/**
* Checks if this page can be displayed in frontend, redirects to login of not
* @param \Cx\Core\ContentManager\Model\Entity\Page $page Page to check
* @param int $history (optional) Revision of page to use, 0 means current, default 0
*/
public function checkPageFrontendProtection($page, $history = 0)
{
global $sessionObj;
$page_protected = $page->isFrontendProtected();
$pageAccessId = $page->getFrontendAccessId();
if ($history) {
$pageAccessId = $page->getBackendAccessId();
}
// login pages are unprotected by design
$checkLogin = array($page);
while (count($checkLogin)) {
$currentPage = array_pop($checkLogin);
if ($currentPage->getType() == \Cx\Core\ContentManager\Model\Entity\Page::TYPE_FALLBACK) {
try {
array_push($checkLogin, $this->getFallbackPage($currentPage));
} catch (ResolverException $e) {
}
}
if ($currentPage->getModule() == 'Login') {
return;
}
}
// Authentification for protected pages
if (($page_protected || $history || !empty($_COOKIE['PHPSESSID'])) && (!isset($_REQUEST['section']) || $_REQUEST['section'] != 'Login')) {
if (empty($sessionObj)) {
$sessionObj = \cmsSession::getInstance();
}
$_SESSION->cmsSessionStatusUpdate('frontend');
if (\FWUser::getFWUserObject()->objUser->login()) {
if ($page_protected) {
if (!\Permission::checkAccess($pageAccessId, 'dynamic', true)) {
$link = base64_encode(\Env::get('cx')->getRequest()->getUrl()->toString());
\Cx\Core\Csrf\Controller\Csrf::header('Location: ' . \Cx\Core\Routing\Url::fromModuleAndCmd('Login', 'noaccess', '', array('redirect' => $link)));
exit;
}
}
if ($history && !\Permission::checkAccess(78, 'static', true)) {
$link = base64_encode(\Env::get('cx')->getRequest()->getUrl()->toString());
\Cx\Core\Csrf\Controller\Csrf::header('Location: ' . \Cx\Core\Routing\Url::fromModuleAndCmd('Login', 'noaccess', '', array('redirect' => $link)));
exit;
}
} elseif (!empty($_COOKIE['PHPSESSID']) && !$page_protected) {
unset($_COOKIE['PHPSESSID']);
} else {
if (isset($_GET['redirect'])) {
$link = $_GET['redirect'];
} else {
$link = base64_encode(\Env::get('cx')->getRequest()->getUrl()->toString());
}
\Cx\Core\Csrf\Controller\Csrf::header('Location: ' . \Cx\Core\Routing\Url::fromModuleAndCmd('Login', '', '', array('redirect' => $link)));
exit;
}
}
}
/**
* Clones the protection of this page to another page
* @param \Cx\Core\ContentManager\Model\Entity\Page $page Page to get the same protection as $this
* @param boolean $frontend Wheter the front- or backend protection should be cloned
* @return boolean True on success, false otherwise
*/
public function copyProtection($page, $frontend)
{
if ($frontend) {
$accessId = $this->getFrontendAccessId();
} else {
$accessId = $this->getBackendAccessId();
}
$groups = \Permission::getGroupIdsForAccessId($accessId);
if ($frontend) {
$page->setFrontendProtection($this->isFrontendProtected());
$newAccessId = $page->getFrontendAccessId();
} else {
$page->setBackendProtection($this->isBackendProtected());
$newAccessId = $page->getBackendAccessId();
}
foreach ($groups as $groupId) {
if (!\Permission::setAccess($newAccessId, 'dynamic', $groupId)) {
return false;
}
}
return true;
}
public function getFrontendAccessId()
{
$this->_load();
return parent::getFrontendAccessId();
}
