public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$auth = Zend_Auth::getInstance();
$publicPages = array();
$publicPages['controllers'] = array('login', 'logout');
$publicPages['actions'] = array();
$controllerName = $request->getControllerName();
$actionName = $request->getActionName();
if (in_array($controllerName, $publicPages['controllers'])) {
return true;
}
PermissionTemplate::auditAccess($controllerName, $actionName);
if (!$auth->hasIdentity() && $controllerName != 'index') {
// this MUST be placed before checking permission
do {
if (isset($_SERVER['PHP_AUTH_USER']) && strlen($_SERVER['PHP_AUTH_USER']) > 0) {
User::processLogin($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
if ($auth->hasIdentity()) {
break;
// allow to check permission below
}
}
header('WWW-Authenticate: Basic realm="Unauthorized Access Prohibited (ClearHealth)"');
header('HTTP/1.0 401 Unauthorized');
die(__('You must enter a valid username and password to access.'));
} while (false);
}
if ($auth->hasIdentity()) {
$permissionTemplateId = $auth->getIdentity()->permissionTemplateId;
if (file_exists('/tmp/emergency') && $controllerName != 'admin-persons' && PermissionTemplate::hasAccess($permissionTemplateId, 'emergency-access', 'allow-emergency-access')) {
if (!($controllerName == "emergency-access" && $actionName == 'index')) {
return true;
}
}
if ($permissionTemplateId != 'superadmin' && !PermissionTemplate::hasAccess($permissionTemplateId, $controllerName, $actionName)) {
$error = 'Access denied. ' . $controllerName . '/' . $actionName . '. ';
$error .= 'Please <a href="' . $request->getBaseUrl() . '/logout" title="Login">Login</a>.';
trigger_error($error, E_USER_NOTICE);
throw new WebVista_App_AuthException($error);
} else {
return true;
}
}
throw new WebVista_App_AuthException('You must be authenticated to access the system.');
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
$auth = Zend_Auth::getInstance();
$publicPages = array();
$publicPages['controllers'] = array('login');
$publicPages['actions'] = array();
$controllerName = $request->getControllerName();
$actionName = $request->getActionName();
if (in_array($controllerName, $publicPages['controllers'])) {
return true;
}
PermissionTemplate::auditAccess($controllerName, $actionName);
if ($auth->hasIdentity()) {
//$permissionTemplateId = $auth->getIdentity()->permissionTemplateId;
$userId = $auth->getIdentity()->userId;
$user = new User();
$user->userId = (int) $auth->getIdentity()->userId;
$user->populate();
$permissionTemplateId = $user->permissionTemplateId;
if ($permissionTemplateId != 'superadmin' && !PermissionTemplate::hasAccess($permissionTemplateId, $controllerName, $actionName)) {
$error = __('Access denied');
trigger_error($error, E_USER_NOTICE);
throw new WebVista_App_AuthException($error);
} else {
return true;
}
}
if (isset($_SERVER['PHP_AUTH_USER'])) {
$_POST['username'] = $_SERVER['PHP_AUTH_USER'];
$_POST['password'] = $_SERVER['PHP_AUTH_PW'];
$zvah = new Zend_View_Helper_Action();
$zvah->action('process', 'login');
if ($auth->hasIdentity() || in_array($controllerName, $publicPages['controllers'])) {
return true;
}
}
/*else if ($actionName != 'index' && $controllerName != 'index') {
header('WWW-Authenticate: Basic realm="Unauthorize Access Prohibited"');
header('HTTP/1.0 401 Unauthorized');
}*/
throw new WebVista_App_AuthException('You must be authenticated to access the system.');
}