public function afterDispatch(MvcEvent $e) { $controllerName = $e->getRouteMatch()->getMatchedRouteName(); if ($controllerName != 'login' && ($controllerName != 'application' && $controllerName != 'home')) { $containerSession = new \Zend\Session\Container('cbol'); $e->getTarget()->layout()->repo = $containerSession->reportesVias; $e->getTarget()->layout()->acceso = $containerSession->permisosUser; $e->getTarget()->layout()->suge = $containerSession->sugerencias; $auth = new \Zend\Authentication\AuthenticationService(); $response = $e->getResponse(); if (!$auth->hasIdentity()) { $url = $e->getRequest()->getBaseUrl() . '/login'; $response->getHeaders()->addHeaderLine('Location', $url); $response->setStatusCode(302); $response->sendHeaders(); return $response; } else { $localAcl = new \Login\Model\permisos(); if (!$localAcl->isAllowed($auth->getIdentity()->perfil_id, $controllerName)) { $this->onDispatchError($e, $controllerName); } elseif (is_null($containerSession->idSession)) { $url = $e->getRequest()->getBaseUrl() . '/login/logout'; $response->getHeaders()->addHeaderLine('Location', $url); $response->setStatusCode(302); $response->sendHeaders(); return $response; } elseif ($e->getResponse()->getStatusCode() == 403) { $this->onDispatchError($e, $controllerName); } } } }
/** * Método que verifica se o usuario está logado * @param type $e */ public function validaAutenticacao($e) { $authenticateService = new \Zend\Authentication\AuthenticationService(); $authenticateService->setStorage(new \Zend\Authentication\Storage\Session("Semente")); $sessao = new \Zend\Session\Container("Semente"); $controller = $e->getTarget(); $em = $controller->getServiceLocator()->get('ZeDbManager'); $rotaAcessada = $controller->getEvent()->getRouteMatch()->getMatchedRouteName(); //erro 404: http://pensadores.local:8080/colunas/pensando-cabeca/100 /** Liberando rota para não precisar de autenticação */ $rota_livre = in_array($rotaAcessada, ['acesso/login', 'acesso/logout', 'acesso/nao-autorizado']); if ($rota_livre) { return true; } else { if (!$authenticateService->hasIdentity()) { $controller->redirect()->toRoute("acesso/login"); } else { $controlador = $controller->params()->fromRoute('controller'); $action = $controller->params()->fromRoute('action'); $user = $authenticateService->getIdentity()['cliente']; $esta_autorizado = TRUE; if (!$esta_autorizado) { return $controller->redirect()->toRoute("acesso/nao-autorizado", array('controlador' => $controlador, 'acao' => $action)); } } } }
public function getControllerConfig() { return array('initializers' => array(), 'factories' => array('Indicateur\\Controller\\ScoreAjax' => function ($sm) { $authService = new \Zend\Authentication\AuthenticationService(); if ($authService->hasIdentity()) { // Identity exists; get it $etabId = $authService->getIdentity()->et_code_fk; $puiId = $authService->getIdentity()->pui_code_fk; $userId = $authService->getIdentity()->user_code_pk; } $controller = new \Indicateur\Controller\ScoreAjaxController(); $controller->setEtabId($etabId); $controller->setPuiId($puiId); $controller->setUserId($userId); // $locator = $sm->getServiceLocator(); // $controller->setCommentForm($locator->get('commentForm')); // $controller->setCommentService($locator->get('commentService')); return $controller; })); }
public static function setLog($type, $value, $old = false, $object = false) { if ($type == 'commentWithoutData' && '' == $value) { return ''; } $authService = new \Zend\Authentication\AuthenticationService(); $auth = $authService->getIdentity(); $logger = $auth->firstname . ' ' . $auth->lastname; $timestamp = date('Y-m-d H:i:s'); $log = ''; if ($type == 'checkbox') { if ($value == $old) { return ''; } $action = 1 == $old ? 'Checked' : 'Unchecked'; $log = "|| {$object} || {$action} ----\n\n"; } elseif ($type == 'comment') { $value = trim($value); if ('' == $value) { return ''; } $timestamp = date('Y-m-d H:i:s'); $log = "|| Comment ----\n{$value}\n\n"; } elseif ($type == 'other') { $log = "|| {$value} ----\n\n"; } elseif ($type == 'commentWithoutData') { return "\n\n{$value}\n\n"; } return "---- {$timestamp} (Amsterdam Time) || {$logger} {$log}"; }
$r->getBody()->write(json_encode(["Id" => $args['id']])); return $r; } } // Return error message $r->withStatus(500)->getBody()->write(json_encode(["Error" => $_error])); return $r; }); })->add($redis)->add($apiauth); /* Asset Rewriting - only running on nginx. all other servers are just redirecting to */ $app->options('/asset/{id:[0-9]*}/{field:[0-9]*}/{file:.+}', function ($request, $response, $args) { }); $app->get('/asset/{id:[0-9]*}/{field:[0-9]*}/{file:.+}', function ($request, $response, $args) { // Check if user is logged in $auth = new \Zend\Authentication\AuthenticationService(); $logged_in = $auth->getIdentity()['username']; $apikey = false; $access = false; $s3 = $this->get('settings')['paths']['s3']; // Check for existing contribution. If logged in ignore state, otherwise just published or draft $c = $this->db->getContribution($args['id'], $logged_in ? false : true, true); if (!($c && $c->getId() == $args['id'])) { throw new \Slim\Exception\NotFoundException($request, $response); } // Public $public = $c->getTemplatenames()->getPublic() === "1"; // Check for field $f = $this->db->getField($args['field']); // Check for NGINX $_isnginx = strpos($_SERVER['SERVER_SOFTWARE'], 'nginx') !== false; // Check for Authentification if Public = 0
public function deleteAction() { // ------------------------ The block for Authorization $auth = new \Zend\Authentication\AuthenticationService(); if (!$auth->hasIdentity()) { return $this->redirect()->toRoute('auth/default', array('controller' => 'index', 'action' => 'login')); } $user = $auth->getIdentity(); $usrlId = $user->usrl_id; // II) Protect our action if ($usrlId < 3) { return $this->redirect()->toRoute('auth/default', array('controller' => 'index', 'action' => 'login')); } //------------------------- End the block for Authorization $id = $this->params()->fromRoute('id'); if (!$id) { return $this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine-simple-authorization', 'action' => 'index')); } $entityManager = $this->getEntityManager(); try { $repository = $entityManager->getRepository('CsnUser\\Entity\\User'); $user = $repository->find($id); $entityManager->remove($user); $entityManager->flush(); } catch (\Exception $ex) { $this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine-simple-authorization', 'action' => 'index')); } return $this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine', 'action' => 'index')); }
public function deleteAction() { $auth = new \Zend\Authentication\AuthenticationService(); if ($auth->hasIdentity()) { $user = $auth->getIdentity(); } else { return $this->redirect()->toRoute('signin', array('action' => 'index')); } if ($user->role == 'Operator') { return array('error' => 'You don\'t have permission to do this action'); } $id = (int) $this->params()->fromRoute('id', 0); $request = $this->getRequest(); if ($request->isPost()) { $del = $request->getPost('del', 'No'); if ($del == 'Yes') { $id = (int) $request->getPost('id'); if ($this->getUserTable()->getUser($id)->role == 'System Admin') { return array('error' => 'You don\'t have permission to do this action'); } $this->getUserTable()->deleteUser($id); } return $this->redirect()->toRoute('user'); } return array('id' => $id, 'user' => $this->getUserTable()->getUser($id)); }
public function deleteAction() { // ------------------------ The block for Authorization $auth = new \Zend\Authentication\AuthenticationService(); echo '<h1>hasIdentity = ' . $auth->hasIdentity() . '</h1>'; $config = $this->getServiceLocator()->get('Config'); $acl = new \CsnUser\Acl\Acl($config); $role = \CsnUser\Acl\Acl::DEFAULT_ROLE; if ($auth->hasIdentity()) { $usr = $auth->getIdentity(); $usrl_id = $usr->usrl_id; // Use a view to get the name of the role // TODO we don't need that if the names of the roles are comming from the DB switch ($usrl_id) { case 1: $role = \CsnUser\Acl\Acl::DEFAULT_ROLE; // guest break; case 2: $role = 'member'; break; default: $role = \CsnUser\Acl\Acl::DEFAULT_ROLE; // guest break; } } $controller = $this->params()->fromRoute('controller'); $action = $this->params()->fromRoute('action'); echo '<pre>'; echo "controller = " . $controller . "\n"; echo "action = " . $action . "\n"; echo "role = " . $role . "\n"; echo '</pre>'; if (!$acl->hasResource($controller)) { throw new \Exception('Resource ' . $controller . ' not defined'); } echo '<h1> Acl answer: ' . $acl->isAllowed($role, $controller, $action) . '</h1>'; if (!$acl->isAllowed($role, $controller, $action)) { return $this->redirect()->toRoute('auth/default', array('controller' => 'index', 'action' => 'login')); } //------------------------- End the block for Authorization $id = $this->params()->fromRoute('id'); if (!$id) { return $this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine-simple-authorization-acl', 'action' => 'index')); } $entityManager = $this->getEntityManager(); try { $repository = $entityManager->getRepository('CsnUser\\Entity\\User'); $user = $repository->find($id); $entityManager->remove($user); $entityManager->flush(); } catch (\Exception $ex) { $this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine-simple-authorization-acl', 'action' => 'index')); } return $this->redirect()->toRoute('csn_user/default', array('controller' => 'user-doctrine', 'action' => 'index')); }
public function index05Action() { $authenticateObj = new \Zend\Authentication\AuthenticationService(); if ($authenticateObj->hasIdentity()) { echo "<pre style='font-weight:bold'>"; print_r($authenticateObj->getIdentity()); echo "</pre>"; } return false; }
<?php require '../application/bootstrap.php'; $auth = new Zend\Authentication\AuthenticationService(new \Zend\Authentication\Storage\Session("CallStatistic\\Manager")); if (!$auth->getIdentity() || !in_array($auth->getIdentity(), array("*****@*****.**", "*****@*****.**", "*****@*****.**", "*****@*****.**"))) { header("location: manager.auth.php"); } $mainPage = new CallStatistic\Manager\MainPage(); $mainPageView = new CallStatistic\Manager\View\MainPageView($mainPage, null, "p"); $mainPageView->showDialog();