public function preDispatch(Zend_Controller_Request_Abstract $request) { if ($request->getParam('sid') !== null && $request->getParam('PHPSESSID') === null) { $request->setParam('PHPSESSID', $request->getParam('sid')); } if ($request->getParam('PHPSESSID') === null) { $module = strtolower($request->getModuleName()); $controller = strtolower($request->getControllerName()); $action = strtolower($request->getActionName()); $route = $module . '/' . $controller . '/' . $action; if (!in_array($route, $this->_whitelist)) { if (is_null($this->_auth)) { $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session($this->getStorage())); $this->_auth = $auth; } if (!$this->_auth->hasIdentity()) { $errorHandler = new ArrayObject(array(), ArrayObject::ARRAY_AS_PROPS); $errorHandler->type = 'EXCEPTION_NOT_ALLOWED'; $errorHandler->exception = new Zend_Controller_Action_Exception('No credentials available'); $errorHandler->request = clone $request; $request->setParam('error_handler', $errorHandler)->setModuleName($this->getErrorHandlerModule())->setControllerName($this->getErrorHandlerController())->setActionName($this->getErrorHandlerAction()); } else { $this->_auth->getIdentity()->connect(); $this->_auth->getIdentity()->refresh(); } } } }
/** * Check, if user is logged in * * @param no parameters * @return bool logged in status */ public function isLoggedIn() { if ($this->_zendAuth === null) { $this->_zendAuth = Zend_Auth::getInstance(); } return $this->_zendAuth->hasIdentity(); }
public function preDispatch(Zend_Controller_Request_Abstract $request) { $controller = ""; $action = ""; $module = ""; /* if($request->getControllerName() == "index" ){ $controller = $request->getControllerName(); $action = $request->getActionName(); $module = $request->getModuleName(); } else if ( !$this->_auth->hasIdentity() ) { }*/ if (!$this->_isAuthorized($request->getControllerName(), $request->getActionName())) { if (!$this->_auth->hasIdentity()) { if (!in_array($request->getControllerName(), $this->_moRedirect) && !Application_Model_Redirect::hasRequestUri()) { Application_Model_Redirect::saveRequestUri("/" . $request->getControllerName() . "/" . $request->getActionName()); } $controller = $this->_notLoggedRoute['controller']; $action = $this->_notLoggedRoute['action']; $module = $this->_notLoggedRoute['module']; } else { $controller = $this->_forbiddenRoute['controller']; $action = $this->_forbiddenRoute['action']; $module = $this->_forbiddenRoute['module']; } } else { $controller = $request->getControllerName(); $action = $request->getActionName(); $module = $request->getModuleName(); } $request->setControllerName($controller); $request->setActionName($action); $request->setModuleName($module); }
public function indexAction() { $auth = Zend_Auth::getInstance(); if ($auth->hasIdentity()) { $this->_redirect($this->_returnLogin); } $formLogin = new Backend_Form_Login(); $formLogin->setAction($this->view->baseUrl() . $this->_returnLogin); if ($this->getRequest()->isPost()) { if (!$formLogin->isValid($this->_request->getPost())) { $formLogin->populate($this->_request->getPost()); $this->view->formLogin = $formLogin; } else { $username = $this->getRequest()->getParam('username', ''); $password = $this->getRequest()->getParam('password', ''); $this->authenticate($username, $password); if ($this->_auth->hasIdentity()) { $this->_redirect("/{$this->_module}"); } else { $this->_redirect($this->_returnLogin); } } } $this->view->formLogin = $formLogin; }
public function preDispatch(Zend_Controller_Request_Abstract $request) { $controller = ""; $action = ""; $module = ""; if ($this->_isProtectedResource($request)) { if (!$this->_auth->hasIdentity()) { $controller = $this->_notLoggedRoute['controller']; $action = $this->_notLoggedRoute['action']; $module = $this->_notLoggedRoute['module']; } else { if (!$this->_isAuthorized($request->getControllerName(), $request->getActionName())) { $controller = $this->_forbiddenRoute['controller']; $action = $this->_forbiddenRoute['action']; $module = $this->_forbiddenRoute['module']; } else { $controller = $request->getControllerName(); $action = $request->getActionName(); $module = $request->getModuleName(); } } $request->setControllerName($controller); $request->setActionName($action); $request->setModuleName($module); } }
/** * Hook into action controller preDispatch() workflow * * @return void */ public function preDispatch() { $role = Zend_Registry::get('config')->acl->defaultRole; if ($this->_auth->hasIdentity()) { $user = $this->_auth->getIdentity(); if (is_object($user) && !empty($user->role)) { $role = $user->role; } } $request = $this->_action->getRequest(); $controller = $request->getControllerName(); $action = $request->getActionName(); $module = $request->getModuleName(); $this->_controllerName = $controller; $resource = $controller; $privilege = $action; if (!$this->_acl->has($resource)) { $resource = null; } if ($resource == 'error' && $privilege == 'error') { return; } if (!$this->_acl->isAllowed($role, $resource, $privilege)) { $request->setModuleName('default')->setControllerName('auth')->setActionName('noaccess'); $request->setDispatched(false); return; } }
/** Get the person's identity * @access public * @return boolean */ public function getPerson() { if ($this->_auth->hasIdentity()) { return $this->_auth->getIdentity(); } else { return false; } }
protected function _isAuthorized($resource, $action) { $user = $this->_auth->hasIdentity() ? $this->_auth->getIdentity() : 'guest'; if (!$this->_acl->has($resource) || !$this->_acl->isAllowed($user, $resource, $action)) { return false; } return true; }
public function logoutAction() { $this->getHelper('contextSwitch')->addActionContext('logout', 'json')->initContext(); if ($this->auth->hasIdentity()) { $this->auth->clearIdentity(); } $this->view->response = 'OK'; }
/** * Get current user * * @return Newscoop\Entity\User */ public function getCurrentUser() { if ($this->currentUser === NULL) { if ($this->auth->hasIdentity()) { $this->currentUser = $this->getRepository()->find($this->auth->getIdentity()); } } return $this->currentUser; }
/** * * @return boolean */ protected function _checkAuth() { if (!$this->_auth->hasIdentity() && 'auth' !== $this->_request->getControllerName() && 'cron' !== $this->_request->getModuleName()) { return false; } if (!empty($this->_session->client) && 'external' !== $this->_request->getModuleName()) { return false; } return true; }
/** Get the user's role * @access public * @return string */ public function getRole() { if ($this->_auth->hasIdentity()) { $user = $this->_auth->getIdentity(); $role = $user->role; } else { $role = 'public'; } return $role; }
/** * Gets content panel for the Debugbar * * @return string */ public function getPanel() { if ($this->_auth->hasIdentity()) { $html = '<h4>Current Identity</h4>'; $html .= $this->_cleanData($this->_auth->getIdentity()); return $html; } return ''; }
/** * Construtor do Plugin * * @param $acl Zend_Acl * @param $auth Zend_Auth */ public function __construct($dbAdapter) { // Carrega todas as ACl's $this->acl = new Acl_Global($dbAdapter); // Recupera a informacao de autenticacao $this->auth = Zend_Auth::getInstance(); // Adiciona o role padrao de visitante if (!$this->auth->hasIdentity()) { $authStorage = $this->auth->getStorage(); $authStorage->write(array('usuario' => 'visitante', 'role' => 'visitante')); } }
/** * Initialize the controller * sets basic info such as baseUrl * * @return void */ public function init() { parent::init(); $this->view->baseUrl = $this->_request->getBaseUrl(); if ($this->_authCheckRequired == true) { $this->_generateAuthAdapter(); if (!$this->_auth->hasIdentity()) { $this->_helper->redirector->gotoRoute(array('controller' => 'login', 'action' => 'index')); } } $this->view->styles = array('reset.css', 'main.css', 'jquery-ui.css'); $this->view->scripts = array('jquery.js', 'jquery-ui.js'); }
/** * * @access public * @param Zend_Controller_Request_Abstract $request * @return mixed */ public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request) { $this->_request = $request; switch (true) { case $this->_checkRoute('auth', 'default'): case $this->_checkRoute('recovery', 'default'): return true; break; case !$this->_auth->hasIdentity(): $this->_routeNoAuth(); break; } }
/** * Gets content panel for the Debugbar * * @return string */ public function getPanel() { $username = '******'; $role = 'Unknown Role'; if ($this->_auth->hasIdentity()) { foreach ($this->_auth->getIdentity() as $property => $value) { $this->message->addRow(array((string) $property, (string) $value)); } } else { // $this->message->setMessage('Not authorized'); } return ''; }
/** * Called before an action is dispatched by Zend_Controller_Dispatcher. * * This callback allows for proxy or filter behavior. By altering the * request and resetting its dispatched flag (via * {@link Zend_Controller_Request_Abstract::setDispatched() setDispatched(false)}), * the current action may be skipped. * * @param Zend_Controller_Request_Abstract $request * @return void */ public function preDispatch(Zend_Controller_Request_Abstract $request) { // reset role & resource Zend_Registry::set('Role', 'guest'); Zend_Registry::set('Resource', ''); // check if ErrorHandler wasn't fired if ($request->getParam('error_handler')) { return; } $module = $request->getModuleName(); $controller = $request->getControllerName(); $action = $request->getActionName(); $pathInfo = $request->getPathInfo(); $allow = false; if ($this->_auth->hasIdentity()) { $userId = $this->_auth->getIdentity(); $roleId = $this->_auth->getRoleId(); $rolesList = $this->_em->find('Roles', $roleId); $roleName = $rolesList->getRoleName(); $role = new Zend_Acl_Role($roleName); } else { $roleName = 'guest'; $role = new Zend_Acl_Role($roleName); } $resource = $action == '' ? trim($controller) . '/index' : trim($controller) . '/' . trim($action); $resource = $module == 'default' ? $resource : $module . "/" . $resource; // on main page resource might be empty if ($resource == '') { $resource = 'index/index'; } // if resource not exist in db then check permission for controller if (!$this->_acl->has($resource) && $action != '') { $resource = trim($controller); } // check if user is allowed to see the page $allow = $this->_acl->isAllowed($role, $resource); if ($allow == false && $this->_auth->hasIdentity()) { // user logged in but denied permission $request->setModuleName('default'); $request->setControllerName('error'); $request->setActionName('forbidden'); /* $this->_response->setHeader('Content-type', 'text/html'); $this->_response->setHttpResponseCode(403); $this->_response->setBody('<h1>403 - Forbidden</h1>'); $this->_response->sendResponse(); */ } Zend_Registry::set('Role', $role); Zend_Registry::set('Resource', $resource); }
/** * preDispatch * * Funcion que se ejecuta antes de que lo haga el FrontController * * @param Zend_Controller_Request_Abstract $request Peticion HTTP realizada * @return * @uses Zend_Auth * */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $controllerName = $request->getControllerName(); // Si el usuario esta autentificado if ($this->_auth->hasIdentity()) { } else { // Si el Usuario no esta identificado y no se dirige a la página de Login if ($controllerName != 'login') { // Mostramos al usuario el Formulario de Login $request->setControllerName("login"); $request->setActionName("index"); } } }
/** * Check permissions before dispatch process * * @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible * @param Zend_Controller_Request_Abstract $request * @return void */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $resource = $request->getControllerName(); $action = $request->getActionName(); if ($this->_auth->hasIdentity()) { $identity = $this->_auth->getStorage()->read(); $role = $identity->role; } else { $role = $this->_defaultRole; } if ($this->_acl->has($resource) && !$this->_acl->isAllowed($role, $resource, $action)) { $request->setControllerName('error')->setActionName('deny'); } }
/** * Hook into action controller preDispatch() workflow * * @return void */ public function preDispatch() { $role = 'guest'; // die($role); if ($this->_auth->hasIdentity()) { $user = $this->_auth->getIdentity(); if (is_object($user)) { $role = $this->_auth->getIdentity()->role; } } $request = $this->_action->getRequest(); $controller = $request->getControllerName(); $action = $request->getActionName(); $module = $request->getModuleName(); // $this->view->getLayout()->setLayout($module); $this->_controllerName = $controller; $resource = $controller; $privilege = $action; if (!$this->_acl->has($resource)) { $resource = null; } if (!$this->_acl->isAllowed($role, $resource, $privilege)) { if (!$this->_auth->hasIdentity()) { $noPermsAction = $this->_acl->getNoAuthAction(); } else { $noPermsAction = $this->_acl->getNoAclAction(); } $request->setModuleName($noPermsAction['module']); $request->setControllerName($noPermsAction['controller']); $request->setActionName($noPermsAction['action']); $request->setDispatched(false); } }
/** * Hook into action controller preDispatch() workflow * * @return void */ public function preDispatch() { $role = 'public'; if ($this->_auth->hasIdentity()) { $user = $this->_auth->getIdentity(); if (is_object($user)) { $role = $this->_auth->getIdentity()->role; } } $request = $this->_action->getRequest(); $controller = $request->getControllerName(); $action = $request->getActionName(); $module = $request->getModuleName(); $this->_controllerName = $controller; $resource = $controller; $privilege = $action; if (!$this->_acl->has($resource)) { $resource = null; } if (!$this->_acl->isAllowed($role, $resource, $privilege)) { $request->setModuleName('default'); $request->setControllerName('error'); $request->setActionName('error'); $request->setDispatched(false); } /** if (!$this->_acl->isAllowed($role, $resource, $privilege)){ throw new Pas_Exception_NotAuthorised('Not authorised'); } ***/ }
/** * Check that the user has an identity (is logged in) and that they have * sufficient access to the resource (page) requested. * * (non-PHPdoc) * @see Zend_Controller_Plugin_Abstract::preDispatch() */ public function preDispatch(Zend_Controller_Request_Abstract $request) { // If we are on the error controller, return immediately to prevent // any database errors happening on error page if ($request->controller == "error") { return; } // First determine what role we have (admin, member or guest) if ($this->_auth->hasIdentity()) { $username = Zend_Auth::getInstance()->getIdentity(); $userMapper = new GD_Model_UsersMapper(); $user = $userMapper->getUserByName($username); if ($user->isAdmin()) { $role = 'admin'; } else { $role = 'member'; } } else { $role = 'guest'; } // Set the initial request - these will be unmodified if access allowed $controller = $request->controller; $action = $request->action; $module = $request->module; $resource = $controller; if (!$this->_acl->has($resource)) { $resource = null; } // Use Zend_Acl to check access permissions if (!$this->_acl->isAllowed($role, $resource, $action)) { if (!$this->_auth->hasIdentity()) { $module = $this->_noauth['module']; $controller = $this->_noauth['controller']; $action = $this->_noauth['action']; } else { $module = $this->_noacl['module']; $controller = $this->_noacl['controller']; $action = $this->_noacl['action']; } } // If the module/controller/action has changed, change the request if ($request->controller != $controller || $request->action != $action || $request->module != $module) { $request->setModuleName($module); $request->setControllerName($controller); $request->setActionName($action); } }
/** * Retrieves a role from the current identity * * @return null|string */ public function getIdentityRole() { if (!$this->_auth->hasIdentity()) { return null; } $storage = $this->_auth->getStorage()->read(); return $storage->role; }
public function getCopyrights() { $copyrights = new Copyrights(); $copy = $copyrights->getTypes(); $auth = Zend_Auth::getInstance(); $this->_auth = $auth; if ($this->_auth->hasIdentity()) { $user = $this->_auth->getIdentity(); if (is_null($user->fullname)) { $userCopyright = $user->forename . ' ' . $user->surname; } else { $userCopyright = $user->fullname; } } $personal = array($userCopyright => $userCopyright); return array_merge($copy, $personal); }
/** * 判断是否登陆 * * @param Zend_Controller_Request_Abstract $request * @return void */ public function routeShutdown(Zend_Controller_Request_Abstract $request) { if ($this->_auth->hasIdentity()) { if (false !== ($user = $this->_checkIdentity($this->_auth->getIdentity()->user_name))) { Zend_Registry::set('user', $user); } else { if (!$this->_isAllowedAnonymous($request)) { $request->setModuleName('default')->setControllerName('index')->setActionName('forbidden'); } $this->_auth->clearIdentity(); } } else { if (!$this->_isAllowedAnonymous($request)) { // 如果当前请求的Url地址不允许匿名访问,则跳转到登陆页面。 $request->setModuleName('default')->setControllerName('login')->setActionName('index'); } } }
/** * Fetches the current user from the auth object. * * @return array Returns a user spec array on success. * @throws Erfurt_Ac_Exception Throws an exception if no valid user is given. */ private function _getUser() { if ($this->_auth->hasIdentity()) { // Identity exists; get it return $this->_auth->getIdentity(); } else { require_once 'Erfurt/Ac/Exception.php'; throw new Erfurt_Ac_Exception('No valid user was given.'); } }
/** * Gets content panel for the Debug Bar * * @return string */ public function getPanel() { if (!$this->auth->hasIdentity()) { $html = '<h4>No identity</h4>'; } else { $html = '<h4>Identity</h4>'; $html .= $this->cleanData($this->auth->getIdentity()); } return $html; }
/** * Get current user * * @return Newscoop\Entity\User */ public function getCurrentUser() { if ($this->currentUser === null) { if ($this->auth->hasIdentity()) { $this->currentUser = $this->getRepository()->find($this->auth->getIdentity()); } elseif ($this->security->getToken()) { if ($this->security->getToken()->getUser()) { $currentUser = $this->security->getToken()->getUser(); if ($this->security->isGranted('IS_AUTHENTICATED_FULLY') || $this->security->isGranted('IS_AUTHENTICATED_REMEMBERED')) { $this->currentUser = $currentUser; } else { throw new AuthenticationException(); } } else { throw new AuthenticationException(); } } } return $this->currentUser; }
/** * function preDispatch() * * @todo Control request access * @param Zend_Controller_Request_Abstract $request * @return null */ public function preDispatch(Zend_Controller_Request_Abstract $request) { // get info of request $module = $request->getModuleName(); $controller = $request->getControllerName(); $action = $request->getActionName(); // get role of current user if ($this->_auth->hasIdentity()) { // logined $identity = $this->_auth->getIdentity(); switch ($identity->Role) { case 0: // Super Admin $role = "SuperAdmin"; break; case 1: // Admin $role = "Admin"; break; case 2: // IT $role = "IT"; break; case 3: default: // User $role = "User"; break; } if ($this->_acl->isAllowed($role, $module . ':' . $controller, $action) == FALSE) { // Not allowed access $request->setModuleName('front')->setControllerName('auth')->setActionName('nopermission'); // } else { // Allowed access } } else { // not login $role = NULL; $request->setModuleName('front')->setControllerName('auth')->setActionName('login'); } }