public function preDispatch(AbstractRequest $request)
{
if ($request->module === 'default' && $request->controller === 'auth') {
return;
}
$frontController = FrontController::getInstance();
$bootstrap = $frontController->getParam('bootstrap');
$serviceManager = $bootstrap->getResource('ServiceManager');
$authService = $serviceManager->get('Zend\\Authentication\\AuthenticationService');
if (!$authService->hasIdentity()) {
$response = $this->getResponse();
$currentUri = sprintf('%s://%s%s%s', $request->getScheme(), $request->getHttpHost(), $request->getBaseUrl(), $request->getPathInfo());
$adapter = $authService->getAdapter();
$adapter->setLoginParameters(array('service' => $currentUri));
// Assume user is back here from a CAS authentication
if ($request->getQuery('ticket')) {
$adapter->setServiceValidateParameters(array('service' => $currentUri, 'ticket' => $request->getQuery('ticket')));
// Validate the ticket
$result = $authService->authenticate();
if (!$result->isValid()) {
$response->setRedirect($adapter->createLoginUri());
}
// Assume the user just got here
} else {
$response->setRedirect($adapter->createLoginUri());
}
}
}
public function routeStartup(Zend_Controller_Request_Abstract $request)
{
if (substr($request->getRequestUri(), 0, -1) == $request->getBaseUrl()) {
$request->setRequestUri($request->getRequestUri() . Zend_Registry::get('parameters')->registry->defaultlanguage . "/");
$request->setParam("language", Zend_Registry::get('parameters')->registry->defaultlanguage);
}
}
protected function _forwardLogin(Zend_Controller_Request_Abstract $request)
{
$request->setModuleName('kwf_controller_action_user');
$request->setControllerName('login');
$request->setDispatched(false);
if (substr($request->getActionName(), 0, 4) == 'json') {
$request->setActionName('json-login');
} else {
$params = array('location' => $request->getBaseUrl() . '/' . ltrim($request->getPathInfo(), '/'));
$request->setParams($params);
$request->setActionName('index');
}
}
public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
{
$viewRenderer = Zend_Controller_Action_HelperBroker::getExistingHelper('viewRenderer');
if (is_null($viewRenderer->view)) {
$viewRenderer->init();
}
$this->_view = $viewRenderer->view;
$prefix = 'Core_View_Helper';
$dir = dirname(__FILE__) . '/../../View/Helper';
$this->_view->addHelperPath($dir, $prefix);
//Add base url to view
$this->_view->baseUrl = $request->getBaseUrl();
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
// set up common variables for the view
$this->view->baseUrl = $request->getBaseUrl();
$this->view->module = $request->getModuleName();
$this->view->controller = $request->getControllerName();
$this->view->action = $request->getActionName();
// beware, ogre!
if (!empty($_GET['zd']) && $_GET['zd'] == '1') {
echo "Zend_Controller_Request_Http:<br><textarea rows=10 cols=100>" . print_r($request, 1) . "</textarea><br>";
if (!empty($_GET['exit'])) {
exit;
}
}
#echo "DEBUG:<br><textarea rows=10 cols=100>" . print_r($this->view, 1) . "</textarea><br>";die;
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$auth = Zend_Auth::getInstance();
$publicPages = array();
$publicPages['controllers'] = array('login', 'logout');
$publicPages['actions'] = array();
$controllerName = $request->getControllerName();
$actionName = $request->getActionName();
if (in_array($controllerName, $publicPages['controllers'])) {
return true;
}
PermissionTemplate::auditAccess($controllerName, $actionName);
if (!$auth->hasIdentity() && $controllerName != 'index') {
// this MUST be placed before checking permission
do {
if (isset($_SERVER['PHP_AUTH_USER']) && strlen($_SERVER['PHP_AUTH_USER']) > 0) {
User::processLogin($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
if ($auth->hasIdentity()) {
break;
// allow to check permission below
}
}
header('WWW-Authenticate: Basic realm="Unauthorized Access Prohibited (ClearHealth)"');
header('HTTP/1.0 401 Unauthorized');
die(__('You must enter a valid username and password to access.'));
} while (false);
}
if ($auth->hasIdentity()) {
$permissionTemplateId = $auth->getIdentity()->permissionTemplateId;
if (file_exists('/tmp/emergency') && $controllerName != 'admin-persons' && PermissionTemplate::hasAccess($permissionTemplateId, 'emergency-access', 'allow-emergency-access')) {
if (!($controllerName == "emergency-access" && $actionName == 'index')) {
return true;
}
}
if ($permissionTemplateId != 'superadmin' && !PermissionTemplate::hasAccess($permissionTemplateId, $controllerName, $actionName)) {
$error = 'Access denied. ' . $controllerName . '/' . $actionName . '. ';
$error .= 'Please <a href="' . $request->getBaseUrl() . '/logout" title="Login">Login</a>.';
trigger_error($error, E_USER_NOTICE);
throw new WebVista_App_AuthException($error);
} else {
return true;
}
}
throw new WebVista_App_AuthException('You must be authenticated to access the system.');
}
public function routeStartup(Zend_Controller_Request_Abstract $request)
{
$this->_baseUrl = HTTP_HOST . $request->getBaseUrl();
if ($this->_baseUrl) {
$params = $request->getParams();
if (sizeof($params)) {
foreach ($params as $name => &$param) {
$param = str_ireplace($this->_baseUrl, '', $param);
if (array_key_exists($name, $_POST)) {
$_POST[$name] = $param;
}
}
}
$request->setParams($params);
Zend_Controller_Front::getInstance()->unregisterPlugin($this)->registerPlugin($this, 99999);
// перерегистрируем плагин чтобы dispatchLoopShutdown запустился последним
}
}
/**
* Authenticate a user.
* @param Zend_Controller_Request_Abstract $request The current request
* @param Zend_Controller_Response_Abstract $response The current response
* @return Array|Boolean User data, or FALSE
*/
public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
{
$callbackUrl = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $request->getBaseUrl() . '/g/auth/login/process/twitter';
$authVars = $this->_getAuthVars();
if (!$authVars->consumerKey || !$authVars->consumerSecret) {
throw new Garp_Auth_Exception('Required key "consumerKey" or "consumerSecret" not set in application.ini.');
}
$config = array('siteUrl' => 'https://api.twitter.com/oauth', 'consumerKey' => $authVars->consumerKey, 'consumerSecret' => $authVars->consumerSecret, 'callbackUrl' => $callbackUrl);
try {
$consumer = new Zend_Oauth_Consumer($config);
if ($request->isPost()) {
$token = $consumer->getRequestToken();
$cookie = new Garp_Store_Cookie('Garp_Auth');
$cookie->token = serialize($token);
if (!empty($this->_extendedUserColumns)) {
$cookie->extendedUserColumns = serialize($this->_extendedUserColumns);
}
$cookie->writeCookie();
$consumer->redirect();
return true;
}
$cookie = new Garp_Store_Cookie('Garp_Auth');
if ($request->getParam('oauth_token') && isset($cookie->token)) {
$accesstoken = $consumer->getAccessToken($_GET, unserialize($cookie->token));
// Discard request token
if ($cookie->extendedUserColumns) {
$this->setExtendedUserColumns(unserialize($cookie->extendedUserColumns));
$cookie->destroy('extendedUserColumns');
}
$cookie->destroy('oauth_token');
return $this->_getUserData($this->_getTwitterService($accesstoken, $authVars->consumerKey, $authVars->consumerSecret), $accesstoken->getParam('user_id'));
}
$this->_addError('App was not authorized. Please try again.');
return false;
} catch (Exception $e) {
if (strpos($e->getMessage(), 'Duplicate entry') !== false && strpos($e->getMessage(), 'email_unique') !== false) {
$this->_addError(__('this email address already exists'));
return false;
}
// Provide generic error message
$this->_addError(APPLICATION_ENV === 'development' ? $e->getMessage() : __('login error'));
}
return false;
}
/**
* Authenticate a user.
* @param Zend_Controller_Request_Abstract $request The current request
* @param Zend_Controller_Response_Abstract $response The current response
* @return Array|Boolean User data, or FALSE
*/
public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
{
$callbackUrl = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $request->getBaseUrl() . '/g/auth/login/process/vimeo';
$authVars = $this->_getAuthVars();
if (!$authVars->consumerKey || !$authVars->consumerSecret) {
throw new Garp_Auth_Exception('Required key "consumerKey" or "consumerSecret" not set in application.ini.');
}
$config = array('siteUrl' => 'http://vimeo.com/oauth', 'consumerKey' => $authVars->consumerKey, 'consumerSecret' => $authVars->consumerSecret, 'callbackUrl' => $callbackUrl);
try {
$consumer = new Zend_Oauth_Consumer($config);
if ($request->isPost()) {
$token = $consumer->getRequestToken();
$cookie = new Garp_Store_Cookie('Garp_Auth');
if (!empty($this->_extendedUserColumns)) {
$cookie->extendedUserColumns = serialize($this->_extendedUserColumns);
}
$cookie->token = serialize($token);
$cookie->writeCookie();
$consumer->redirect();
exit;
} elseif ($request->getParam('oauth_token')) {
$cookie = new Garp_Store_Cookie('Garp_Auth');
if (isset($cookie->token)) {
$accesstoken = $consumer->getAccessToken($_GET, unserialize($cookie->token));
if ($cookie->extendedUserColumns) {
$this->setExtendedUserColumns(unserialize($cookie->extendedUserColumns));
$cookie->destroy('extendedUserColumns');
}
// Discard request token
$cookie->destroy('token');
return $this->_getUserData($accesstoken);
} else {
$this->_addError('App was not authorized. Please try again.');
}
} elseif ($request->getParam('denied')) {
$this->_addError('App was not authorized. Please try again.');
}
} catch (Exception $e) {
$this->_addError($e->getMessage());
}
return false;
}
public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
{
// Zend_Layout::startMvc();
if ($request->isXmlHttpRequest()) {
Zend_Layout::getMvcInstance()->disableLayout();
}
$viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
$viewRenderer->init();
$view = $viewRenderer->view;
if ($request->getModuleName() != 'default') {
$paths = $view->getScriptPaths();
$paths[] = ROOT . '/application/' . APP . '/views/scripts/';
$view->setScriptPath($paths);
}
$view->addHelperPath(ROOT . '/application/' . APP . '/views/helpers/', 'Intranet_View_Helper_');
$view->doctype('XHTML1_STRICT');
$view->headMeta()->appendHttpEquiv('Content-Type', 'text/html;charset=utf-8');
$view->baseUrl = $request->getBaseUrl();
$view->module = $request->getModuleName();
$view->controller = $request->getControllerName();
$view->action = $request->getActionName();
}
public function postDispatch(Zend_Controller_Request_Abstract $request)
{
$view = Zend_Controller_Action_HelperBroker::getExistingHelper('ViewRenderer')->view;
$view->headMeta('Built using the awesome Zend Framework (but customised by Daniel Pett): ' . Zend_Version::VERSION, 'generator');
$view->baseUrl = $request->getBaseUrl();
$view->jQuery()->addJavascriptFile($view->baseUrl() . '/js/JQuery/jquery.menu.js', $type = 'text/javascript');
$view->jQuery()->addJavascriptFile($view->baseUrl() . '/js/JQuery/corner.js', $type = 'text/javascript');
$module = strtolower($request->getModuleName());
if ($module == 'default') {
$view->headLink()->appendStylesheet($view->baseUrl() . '/css/home.css', $type = 'screen');
} else {
$view->headLink()->appendStylesheet($view->baseUrl() . '/css/default.css', $type = 'screen');
}
$view->headLink()->appendStylesheet($view->baseUrl() . '/css/print.css', $type = 'print')->appendStylesheet($view->baseUrl() . '/css/style.css', $type = 'screen');
$view->headMeta()->appendHttpEquiv('Content-Type', 'text/html; charset=utf-8');
$view->headLink()->appendAlternate($view->baseUrl() . '/database/artefacts/index/format/atom/', 'application/rss+xml', 'Latest recorded finds feed')->appendAlternate($view->baseUrl() . '/news/format/atom', 'application/rss+xml', 'Latest Scheme news feed')->appendAlternate($view->baseUrl() . '/getinvolved/vacancies/format/atom', 'application/atom+xml', 'Latest Scheme vacancies atom Feed')->appendAlternate($view->baseUrl() . '/research/projects/index/format/atom', 'application/atom+xml', 'Research projects based on Scheme data')->appendAlternate('http://finds.org.uk/blogs/centralunit/feed/', 'application/atom+xml', 'Central unit blog posts')->appendAlternate('http://api.flickr.com/services/feeds/photos_public.gne?id=10257668@N04&lang=en-us&format=atom', 'application/atom+xml', 'Our flickr images feed')->appendAlternate('http://www.finds.org.uk/events/upcoming/index/format/atom', 'application/atom+xml', 'Scheme and external events as they are posted')->appendAlternate('http://www.finds.org.uk/database/search/results/note/1/format/atom', 'application/atom+xml', 'Amazing finds recorded on the database');
/* $view->headLink(array('rel' => 'search',
'href' => $view->baseUrl().'/OpenSearchDatabase.xml',
'type' => 'application/opensearchdescription+xml',
'title' => 'Portable Antiquities Database search',
'APPEND')); */
}
protected static function _makeUrl(Zend_Controller_Request_Abstract $request, $args)
{
for ($i = 0; $i <= 2; $i++) {
if (!isset($args[$i])) {
$args[$i] = null;
}
}
if ($args[0] === null) {
$args[0] = $request->getControllerName();
}
if ($args[1] === null) {
$args[1] = $request->getActionName();
}
if ($args[2] === null && $request->getModuleName() != 'default') {
$args[2] = $request->getModuleName();
}
$res = $request->getBaseUrl() . ($args[2] ? '/' . $args[2] : "") . '/' . self::escape($args[0]) . '/' . self::escape($args[1]);
if (count($args) > 3) {
$get = array();
for ($i = 3; $i < count($args); $i++) {
if (is_array($args[$i])) {
$get = array_merge_recursive($get, $args[$i]);
} else {
$res .= '/' . self::escape($args[$i]);
}
}
if ($get) {
$res .= '?' . http_build_query($get, '', '&');
}
}
return $res;
}
