Created
January 18, 2011 19:33
-
-
Save Aurielle/784985 to your computer and use it in GitHub Desktop.
Koncept n:if-allowed (ověřování ACL v šablonách - Nette Framework) - funkční pouze s n:href
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| * Předpokládá ACL následujícího tvaru: | |
| * resource: Jméno presenteru / komponenty (PHP, včetně namespace) | |
| * privilege: Jméno akce / signálu | |
| */ | |
| public function userAllowed($component, $destination = NULL) | |
| { | |
| if($destination === NULL) // No destination specified, can cause unexpected results when used with n:if-allowed as it would check for previous link! | |
| { | |
| $request = $this->lastCreatedRequest; | |
| $destination = ':' . $request->presenterName . ':' . $request->params[self::ACTION_KEY]; | |
| return $this->getUser()->isAllowedP($destination); | |
| } | |
| else | |
| { | |
| // Following behavior is merely reproduced from Nette\Application\Presenter::createRequest() | |
| // PARSE DESTINATION | |
| // 1) fragment | |
| $a = strpos($destination, '#'); | |
| if($a !== FALSE) | |
| $destination = substr($destination, 0, $a); | |
| // 2) ?query syntax | |
| $a = strpos($destination, '?'); | |
| if($a !== FALSE) | |
| $destination = substr($destination, 0, $a); | |
| // 3) URL scheme | |
| $a = strpos($destination, '//'); | |
| if($a !== FALSE) | |
| $destination = substr($destination, $a + 2); | |
| // 4) signal or empty | |
| if(!($component instanceof \Nette\Application\Presenter) || substr($destination, -1) === '!') { | |
| $signal = rtrim($destination, '!'); | |
| $a = strrpos($signal, ':'); | |
| if($a !== FALSE) { | |
| $component = $component->getComponent(strtr(substr($signal, 0, $a), ':', '-')); | |
| $signal = (string) substr($signal, $a + 1); | |
| } | |
| if($signal == NULL) { // intentionally == | |
| throw new \Nette\Application\InvalidLinkException("Signal must be non-empty string."); | |
| } | |
| return $this->getUser()->isAllowed($component->reflection->name, $signal); | |
| } | |
| if($destination == NULL) { // intentionally == | |
| throw new \Nette\Application\InvalidLinkException("Destination must be non-empty string."); | |
| } | |
| // 5) presenter: action | |
| $a = strrpos($destination, ':'); | |
| if($a === FALSE) { | |
| $action = $destination === 'this' ? $this->action : $destination; | |
| $presenter = $this->getName(); | |
| $destination = ":$presenter:$action"; | |
| } else { | |
| $action = (string) substr($destination, $a + 1); | |
| if ($destination[0] === ':') { // absolute | |
| if ($a < 2) { | |
| throw new \Nette\Application\InvalidLinkException("Missing presenter name in '$destination'."); | |
| } | |
| } else { // relative | |
| $destination = ':' . $this->getName() . ':' . $action; | |
| } | |
| } | |
| return $this->getUser()->isAllowedP($destination); | |
| } | |
| } | |
| /** | |
| * Register LatteFilter with our own LatteMacros | |
| */ | |
| public function templatePrepareFilters($template) | |
| { | |
| $latte = new \Nette\Templates\LatteFilter(); | |
| $latte->setHandler(new \PHPin\Templates\LatteMacros); | |
| $template->registerFilter($latte); | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace PHPin\Web; | |
| /** | |
| * User authentication and authorization. | |
| * Doplňuje funkčnost pro kontrolu ACL přes fully qualified action | |
| * | |
| * @author Vaclav Vrbka | |
| */ | |
| class User extends \Nette\Web\User | |
| { | |
| /** | |
| * Has a user effective access to the Resource? | |
| * @param string $presenter Fully qualified action | |
| * @return bool | |
| */ | |
| public function isAllowedP($presenter) | |
| { | |
| if(substr($presenter, -1) === ':') | |
| { | |
| $action = 'default'; | |
| $presenter = trim($presenter, ':'); | |
| } | |
| else | |
| { | |
| $action = ltrim(strrchr($presenter, ':'), ':'); | |
| $presenter = ltrim(substr($presenter, 0, -(strlen($action) + 1)), ':'); | |
| } | |
| $presenterClass = \Nette\Environment::getApplication()->getPresenterLoader()->getPresenterClass($presenter); | |
| return $this->isAllowed($presenterClass, $action); | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace PHPin\Templates; | |
| /** | |
| * LatteMacros | |
| * | |
| * @author Vaclav Vrbka | |
| */ | |
| class LatteMacros extends \Nette\Templates\LatteMacros | |
| { | |
| /** | |
| * Process <tag n:attr> (experimental). | |
| * @param string | |
| * @param array | |
| * @param bool | |
| * @return string | |
| */ | |
| public function attrsMacro($code, $attrs, $closing) | |
| { | |
| if(isset($attrs['if-allowed']) && isset($attrs['href'])) | |
| { | |
| unset($attrs['if-allowed']); | |
| $a = strpos($attrs['href'], ','); | |
| $b = strpos($attrs['href'], ' '); | |
| if($a !== FALSE || $b !== FALSE) { | |
| $pos = ($a !== FALSE) ? $a : $b; | |
| $attrs['if'] = '$presenter->userAllowed($control, "' . substr($attrs['href'], 0, -$pos) . '")'; | |
| } else { | |
| $attrs['if'] = '$presenter->userAllowed($control, "' . $attrs['href'] . '")'; | |
| } | |
| } | |
| return parent::attrsMacro($code, $attrs, $closing); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment