public function preDispatch(AbstractRequest $request)
 {
     if ($request->module === 'default' && $request->controller === 'auth') {
         return;
     }
     $frontController = FrontController::getInstance();
     $bootstrap = $frontController->getParam('bootstrap');
     $serviceManager = $bootstrap->getResource('ServiceManager');
     $authService = $serviceManager->get('Zend\\Authentication\\AuthenticationService');
     if (!$authService->hasIdentity()) {
         $response = $this->getResponse();
         $currentUri = sprintf('%s://%s%s%s', $request->getScheme(), $request->getHttpHost(), $request->getBaseUrl(), $request->getPathInfo());
         $adapter = $authService->getAdapter();
         $adapter->setLoginParameters(array('service' => $currentUri));
         // Assume user is back here from a CAS authentication
         if ($request->getQuery('ticket')) {
             $adapter->setServiceValidateParameters(array('service' => $currentUri, 'ticket' => $request->getQuery('ticket')));
             // Validate the ticket
             $result = $authService->authenticate();
             if (!$result->isValid()) {
                 $response->setRedirect($adapter->createLoginUri());
             }
             // Assume the user just got here
         } else {
             $response->setRedirect($adapter->createLoginUri());
         }
     }
 }
 public function routeStartup(Zend_Controller_Request_Abstract $request)
 {
     if (substr($request->getRequestUri(), 0, -1) == $request->getBaseUrl()) {
         $request->setRequestUri($request->getRequestUri() . Zend_Registry::get('parameters')->registry->defaultlanguage . "/");
         $request->setParam("language", Zend_Registry::get('parameters')->registry->defaultlanguage);
     }
 }
 protected function _forwardLogin(Zend_Controller_Request_Abstract $request)
 {
     $request->setModuleName('kwf_controller_action_user');
     $request->setControllerName('login');
     $request->setDispatched(false);
     if (substr($request->getActionName(), 0, 4) == 'json') {
         $request->setActionName('json-login');
     } else {
         $params = array('location' => $request->getBaseUrl() . '/' . ltrim($request->getPathInfo(), '/'));
         $request->setParams($params);
         $request->setActionName('index');
     }
 }
Beispiel #4
0
 public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
 {
     $viewRenderer = Zend_Controller_Action_HelperBroker::getExistingHelper('viewRenderer');
     if (is_null($viewRenderer->view)) {
         $viewRenderer->init();
     }
     $this->_view = $viewRenderer->view;
     $prefix = 'Core_View_Helper';
     $dir = dirname(__FILE__) . '/../../View/Helper';
     $this->_view->addHelperPath($dir, $prefix);
     //Add base url to view
     $this->_view->baseUrl = $request->getBaseUrl();
 }
Beispiel #5
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     // set up common variables for the view
     $this->view->baseUrl = $request->getBaseUrl();
     $this->view->module = $request->getModuleName();
     $this->view->controller = $request->getControllerName();
     $this->view->action = $request->getActionName();
     // beware, ogre!
     if (!empty($_GET['zd']) && $_GET['zd'] == '1') {
         echo "Zend_Controller_Request_Http:<br><textarea rows=10 cols=100>" . print_r($request, 1) . "</textarea><br>";
         if (!empty($_GET['exit'])) {
             exit;
         }
     }
     #echo "DEBUG:<br><textarea rows=10 cols=100>" . print_r($this->view, 1) . "</textarea><br>";die;
 }
Beispiel #6
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $auth = Zend_Auth::getInstance();
     $publicPages = array();
     $publicPages['controllers'] = array('login', 'logout');
     $publicPages['actions'] = array();
     $controllerName = $request->getControllerName();
     $actionName = $request->getActionName();
     if (in_array($controllerName, $publicPages['controllers'])) {
         return true;
     }
     PermissionTemplate::auditAccess($controllerName, $actionName);
     if (!$auth->hasIdentity() && $controllerName != 'index') {
         // this MUST be placed before checking permission
         do {
             if (isset($_SERVER['PHP_AUTH_USER']) && strlen($_SERVER['PHP_AUTH_USER']) > 0) {
                 User::processLogin($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
                 if ($auth->hasIdentity()) {
                     break;
                     // allow to check permission below
                 }
             }
             header('WWW-Authenticate: Basic realm="Unauthorized Access Prohibited (ClearHealth)"');
             header('HTTP/1.0 401 Unauthorized');
             die(__('You must enter a valid username and password to access.'));
         } while (false);
     }
     if ($auth->hasIdentity()) {
         $permissionTemplateId = $auth->getIdentity()->permissionTemplateId;
         if (file_exists('/tmp/emergency') && $controllerName != 'admin-persons' && PermissionTemplate::hasAccess($permissionTemplateId, 'emergency-access', 'allow-emergency-access')) {
             if (!($controllerName == "emergency-access" && $actionName == 'index')) {
                 return true;
             }
         }
         if ($permissionTemplateId != 'superadmin' && !PermissionTemplate::hasAccess($permissionTemplateId, $controllerName, $actionName)) {
             $error = 'Access denied. ' . $controllerName . '/' . $actionName . '. ';
             $error .= 'Please <a href="' . $request->getBaseUrl() . '/logout" title="Login">Login</a>.';
             trigger_error($error, E_USER_NOTICE);
             throw new WebVista_App_AuthException($error);
         } else {
             return true;
         }
     }
     throw new WebVista_App_AuthException('You must be authenticated to access the system.');
 }
 public function routeStartup(Zend_Controller_Request_Abstract $request)
 {
     $this->_baseUrl = HTTP_HOST . $request->getBaseUrl();
     if ($this->_baseUrl) {
         $params = $request->getParams();
         if (sizeof($params)) {
             foreach ($params as $name => &$param) {
                 $param = str_ireplace($this->_baseUrl, '', $param);
                 if (array_key_exists($name, $_POST)) {
                     $_POST[$name] = $param;
                 }
             }
         }
         $request->setParams($params);
         Zend_Controller_Front::getInstance()->unregisterPlugin($this)->registerPlugin($this, 99999);
         // перерегистрируем плагин чтобы dispatchLoopShutdown запустился последним
     }
 }
Beispiel #8
0
 /**
  * Authenticate a user.
  * @param Zend_Controller_Request_Abstract $request The current request
  * @param Zend_Controller_Response_Abstract $response The current response
  * @return Array|Boolean User data, or FALSE
  */
 public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
 {
     $callbackUrl = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $request->getBaseUrl() . '/g/auth/login/process/twitter';
     $authVars = $this->_getAuthVars();
     if (!$authVars->consumerKey || !$authVars->consumerSecret) {
         throw new Garp_Auth_Exception('Required key "consumerKey" or "consumerSecret" not set in application.ini.');
     }
     $config = array('siteUrl' => 'https://api.twitter.com/oauth', 'consumerKey' => $authVars->consumerKey, 'consumerSecret' => $authVars->consumerSecret, 'callbackUrl' => $callbackUrl);
     try {
         $consumer = new Zend_Oauth_Consumer($config);
         if ($request->isPost()) {
             $token = $consumer->getRequestToken();
             $cookie = new Garp_Store_Cookie('Garp_Auth');
             $cookie->token = serialize($token);
             if (!empty($this->_extendedUserColumns)) {
                 $cookie->extendedUserColumns = serialize($this->_extendedUserColumns);
             }
             $cookie->writeCookie();
             $consumer->redirect();
             return true;
         }
         $cookie = new Garp_Store_Cookie('Garp_Auth');
         if ($request->getParam('oauth_token') && isset($cookie->token)) {
             $accesstoken = $consumer->getAccessToken($_GET, unserialize($cookie->token));
             // Discard request token
             if ($cookie->extendedUserColumns) {
                 $this->setExtendedUserColumns(unserialize($cookie->extendedUserColumns));
                 $cookie->destroy('extendedUserColumns');
             }
             $cookie->destroy('oauth_token');
             return $this->_getUserData($this->_getTwitterService($accesstoken, $authVars->consumerKey, $authVars->consumerSecret), $accesstoken->getParam('user_id'));
         }
         $this->_addError('App was not authorized. Please try again.');
         return false;
     } catch (Exception $e) {
         if (strpos($e->getMessage(), 'Duplicate entry') !== false && strpos($e->getMessage(), 'email_unique') !== false) {
             $this->_addError(__('this email address already exists'));
             return false;
         }
         // Provide generic error message
         $this->_addError(APPLICATION_ENV === 'development' ? $e->getMessage() : __('login error'));
     }
     return false;
 }
Beispiel #9
0
 /**
  * Authenticate a user.
  * @param Zend_Controller_Request_Abstract $request The current request
  * @param Zend_Controller_Response_Abstract $response The current response
  * @return Array|Boolean User data, or FALSE
  */
 public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
 {
     $callbackUrl = (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $_SERVER['HTTP_HOST'] . $request->getBaseUrl() . '/g/auth/login/process/vimeo';
     $authVars = $this->_getAuthVars();
     if (!$authVars->consumerKey || !$authVars->consumerSecret) {
         throw new Garp_Auth_Exception('Required key "consumerKey" or "consumerSecret" not set in application.ini.');
     }
     $config = array('siteUrl' => 'http://vimeo.com/oauth', 'consumerKey' => $authVars->consumerKey, 'consumerSecret' => $authVars->consumerSecret, 'callbackUrl' => $callbackUrl);
     try {
         $consumer = new Zend_Oauth_Consumer($config);
         if ($request->isPost()) {
             $token = $consumer->getRequestToken();
             $cookie = new Garp_Store_Cookie('Garp_Auth');
             if (!empty($this->_extendedUserColumns)) {
                 $cookie->extendedUserColumns = serialize($this->_extendedUserColumns);
             }
             $cookie->token = serialize($token);
             $cookie->writeCookie();
             $consumer->redirect();
             exit;
         } elseif ($request->getParam('oauth_token')) {
             $cookie = new Garp_Store_Cookie('Garp_Auth');
             if (isset($cookie->token)) {
                 $accesstoken = $consumer->getAccessToken($_GET, unserialize($cookie->token));
                 if ($cookie->extendedUserColumns) {
                     $this->setExtendedUserColumns(unserialize($cookie->extendedUserColumns));
                     $cookie->destroy('extendedUserColumns');
                 }
                 // Discard request token
                 $cookie->destroy('token');
                 return $this->_getUserData($accesstoken);
             } else {
                 $this->_addError('App was not authorized. Please try again.');
             }
         } elseif ($request->getParam('denied')) {
             $this->_addError('App was not authorized. Please try again.');
         }
     } catch (Exception $e) {
         $this->_addError($e->getMessage());
     }
     return false;
 }
Beispiel #10
0
 public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
 {
     //		Zend_Layout::startMvc();
     if ($request->isXmlHttpRequest()) {
         Zend_Layout::getMvcInstance()->disableLayout();
     }
     $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
     $viewRenderer->init();
     $view = $viewRenderer->view;
     if ($request->getModuleName() != 'default') {
         $paths = $view->getScriptPaths();
         $paths[] = ROOT . '/application/' . APP . '/views/scripts/';
         $view->setScriptPath($paths);
     }
     $view->addHelperPath(ROOT . '/application/' . APP . '/views/helpers/', 'Intranet_View_Helper_');
     $view->doctype('XHTML1_STRICT');
     $view->headMeta()->appendHttpEquiv('Content-Type', 'text/html;charset=utf-8');
     $view->baseUrl = $request->getBaseUrl();
     $view->module = $request->getModuleName();
     $view->controller = $request->getControllerName();
     $view->action = $request->getActionName();
 }
 public function postDispatch(Zend_Controller_Request_Abstract $request)
 {
     $view = Zend_Controller_Action_HelperBroker::getExistingHelper('ViewRenderer')->view;
     $view->headMeta('Built using the awesome Zend Framework (but customised by Daniel Pett): ' . Zend_Version::VERSION, 'generator');
     $view->baseUrl = $request->getBaseUrl();
     $view->jQuery()->addJavascriptFile($view->baseUrl() . '/js/JQuery/jquery.menu.js', $type = 'text/javascript');
     $view->jQuery()->addJavascriptFile($view->baseUrl() . '/js/JQuery/corner.js', $type = 'text/javascript');
     $module = strtolower($request->getModuleName());
     if ($module == 'default') {
         $view->headLink()->appendStylesheet($view->baseUrl() . '/css/home.css', $type = 'screen');
     } else {
         $view->headLink()->appendStylesheet($view->baseUrl() . '/css/default.css', $type = 'screen');
     }
     $view->headLink()->appendStylesheet($view->baseUrl() . '/css/print.css', $type = 'print')->appendStylesheet($view->baseUrl() . '/css/style.css', $type = 'screen');
     $view->headMeta()->appendHttpEquiv('Content-Type', 'text/html; charset=utf-8');
     $view->headLink()->appendAlternate($view->baseUrl() . '/database/artefacts/index/format/atom/', 'application/rss+xml', 'Latest recorded finds feed')->appendAlternate($view->baseUrl() . '/news/format/atom', 'application/rss+xml', 'Latest Scheme news feed')->appendAlternate($view->baseUrl() . '/getinvolved/vacancies/format/atom', 'application/atom+xml', 'Latest Scheme vacancies atom Feed')->appendAlternate($view->baseUrl() . '/research/projects/index/format/atom', 'application/atom+xml', 'Research projects based on Scheme data')->appendAlternate('http://finds.org.uk/blogs/centralunit/feed/', 'application/atom+xml', 'Central unit blog posts')->appendAlternate('http://api.flickr.com/services/feeds/photos_public.gne?id=10257668@N04&lang=en-us&format=atom', 'application/atom+xml', 'Our flickr images feed')->appendAlternate('http://www.finds.org.uk/events/upcoming/index/format/atom', 'application/atom+xml', 'Scheme and external events as they are posted')->appendAlternate('http://www.finds.org.uk/database/search/results/note/1/format/atom', 'application/atom+xml', 'Amazing finds recorded on the database');
     /* $view->headLink(array('rel' => 'search',
                                'href' => $view->baseUrl().'/OpenSearchDatabase.xml',
     	  'type' =>  'application/opensearchdescription+xml',
     	  'title' => 'Portable Antiquities Database search',
                                'APPEND'));  */
 }
Beispiel #12
0
 protected static function _makeUrl(Zend_Controller_Request_Abstract $request, $args)
 {
     for ($i = 0; $i <= 2; $i++) {
         if (!isset($args[$i])) {
             $args[$i] = null;
         }
     }
     if ($args[0] === null) {
         $args[0] = $request->getControllerName();
     }
     if ($args[1] === null) {
         $args[1] = $request->getActionName();
     }
     if ($args[2] === null && $request->getModuleName() != 'default') {
         $args[2] = $request->getModuleName();
     }
     $res = $request->getBaseUrl() . ($args[2] ? '/' . $args[2] : "") . '/' . self::escape($args[0]) . '/' . self::escape($args[1]);
     if (count($args) > 3) {
         $get = array();
         for ($i = 3; $i < count($args); $i++) {
             if (is_array($args[$i])) {
                 $get = array_merge_recursive($get, $args[$i]);
             } else {
                 $res .= '/' . self::escape($args[$i]);
             }
         }
         if ($get) {
             $res .= '?' . http_build_query($get, '', '&');
         }
     }
     return $res;
 }