/**
* checks whether a user needs a login and is loggedin
* otherwise redirect to login page
*
* @return void
*/
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
// allways allow silent update (for easy cronjob)
if ($request->getControllerName() == 'update' && $request->getActionName() == 'silent') {
return;
}
// show login
if ($request->getParam('login', false) !== false) {
$request->setControllerName('index');
$request->setActionName('login');
return;
}
// logout?
if ($request->getParam('logout', false) !== false) {
Zend_Registry::get('session')->__unset('authenticated');
$request->setControllerName('index');
$request->setActionName('login');
return;
}
// disallow readonly mode if user has option public not set
if (Zend_Registry::get('session')->authenticated === 'readonly' && Zend_Registry::get('session')->public != 1) {
Zend_Registry::get('session')->authenticated = false;
}
// check whether user loggedin or public access allowed
if (Zend_Registry::get('session')->authenticated !== true && Zend_Registry::get('session')->authenticated !== 'readonly') {
// no login required?
$users = new application_models_users();
if (!$users->getUsername()) {
Zend_Registry::get('session')->authenticated = true;
// public access allowed? start public mode
} elseif (Zend_Registry::get('session')->public == 1) {
Zend_Registry::get('session')->authenticated = 'readonly';
// unallowed access -> show login window
} else {
$request->setControllerName('index');
$request->setActionName('login');
return;
}
}
// load default values 4 readonly mode
if (Zend_Registry::get('session')->authenticated === 'readonly') {
$priorityStart = Zend_Registry::get('session')->priorityStart;
$priorityEnd = Zend_Registry::get('session')->priorityEnd;
// reset session with default config from config.ini
Zend_Registry::get('bootstrap')->resetSession(false);
// set priority slider
Zend_Registry::get('session')->currentPriorityStart = $priorityStart;
Zend_Registry::get('session')->currentPriorityEnd = $priorityEnd;
Zend_Registry::get('session')->priorityStart = $priorityStart;
Zend_Registry::get('session')->priorityEnd = $priorityEnd;
}
// don't allow any changings in readonly mode
if (Zend_Registry::get('session')->authenticated !== true) {
if ($request->getControllerName() != 'error' && $request->getControllerName() != 'index' && $request->getControllerName() != 'patch' && !($request->getControllerName() == 'item' && $request->getActionName() == 'list') && !($request->getControllerName() == 'item' && $request->getActionName() == 'listmore') && !($request->getControllerName() == 'update' && $request->getActionName() == 'silent')) {
die('access denied');
}
}
}
/**
* login dialog
*
* @return void
*/
public function loginAction()
{
$username = $this->getRequest()->getParam('username', false);
$password = $this->getRequest()->getParam('password', false);
$isJson = $this->getRequest()->getParam('json', false);
// login
$users = new application_models_users();
if ($username) {
if ($users->authenticate($username, $password)) {
Zend_Registry::get('session')->authenticated = true;
if ($isJson == true) {
$this->_helper->json(array('success' => true));
}
$this->_redirect('');
} else {
$this->view->error = true;
if ($isJson == true) {
$this->_helper->json(array('success' => false));
}
}
}
if ($this->getRequest()->getParam('logout', false) !== false) {
$this->view->logout = true;
}
if ($isJson == true) {
$this->_helper->json(array('success' => true));
}
}
/**
* remove login
*
* @return void
*/
private function removeLogin()
{
$user = new application_models_users();
$user->purge();
}
