本文整理汇总了PHP中User::authorise方法的典型用法代码示例。如果您正苦于以下问题:PHP User::authorise方法的具体用法?PHP User::authorise怎么用?PHP User::authorise使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类User
的用法示例。
在下文中一共展示了User::authorise方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: allowEdit
/**
* Method override to check if you can edit an existing record.
*
* @param array $data An array of input data.
* @param string $key The name of the key for the primary key.
*
* @return boolean
*
* @since 1.6
*/
protected function allowEdit($data = array(), $key = 'id')
{
// Initialise variables.
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
$userId = User::get('id');
// Check general edit permission first.
if (User::authorise('core.edit', 'com_content.article.' . $recordId)) {
return true;
}
// Fallback on edit.own.
// First test if the permission is available.
if (User::authorise('core.edit.own', 'com_content.article.' . $recordId)) {
// Now test the owner is the user.
$ownerId = (int) isset($data['created_by']) ? $data['created_by'] : 0;
if (empty($ownerId) && $recordId) {
// Need to do a lookup from the model.
$record = $this->getModel()->getItem($recordId);
if (empty($record)) {
return false;
}
$ownerId = $record->created_by;
}
// If the owner matches 'me' then do the test.
if ($ownerId == $userId) {
return true;
}
}
// Since there is no asset tracking, revert to the component permissions.
return parent::allowEdit($data, $key);
}
示例2: button
/**
* Method to generate html code for a list of buttons
*
* @param array|object $button Button properties
* @return string
*/
public static function button($button)
{
if (!empty($button['access'])) {
if (is_bool($button['access'])) {
if ($button['access'] == false) {
return '';
}
} else {
// Take each pair of permission, context values.
for ($i = 0, $n = count($button['access']); $i < $n; $i += 2) {
if (!\User::authorise($button['access'][$i], $button['access'][$i + 1])) {
return '';
}
}
}
}
$html[] = '<div class="icon-wrapper"' . (empty($button['id']) ? '' : ' id="' . $button['id'] . '"') . '>';
$html[] = '<div class="icon">';
$html[] = '<a href="' . $button['link'] . '"';
$html[] = empty($button['target']) ? '' : ' target="' . $button['target'] . '"';
$html[] = empty($button['onclick']) ? '' : ' onclick="' . $button['onclick'] . '"';
$html[] = empty($button['title']) ? '' : ' title="' . htmlspecialchars($button['title']) . '"';
$html[] = '>';
if (isset($button['image']) && $button['image']) {
$html[] = \Html::asset('image', empty($button['image']) ? '' : $button['image'], empty($button['alt']) ? null : htmlspecialchars($button['alt']), null, true);
}
$html[] = empty($button['text']) ? '' : '<span>' . $button['text'] . '</span>';
$html[] = '</a>';
$html[] = '</div>';
$html[] = '</div>';
return implode($html);
}
示例3: allowEdit
/**
* Method to check if you can edit a record.
*
* @param array $data An array of input data.
* @param string $key The name of the key for the primary key.
*
* @return boolean
*
* @since 1.6
*/
protected function allowEdit($data = array(), $key = 'parent_id')
{
// Initialise variables.
$recordId = (int) isset($data[$key]) ? $data[$key] : 0;
$userId = User::get('id');
// Check general edit permission first.
if (User::authorise('core.edit', $this->extension)) {
return true;
}
// Check specific edit permission.
if (User::authorise('core.edit', $this->extension . '.category.' . $recordId)) {
return true;
}
// Fallback on edit.own.
// First test if the permission is available.
if (User::authorise('core.edit.own', $this->extension . '.category.' . $recordId) || User::authorise('core.edit.own', $this->extension)) {
// Now test the owner is the user.
$ownerId = (int) isset($data['created_user_id']) ? $data['created_user_id'] : 0;
if (empty($ownerId) && $recordId) {
// Need to do a lookup from the model.
$record = $this->getModel()->getItem($recordId);
if (empty($record)) {
return false;
}
$ownerId = $record->created_user_id;
}
// If the owner matches 'me' then do the test.
if ($ownerId == $userId) {
return true;
}
}
return false;
}
示例4: delete
/**
* Removes an item
*/
function delete()
{
// Check for request forgeries
Session::checkToken() or exit(Lang::txt('JINVALID_TOKEN'));
// Initialise variables.
$ids = Request::getVar('cid', array(), '', 'array');
// Access checks.
foreach ($ids as $i => $id) {
if (!User::authorise('core.delete', 'com_content.article.' . (int) $id)) {
// Prune items that you can't delete.
unset($ids[$i]);
Notify::warning(Lang::txt('JERROR_CORE_DELETE_NOT_PERMITTED'));
}
}
if (empty($ids)) {
Notify::error(Lang::txt('JERROR_NO_ITEMS_SELECTED'));
} else {
// Get the model.
$model = $this->getModel();
// Remove the items.
if (!$model->featured($ids, 0)) {
throw new Exception($model->getError(), 500);
}
}
$this->setRedirect('index.php?option=com_content&view=featured');
}
示例5: getActions
/**
* Gets a list of the actions that can be performed.
*
* @return Object
*/
public static function getActions()
{
$result = new \Hubzero\Base\Object();
$actions = JAccess::getActions('com_templates');
foreach ($actions as $action) {
$result->set($action->name, User::authorise($action->name, 'com_templates'));
}
return $result;
}
示例6: getActions
/**
* Gets a list of the actions that can be performed.
*
* @return Object
*/
public static function getActions()
{
$result = new \Hubzero\Base\Object();
$assetName = 'com_languages';
$actions = JAccess::getActions($assetName);
foreach ($actions as $action) {
$result->set($action->name, User::authorise($action->name, $assetName));
}
return $result;
}
示例7: getActions
/**
* Gets a list of the actions that can be performed.
*
* @return Object
*
* @since 1.6
* @todo Refactor to work with notes
*/
public static function getActions()
{
if (empty(self::$actions)) {
self::$actions = new \Hubzero\Base\Object();
$actions = JAccess::getActions('com_users');
foreach ($actions as $action) {
self::$actions->set($action->name, User::authorise($action->name, 'com_users'));
}
}
return self::$actions;
}
示例8: allowEdit
/**
* Overrides JControllerForm::allowEdit
*
* Checks that non-Super Admins are not editing Super Admins.
*
* @param array $data An array of input data.
* @param string $key The name of the key for the primary key.
*
* @return boolean True if allowed, false otherwise.
*
* @since 1.6
*/
protected function allowEdit($data = array(), $key = 'id')
{
// Check if this person is a Super Admin
if (JAccess::check($data[$key], 'core.admin')) {
// If I'm not a Super Admin, then disallow the edit.
if (!User::authorise('core.admin')) {
return false;
}
}
return parent::allowEdit($data, $key);
}
示例9: onGetIcons
/**
* This method is called when the Quick Icons module is constructing its set
* of icons. You can return an array which defines a single icon and it will
* be rendered right after the stock Quick Icons.
*
* @param $context The calling context
* @return array A list of icon definition associative arrays, consisting of the
* keys link, image, text and access.
*/
public function onGetIcons($context)
{
if ($context != $this->params->get('context', 'mod_quickicon') || !User::authorise('core.manage', 'com_installer')) {
return;
}
$cur_template = App::get('template')->template;
$ajax_url = Request::base() . 'index.php?option=com_installer&view=update&task=update.ajax';
$script = "\n\t\t\tvar plg_quickicon_joomlaupdate_ajax_url = '{$ajax_url}';\n\t\t\tvar plg_quickicon_jupdatecheck_jversion = '" . JVERSION . "';\n\t\t\tvar plg_quickicon_joomlaupdate_text = {\n\t\t\t\t'UPTODATE' : '" . Lang::txt('PLG_QUICKICON_JOOMLAUPDATE_UPTODATE', true) . "',\n\t\t\t\t'UPDATEFOUND' : '" . Lang::txt('PLG_QUICKICON_JOOMLAUPDATE_UPDATEFOUND', true) . "',\n\t\t\t\t'ERROR' : '" . Lang::txt('PLG_QUICKICON_JOOMLAUPDATE_ERROR', true) . "'\n\t\t\t};\n\t\t\tvar plg_quickicon_joomlaupdate_img = {\n\t\t\t\t'UPTODATE' : '" . Request::base(true) . '/templates/' . $cur_template . '/images/header/icon-48-jupdate-uptodate.png' . "',\n\t\t\t\t'ERROR': '" . Request::base(true) . '/templates/' . $cur_template . '/images/header/icon-48-deny.png' . "',\n\t\t\t\t'UPDATEFOUND': '" . Request::base(true) . '/templates/' . $cur_template . '/images/header/icon-48-jupdate-updatefound.png' . "'\n\t\t\t};";
$this->js($script);
$this->js('jupdatecheck.js');
return array(array('link' => 'index.php?option=com_joomlaupdate', 'image' => 'header/icon-48-download.png', 'text' => Lang::txt('PLG_QUICKICON_JOOMLAUPDATE_CHECKING'), 'id' => 'plg_quickicon_joomlaupdate'));
}
示例10: onTagView
/**
* Retrieve records for items tagged with specific tags
*
* @param array $tags Tags to match records against
* @param mixed $limit SQL record limit
* @param integer $limitstart SQL record limit start
* @param string $sort The field to sort records by
* @param mixed $areas An array or string of areas that should retrieve records
* @return mixed Returns integer when counting records, array when retrieving records
*/
public function onTagView($tags, $limit = 0, $limitstart = 0, $sort = '', $areas = null)
{
$response = array('name' => $this->_name, 'title' => Lang::txt('PLG_TAGS_FORUM'), 'total' => 0, 'results' => null, 'sql' => '');
$database = App::get('db');
$ids = array();
foreach ($tags as $tag) {
$ids[] = $tag->get('id');
}
$ids = implode(',', $ids);
$addtl_where = array();
$gids = $this->_getGroupIds(User::get('id'));
if (!User::authorise('core.view', 'com_forum')) {
$addtl_where[] = 'e.scope_id IN (0' . ($gids ? ',' . join(',', $gids) : '') . ')';
} else {
$viewlevels = '0,' . implode(',', User::getAuthorisedViewLevels());
if ($gids) {
$addtl_where[] = '(e.access IN (' . $viewlevels . ') OR ((e.access = 4 OR e.access = 5) AND e.scope_id IN (0,' . join(',', $gids) . ')))';
} else {
$addtl_where[] = '(e.access IN (' . $viewlevels . '))';
}
}
// Build the query
$e_count = "SELECT COUNT(f.id) FROM (SELECT e.id, COUNT(DISTINCT t.tagid) AS uniques";
$e_fields = "SELECT e.id, e.title, e.id AS alias, e.comment AS itext, e.comment AS ftext, e.state, e.created, e.created_by, e.modified, e.created AS publish_up, NULL AS publish_down,\n\t\t\t\t\t(CASE WHEN e.scope_id > 0 AND e.scope='group' THEN\n\t\t\t\t\t\tconcat('/groups/', g.cn, concat('/forum/', coalesce(concat(s.alias, '/', coalesce(concat(c.alias, '/'), ''))), CASE WHEN e.parent > 0 THEN e.parent ELSE e.id END))\n\t\t\t\t\tELSE\n\t\t\t\t\t\tconcat('/forum/', coalesce(concat(s.alias, '/', coalesce(concat(c.alias, '/'), ''))), CASE WHEN e.parent > 0 THEN e.parent ELSE e.id END)\n\t\t\t\t\tEND) AS href,\n\t\t\t\t\t'forum' AS section, COUNT(DISTINCT t.tagid) AS uniques, CONCAT(e.thread, ':', e.parent) AS params, e.scope AS rcount, c.alias AS data1, s.alias AS data2, e.scope_id AS data3 ";
//e.last_activity AS rcount, c.alias AS data1, s.alias AS data2, g.cn AS data3
$e_from = " FROM #__forum_posts AS e\n\t\t \t\t\tLEFT JOIN #__forum_categories c ON c.id = e.category_id\n\t\t\t\t\tLEFT JOIN #__forum_sections s ON s.id = c.section_id\n\t\t\t\t\tLEFT JOIN #__xgroups g ON g.gidNumber = e.scope_id\n\t\t\t\t\tLEFT JOIN #__tags_object AS t ON t.objectid=e.id AND t.tbl='forum' AND t.tagid IN ({$ids})";
$e_where = " WHERE e.state=1 AND e.parent=0" . ($addtl_where ? ' AND ' . join(' AND ', $addtl_where) : '');
$e_where .= " GROUP BY e.id HAVING uniques=" . count($tags);
$order_by = " ORDER BY ";
switch ($sort) {
case 'title':
$order_by .= 'title ASC, created';
break;
case 'id':
$order_by .= "id DESC";
break;
case 'date':
default:
$order_by .= 'created DESC, title';
break;
}
$order_by .= $limit != 'all' ? " LIMIT {$limitstart},{$limit}" : "";
$database->setQuery($e_count . $e_from . $e_where . ") AS f");
$response['total'] = $database->loadResult();
if ($areas && $areas == $response['name']) {
$database->setQuery($e_fields . $e_from . $e_where . $order_by);
$response['results'] = $database->loadObjectList();
} else {
$response['sql'] = $e_fields . $e_from . $e_where;
}
return $response;
}
示例11: onGetIcons
/**
* Returns an icon definition for an icon which looks for extensions updates
* via AJAX and displays a notification when such updates are found.
*
* @param $context The calling context
*
* @return array A list of icon definition associative arrays, consisting of the
* keys link, image, text and access.
*
* @since 2.5
*/
public function onGetIcons($context)
{
if ($context != $this->params->get('context', 'mod_quickicon') || !User::authorise('core.manage', 'com_installer')) {
return;
}
$cur_template = App::get('template')->template;
$ajax_url = Request::base() . 'index.php?option=com_installer&view=update&task=update.ajax';
$script = "var plg_quickicon_extensionupdate_ajax_url = '{$ajax_url}';\n";
$script .= 'var plg_quickicon_extensionupdate_text = {"UPTODATE" : "' . Lang::txt('PLG_QUICKICON_EXTENSIONUPDATE_UPTODATE', true) . '", "UPDATEFOUND": "' . Lang::txt('PLG_QUICKICON_EXTENSIONUPDATE_UPDATEFOUND', true) . '", "ERROR": "' . Lang::txt('PLG_QUICKICON_EXTENSIONUPDATE_ERROR', true) . "\"};\n";
$this->js($script);
$this->js('extensionupdatecheck.js');
return array(array('link' => 'index.php?option=com_installer&view=update', 'image' => 'header/icon-48-extension.png', 'text' => Lang::txt('PLG_QUICKICON_EXTENSIONUPDATE_CHECKING'), 'id' => 'plg_quickicon_extensionupdate'));
}
示例12: onTagView
/**
* Retrieve records for items tagged with specific tags
*
* @param array $tags Tags to match records against
* @param mixed $limit SQL record limit
* @param integer $limitstart SQL record limit start
* @param string $sort The field to sort records by
* @param mixed $areas An array or string of areas that should retrieve records
* @return mixed Returns integer when counting records, array when retrieving records
*/
public function onTagView($tags, $limit = 0, $limitstart = 0, $sort = '', $areas = null)
{
$response = array('name' => $this->_name, 'title' => Lang::txt('PLG_TAGS_GROUPS'), 'total' => 0, 'results' => null, 'sql' => '');
if (empty($tags)) {
return $response;
}
$database = App::get('db');
$ids = array();
foreach ($tags as $tag) {
$ids[] = $tag->get('id');
}
$ids = implode(',', $ids);
$from = '';
if (!User::authorise('core.view', 'com_groups')) {
$from = " JOIN #__xgroups_members AS m ON m.gidNumber=a.gidNumber AND m.uidNumber=" . User::get('id');
}
// Build the query
$f_count = "SELECT COUNT(f.gidNumber) FROM (SELECT a.gidNumber, COUNT(DISTINCT t.tagid) AS uniques ";
$f_fields = "SELECT a.gidNumber AS id, a.description AS title, a.cn AS alias, NULL AS itext, a.public_desc AS ftext, a.type AS state, a.created,\n\t\t\t\t\ta.created_by, NULL AS modified, NULL AS publish_up,\n\t\t\t\t\tNULL AS publish_down, CONCAT('index.php?option=com_groups&cn=', a.cn) AS href, 'groups' AS section, COUNT(DISTINCT t.tagid) AS uniques,\n\t\t\t\t\ta.params, NULL AS rcount, NULL AS data1, NULL AS data2, NULL AS data3 ";
$f_from = " FROM #__xgroups AS a {$from}\n\t\t\t\t\tJOIN #__tags_object AS t\n\t\t\t\t\tWHERE a.type=1 AND a.discoverability=0\n\t\t\t\t\tAND a.gidNumber=t.objectid\n\t\t\t\t\tAND t.tbl='groups'\n\t\t\t\t\tAND t.tagid IN ({$ids})";
$f_from .= " GROUP BY a.gidNumber HAVING uniques=" . count($tags);
$order_by = " ORDER BY ";
switch ($sort) {
case 'title':
$order_by .= 'title ASC, publish_up';
break;
case 'id':
$order_by .= "id DESC";
break;
case 'date':
default:
$order_by .= 'publish_up DESC, title';
break;
}
$order_by .= $limit != 'all' ? " LIMIT {$limitstart},{$limit}" : "";
$database->setQuery($f_count . $f_from . ") AS f");
$response['total'] = $database->loadResult();
if ($areas && $areas == $response['name']) {
$database->setQuery($f_fields . $f_from . $order_by);
$response['results'] = $database->loadObjectList();
if ($response['results']) {
// Loop through the results and set each item's HREF
foreach ($response['results'] as $key => $row) {
$response['results'][$key]->href = Route::url('index.php?option=com_groups&cn=' . $row->alias);
}
}
} else {
$response['sql'] = $f_fields . $f_from;
}
return $response;
}
示例13: getActions
/**
* Gets a list of the actions that can be performed.
*
* @param int The menu ID.
*
* @return Object
* @since 1.6
*/
public static function getActions($parentId = 0)
{
$result = new \Hubzero\Base\Object();
if (empty($parentId)) {
$assetName = 'com_menus';
} else {
$assetName = 'com_menus.item.' . (int) $parentId;
}
$actions = JAccess::getActions('com_menus');
foreach ($actions as $action) {
$result->set($action->name, User::authorise($action->name, $assetName));
}
return $result;
}
示例14: onSearch
/**
* Build search query and add it to the $results
*
* @param object $request \Components\Search\Models\Basic\Request
* @param object &$results \Components\Search\Models\Basic\Result\Set
* @param object $authz \Components\Search\Models\Basic\Authorization
* @return void
*/
public static function onSearch($request, &$results, $authz)
{
$terms = $request->get_term_ar();
$weight = "match(f.title, f.comment) against ('" . join(' ', $terms['stemmed']) . "')";
$addtl_where = array();
foreach ($terms['mandatory'] as $mand) {
$addtl_where[] = "(f.title LIKE '%{$mand}%' OR f.comment LIKE '%{$mand}%')";
}
foreach ($terms['forbidden'] as $forb) {
$addtl_where[] = "(f.title NOT LIKE '%{$forb}%' AND f.comment NOT LIKE '%{$forb}%')";
}
$gids = $authz->get_group_ids();
if (!User::authorise('core.view', 'com_groups')) {
$addtl_where[] = 'f.scope_id IN (0' . ($gids ? ',' . join(',', $gids) : '') . ')';
} else {
$viewlevels = implode(',', User::getAuthorisedViewLevels());
if ($gids) {
$addtl_where[] = '(f.access IN (0,' . $viewlevels . ') OR ((f.access = 4 OR f.access = 5) AND f.scope_id IN (0,' . join(',', $gids) . ')))';
} else {
$addtl_where[] = '(f.access IN (0,' . $viewlevels . '))';
}
}
// fml
$groupAuth = array();
if ($authz->is_super_admin()) {
$groupAuth[] = '1';
} else {
$groupAuth[] = "g.plugins LIKE '%forum=anyone%'";
if (!$authz->is_guest()) {
$groupAuth[] = "g.plugins LIKE '%forum=registered%'";
if ($gids) {
$groupAuth[] = "(g.plugins LIKE '%wiki=members%' AND g.gidNumber IN (" . join(',', $gids) . "))";
}
}
}
$rows = new \Components\Search\Models\Basic\Result\Sql("SELECT\n\t\t\t\tf.title,\n\t\t\t\tcoalesce(f.comment, '') AS description, f.scope_id, s.alias as sect, c.alias as cat, CASE WHEN f.parent > 0 THEN f.parent ELSE f.id END as `thread`,\n\t\t\t\t(CASE\n\t\t\t\t\tWHEN f.scope_id > 0 AND f.scope='group' THEN concat('index.php?option=com_groups&cn=', g.cn, '&active=forum')\n\t\t\t\t\tELSE concat('index.php?option=com_forum§ion=', coalesce(concat(s.alias, '&category=', coalesce(concat(c.alias, '&thread='), ''))), CASE WHEN f.parent > 0 THEN f.parent ELSE f.id END)\n\t\t\t\tEND) AS `link`,\n\t\t\t\t{$weight} AS `weight`,\n\t\t\t\tf.created AS `date`,\n\t\t\t\tconcat(s.alias, ', ', c.alias) AS `section`\n\t\t\tFROM `#__forum_posts` f\n\t\t\tLEFT JOIN `#__forum_categories` AS c\n\t\t\t\tON c.id = f.category_id\n\t\t\tLEFT JOIN `#__forum_sections` AS s\n\t\t\t\tON s.id = c.section_id\n\t\t\tLEFT JOIN `#__xgroups` AS g\n\t\t\t\tON g.gidNumber = f.scope_id AND f.scope='group'\n\t\t\tWHERE\n\t\t\t\tf.state = 1 AND\n\t\t\t\tf.scope != 'course' AND\n\t\t\t\t{$weight} > 0" . ($addtl_where ? ' AND ' . join(' AND ', $addtl_where) : '') . " AND (g.gidNumber IS NULL OR (" . implode(' OR ', $groupAuth) . "))\n\t\t\tORDER BY {$weight} DESC");
foreach ($rows->to_associative() as $row) {
if (!$row) {
continue;
}
if ($row->scope_id) {
$row->link .= '/' . ($row->sect ? $row->sect : 'defaultsection') . '/';
$row->link .= ($row->cat ? $row->cat : 'discussion') . '/';
$row->link .= $row->thread;
}
$results->add($row);
}
}
示例15: display
/**
* Display the view
*/
function display($tpl = null)
{
// Access check.
if (!User::authorise('core.admin')) {
return App::abort(404, Lang::txt('JERROR_ALERTNOAUTHOR'));
}
// Initialise variables.
$this->php_settings = $this->get('PhpSettings');
$this->config = $this->get('config');
$this->info = $this->get('info');
$this->php_info = $this->get('PhpInfo');
$this->directory = $this->get('directory');
$this->addToolbar();
$this->_setSubMenu();
parent::display($tpl);
}