PHP JUser::authorise方法代码示例

 /**
  * @param \JUser $user
  * @return UserEntity
  */
 protected function _convertToEntity(\JUser $user)
 {
     $id = (int) $user->id;
     if ($entity = $this->_getEntity($id)) {
         return $entity;
     }
     $isAdmin = $user->authorise('core.login.admin', 'root.1') || $user->authorise('core.admin', 'root.1');
     $data = new Data(['id' => $id, 'login' => $user->username, 'name' => $user->name, 'email' => $user->email, 'is_admin' => $isAdmin]);
     $this->_users[$id] = new UserEntity($data);
     return $this->_users[$id];
 }

 /**
  * Gets a list of the actions that can be performed.
  *
  * @param   \JUser  $user       The user object.
  * @param   string  $component  The component access file path, component base path or option name.
  * @param   string  $assetName  The asset name
  * @param   integer $categoryId The category ID.
  * @param   integer $id         The item ID.
  *
  * @return  Object
  */
 public static function getActions(\JUser $user, $component, $assetName, $categoryId = 0, $id = 0)
 {
     $result = new Object();
     // New rules: If path is access file
     $path = $component;
     if (!is_file($path)) {
         // New rules: If path is component base path
         $path = $path . '/access.xml';
     }
     if (!is_file($path)) {
         $path = PathHelper::getAdmin($component) . '/etc/access.xml';
     }
     if (!is_file($path)) {
         $path = PathHelper::getAdmin($component) . '/access.xml';
     }
     if (!$id && !$categoryId) {
         $section = 'component';
     } elseif (!$id && $categoryId) {
         $section = 'category';
         $assetName .= '.category.' . $categoryId;
     } elseif ($id && !$categoryId) {
         $section = $assetName;
         $assetName .= '.' . $assetName . '.' . $id;
     } else {
         $section = $assetName;
         $assetName .= '.' . $assetName;
     }
     $actions = \JAccess::getActionsFromFile($path, "/access/section[@name='" . $section . "']/");
     foreach ($actions as $action) {
         $result->set($action->name, $user->authorise($action->name, $assetName));
     }
     return $result;
 }

 /**
  * Return parameters for client side as JSON format
  * @return string
  */
 private function _getJSConfiguration()
 {
     $input = $this->_application->input;
     $defaultStyles = $this->_getDefaultStyles();
     $installedComponents = PoweradminHelper::getInstalledComponents();
     $supportedExtList = JSNPaExtensionsHelper::getSupportedExtList();
     if (!$this->_params->get('search_coverage')) {
         $coverages = PoweradminHelper::getSearchCoverages();
     } else {
         $coverages = json_decode($this->_params->get('search_coverage', PoweradminHelper::getSearchCoverages()));
     }
     foreach ($supportedExtList as $_supportedExt => $value) {
         $supportedExtAlias = str_replace('com_', JSN_3RD_EXTENSION_STRING . '-', $_supportedExt);
         $_extShortName = str_ireplace('com_', '', $_supportedExt);
         $_plg = JPluginHelper::getPlugin('jsnpoweradmin', $_extShortName);
         if (in_array($_supportedExt, $installedComponents) && !in_array($_supportedExt, $coverages) && !count($_plg) && !in_array($supportedExtAlias, explode(',', $this->_params->get('search_coverage_order')))) {
             array_push($coverages, JSN_3RD_EXTENSION_NOT_INSTALLED_STRING . '-' . $_extShortName);
         }
         if (in_array($_supportedExt, $installedComponents) && count($_plg) && !in_array($supportedExtAlias, explode(',', $this->_params->get('search_coverage_order')))) {
             array_push($coverages, JSN_3RD_EXTENSION_NOT_ENABLED_STRING . '-' . $_extShortName);
         }
     }
     $logoFile = $this->_params->get('logo_file', 'administrator/components/com_poweradmin/assets/images/logo-jsnpoweradmin.png');
     $logoFile = $logoFile == 'N/A' ? '' : JURI::root(true) . '/' . $logoFile;
     $canInstall = $this->_user->authorise('core.manage', 'com_installer');
     // Get editors
     $curEditor = JFactory::getUser()->getParam('editor');
     $editorOptions = array();
     foreach ($this->_getEditorOptions() as $option) {
         $_isAtive = $curEditor == $option->value ? true : false;
         $editorOptions[] = array('value' => $option->value, 'name' => $option->text, 'active' => $_isAtive);
     }
     $conf = array('currentUrl' => $_SERVER["REQUEST_URI"], 'baseUrl' => JURI::base(true) . '/', 'rootUrl' => JURI::root(true) . '/', 'userId' => $this->_user->id, 'protected' => $this->_getProtectedComponents(), 'defaultStyles' => $defaultStyles, 'logoFile' => $logoFile, 'logoLink' => $this->_params->get('logo_link', 'http://www.joomlashine.com/joomla-extensions/jsn-poweradmin.html'), 'logoLinkTarget' => $this->_params->get('logo_target', '_blank'), 'logoTitle' => JText::_($this->_params->get('logo_slogan', JText::_('PLG_JSNADMINBAR_CONFIG_LOGO_SLOGAN_DEFAULT'))), 'allowUninstall' => $this->_params->get('allow_uninstall', true) && $canInstall, 'linkTarget' => $this->_target, 'preloadImages' => array('bg-overlay.png', 'loader.gif', 'dark-loader.gif', 'ui-window-buttons.png'), 'pinned' => $this->_params->get('pinned_bar', true), 'sessionInfinite' => $this->_params->get('admin_session_timer_infinite', false), 'warningTime' => $this->_params->get('session_timeout_warning', 1), 'disableWarning' => $this->_params->get('admin_session_timeout_warning_disabled', false), 'searchCoverages' => $coverages, 'sitemenu' => array('preview' => $this->_preview->getPreviewLink(), 'manager' => JRoute::_('index.php?option=com_poweradmin&view=rawmode', false)), 'usermenu' => array('messages' => $this->_getMessagesCount(), 'profileLink' => "index.php?option=com_admin&task=profile.edit&id={$this->_user->id}&tmpl=component", 'messageLink' => "index.php?option=com_messages", 'logoutLink' => "index.php?option=com_login&task=logout&" . JSession::getFormToken() . "=1"), 'history' => array('url' => 'index.php?option=com_poweradmin&task=history.load'), 'spotlight' => array('limit' => $this->_params->get('search_result_num', 10)), 'urlparams' => array('option' => $input->getVar('option', ''), 'task' => $input->getVar('task', ''), 'view' => $input->getVar('view', ''), 'layout' => $input->getVar('layout', ''), 'id' => $input->getInt('id', 0)), 'editors' => $editorOptions);
     return json_encode($conf);
 }

 /**
  * Checks if this entity is authorized to perform $task on $asset
  *
  * @param  string  $action  Action to perform on $asset
  * @param  string  $asset   Asset to perform $task on
  * @return boolean          True: Authorized, False: Not authorized
  */
 public function isAuthorizedToPerformActionOnAsset($action, $asset)
 {
     if ($asset == 'root') {
         $asset = null;
     }
     return $this->cmsOwnUser->authorise($action, $asset);
 }

 /**
  * Add a preferences button
  */
 protected function addToolbarPreferences()
 {
     // Add a preferences button
     if (!$this->user->authorise('core.admin', 'com_media') && !$this->user->authorise('core.options', 'com_media')) {
         return;
     }
     JToolbarHelper::preferences('com_media');
     JToolbarHelper::divider();
 }

 /**
  * Add a delete button
  */
 private function addToolbarDelete()
 {
     // Add a delete button
     if (!$this->user->authorise('core.delete', 'com_media')) {
         return;
     }
     JToolbarHelper::custom('file.delete', 'delete', 'delete', 'JACTION_DELETE', false);
     JToolbarHelper::divider();
 }

 public static function cancel($params)
 {
     $result = array();
     $result['success'] = true;
     if (empty($params['allow_work'])) {
         $result['success'] = false;
         $result['title'] = 'Error';
         $result['content'] = JText::_("Error");
         return $result;
     }
     unset($params['allow_work']);
     $member_id = $params['member_id'];
     $user = new JUser($member_id);
     $iAmSuperAdmin = $user->authorise('core.admin');
     if ($iAmSuperAdmin) {
         $result['success'] = true;
         $result['title'] = JText::_('Done');
         $result['content'] = JText::_("Done");
         return $result;
     }
     $db = oseDB::instance();
     $query = "SELECT * FROM `#__extensions` WHERE `name` = 'com_users' AND `type` = 'component'";
     $db->setQuery($query);
     $data = $db->loadObject();
     $data = oseJson::decode($data->params);
     $group['groups'] = (array) $data->new_usertype;
     $member = oseRegistry::call('member');
     $member->instance($member_id);
     $Mscs = $member->getAllOwnedMsc(false, 1, 'obj');
     foreach ($Mscs as $Msc) {
         if ($Msc->msc_id == $params['msc_id']) {
             continue;
         }
         $query = "SELECT * FROM `#__osemsc_ext` WHERE `id` = '{$Msc->msc_id}' AND `type` = 'jgroup'";
         $db->setQuery($query);
         $ext = $db->loadObject();
         if (!empty($ext)) {
             $ext = oseJson::decode($ext->params);
             $group['groups'] = array_merge($group['groups'], (array) $ext->jgroup_id);
         }
     }
     $group['groups'] = array_unique($group['groups']);
     //$user = JUser::getInstance($member_id);
     $user->bind($group);
     //$user->groups = array_flip($data->jgroup_id);
     if (!$user->save()) {
         $result['success'] = false;
         $result['title'] = 'Error';
         $result['content'] = JText::_("Error");
         return $result;
     }
     $result['success'] = true;
     $result['title'] = JText::_('Done');
     $result['content'] = JText::_("Done");
     return $result;
 }

 /**
  * Checks if a user is allowed to edit a certain issue.
  *
  * @param   JUser  $user  The user whose permissions should be checked.
  * @param   int    $id    ID of the relevant issue. If left empty or set to 0,
  *                        the permission to create a new issue is checked.
  *
  * @return bool True, if the user is allowed to edit the issue, false if not.
  */
 public function canEdit($user, $id = 0)
 {
     $id = (int) $id;
     // If ID is 0, we create a new issue.
     if ($id == 0) {
         return $user->authorise('issue.create', 'com_monitor');
     }
     // If user is not allowed to edit...
     if (!$user->authorise('issue.edit', 'com_monitor')) {
         if (!$user->authorise('issue.edit.own', 'com_monitor')) {
             return false;
         }
         // ...but to edit own issue...
         $infoQuery = $this->db->getQuery(true)->select('author_id, classification')->from('#__monitor_issues')->where('id = ' . $id);
         $this->db->setQuery($infoQuery);
         $this->db->execute();
         $result = $this->db->loadObject();
         // ...check if the issue belongs to the user.
         if ($result->author_id != $user->id) {
             return false;
         }
     }
     // Check if the user has access to the issue according to its classification.
     if (!isset($result)) {
         $infoQuery = $this->db->getQuery(true)->select('author_id, classification')->from('#__monitor_issues')->where('id = ' . $id);
         $this->db->setQuery($infoQuery);
         $this->db->execute();
         $result = $this->db->loadObject();
     }
     if (!in_array($result->classification, $user->getAuthorisedViewLevels())) {
         // Users can edit their own classifications, regardless of the classification.
         if ($result->author_id != $user->id) {
             return false;
         }
     }
     return true;
 }

 /**
  * Adds the ip address on hover to the post title if an administrator.
  *
  * @param   JUser   $user  The user ID.
  * @param   string  $ip    The ip address of the shout.
  *
  * @return  string  The title to assign.
  *
  * @since   1.0.1
  */
 public function shouttitle($user, $ip)
 {
     $title = null;
     if ($user->authorise('core.admin')) {
         $title = ' title="' . $ip . '"';
     }
     return $title;
 }

 /**
  * Tests JUser::authorise().
  *
  * @param   integer  $userId    User id of user to test
  * @param   string   $action    Action to get aithorized for this user
  * @param   string   $asset     Asset to get authorization for
  * @param   boolean  $expected  Expected return from the authorization check
  *
  * @return  void
  *
  * @since   12.1
  *
  * @covers  JUser::authorise
  * @dataProvider  casesAuthorise
  */
 public function testAuthorise($userId, $action, $asset, $expected)
 {
     // Set up user 99 to be root_user from configuration
     $testConfig = $this->getMock('JConfig', array('get'));
     $testConfig->expects($this->any())->method('get')->will($this->returnValue(99));
     JFactory::$config = $testConfig;
     // Run through test cases
     $user = new JUser($userId);
     $this->assertThat($user->authorise($action, $asset), $this->equalTo($expected), 'Line: ' . __LINE__ . ' Failed for user ' . $user->id);
 }

 /**
  * Run when a list is emptied/truncated
  * Delete's all JUsers found in the list, except Admins
  *
  * @throws Exception
  *
  * @return bool
  */
 public function onBeforeTruncate()
 {
     $params = $this->getParams();
     if ($params->get('juser_field_userid') != '' && $params->get('juser_delete_user', false)) {
         $formModel = $this->getModel();
         $listModel = $formModel->getListModel();
         $db = $listModel->getDb();
         $query = $db->getQuery(true);
         $userIdField = FabrikString::safeColName($this->getFieldName('juser_field_userid'));
         $query->select($userIdField)->from($listModel->getTable()->db_table_name);
         $userIds = $db->setQuery($query)->loadColumn();
         foreach ($userIds as $userId) {
             $user = new JUser((int) $userId);
             $isRoot = $user->authorise('core.admin');
             if (!$isRoot) {
                 if (!$user->delete()) {
                     $this->app->enqueueMessage('Unable to delete user id ' . $userId, 'error');
                 }
             }
         }
     }
     return true;
 }

 /**
  * Check if the user is a joomla super administrator
  *
  * @param JUser $user The user to check
  *
  * @return boolean If the user is a super administrator
  *
  * @since 1.0.0
  */
 public function isJoomlaSuperAdmin(JUser $user)
 {
     return $user->authorise('core.admin', 'root.1');
 }

 /**
  * If category need authorize, we can write in this method.
  *
  * @param   array   $data  Category record.
  * @param   string  $key   Preimary key name.
  *
  * @return  boolean Can edit or not.
  */
 public function allowCategoryAdd($data, $key = 'catid')
 {
     return $this->user->authorise('core.create', $this->option . '.category.' . $data[$key]);
 }

 /**
  * Method to check CUser object authorisation against an access control
  *
  * @param	string	$action		The name of the action to check for permission.
  * @param	string	$assetname	The name of the asset on which to perform the action.
  *
  * @return	boolean	True if authorised
  * @since	Jomsocial 2.4
  */
 public function authorise($action, $assetname = null, $assetObject = null)
 {
     // Check is similar call has been made before.
     if (is_string($assetname) && isset($_cacheAction[$action . $assetname])) {
         return $_cacheAction[$action . $assetname];
     }
     $access = CAccess::check($this->_userid, $action, $assetname, $assetObject);
     $_cacheAction[$action . $assetname] = $access;
     // If asset not found , get Joomla authorise.
     if ($access === null && method_exists('Juser', 'authorise')) {
         return parent::authorise($action, $assetname);
     }
     return $access;
 }

 /**
  * Tests JUser::authorise().
  *
  * @param   integer  $userId    User id of user to test
  * @param   string   $action    Action to get aithorized for this user
  * @param   string   $asset     Asset to get authorization for
  * @param   boolean  $expected  Expected return from the authorization check
  *
  * @return  void
  *
  * @since   12.1
  *
  * @dataProvider  casesAuthorise
  */
 public function testAuthorise($userId, $action, $asset, $expected)
 {
     // Run through test cases
     $user = new JUser($userId);
     $this->assertThat($user->authorise($action, $asset), $this->equalTo($expected), 'Line: ' . __LINE__ . ' Failed for user ' . $user->id);
 }