used at: Phone_invoices_Controller#user_field()
|
|||
1142 | dzolo | * @return bool
|
|
127 | tomas_duli | */
|
|
1156 | dzolo | private function acl_check(
|
|
$axo_section, $axo_value, $aco_type, $member_id = NULL,
|
|||
$force_own = FALSE)
|
|||
1142 | dzolo | {
|
|
1147 | dzolo | // groups aro map loaded?
|
|
if (empty($this->groups_aro_map))
|
|||
{
|
|||
$this->groups_aro_map = new Groups_aro_map_Model();
|
|||
}
|
|||
1142 | dzolo | ||
1147 | dzolo | // check own?
|
|
1156 | dzolo | if (($member_id == $_SESSION['member_id']) || $force_own)
|
|
1147 | dzolo | {
|
|
// check own access
|
|||
if ($this->groups_aro_map->has_access(
|
|||
$_SESSION['user_id'], $aco_type . '_own',
|
|||
$axo_section, $axo_value
|
|||
))
|
|||
{
|
|||
// access valid
|
|||
return true;
|
|||
}
|
|||
}
|
|||
1142 | dzolo | ||
1147 | dzolo | // check all
|
|
return $this->groups_aro_map->has_access(
|
|||
$_SESSION['user_id'], $aco_type . '_all',
|
|||
$axo_section, $axo_value
|
|||
1142 | dzolo | );
|
|
127 | tomas_duli | }
|
|
1181 | dzolo | ||
/**
|
|||
* Checks if user is in ARO group
|
|||
*
|
|||
* @author Ondřej Fibich
|
|||
* @param integer $group_id ARO group ID
|
|||
* @param integer $aro_id User ID
|
|||
* @return boolean true if exists false otherwise
|
|||
*/
|
|||
public function is_user_in_group($aro_group_id, $aro_id)
|
|||
{
|
|||
return $this->groups_aro_map->groups_aro_map_exists($aro_group_id, $aro_id);
|
|||
}
|
|||
1142 | dzolo | ||
193 | tomas_duli | /**
|
|
202 | michalklim | * Fuction checks access rights
|
|
1156 | dzolo | * Return true if currently logged user (stored in $_SESSION['user_id'])
|
|
779 | dzolo | * may view own $axo_value object in $axo_section
|
|
* (and in variable $member_id is his own id of member) or if currently logged user
|
|||
* may view all $axo_value object in $axo_section else return false
|
|||
193 | tomas_duli | *
|
|
1156 | dzolo | * @param $axo_section Group of objects to view
|
|
* @param $axo_value Object to view
|
|||
* @param $member_id Optional variable, id of other member
|
|||
* who is being showed by logged member
|
|||
* @param boolean $force_own Force to use own rules for not logged user
|
|||
* Used at: Phone_invoices_Controller#user_field()
|
|||
* @return boolean returns true if member has enough access rights
|
|||
193 | tomas_duli | */
|
|
1156 | dzolo | public function acl_check_view(
|
|
$axo_section, $axo_value, $member_id = NULL, $force_own = FALSE)
|
|||
188 | michalklim | {
|
|
1156 | dzolo | return $this->acl_check(
|
|
$axo_section, $axo_value, 'view', $member_id, $force_own
|
|||
);
|
|||
188 | michalklim | }
|
|
779 | dzolo | ||
/**
|
|||
* Fuction checks access rights
|
|||
1156 | dzolo | * Return true if currently logged user (stored in $_SESSION['user_id'])
|
|
779 | dzolo | * may view own $axo_value object in $axo_section
|
|
* (and in variable $member_id is his own id of member) or if currently logged user
|
|||
* may edit all $axo_value object in $axo_section else return false
|
|||
*
|
|||
1156 | dzolo | * @param $axo_section Group of objects to edit
|
|
* @param $axo_value Object to edit
|
|||
* @param $member_id Optional variable, id of other member
|
|||
* who is being showed by logged member
|
|||
* @param boolean $force_own Force to use own rules for not logged user
|
|||
* Used at: Phone_invoices_Controller#user_field()
|
|||
* @return boolean Returns true if member has enough access rights
|
|||
779 | dzolo | */
|
|
1156 | dzolo | public function acl_check_edit(
|
|
$axo_section, $axo_value, $member_id = NULL, $force_own = FALSE)
|
|||
188 | michalklim | {
|
|
1156 | dzolo | return $this->acl_check(
|
|
$axo_section, $axo_value, 'edit', $member_id, $force_own
|
|||
);
|
|||
188 | michalklim | }
|
|
779 | dzolo | ||
/**
|
|||
* Fuction checks access rights
|
|||
1156 | dzolo | * Return true if currently logged user (stored in $_SESSION['user_id'])
|
|
779 | dzolo | * may view own $axo_value object in $axo_section
|
|
* (and in variable $member_id is his own id of member) or if currently logged user
|
|||
* may add all $axo_value object in $axo_section else return false
|
|||
*
|
|||
1156 | dzolo | * @param $axo_section Group of objects to edit
|
|
* @param $axo_value Object to add
|
|||
* @param $member_id Optional variable, id of other member
|
|||
* who is being showed by logged member
|
|||
* @param boolean $force_own Force to use own rules for not logged user
|
|||
* Used at: Phone_invoices_Controller#user_field()
|
|||
* @return boolean Returns true if member has enough access rights
|
|||
779 | dzolo | */
|
|
1156 | dzolo | public function acl_check_new(
|
|
$axo_section, $axo_value, $member_id = NULL, $force_own = FALSE)
|
|||
188 | michalklim | {
|
|
1156 | dzolo | return $this->acl_check(
|
|
$axo_section, $axo_value, 'new', $member_id, $force_own
|
|||
);
|
|||
188 | michalklim | }
|
|
779 | dzolo | ||
/**
|
|||
* Fuction checks access rights
|
|||
1156 | dzolo | * Return true if currently logged user (stored in $_SESSION['user_id'])
|
|
779 | dzolo | * may view own $axo_value object in $axo_section
|
|
* (and in variable $member_id is his own id of member) or if currently logged user
|
|||
* may delete all $axo_value object in $axo_section else return false
|
|||
*
|
|||
1156 | dzolo | * @param $axo_section Group of objects to edit
|
|
* @param $axo_value Object to delete
|
|||
* @param $member_id Optional variable, id of other member
|
|||
* who is being showed by logged member
|
|||
* @param boolean $force_own Force to use own rules for not logged user
|
|||
* Used at: Phone_invoices_Controller#user_field()
|
|||
* @return boolean Returns true if member has enough access rights
|
|||
779 | dzolo | */
|
|
1156 | dzolo | public function acl_check_delete(
|
|
$axo_section, $axo_value, $member_id = NULL, $force_own = FALSE)
|
|||
202 | michalklim | {
|
|
1156 | dzolo | return $this->acl_check(
|
|
$axo_section, $axo_value, 'delete', $member_id, $force_own
|
|||
);
|
|||
202 | michalklim | }
|
|
127 | tomas_duli | ||
779 | dzolo | /**
|
|
* Fuction checks access rights
|
|||
1156 | dzolo | * Return true if currently logged user (stored in $_SESSION['user_id'])
|
|
779 | dzolo | * may view own $axo_value object in $axo_section
|
|
* (and in variable $member_id is his own id of member) or if currently logged user
|
|||
* may confirm all $axo_value object in $axo_section else return false
|
|||
*
|
|||
1156 | dzolo | * @param $axo_section Group of objects to confirm
|
|
* @param $axo_value Object to confirm
|
|||
* @param $member_id Optional variable, id of other member
|
|||
* who is being showed by logged member
|
|||
* @param boolean $force_own Force to use own rules for not logged user
|
|||
* Used at: Phone_invoices_Controller#user_field()
|
|||
* @return boolean Returns true if member has enough access rights
|
|||
779 | dzolo | */
|
|
1156 | dzolo | public function acl_check_confirm(
|
|
$axo_section, $axo_value, $member_id = NULL, $force_own = FALSE)
|
|||
779 | dzolo | {
|
|
1156 | dzolo | return $this->acl_check(
|
|
$axo_section, $axo_value, 'confirm', $member_id, $force_own
|
|||
);
|
|||
779 | dzolo | }
|
|
1142 | dzolo | ||
779 | dzolo | /**
|
|
1013 | michalklim | * Sets info about SVN
|
|
*
|
|||
* @author Michal Kliment
|
|||
*/
|
|||
private function svn_info()
|
|||
{
|
|||
1142 | dzolo | $info = @shell_exec("svn info " . dirname(__FILE__) . "/../../");
|
|
1013 | michalklim | ||
1142 | dzolo | if ($info != '')
|
|
{
|
|||
$lines = explode("\n", $info);
|
|||
foreach ($lines as $line)
|
|||
1013 | michalklim | {
|
|
1142 | dzolo | $segments = explode(":", $line);
|
|
$key = str_replace(" ", "_", strtolower(array_shift($segments)));
|
|||
$value = implode(":", $segments);
|
|||
1013 | michalklim | ||
1142 | dzolo | if ($key != '')
|
|
$this->svn[$key] = trim($value);
|
|||
1013 | michalklim | }
|
|
1142 | dzolo | }
|
|
// Sets revision
|
|||
if (isset($this->svn['revision']))
|
|||
{
|
|||
$this->current_svn_revision = $this->svn['revision'];
|
|||
}
|
|||
1013 | michalklim | }
|
|
/**
|
|||
898 | michalklim | * Function to preprocessing of some useful variables
|
|
1142 | dzolo | *
|
|
898 | michalklim | * @author Michal Kliment
|
|
*/
|
|||
1142 | dzolo | private function preprocessor()
|
|
898 | michalklim | {
|
|
1234 | dzolo | // helper class
|
|
$member = new Member_Model();
|
|||
1195 | dzolo | // store user ID from session
|
|
898 | michalklim | $this->user_id = $this->session->get('user_id');
|
|
1147 | dzolo | ||
1234 | dzolo | // store member ID from session
|
|
$this->member_id = $this->session->get('member_id');
|
|||
898 | michalklim | // boolean variable if user has any phone invoices (for menu rendering)
|
|
1234 | dzolo | $phone_invoice_user = new Phone_invoice_user_Model();
|
|
$this->user_has_phone_invoices = (
|
|||
$this->member_id != 1 &&
|
|||
$phone_invoice_user->has_phone_invoices($this->user_id)
|
|||
);
|
|||
// count of unfilled phone invoices
|
|||
if ($this->user_has_phone_invoices)
|
|||
{
|
|||
$this->count_unfilled_phone_invoices = $phone_invoice_user
|
|||
->count_unfilled_phone_invoices($this->user_id);
|
|||
}
|
|||
898 | michalklim | ||
// boolean variable if user has active voip number (for menu rendering)
|
|||
1142 | dzolo | $this->user_has_voip = (bool) ORM::factory('voip_sip')
|
|
->has_voip_sips($this->user_id);
|
|||
1167 | dzolo | ||
// count of unread mail messages of user
|
|||
$this->unread_user_mails = ORM::factory('mail_message')
|
|||
->count_all_unread_inbox_messages_by_user_id($this->user_id);
|
|||
941 | michalklim | ||
1234 | dzolo | // count registered members if enabled
|
|
if ($this->settings->get('self_registration'))
|
|||
{
|
|||
$this->count_of_registered_members = $member->count_of_registered_members();
|
|||
}
|
|||
// gets account id of memeber
|
|||
if ($this->acl_check_view('Accounts_Controller', 'transfers', $this->member_id) &&
|
|||
$this->member_id != 1)
|
|||
{
|
|||
$this->member_account_id = $member->get_first_member_account_id($this->member_id);
|
|||
}
|
|||
// gets counts of unvoted user's works and work reports
|
|||
if ($this->acl_check_view('Users_Controller', 'work'))
|
|||
{
|
|||
$this->count_of_unvoted_works_of_voter = ORM::factory('job')
|
|||
->get_count_of_unvoted_works_of_voter($this->user_id);
|
|||
$this->count_of_unvoted_works_reports_of_voter = ORM::factory('job_report')
|
|||
->get_count_of_unvoted_work_reports_of_voter($this->user_id);
|
|||
}
|
|||
958 | michalklim | // ip address span
|
|
$this->ip_address_span = server::remote_addr();
|
|||
1142 | dzolo | ||
if (($ptr_record = dns::get_ptr_record($this->ip_address_span)) != '')
|
|||
{
|
|||
$this->ip_address_span .= ' <i>(' . $ptr_record . ')</i>';
|
|||
}
|
|||
958 | michalklim | ||
// allowed subnets are enabled
|
|||
1234 | dzolo | if (Settings::get('allowed_subnets_enabled') && $this->member_id &&
|
|
1142 | dzolo | $this->acl_check_edit(
|
|
1234 | dzolo | 'Devices_Controller', 'allowed_subnet', $this->member_id
|
|
1142 | dzolo | ))
|
|
958 | michalklim | {
|
|
1142 | dzolo | // toggle button between allowed subnets
|
|
1234 | dzolo | $asm = new Allowed_subnet_Model();
|
|
1142 | dzolo | ||
1234 | dzolo | $as = $asm->get_allowed_subnet_by_member_and_ip_address(
|
|
$this->member_id, server::remote_addr()
|
|||
1142 | dzolo | );
|
|
// it's possible to change allowed allowed subnets
|
|||
1234 | dzolo | if ($as && $as->id &&
|
|
$asm->count_all_disabled_allowed_subnets_by_member($this->member_id))
|
|||
1142 | dzolo | {
|
|
1234 | dzolo | $uri = 'allowed_subnets/change/' .$as->id;
|
|
1147 | dzolo | ||
1234 | dzolo | if ($as->enabled)
|
|
{
|
|||
$this->ip_address_span .= ' ' . html::anchor($uri, html::image(array
|
|||
(
|
|||
'src' => 'media/images/active.png',
|
|||
'title' => 'Disable this subnet'
|
|||
))) . ' ' . help::hint('allowed_subnets_enabled');
|
|||
}
|
|||
else
|
|||
{
|
|||
$this->ip_address_span .= ' ' . html::anchor($uri, html::image(array
|
|||
(
|
|||
'src' => 'media/images/inactive.png',
|
|||
'title' => 'Enable this subnet'
|
|||
))) . ' ' . help::hint('allowed_subnets_disabled');
|
|||
}
|
|||
1142 | dzolo | }
|
|
958 | michalklim | }
|
|
941 | michalklim | // updates paths
|
|
$this->update_paths();
|
|||
898 | michalklim | }
|
|
941 | michalklim | /**
|
|
* Function to update paths
|
|||
1167 | dzolo | *
|
|
941 | michalklim | * @author Michal Kliment
|
|
*/
|
|||
1142 | dzolo | private function update_paths()
|
|
941 | michalklim | {
|
|
1142 | dzolo | if (!is_array($this->session->get('paths')))
|
|
$this->session->set('paths', array());
|
|||
941 | michalklim | ||
1142 | dzolo | $paths = $this->session->get('paths');
|
|
941 | michalklim | ||
1234 | dzolo | if (url_lang::current(TRUE) != 'login' &&
|
|
url_lang::current(TRUE) != 'json' &&
|
|||
url_lang::current(TRUE) != 'js')
|
|||
1142 | dzolo | {
|
|
if (isset($paths[$this->session->get('last_path_id')]))
|
|||
941 | michalklim | {
|
|
1142 | dzolo | $path = $paths[$this->session->get('last_path_id')];
|
|
if ($path[count($path) - 1] != url::base(TRUE) . url::current())
|
|||
{
|
|||
if (url::base() . url::previous() != $path[count($path) - 1])
|
|||
941 | michalklim | {
|
|
1142 | dzolo | foreach ($paths as $id => $path)
|
|
{
|
|||
1147 | dzolo | if (isset($path[count($path) - 1]) &&
|
|
url::base() . url::previous() == $path[count($path) - 1])
|
|||
941 | michalklim | {
|
|
1142 | dzolo | $this->session->set('last_path_id', $id);
|
|
break;
|
|||
941 | michalklim | }
|
|
1142 | dzolo | }
|
|
941 | michalklim | }
|
|
1142 | dzolo | $path = NULL;
|
|
foreach ($paths[$this->session->get('last_path_id')] as $i => $url)
|
|||
{
|
|||
if (url::base(TRUE) . url::current() == $url)
|
|||
{
|
|||
$path = array_slice($paths[$this->session->get('last_path_id')], 0, $i + 1);
|
|||
break;
|
|||
}
|
|||
}
|
|||
if (!$path)
|
|||
$paths[$this->session->get('last_path_id')][] = url::base(TRUE) . url::current();
|
|||
941 | michalklim | else
|
|
1142 | dzolo | $paths[$this->session->get('last_path_id')] = $path;
|
|
}
|
|||
941 | michalklim | }
|
|
1142 | dzolo | else
|
|
$paths[$this->session->get('last_path_id')][] = url::base(TRUE) . url::current();
|
|||
}
|
|||
941 | michalklim | ||
1142 | dzolo | $this->session->set('paths', $paths);
|
|
941 | michalklim | }
|
|
45 | batix | }
|