public function indexAction() { if (Praxigento_LoginAs_Config::cfgGeneralEnabled()) { /** define operator name */ /** @var $session Mage_Admin_Model_Session */ $session = Mage::getSingleton('admin/session'); if ($session->isLoggedIn()) { /** @var $user Mage_Admin_Model_User */ $user = $session->getUser(); $operator = $user->getName() . ' (' . $user->getEmail() . ')'; /** if there is customer data in request */ if (!is_null($this->getRequest()->getParams())) { $params = $this->getRequest()->getParams(); if (!is_null($params[Praxigento_LoginAs_Config::REQ_PARAM_LAS_ID])) { /** extract customer ID from request and load customer data */ $customerId = $params[Praxigento_LoginAs_Config::REQ_PARAM_LAS_ID]; /** @var $customer Mage_Customer_Model_Customer */ $customer = Mage::getModel('customer/customer')->load($customerId); if ($customer->getId() == $customerId) { $customerName = $customer->getName(); /** define URL to login to customer's website */ $wsId = $customer->getData('website_id'); if (is_null($wsId)) { $wsId = Mage::app()->getStore()->getWebsiteId(); } /** @var $website Mage_Core_Model_Website */ $website = Mage::getModel('core/website')->load($wsId); $defStoreId = $website->getDefaultStore()->getId(); $baseTarget = Mage::getStoreConfig(Mage_Core_Model_Url::XML_PATH_SECURE_URL, $defStoreId); $baseSource = Mage::getStoreConfig(Mage_Core_Model_Url::XML_PATH_SECURE_URL); /** compose redirection URL and replace current base by target base */ $urlModel = Mage::getModel('core/url'); $store = Mage::getModel('core/store')->load($defStoreId); $urlModel->setStore($store); $url = $urlModel->getUrl(Praxigento_LoginAs_Config::XMLCFG_ROUTER_FRONT . Praxigento_LoginAs_Config::ROUTE_CUSTOMER_LOGINAS); $url = str_replace($baseSource, $baseTarget, $url); /** compose authentication package */ /** @var $authPack Praxigento_LoginAs_Model_Package */ $authPack = Mage::getSingleton('prxgt_lgas_model/package'); $authPack->setAdminName($operator); $authPack->setCustomerId($customerId); $authPack->setCustomerName($customerName); $authPack->setRedirectUrl($url); $validatorData = $session->getValidatorData(); $ip = $validatorData['remote_addr']; $authPack->setIp($ip); /** save login data to file */ $authPack->saveAsFile(); /** log event */ $log = Praxigento_LoginAs_Model_Logger::getLogger($this); $log->trace("Operator '{$operator}' is redirected to front from ip '{$ip}' to login" . " as customer '{$customerName}' ({$customerId})."); } $bu = var_export($this->getLayout()->getUpdate()->getHandles(), true); /** load layout and render blocks */ $this->loadLayout()->renderLayout(); } } } } }
function __construct($name) { self::$_isLog4phpUsed = class_exists('Nmmlm_Log_Logger', false); if (self::$_isLog4phpUsed) { $this->_loggerLog4php = Nmmlm_Log_Logger::getLogger($name); } else { $this->_name = is_object($name) ? get_class($name) : (string) $name; } }
public function test_all() { $log = Praxigento_LoginAs_Model_Logger::getLogger($this); $log->trace('trace'); $log->debug('debug'); $log->info('info'); $log->warn('warn'); $log->error('error'); $log->fatal('fatal'); $log->trace('trace', new Exception('test trace error')); $log->debug('debug', new Exception('test debug error')); $log->info('info', new Exception('test info error')); $log->warn('warn', new Exception('test warn error')); $log->error('error', new Exception('test error error')); $log->fatal('fatal', new Exception('test fatal error')); }
public function asAction() { /** event logger */ $log = Praxigento_LoginAs_Model_Logger::getLogger($this); /** get filename from the request parameters */ $filename = $this->getRequest()->getPost(Praxigento_LoginAs_Config::REQ_PARAM_LAS_ID); /** @var $authPack Praxigento_LoginAs_Model_Package */ $authPack = Mage::getSingleton('prxgt_lgas_model/package'); $authPack->loadFromFile($filename); /** extract working data */ $customerId = $authPack->getCustomerId(); if (!is_null($customerId)) { $customerName = $authPack->getCustomerName(); $operatorName = $authPack->getAdminName(); $operatorIp = $authPack->getIp(); $log->trace("Operator '{$operatorName}' trying to login as '{$customerName}' (id={$customerId}) from ip '{$operatorIp}'..."); /** validate current customer's session or establish new session and validate request */ $session = Mage::getSingleton('customer/session'); $sessionCustomer = $session->getCustomer(); $sessionCustomerId = $sessionCustomer->getId(); /** this operator is already logged in as required customer */ if ($session->isLoggedIn() && $customerId == $sessionCustomerId) { $log->debug("Session for customer '{$customerName}' (id={$customerId}) is already exist. Refreshing page..."); /** save operator's name into session to use in orders later */ $session->setData(Praxigento_LoginAs_Config::SESS_LOGGED_AS_OPERATOR, $operatorName); } else { /** establish new customer session */ $validatorData = $session->getValidatorData(); if ($this->getRequest()->isPost() && $operatorIp == $validatorData['remote_addr']) { try { /** @var $customer Mage_Customer_Model_Customer */ $customer = Mage::getModel('customer/customer')->load($customerId); if ($customer->getId() == $customerId) { /** check allowed websites */ $wsId = Mage::app()->getStore()->getWebsiteId(); $wsids = $customer->getSharedWebsiteIds(); $custWsId = $customer->getData('website_id'); if (in_array($wsId, $wsids) || $wsId == $custWsId) { $session->loginById($customerId); /** save operator's name into session to use in orders later */ $session->setData(Praxigento_LoginAs_Config::SESS_LOGGED_AS_OPERATOR, $operatorName); $log->info("New session for customer '{$customerName}' (id={$customerId}) is established for operator '{$operatorName}'"); } else { $msg = "Customer '{$customerName}' (id={$customerId}) has no rights to access current website."; $log->error($msg); Mage::throwException($msg); } } else { $msg = "Customer with id '{$customerId}' does not exists."; $log->error($msg); Mage::throwException($msg); } } catch (Mage_Core_Exception $e) { switch ($e->getCode()) { case Mage_Customer_Model_Customer::EXCEPTION_INVALID_EMAIL_OR_PASSWORD: $message = $e->getMessage(); break; default: $message = $e->getMessage(); } $session->addError($message); $session->setId(null); $log->error('Session ID is reset due to error is occurred. Exception is not logged.'); } catch (Exception $e) { /** Mage::logException($e); // PA DSS violation: this exception log can disclose customer password */ } } else { $log->warn("Authentication request failure: request type is not POST or operator's current ip (" . $validatorData['remote_addr'] . ") is not equal to ip from authentication package ({$operatorIp})."); } } } else { $log->warn("Cannot get customer id for authentication package '{$filename}'."); } $this->_redirect('customer/account'); }
public function __construct() { parent::__construct(); $this->_log = Praxigento_LoginAs_Model_Logger::getLogger(__CLASS__); $this->_fileNameCustomers = dirname($_SERVER['SCRIPT_NAME']) . '/data_customers.csv'; }