/**
* Returns view variables.
*
* @return mixed
**/
public function __get($k)
{
if ($k == "flash") {
return \Controller\Flash::instance();
}
if (isset($this->_vars[$k])) {
return $this->_vars[$k];
}
$config_var = Configure::read($k);
if (isset($config_var)) {
return $config_var;
}
throw new Error("Undefined variable '{$k}'");
}
public static function validate($request)
{
$config = \Configure::instance();
$data = $config->authentication;
if (empty($data)) {
return null;
}
foreach ($data as $url => $values) {
$redirect = isset($values['on_fail']) ? $values['on_fail'] : "/";
if (preg_match('@' . $url . '/?@i', $request)) {
// Match the requested url.
if (!isset($values['allow'])) {
throw new Exception('Invalid user type or user type not set for protected url ' . $request);
}
$valid_user = $values['allow'];
if (is_array($valid_user)) {
// Access list is an array of user types.
$pass = false;
foreach ($valid_user as $user) {
if (self::get() == $user) {
$pass = true;
}
}
// Check list of users for match
if ($pass == false) {
if (!preg_match('@' . $request . '/?@i', $redirect)) {
\Controller\Flash::instance()->error('You must be logged in to access this page.');
Application::redirect($redirect);
break;
}
}
} else {
// Access list is a single user type.
$valid_user = strtolower($valid_user);
if (self::get() != $valid_user) {
// If user isn't allowed, redirect.
if (!preg_match('@' . $request . '/?@i', $redirect)) {
\Controller\Flash::instance()->error('You must be logged in to access this page.');
header('HTTP/1.0 401 Unauthorized');
header("Location:" . $redirect);
exit;
}
}
}
}
}
}
/**
* Builds the controller
*
* @return void
**/
public final function __construct()
{
$this->flash = Flash::instance();
$this->_run_filters(array('before', 'around'));
}
