blob: cf4234021baceb9384f23d8389cdad2bc20646bb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
<?php
namespace Controller;
require __DIR__.'/../lib/request.php';
require __DIR__.'/../lib/response.php';
require __DIR__.'/../lib/session.php';
require __DIR__.'/../lib/template.php';
require __DIR__.'/../lib/helper.php';
require __DIR__.'/../lib/translator.php';
require __DIR__.'/../models/base.php';
require __DIR__.'/../models/acl.php';
require __DIR__.'/../models/config.php';
require __DIR__.'/../models/user.php';
require __DIR__.'/../models/project.php';
require __DIR__.'/../models/task.php';
require __DIR__.'/../models/board.php';
abstract class Base
{
protected $request;
protected $response;
protected $session;
protected $template;
protected $user;
protected $project;
protected $task;
protected $board;
protected $config;
protected $acl;
public function __construct()
{
$this->request = new \Request;
$this->response = new \Response;
$this->session = new \Session;
$this->template = new \Template;
$this->config = new \Model\Config;
$this->user = new \Model\User;
$this->project = new \Model\Project;
$this->task = new \Model\Task;
$this->board = new \Model\Board;
$this->acl = new \Model\Acl;
}
public function beforeAction($controller, $action)
{
// Start the session
$this->session->open(dirname($_SERVER['PHP_SELF']), SESSION_SAVE_PATH);
// HTTP secure headers
$this->response->csp();
$this->response->nosniff();
$this->response->xss();
$this->response->hsts();
$this->response->xframe();
// Load translations
$language = $this->config->get('language', 'en_US');
if ($language !== 'en_US') \Translator\load($language);
// Set timezone
date_default_timezone_set($this->config->get('timezone', 'UTC'));
// If the user is not authenticated redirect to the login form, if the action is public continue
if (! isset($_SESSION['user']) && ! $this->acl->isPublicAction($controller, $action)) {
$this->response->redirect('?controller=user&action=login');
}
// Check if the user is allowed to see this page
if (! $this->acl->isPageAccessAllowed($controller, $action)) {
$this->response->redirect('?controller=user&action=forbidden');
}
}
public function checkProjectPermissions($project_id)
{
if ($this->acl->isRegularUser()) {
if ($project_id > 0 && ! $this->project->isUserAllowed($project_id, $this->acl->getUserId())) {
$this->response->redirect('?controller=project&action=forbidden');
}
}
}
public function redirectNoProject()
{
$this->session->flash(t('There is no active project, the first step is to create a new project.'));
$this->response->redirect('?controller=project&action=create');
}
public function notfound()
{
$this->response->html($this->template->layout('app_notfound', array('title' => t('Page not found'))));
}
}
|