blob: 5c48d927d401975dbd8da556c5bad49d41e434ed (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
<?php
namespace Controller;
require __DIR__.'/../lib/request.php';
require __DIR__.'/../lib/response.php';
require __DIR__.'/../lib/session.php';
require __DIR__.'/../lib/template.php';
require __DIR__.'/../lib/helper.php';
require __DIR__.'/../lib/translator.php';
require __DIR__.'/../models/base.php';
require __DIR__.'/../models/config.php';
require __DIR__.'/../models/user.php';
require __DIR__.'/../models/project.php';
require __DIR__.'/../models/task.php';
require __DIR__.'/../models/board.php';
abstract class Base
{
protected $request;
protected $response;
protected $session;
protected $template;
protected $user;
protected $project;
protected $task;
protected $board;
protected $config;
public function __construct()
{
$this->request = new \Request;
$this->response = new \Response;
$this->session = new \Session;
$this->template = new \Template;
$this->config = new \Model\Config;
$this->user = new \Model\User;
$this->project = new \Model\Project;
$this->task = new \Model\Task;
$this->board = new \Model\Board;
}
private function noAuthAllowed($controller, $action)
{
$public = array(
'user' => array('login', 'check'),
'task' => array('add'),
);
if (isset($public[$controller])) {
return in_array($action, $public[$controller]);
}
return false;
}
public function beforeAction($controller, $action)
{
$this->session->open(dirname($_SERVER['PHP_SELF']));
if (! isset($_SESSION['user']) && ! $this->noAuthAllowed($controller, $action)) {
$this->response->redirect('?controller=user&action=login');
}
// Load translations
$language = $this->config->get('language', 'en_US');
if ($language !== 'en_US') \Translator\load($language);
$this->response->csp();
$this->response->nosniff();
$this->response->xss();
$this->response->hsts();
$this->response->xframe();
}
public function checkPermissions()
{
if ($_SESSION['user']['is_admin'] == 0) {
$this->response->redirect('?controller=user&action=forbidden');
}
}
public function redirectNoProject()
{
$this->session->flash(t('There is no active project, the first step is to create a new project.'));
$this->response->redirect('?controller=project&action=create');
}
}
|