2013-04-22 15:50:28 +10:00
|
|
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
|
|
|
|
|
|
|
/**
|
|
|
|
* This class provides the default template controller for rendering pages.
|
|
|
|
*
|
|
|
|
* @package lnApp
|
|
|
|
* @category lnApp/Controllers
|
|
|
|
* @author Deon George
|
|
|
|
* @copyright (c) 2009-2013 Deon George
|
|
|
|
* @license http://dev.leenooks.net/license.html
|
|
|
|
*/
|
|
|
|
abstract class lnApp_Controller_TemplateDefault extends Controller_Template {
|
|
|
|
/**
|
|
|
|
* @var object meta object information as per [meta]
|
|
|
|
*/
|
|
|
|
protected $meta;
|
|
|
|
/**
|
|
|
|
* Controls access to this controller.
|
|
|
|
* Can be set to a string or an array, for example 'login' or array('login', 'admin')
|
|
|
|
* Note that in second(array) example, user must have both 'login' AND 'admin' roles set in database
|
|
|
|
*
|
|
|
|
* @var boolean is authenticate required with this controller
|
|
|
|
*/
|
|
|
|
protected $auth_required = FALSE;
|
|
|
|
/**
|
|
|
|
* If redirecting to a login page, which page to redirect to
|
|
|
|
*/
|
|
|
|
protected $noauth_redirect = 'login';
|
|
|
|
/**
|
|
|
|
* Controls access for separate actions, eg:
|
|
|
|
* 'adminpanel' => 'admin' will only allow users with the role admin to access action_adminpanel
|
|
|
|
* 'moderatorpanel' => array('login', 'moderator') will only allow users with the roles login and moderator to access action_moderatorpanel
|
|
|
|
*
|
|
|
|
* @var array actions that require a valid user
|
|
|
|
*/
|
|
|
|
protected $secure_actions = array();
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check and see if this controller needs authentication
|
|
|
|
*
|
|
|
|
* if $this->auth_required is TRUE, then the user must be logged in only.
|
|
|
|
* if $this->auth_required is FALSE, AND $this->secure_actions has an array of
|
|
|
|
* methods set to TRUE, then the user must be logged in AND a member of the
|
|
|
|
* role.
|
|
|
|
*
|
|
|
|
* @return boolean
|
|
|
|
*/
|
|
|
|
protected function _auth_required() {
|
|
|
|
// If our global configurable is disabled, then continue
|
|
|
|
if (! Kohana::$config->load('config')->method_security)
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
return (($this->auth_required !== FALSE && Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__) === FALSE) ||
|
|
|
|
(is_array($this->secure_actions) && array_key_exists($this->request->action(),$this->secure_actions) &&
|
2013-04-25 10:22:36 +10:00
|
|
|
! Auth::instance()->logged_in($this->secure_actions[$this->request->action()],get_class($this).'|'.__METHOD__)));
|
2013-04-22 15:50:28 +10:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Loads the template [View] object.
|
|
|
|
*
|
|
|
|
* Page information is provided by [meta].
|
|
|
|
* @uses meta
|
|
|
|
*/
|
|
|
|
public function before() {
|
|
|
|
// Do not template media files
|
|
|
|
if ($this->request->action() === 'media') {
|
|
|
|
$this->auto_render = FALSE;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Actions that start with ajax, should only be ajax
|
|
|
|
if (! Kohana::$config->load('debug')->ajax AND preg_match('/^ajax/',Request::current()->action()) AND ! Request::current()->is_ajax())
|
|
|
|
die();
|
|
|
|
|
|
|
|
parent::before();
|
|
|
|
|
|
|
|
// Check user auth and role
|
|
|
|
if ($this->_auth_required()) {
|
|
|
|
if (Kohana::$is_cli)
|
|
|
|
throw new Kohana_Exception('Cant run :method, authentication not possible',array(':method'=>$this->request->action()));
|
|
|
|
|
|
|
|
// If auth is required and the user is logged in, then they dont have access.
|
|
|
|
// (We have already checked authorisation.)
|
|
|
|
if (Auth::instance()->logged_in(NULL,get_class($this).'|'.__METHOD__)) {
|
|
|
|
if (Config::sitemode() == Kohana::DEVELOPMENT)
|
|
|
|
SystemMessage::add(array(
|
|
|
|
'title'=>_('Insufficient Access'),
|
|
|
|
'type'=>'debug',
|
|
|
|
'body'=>Debug::vars(array('required'=>$this->auth_required,'action'=>$this->request->action(),'user'=>Auth::instance()->get_user()->username)),
|
|
|
|
));
|
|
|
|
|
|
|
|
// @todo Login No Access redirects are not handled in JS?
|
|
|
|
if ($this->request->is_ajax()) {
|
|
|
|
echo _('You dont have enough permissions.');
|
|
|
|
die();
|
|
|
|
} else
|
|
|
|
HTTP::redirect('login/noaccess');
|
|
|
|
|
|
|
|
} else {
|
|
|
|
Session::instance()->set('afterlogin',Request::detect_uri());
|
|
|
|
HTTP::redirect($this->noauth_redirect);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-04-25 10:22:36 +10:00
|
|
|
if (! $this->auto_render)
|
|
|
|
return;
|
|
|
|
|
2013-04-22 15:50:28 +10:00
|
|
|
// For AJAX calls, we dont need to render the complete page.
|
|
|
|
if ($this->request->is_ajax()) {
|
|
|
|
$this->auto_render = FALSE;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Bind our template meta variable
|
|
|
|
$this->meta = new Meta;
|
|
|
|
View::bind_global('meta',$this->meta);
|
|
|
|
|
|
|
|
// Our default script(s)
|
|
|
|
foreach (array('file'=>array_reverse(array(
|
|
|
|
))) as $type => $datas) {
|
|
|
|
|
|
|
|
foreach ($datas as $data) {
|
|
|
|
Script::add(array(
|
|
|
|
'type'=>$type,
|
|
|
|
'data'=>$data,
|
|
|
|
),TRUE);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Initialise our content
|
2013-04-25 10:22:36 +10:00
|
|
|
$this->template->shownavbar = TRUE;
|
2013-04-22 15:50:28 +10:00
|
|
|
$this->template->content = '';
|
2013-04-25 10:22:36 +10:00
|
|
|
$this->template->footer = '';
|
2013-04-22 15:50:28 +10:00
|
|
|
}
|
|
|
|
|
|
|
|
public function after() {
|
|
|
|
if ($this->auto_render) {
|
2013-04-25 10:22:36 +10:00
|
|
|
$this->template->navbar = $this->template->shownavbar ? View::factory('pages/navbar') : '';
|
|
|
|
|
|
|
|
if (empty($this->template->content))
|
|
|
|
$this->template->content = Block::factory()->render_all();
|
|
|
|
|
|
|
|
// Adjust our breadcrumb
|
|
|
|
if (isset(URL::$method_directory[strtolower($this->request->directory())]))
|
|
|
|
BreadCrumb::name(URL::$method_directory[strtolower($this->request->directory())],$this->request->directory());
|
|
|
|
|
2013-04-22 15:50:28 +10:00
|
|
|
// Application Title
|
|
|
|
if (class_exists('Model_Module') AND $mo=ORM::factory('Module',array('name'=>Request::current()->controller())) AND $mo->loaded())
|
|
|
|
$this->meta->title = sprintf('%s: %s',Kohana::$config->load('config')->appname,$mo->display('name'));
|
|
|
|
else
|
2013-04-25 10:22:36 +10:00
|
|
|
$this->meta->title = Kohana::$config->load('config')->appname;
|
2013-04-22 15:50:28 +10:00
|
|
|
|
|
|
|
// Description
|
|
|
|
$this->meta->description = sprintf('%s::%s',$this->request->controller(),$this->request->action());
|
|
|
|
|
2013-04-25 10:22:36 +10:00
|
|
|
// In case we have some scripting/styling, we need to get that out too
|
|
|
|
} elseif ($this->request->is_ajax() AND $this->response->body()) {
|
|
|
|
$this->response->bodyadd(Script::factory()->render_all());
|
|
|
|
$this->response->bodyadd(Style::factory()->render_all());
|
2013-04-22 15:50:28 +10:00
|
|
|
|
|
|
|
// For any ajax rendered actions, we'll need to capture the content and put it in the response
|
2013-04-25 10:22:36 +10:00
|
|
|
// @todo Do we come here for ajax?
|
2013-04-22 15:50:28 +10:00
|
|
|
} elseif ($this->request->is_ajax() && isset($this->template->content) && ! $this->response->body()) {
|
|
|
|
// In case there any style sheets for this render.
|
|
|
|
$this->response->bodyadd(Style::factory());
|
|
|
|
|
|
|
|
// Since we are ajax, we should re-render the breadcrumb
|
|
|
|
Session::instance()->set('breadcrumb',(string)BreadCrumb::factory());
|
|
|
|
$this->response->bodyadd(Script::add(array('type'=>'stdin','data'=>'$().ready($("#ajCONTROL").load("'.URL::site('welcome/breadcrumb').'",null,function(x,s,r) {}));')));
|
|
|
|
|
|
|
|
// In case there any javascript for this render.
|
|
|
|
$this->response->bodyadd(Script::factory());
|
|
|
|
|
|
|
|
// Get the response body
|
|
|
|
$this->response->bodyadd(sprintf('<table class="content"><tr><td>%s</td></tr></table>',$this->template->content));
|
|
|
|
}
|
|
|
|
|
|
|
|
parent::after();
|
|
|
|
|
|
|
|
// Generate and check the ETag for this file
|
2013-04-25 10:22:36 +10:00
|
|
|
if (Kohana::$environment < Kohana::TESTING OR Kohana::$config->load('debug')->etag)
|
|
|
|
$this->check_cache(sha1($this->response->body()));
|
2013-04-22 15:50:28 +10:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Default Method to call from the tree menu
|
|
|
|
*/
|
|
|
|
public function action_menu() {
|
|
|
|
$this->template->content = _('Please choose from the menu on the left - you may need to expand the items by pressing on the plus.');
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Generate a view path to help View::factory() calls
|
|
|
|
*
|
|
|
|
* The purpose of this method is to ensure that we have a consistant
|
|
|
|
* layout for our view files, including those that are needed by
|
|
|
|
* plugins
|
|
|
|
*
|
|
|
|
* @param string Plugin Name (optional)
|
2013-04-25 10:22:36 +10:00
|
|
|
* @deprecated
|
2013-04-22 15:50:28 +10:00
|
|
|
*/
|
|
|
|
public function viewpath($plugin='') {
|
|
|
|
$request = Request::current();
|
|
|
|
|
|
|
|
$path = $request->controller();
|
|
|
|
|
|
|
|
if ($request->directory())
|
|
|
|
$path .= ($path ? '/' : '').$request->directory();
|
|
|
|
|
|
|
|
if ($plugin)
|
|
|
|
$path .= ($path ? '/' : '').$plugin;
|
|
|
|
|
|
|
|
$path .= ($path ? '/' : '').$request->action();
|
|
|
|
|
|
|
|
return strtolower($path);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
?>
|