/** * @access private * @param UserModel $user * @throws Exception * @return void */ private function _processUserStatus(UserModel $user) { switch ($user->status) { // If the account is pending, they don't exist yet. case UserStatus::Pending: case UserStatus::Archived: $this->errorCode = static::ERROR_USERNAME_INVALID; break; case UserStatus::Locked: $this->errorCode = $this->_getLockedAccountErrorCode(); break; case UserStatus::Suspended: $this->errorCode = static::ERROR_ACCOUNT_SUSPENDED; break; case UserStatus::Active: // Validate the password if (craft()->users->validatePassword($user->password, $this->password)) { if ($user->passwordResetRequired) { $this->_id = $user->id; $this->errorCode = static::ERROR_PASSWORD_RESET_REQUIRED; craft()->users->sendForgotPasswordEmail($user); } else { if (craft()->request->isCpRequest() && !$user->can('accessCp')) { $this->errorCode = static::ERROR_NO_CP_ACCESS; } else { if (craft()->request->isCpRequest() && !Craft::isSystemOn() && !$user->can('accessCpWhenSystemIsOff')) { $this->errorCode = static::ERROR_NO_CP_OFFLINE_ACCESS; } else { // Finally, everything is well with the world. Let's log in. $this->_id = $user->id; $this->username = $user->username; $this->errorCode = static::ERROR_NONE; } } } } else { craft()->users->handleInvalidLogin($user); // Was that one bad password too many? if ($user->status == UserStatus::Locked) { $this->errorCode = $this->_getLockedAccountErrorCode(); } else { $this->errorCode = static::ERROR_PASSWORD_INVALID; } } break; default: throw new Exception(Craft::t('User has unknown status “{status}”', array($user->status))); } }
/** * Processes the request. * * @throws HttpException */ public function processRequest() { // If this is a resource request, we should respond with the resource ASAP $this->_processResourceRequest(); // Validate some basics on the database configuration file. $this->_validateDbConfigFile(); // Process install requests $this->_processInstallRequest(); // If the system in is maintenance mode and it's a site request, throw a 503. if (Craft::isInMaintenanceMode() && $this->request->isSiteRequest()) { throw new HttpException(503); } // Set the target language $this->setLanguage($this->_getTargetLanguage()); // Check if the app path has changed. If so, run the requirements check again. $this->_processRequirementsCheck(); // If the track has changed, put the brakes on the request. if (!$this->updates->isTrackValid()) { if ($this->request->isCpRequest()) { $this->runController('templates/invalidtrack'); $this->end(); } else { throw new HttpException(503); } } // Set the package components $this->_setPackageComponents(); // isCraftDbUpdateNeeded will return true if we're in the middle of a manual or auto-update for Craft itself. // If we're in maintenance mode and it's not a site request, show the manual update template. if ($this->updates->isCraftDbUpdateNeeded() || Craft::isInMaintenanceMode() && $this->request->isCpRequest() || $this->request->getActionSegments() == array('update', 'cleanUp') || $this->request->getActionSegments() == array('update', 'rollback')) { $this->_processUpdateLogic(); } // Make sure that the system is on, or that the user has permission to access the site/CP while the system is off if (Craft::isSystemOn() || $this->request->isActionRequest() && $this->request->getActionSegments() == array('users', 'login') || $this->request->isSiteRequest() && $this->userSession->checkPermission('accessSiteWhenSystemIsOff') || $this->request->isCpRequest() && $this->userSession->checkPermission('accessCpWhenSystemIsOff')) { // Load the plugins craft()->plugins->loadPlugins(); // Check if a plugin needs to update the database. if ($this->updates->isPluginDbUpdateNeeded()) { $this->_processUpdateLogic(); } // If this is a non-login, non-validate, non-setPassword CP request, make sure the user has access to the CP if ($this->request->isCpRequest() && !($this->request->isActionRequest() && $this->_isValidActionRequest())) { // Make sure the user has access to the CP $this->userSession->requireLogin(); $this->userSession->requirePermission('accessCp'); // If they're accessing a plugin's section, make sure that they have permission to do so $firstSeg = $this->request->getSegment(1); if ($firstSeg) { $plugin = $plugin = $this->plugins->getPlugin($firstSeg); if ($plugin) { $this->userSession->requirePermission('accessPlugin-' . $plugin->getClassHandle()); } } } // If this is an action request, call the controller $this->_processActionRequest(); // If we're still here, finally let UrlManager do it's thing. parent::processRequest(); } else { // Log out the user if ($this->userSession->isLoggedIn()) { $this->userSession->logout(false); } if ($this->request->isCpRequest()) { // Redirect them to the login screen $this->userSession->requireLogin(); } else { // Display the offline template $this->runController('templates/offline'); } } }
/** * Returns whether the system is on. * * @return string */ public function isSystemOn() { return Craft::isSystemOn(); }