Beispiel #1
0
 /**
  * @param string $username
  * @param string $password
  *
  * @return bool
  */
 public function authCallback($username, $password)
 {
     try {
         $accessManager = AccessManager::singleton();
         $authResult = $accessManager->checkLogin($username, $password);
         // module development must be enabled to login via WebDav
         $quota = new \Cms\Quota();
         if (!$quota->getModuleQuota()->getEnableDev()) {
             Registry::getLogger()->log(__METHOD__, __LINE__, sprintf('DAV access denied: module development is disabled (%s)', $username), SbLog::ERR);
             return false;
         }
         // login success?
         if (!$accessManager->isAuthResultValid($authResult)) {
             Registry::getLogger()->log(__METHOD__, __LINE__, sprintf('DAV access denied: incorrect user credentials (%s)', $username), SbLog::NOTICE);
             return false;
         }
         // only superusers are allowed to login via webdav
         $identity = $authResult->getIdentity();
         if (!is_array($identity) || !isset($identity['superuser']) || $identity['superuser'] != true) {
             Registry::getLogger()->log(__METHOD__, __LINE__, sprintf('DAV access denied: user is not a superuser (%s)', $username), SbLog::ERR);
             return false;
         }
     } catch (\Exception $e) {
         Registry::getLogger()->logException(__METHOD__, __LINE__, $e, SbLog::ERR);
         return false;
     }
     // authentication successful
     return true;
 }
Beispiel #2
0
 /**
  * checks if actual role has access for this request
  *
  * @param \Zend_Controller_Request_Abstract $request
  */
 public function preDispatch(\Zend_Controller_Request_Abstract $request)
 {
     $accessManager = AccessManager::singleton();
     if ($this->isGroupCheckEnabled()) {
         $resource = strtolower($request->getControllerName());
         $privilege = strtolower($request->getActionName());
         if (!$accessManager->isAllowed($resource, $privilege)) {
             if ($accessManager->hasIdentityRoleGuest($accessManager->getIdentityAsArray(), true)) {
                 \Cms\ExceptionStack::addException(new \Cms\Exception(5));
             } else {
                 \Cms\ExceptionStack::addException(new \Cms\Exception(4, __METHOD__, __LINE__, array('resource' => $resource, 'privilege' => $request->getActionName())));
             }
         }
     }
     /**
      * Sind Fehler aufgetreten, so muss hier explizit auf den Error-Controller
      * verwiesen werden.
      * Da wir im preDespatch sind greift unsere normale Weiterleitung auf den
      * Error-Controller bei nicht gefangenen Exception noch nicht.
      */
     if (count(\Cms\ExceptionStack::getExceptions()) > 0) {
         $request->setControllerName('Error');
         $request->setActionName('error');
     }
 }
Beispiel #3
0
 /**
  * @param   string $username
  * @param   string $userpassword
  *
  * @return  \Cms\Access\Auth\Result
  * @throws  \Cms\Exception (auch bei fehlerhafter Anmeldung)
  */
 public function checkLogin($username, $userpassword)
 {
     $accessManager = AccessManager::singleton();
     $autResult = $accessManager->checkLogin($username, $userpassword);
     if (!$accessManager->isAuthResultValid($autResult)) {
         // Login falsch
         throw new \Cms\Exception(2008, __METHOD__, __LINE__);
     }
     return $autResult->getIdentity();
 }
 /**
  * Benutzer am System anmelden
  */
 protected function doLogin($userNr, $logout)
 {
     if ($logout) {
         \Cms\Access\Manager::singleton()->logout();
     }
     $userName = sprintf('*****@*****.**', $userNr);
     $userPassword = '******';
     $this->assertSuccessfulLogin($userName, $userPassword);
     $this->activateGroupCheck();
 }
Beispiel #5
0
 protected function setTicketParamsFromSession()
 {
     $accessManager = AccessManager::singleton();
     $identity = $accessManager->getIdentityAsArray();
     if ($accessManager->hasIdentityRoleTicket($identity)) {
         if (isset($identity['ticketParams'])) {
             $this->getRequest()->setParams($identity['ticketParams']);
         }
     }
 }
Beispiel #6
0
 /**
  * Wird nach dem Routing aufgerufen
  *
  * @param  Zend_Controller_Request_Abstract $request
  * @return void
  */
 public function routeShutdown(\Zend_Controller_Request_Abstract $request)
 {
     $lang = $request->getParam('lang');
     if (isset($lang) && $this->setCurrentLang($request->getParam('lang'))) {
         return;
     }
     $identity = AccessManager::singleton()->getIdentityAsArray();
     if (isset($identity['language']) && $this->setCurrentLang($identity['language'])) {
         return;
     }
 }
Beispiel #7
0
 /**
  * Pruefung, ob der User angemeldet ist
  *
  * @return boolean
  */
 private function isUserDeclared()
 {
     $accessManager = AccessManager::singleton();
     return $accessManager->hasIdentity();
 }
Beispiel #8
0
 /**
  * @return string
  */
 private function getUserloginFromSession()
 {
     $accessManager = AccessManager::singleton();
     $identity = $accessManager->getIdentityAsArray();
     return isset($identity['email']) ? $identity['email'] : 'unknown-userlogin';
 }
Beispiel #9
0
 protected function _initAuth()
 {
     $this->bootstrap('router');
     $this->bootstrap('frontController');
     $router = $this->getResource('router');
     $controller = Zend_Controller_Front::getInstance();
     $controller->setRouter($router);
     $access = AccessManager::singleton();
     $access->init($this->getResource('frontController'), \Zend_Auth::getInstance());
 }
Beispiel #10
0
 /**
  * @return \Cms\Access\Manager
  */
 protected function getAccessManager()
 {
     return AccessManager::singleton();
 }
Beispiel #11
0
 /**
  *
  * @param  Cms\Data\Website $website
  * @return array
  */
 protected function getWebsitePrivileges($website)
 {
     $websiteId = $website->getId();
     $accessManager = AccessManager::singleton();
     $allWebsitePrivileges = $accessManager->getWebsitePrivileges();
     if (is_null($websiteId) || !isset($allWebsitePrivileges[$websiteId])) {
         return $this->getBusiness('Group')->getDefaultNegativeWebsitePrivileges();
     }
     return $allWebsitePrivileges[$websiteId];
 }