public function afterDispatch(MvcEvent $e)
{
$controllerName = $e->getRouteMatch()->getMatchedRouteName();
if ($controllerName != 'login' && ($controllerName != 'application' && $controllerName != 'home')) {
$containerSession = new \Zend\Session\Container('cbol');
$e->getTarget()->layout()->repo = $containerSession->reportesVias;
$e->getTarget()->layout()->acceso = $containerSession->permisosUser;
$e->getTarget()->layout()->suge = $containerSession->sugerencias;
$auth = new \Zend\Authentication\AuthenticationService();
$response = $e->getResponse();
if (!$auth->hasIdentity()) {
$url = $e->getRequest()->getBaseUrl() . '/login';
$response->getHeaders()->addHeaderLine('Location', $url);
$response->setStatusCode(302);
$response->sendHeaders();
return $response;
} else {
$localAcl = new \Login\Model\permisos();
if (!$localAcl->isAllowed($auth->getIdentity()->perfil_id, $controllerName)) {
$this->onDispatchError($e, $controllerName);
} elseif (is_null($containerSession->idSession)) {
$url = $e->getRequest()->getBaseUrl() . '/login/logout';
$response->getHeaders()->addHeaderLine('Location', $url);
$response->setStatusCode(302);
$response->sendHeaders();
return $response;
} elseif ($e->getResponse()->getStatusCode() == 403) {
$this->onDispatchError($e, $controllerName);
}
}
}
}
/**
* Método que verifica se o usuario está logado
* @param type $e
*/
public function validaAutenticacao($e)
{
$authenticateService = new \Zend\Authentication\AuthenticationService();
$authenticateService->setStorage(new \Zend\Authentication\Storage\Session("Semente"));
$sessao = new \Zend\Session\Container("Semente");
$controller = $e->getTarget();
$em = $controller->getServiceLocator()->get('ZeDbManager');
$rotaAcessada = $controller->getEvent()->getRouteMatch()->getMatchedRouteName();
//erro 404: http://pensadores.local:8080/colunas/pensando-cabeca/100
/** Liberando rota para não precisar de autenticação */
$rota_livre = in_array($rotaAcessada, ['acesso/login', 'acesso/logout', 'acesso/nao-autorizado']);
if ($rota_livre) {
return true;
} else {
if (!$authenticateService->hasIdentity()) {
$controller->redirect()->toRoute("acesso/login");
} else {
$controlador = $controller->params()->fromRoute('controller');
$action = $controller->params()->fromRoute('action');
$user = $authenticateService->getIdentity()['cliente'];
$esta_autorizado = TRUE;
if (!$esta_autorizado) {
return $controller->redirect()->toRoute("acesso/nao-autorizado", array('controlador' => $controlador, 'acao' => $action));
}
}
}
}
public function getControllerConfig()
{
return array('initializers' => array(), 'factories' => array('Indicateur\\Controller\\ScoreAjax' => function ($sm) {
$authService = new \Zend\Authentication\AuthenticationService();
if ($authService->hasIdentity()) {
// Identity exists; get it
$etabId = $authService->getIdentity()->et_code_fk;
$puiId = $authService->getIdentity()->pui_code_fk;
$userId = $authService->getIdentity()->user_code_pk;
}
$controller = new \Indicateur\Controller\ScoreAjaxController();
$controller->setEtabId($etabId);
$controller->setPuiId($puiId);
$controller->setUserId($userId);
// $locator = $sm->getServiceLocator();
// $controller->setCommentForm($locator->get('commentForm'));
// $controller->setCommentService($locator->get('commentService'));
return $controller;
}));
}
public static function setLog($type, $value, $old = false, $object = false)
{
if ($type == 'commentWithoutData' && '' == $value) {
return '';
}
$authService = new \Zend\Authentication\AuthenticationService();
$auth = $authService->getIdentity();
$logger = $auth->firstname . ' ' . $auth->lastname;
$timestamp = date('Y-m-d H:i:s');
$log = '';
if ($type == 'checkbox') {
if ($value == $old) {
return '';
}
$action = 1 == $old ? 'Checked' : 'Unchecked';
$log = "|| {$object} || {$action} ----\n\n";
} elseif ($type == 'comment') {
$value = trim($value);
if ('' == $value) {
return '';
}
$timestamp = date('Y-m-d H:i:s');
$log = "|| Comment ----\n{$value}\n\n";
} elseif ($type == 'other') {
$log = "|| {$value} ----\n\n";
} elseif ($type == 'commentWithoutData') {
return "\n\n{$value}\n\n";
}
return "---- {$timestamp} (Amsterdam Time) || {$logger} {$log}";
}
$r->getBody()->write(json_encode(["Id" => $args['id']]));
return $r;
}
}
// Return error message
$r->withStatus(500)->getBody()->write(json_encode(["Error" => $_error]));
return $r;
});
})->add($redis)->add($apiauth);
/* Asset Rewriting - only running on nginx. all other servers are just redirecting to */
$app->options('/asset/{id:[0-9]*}/{field:[0-9]*}/{file:.+}', function ($request, $response, $args) {
});
$app->get('/asset/{id:[0-9]*}/{field:[0-9]*}/{file:.+}', function ($request, $response, $args) {
// Check if user is logged in
$auth = new \Zend\Authentication\AuthenticationService();
$logged_in = $auth->getIdentity()['username'];
$apikey = false;
$access = false;
$s3 = $this->get('settings')['paths']['s3'];
// Check for existing contribution. If logged in ignore state, otherwise just published or draft
$c = $this->db->getContribution($args['id'], $logged_in ? false : true, true);
if (!($c && $c->getId() == $args['id'])) {
throw new \Slim\Exception\NotFoundException($request, $response);
}
// Public
$public = $c->getTemplatenames()->getPublic() === "1";
// Check for field
$f = $this->db->getField($args['field']);
// Check for NGINX
$_isnginx = strpos($_SERVER['SERVER_SOFTWARE'], 'nginx') !== false;
// Check for Authentification if Public = 0
public function deleteAction()
{
// ------------------------ The block for Authorization
$auth = new \Zend\Authentication\AuthenticationService();
if (!$auth->hasIdentity()) {
return $this->redirect()->toRoute('auth/default', array('controller' => 'index', 'action' => 'login'));
}
$user = $auth->getIdentity();
$usrlId = $user->usrl_id;
// II) Protect our action
if ($usrlId < 3) {
return $this->redirect()->toRoute('auth/default', array('controller' => 'index', 'action' => 'login'));
}
//------------------------- End the block for Authorization
$id = $this->params()->fromRoute('id');
if (!$id) {
return $this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine-simple-authorization', 'action' => 'index'));
}
$entityManager = $this->getEntityManager();
try {
$repository = $entityManager->getRepository('CsnUser\\Entity\\User');
$user = $repository->find($id);
$entityManager->remove($user);
$entityManager->flush();
} catch (\Exception $ex) {
$this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine-simple-authorization', 'action' => 'index'));
}
return $this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine', 'action' => 'index'));
}
public function deleteAction()
{
$auth = new \Zend\Authentication\AuthenticationService();
if ($auth->hasIdentity()) {
$user = $auth->getIdentity();
} else {
return $this->redirect()->toRoute('signin', array('action' => 'index'));
}
if ($user->role == 'Operator') {
return array('error' => 'You don\'t have permission to do this action');
}
$id = (int) $this->params()->fromRoute('id', 0);
$request = $this->getRequest();
if ($request->isPost()) {
$del = $request->getPost('del', 'No');
if ($del == 'Yes') {
$id = (int) $request->getPost('id');
if ($this->getUserTable()->getUser($id)->role == 'System Admin') {
return array('error' => 'You don\'t have permission to do this action');
}
$this->getUserTable()->deleteUser($id);
}
return $this->redirect()->toRoute('user');
}
return array('id' => $id, 'user' => $this->getUserTable()->getUser($id));
}
public function deleteAction()
{
// ------------------------ The block for Authorization
$auth = new \Zend\Authentication\AuthenticationService();
echo '<h1>hasIdentity = ' . $auth->hasIdentity() . '</h1>';
$config = $this->getServiceLocator()->get('Config');
$acl = new \CsnUser\Acl\Acl($config);
$role = \CsnUser\Acl\Acl::DEFAULT_ROLE;
if ($auth->hasIdentity()) {
$usr = $auth->getIdentity();
$usrl_id = $usr->usrl_id;
// Use a view to get the name of the role
// TODO we don't need that if the names of the roles are comming from the DB
switch ($usrl_id) {
case 1:
$role = \CsnUser\Acl\Acl::DEFAULT_ROLE;
// guest
break;
case 2:
$role = 'member';
break;
default:
$role = \CsnUser\Acl\Acl::DEFAULT_ROLE;
// guest
break;
}
}
$controller = $this->params()->fromRoute('controller');
$action = $this->params()->fromRoute('action');
echo '<pre>';
echo "controller = " . $controller . "\n";
echo "action = " . $action . "\n";
echo "role = " . $role . "\n";
echo '</pre>';
if (!$acl->hasResource($controller)) {
throw new \Exception('Resource ' . $controller . ' not defined');
}
echo '<h1> Acl answer: ' . $acl->isAllowed($role, $controller, $action) . '</h1>';
if (!$acl->isAllowed($role, $controller, $action)) {
return $this->redirect()->toRoute('auth/default', array('controller' => 'index', 'action' => 'login'));
}
//------------------------- End the block for Authorization
$id = $this->params()->fromRoute('id');
if (!$id) {
return $this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine-simple-authorization-acl', 'action' => 'index'));
}
$entityManager = $this->getEntityManager();
try {
$repository = $entityManager->getRepository('CsnUser\\Entity\\User');
$user = $repository->find($id);
$entityManager->remove($user);
$entityManager->flush();
} catch (\Exception $ex) {
$this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine-simple-authorization-acl', 'action' => 'index'));
}
return $this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine', 'action' => 'index'));
}
public function index05Action()
{
$authenticateObj = new \Zend\Authentication\AuthenticationService();
if ($authenticateObj->hasIdentity()) {
echo "<pre style='font-weight:bold'>";
print_r($authenticateObj->getIdentity());
echo "</pre>";
}
return false;
}
<?php
require '../application/bootstrap.php';
$auth = new Zend\Authentication\AuthenticationService(new \Zend\Authentication\Storage\Session("CallStatistic\\Manager"));
if (!$auth->getIdentity() || !in_array($auth->getIdentity(), array("*****@*****.**", "*****@*****.**", "*****@*****.**", "*****@*****.**"))) {
header("location: manager.auth.php");
}
$mainPage = new CallStatistic\Manager\MainPage();
$mainPageView = new CallStatistic\Manager\View\MainPageView($mainPage, null, "p");
$mainPageView->showDialog();
