Example #1
0
 protected function _checkSkipAcl(Zend_Controller_Request_Abstract $request, $type)
 {
     // verificação de requisicao - Caso ajax, verifica se a action é delete, senao, SKIP nele.
     if ($request->isXmlHttpRequest() && !in_array($request->getActionName(), $this->_arrAjaxNotSkip)) {
         return TRUE;
     }
     $configs = Zend_Registry::get('configs');
     $skip = $configs['security']['skip'][$type];
     $result = FALSE;
     $result = in_array($request->getActionName(), $skip);
     foreach ($skip as $routers) {
         $route = explode('/', $routers);
         switch (count($route)) {
             case 1:
                 // action
                 $result = in_array($request->getActionName(), $skip);
                 break;
             case 2:
                 // controller/action
                 $result = in_array($request->getControllerName() . '/' . $request->getActionName(), $skip);
                 break;
             case 3:
                 // module/controller/action
                 $result = in_array($request->getModuleName() . '/' . $request->getControllerName() . '/' . $request->getActionName(), $skip);
                 break;
         }
         if ($result) {
             return TRUE;
         }
     }
     return $result;
 }
Example #2
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $loginController = 'authentication';
     $loginAction = 'login';
     $auth = Zend_Auth::getInstance();
     // If user is not logged in and is not requesting login page
     // - redirect to login page.
     if (!$auth->hasIdentity() && $request->getControllerName() != $loginController && $request->getActionName() != $loginAction) {
         $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
         $redirector->gotoSimpleAndExit($loginAction, $loginController);
     }
     // User is logged in or on login page.
     if ($auth->hasIdentity()) {
         // Is logged in
         // Let's check the credential
         $acl = new Tynex_Models_TynexAcl();
         $identity = $auth->getIdentity();
         // role is a column in the user table (database)
         $isAllowed = $acl->isAllowed($identity->role, $request->getControllerName(), $request->getActionName());
         if (!$isAllowed) {
             $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
             $redirector->gotoUrlAndExit('/');
         }
     }
 }
Example #3
0
 public function routeShutdown(Zend_Controller_Request_Abstract $request)
 {
     Zend_Layout::getMvcInstance()->setLayout($request->getModuleName());
     Zend_Layout::getMvcInstance()->setLayoutPath(APPLICATION_PATH . "/modules/" . $request->getModuleName() . "/layouts/scripts");
     $eh = Zend_Controller_Front::getInstance()->getPlugin("Zend_Controller_Plugin_ErrorHandler");
     $eh->setErrorHandlerModule($request->getModuleName());
 }
 public function postDispatch(Zend_Controller_Request_Abstract $request)
 {
     $layout = Zend_Layout::getMvcInstance();
     // the name "maintenanceMode" is also referred to in the Admin_MaintenanceController,
     // so if you change the filename, it needs to be changed there too
     $maintenanceModeFileName = 'maintenanceMode';
     $register = new Ot_Config_Register();
     $identity = Zend_Auth::getInstance()->getIdentity();
     $role = empty($identity->role) ? $register->defaultRole->getValue() : $identity->role;
     if (isset($identity->masquerading) && $identity->masquerading == true && isset($identity->realAccount) && !is_null($identity->realAccount) && isset($identity->realAccount->role)) {
         $role = $identity->realAccount->role;
     }
     $acl = Zend_Registry::get('acl');
     $view = $layout->getView();
     $viewRenderer = Zend_Controller_Action_HelperBroker::getExistingHelper('ViewRenderer');
     if (is_file(APPLICATION_PATH . '/../overrides/' . $maintenanceModeFileName) && (!$request->isXmlHttpRequest() && !$viewRenderer->getNeverRender())) {
         if (!$acl->isAllowed($role, 'ot_maintenance', 'index')) {
             if (!($request->getModuleName() == 'ot' && $request->getControllerName() == 'login' && $request->getActionName() == 'index')) {
                 $response = $this->getResponse();
                 $layout->disableLayout();
                 $response->setBody($view->maintenanceMode()->publicLayout());
             }
         } else {
             $response = $this->getResponse();
             // there's no point in setting text here if it's a redirect
             if ($response->isRedirect()) {
                 $response->setBody('');
             } else {
                 $response->setBody($view->maintenanceMode()->header() . $response->getBody());
             }
         }
     }
 }
Example #5
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $context = $request->getHeader('X-Zrt-Format');
     if ($context) {
         $request->setParam('format', $context);
     }
 }
Example #6
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $storage = new Zend_Auth_Storage_Session();
     $data = $storage->read();
     $role = $data['emprole'];
     if ($role == 1) {
         $role = 'admin';
     }
     $request->getModuleName();
     $request->getControllerName();
     $request->getActionName();
     $module = $request->getModuleName();
     $resource = $request->getControllerName();
     $privilege = $request->getActionName();
     $this->id_param = $request->getParam('id');
     $allowed = false;
     $acl = $this->_getAcl();
     $moduleResource = "{$module}:{$resource}";
     if ($resource == 'profile') {
         $role = 'viewer';
     }
     if ($resource == 'services') {
         $role = 'services';
     }
     if ($role != '') {
         if ($acl->has($moduleResource)) {
             $allowed = $acl->isAllowed($role, $moduleResource, $privilege);
         }
         if (!$allowed) {
             $request->setControllerName('error');
             $request->setActionName('error');
         }
     }
 }
Example #7
0
 /**
  *
  * @param Zend_Controller_Request_Abstract $request
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $options = Zend_Controller_Front::getInstance()->getParam('bootstrap')->getApplication()->getOptions();
     $config = new Zend_Config($options);
     $acl = new My_Acl($config);
     $role = 'guest';
     if (Zend_Auth::getInstance()->hasIdentity()) {
         $role = 'user';
         if (Zend_Auth::getInstance()->hasIdentity()) {
             return;
         } else {
             $login = Zend_Auth::getInstance()->getIdentity();
             $user = My_Model::get('Users')->getUserByEmail($login);
             if ($user->admin == 1) {
                 $role = 'admin';
             }
         }
     }
     $controller = $request->getControllerName();
     $action = $request->getActionName();
     $resource = $controller;
     $privilege = $action;
     if (!$acl->has($resource)) {
         $resource = null;
     }
     if (is_null($privilege)) {
         $privilege = 'index';
     }
     if (!$acl->isAllowed($role, $resource, $privilege)) {
         //            $flash = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');
         //            $flash->addMessage('Access Denied');
         $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
         $redirector->gotoSimpleAndExit('login', 'admin');
     }
 }
Example #8
0
 /**
  * Apply category filter to layer
  *
  * @param   Zend_Controller_Request_Abstract $request
  * @param   Mage_Core_Block_Abstract $filterBlock
  * @return  Mage_Catalog_Model_Layer_Filter_Category
  */
 public function apply(Zend_Controller_Request_Abstract $request, $filterBlock)
 {
     $layer = Mage::helper('conversionpro')->getCurrentLayer();
     $filter = (int) $request->getParam($this->getRequestVar());
     if (!$filter) {
         return $this;
     }
     $this->_categoryId = Mage::helper('conversionpro')->getCategoryIdByAnswerId($filter);
     Mage::register('current_category_filter', $this->getCategory(), true);
     $this->_appliedCategory = Mage::getModel('catalog/category')->setStoreId(Mage::app()->getStore()->getId())->load($this->_categoryId);
     // For some reason, this class runs twice, and not as a singelton, so we have no way of monitoring
     // whether the state filter was already added or not by using some class parameter. Instead,
     // we're going over all the filters to see if any has 'Category' for the name, and only adding the state
     // tag if we can't find one.
     $isFilterApplied = false;
     $filters = $this->getLayer()->getState()->getFilters();
     foreach ($filters as $filter) {
         if ($filter->getName() == $this->getName()) {
             $isFilterApplied = true;
         }
     }
     //If there's no state tag for the cateogry yet, create it.
     if (!$isFilterApplied) {
         //If this category exists in Magento, it will execute normally. In any other case, we assume that the chosen
         // answer doesn't exist in Magento and apply it as a regular filter. The getCategoryIdByAnswerText() function
         // saves the answer's text to $this->_categoryId in these cases, so we can use that as the state tag's
         // label.
         if ($this->_isValidCategory($this->_appliedCategory)) {
             $this->getLayer()->getState()->addFilter($this->_createItem($this->_appliedCategory->getName(), $this->_categoryId));
         } else {
             $this->getLayer()->getState()->addFilter($this->_createItem($this->_categoryId, $filter));
         }
     }
     return $this;
 }
Example #9
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     if ($this->_auth->hasIdentity()) {
         $role = $this->_auth->getIdentity()->getUser()->role;
     } else {
         $role = 'guest';
     }
     $controller = $request->controller;
     $action = $request->action;
     $module = $request->module;
     $resource = $controller;
     if (!$this->_acl->has($resource)) {
         $resource = null;
     }
     if (!$this->_acl->isAllowed($role, $resource, $action)) {
         if (!$this->_auth->hasIdentity()) {
             $module = self::NO_AUTH_MODULE;
             $controller = self::NO_AUTH_CONTROLLER;
             $action = self::NO_AUTH_ACTION;
         } else {
             $module = self::NO_ACL_MODULE;
             $controller = self::NO_ACL_CONTROLLER;
             $action = self::NO_ACL_ACTION;
         }
     }
     $request->setModuleName($module);
     $request->setControllerName($controller);
     $request->setActionName($action);
 }
Example #10
0
 /**
  * this function routes all requests that come in to the default module to the index controller / index action
  *
  * @param zend_controller_request $request
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     if ($request->module == 'public' && $request->controller != 'plugin') {
         $request->setControllerName('index');
         $request->setActionName('index');
     }
 }
Example #11
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     //clear session from search session
     //$this->clearSession();
     $session_user = new Zend_Session_Namespace('auth');
     $module = $request->getModuleName();
     $controller = $request->getControllerName();
     $action = $request->getActionName();
     $url = $module . "/" . $controller . "/" . $action;
     $_url = "";
     //have login
     if (isset($session_user->arr_acl)) {
         $arr_acl = $session_user->arr_acl;
         $valid_action = FALSE;
         foreach ($arr_acl as $acl) {
             if ($module == $acl["module"] && $controller == $acl["controller"]) {
                 $valid_action = TRUE;
                 break;
             } elseif ($module === "rsvAcl" && $controller === "user" && $action === "change-password") {
                 //all user level can change password all
                 $valid_action = TRUE;
                 break;
             } elseif ($module === "rsvAcl" && $session_user->level === "1") {
                 //user level 1 can access all action in module "rsvAcl"
                 $valid_action = TRUE;
                 break;
             }
         }
         //redirect to homepage
         if (!$valid_action) {
             //just open block below
             if ($url !== "default/index/index" && $url !== "default/error/error" && $url !== "default/index/changepassword" && $url !== "default/index/logout") {
                 $_url = '/';
             }
             $_have = false;
             foreach ($this->_exception_url as $i => $val) {
                 if ($url === $val) {
                     $_have = true;
                     break;
                 }
             }
             if (!$_have) {
                 $_url = '/';
             }
         } else {
             $_url = $this->rewriteUrl($url);
         }
     } else {
         //no login
         //redirect to login page
         if ($url !== "default/index/index") {
             $_url = "/";
         }
     }
     if (!empty($_url)) {
         // 	 		echo"url here". $_url;exit();
         $_url = "/home";
         Application_Form_FrmMessage::redirectUrl($_url);
     }
 }
 public function apply(Zend_Controller_Request_Abstract $request, $filterBlock)
 {
     $filter = $request->getParam($this->getRequestVar());
     if (is_null($filter)) {
         return parent::apply($request, $filterBlock);
     }
     if (!is_numeric($filter)) {
         if (Mage::registry('current_category')) {
             $collection = Mage::getModel('catalog/category')->getCollection()->addAttributeToFilter('parent_id', Mage::registry('current_category')->getId())->addAttributeToFilter('is_active', 1)->addAttributeToSelect('name')->addAttributeToFilter('name', $filter);
             $this->_appliedCategory = $collection->getFirstItem();
             if (!$this->_appliedCategory->getProductCollection()->count()) {
                 $this->_appliedCategory = $this->_getCategoryByName($filter);
             }
         } else {
             $this->_appliedCategory = $this->_getCategoryByName($filter);
         }
         if ($this->_appliedCategory) {
             $this->_categoryId = $filter = $this->_appliedCategory->getId();
         }
     } else {
         $this->_categoryId = $filter;
         $this->_appliedCategory = Mage::getModel('catalog/category')->setStoreId(Mage::app()->getStore()->getId())->load($filter);
     }
     if ($this->_isValidCategory($this->_appliedCategory)) {
         $this->getLayer()->getProductCollection()->addCategoryFilter($this->_appliedCategory);
         $this->getLayer()->getState()->addFilter($this->_createItem($this->_appliedCategory->getName(), $filter));
     }
     return $this;
 }
Example #13
0
 public function routeShutdown(Zend_Controller_Request_Abstract $request)
 {
     if (!$this->_domain) {
         $error = false;
         if ($request->getParam('lang') && !$this->_issession) {
             $this->_session->lang = $this->_model->fetchOne('id', array('`stitle` = ?' => $request->getParam('lang')));
             if (!$this->_session->lang) {
                 $error = true;
             }
         }
         $this->_lang = $this->_model->fetchRow(null, '(`id` = ' . (int) $this->_session->lang . ') DESC, (`default` = 1) DESC');
         if ($this->_lang) {
             $this->_lang = new Zkernel_View_Data($this->_lang);
             $this->_lang->session = $this->_issession;
             if (!$this->_domain) {
                 unset($this->_lang->domain);
             }
         }
         $this->_lang->_default = $this->getDefault();
         $this->_lang->_ids = $this->_model->fetchIds();
         $front = Zend_Controller_Front::getInstance();
         $router = $front->getRouter();
         $router->setGlobalParam('lang', $this->_lang->stitle);
         $this->save();
         if ($error) {
             throw new Zend_Controller_Action_Exception('Not Found', 404);
         }
     }
     if (!$this->_domain && !$this->_issession && substr($_SERVER['REQUEST_URI'], 0, 8) == '/control') {
         header('Location: /' . $this->_lang->_default->stitle . $_SERVER['REQUEST_URI'], true, 301);
         exit;
     }
 }
Example #14
0
 /**
  * Add the appropriate view scripts directories for a given request.
  * This is pretty much the glue between the plugin broker and the
  * View object, since it uses data from the plugin broker to determine what
  * script paths will be available to the view.  
  * 
  * @param Zend_Controller_Request_Abstract $request Request object.
  * @return void
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     // Getting the module name from the request object is pretty much the main
     // reason why this needs to be in a controller plugin and can't be localized
     // to the view script.
     $moduleName = $request->getModuleName();
     $isPluginModule = !in_array($moduleName, array('default', null));
     $themeType = is_admin_theme() ? 'admin' : 'public';
     $pluginScriptDirs = $this->_pluginMvc->getViewScriptDirs($themeType);
     // Remove the current plugin, if any, from the set of "normal" plugin paths
     if ($isPluginModule && isset($pluginScriptDirs[$moduleName])) {
         $currentPluginScriptDirs = $pluginScriptDirs[$moduleName];
         unset($pluginScriptDirs[$moduleName]);
     }
     // Add all the "normal" plugin paths
     foreach ($pluginScriptDirs as $modulePaths) {
         $this->_addPathsToView($modulePaths);
     }
     // Add the theme and core paths
     $this->_addThemePaths($themeType);
     // Add plugin and theme-override paths for current plugin
     if ($isPluginModule) {
         if (isset($currentPluginScriptDirs)) {
             $this->_addPathsToView($currentPluginScriptDirs);
         }
         $this->_addOverridePathForPlugin($themeType, $moduleName);
     }
 }
Example #15
0
 /**
  * Hlavni logika ACL
  *
  * @param $request
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $controller = $request->getControllerName();
     $action = $request->getActionName();
     $module = $request->getModuleName();
     $auth = Zend_Auth::getInstance();
     if ($auth->hasIdentity()) {
         $acl = new Zend_Acl();
         $identity = $auth->getIdentity();
         $acl->addRole(new Zend_Acl_Role('user'))->addRole(new Zend_Acl_Role('owner'))->addRole(new Zend_Acl_Role('admin'), 'owner');
         if ($identity->owner == true) {
             $inherit = 'owner';
         } elseif ($identity->administrator == true) {
             $inherit = 'admin';
         } else {
             $inherit = 'user';
         }
         $acl->addRole(new Zend_Acl_Role($identity->email), $inherit);
         $projekt = $request->getParam('projekt');
         // Zakladni resource
         foreach ($this->_resources as $val => $key) {
             $acl->add(new Zend_Acl_Resource($key));
         }
         // Prava pro zakladni resource
         $acl->allow('owner');
         $acl->deny('admin', 'account');
         $acl->allow('user', array('index', 'project', 'assignment', 'calendar', 'people', 'auth', 'redir'));
         $acl->deny('user', 'account');
         $acl->deny('user', 'project', $this->_create);
         $acl->deny('user', 'people', $this->_create);
         $acl->deny('user', 'project', $this->_manage);
         $acl->deny('user', 'people', $this->_manage);
         if ($request->id == $identity->iduser) {
             $acl->allow('user', 'people', $this->_manage);
         }
         // Resource pro projektovou podsekci
         $this->_projectAcl($acl, $identity);
         Zend_Registry::set('acl', $acl);
         if ($identity->administrator == 1) {
             $isAllowed = true;
         } elseif (in_array($projekt . '|' . $request->getControllerName(), $this->_resources)) {
             $isAllowed = $acl->isAllowed($identity->email, $projekt . '|' . $request->getControllerName(), $request->getActionName());
         } elseif (in_array($request->getControllerName(), $this->_resources)) {
             $isAllowed = $acl->isAllowed($identity->email, $request->getControllerName(), $request->getActionName());
         } else {
             $isAllowed = false;
         }
         $error = $request->getParam('error_handler');
         if (is_null($error)) {
             if (!$isAllowed) {
                 $module = $this->_noacl['module'];
                 $controller = $this->_noacl['controller'];
                 $action = $this->_noacl['action'];
             }
         }
         $request->setModuleName($module);
         $request->setControllerName($controller);
         $request->setActionName($action);
     }
 }
Example #16
0
 protected function _login(Zend_Controller_Request_Abstract $request)
 {
     $userLogin = $request->getPost('login');
     $userName = trim($userLogin['alias']);
     $userPass = trim($userLogin['pass']);
     if ($userName == '') {
         $this->_exceptions[] = self::NO_USERNAME;
         return false;
     }
     if ($userPass == '') {
         $this->_exceptions[] = self::NO_PASSWORD;
         return false;
     }
     $auth = Zend_Auth::getInstance();
     $adapter = new Showcase_Auth_Adapter($userName, $userPass);
     $result = $auth->authenticate($adapter);
     if ($result) {
         if ($result->getCode() !== Zend_Auth_Result::SUCCESS) {
             // Let form know that login has failed...
             $this->_exceptions[] = self::LOGIN_FAILED;
             return false;
         }
         // YAY! Authentication was a success
         return true;
     }
     return false;
 }
Example #17
0
 /**
  * Authenticate a user.
  * @param Zend_Controller_Request_Abstract $request The current request
  * @param Zend_Controller_Response_Abstract $response The current response
  * @return Array|Boolean User data, or FALSE
  */
 public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response)
 {
     $authVars = new Garp_Util_Configuration($this->_getAuthVars()->toArray());
     $authVars->obligate('model')->obligate('identityColumn')->obligate('credentialColumn')->setDefault('hashMethod', 'MD5')->setDefault('salt', '');
     if (!$request->getPost($authVars['identityColumn']) || !$request->getPost($authVars['credentialColumn'])) {
         $this->_addError('Insufficient data received');
         return false;
     }
     $identityValue = $request->getPost($authVars['identityColumn']);
     $credentialValue = $request->getPost($authVars['credentialColumn']);
     $ini = Zend_Registry::get('config');
     $sessionColumns = null;
     if (!empty($ini->auth->login->sessionColumns)) {
         $sessionColumns = $ini->auth->login->sessionColumns;
         $sessionColumns = explode(',', $sessionColumns);
     }
     $model = new Model_AuthLocal();
     try {
         $result = $model->tryLogin($identityValue, $credentialValue, $authVars, $sessionColumns);
         return $result->toArray();
     } catch (Garp_Auth_Adapter_Db_UserNotFoundException $e) {
         $this->_addError('The email address is not found');
     } catch (Garp_Auth_Adapter_Db_InvalidPasswordException $e) {
         $this->_addError('The password is invalid');
     }
     return false;
 }
 /**
  * @param Zend_Controller_Request_Abstract $request
  */
 public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
 {
     if (!$request instanceof Zend_Controller_Request_Http) {
         return;
     }
     // Accept URI parameter over Accept header for specifying of desired response format
     $format = $this->getRequest()->getParam('format') ?: $request->getHeader('Accept');
     // @todo Need to look into implementing Accept header supporting multiple types with quality factors
     switch (true) {
         // XML
         case stristr($format, 'text/xml') && !stristr($format, 'html'):
             $request->setParam('format', 'xml');
             break;
             // JSONP/Javascript
         // JSONP/Javascript
         case stristr($format, 'text/javascript'):
             $request->setParam('format', 'js');
             break;
             // JSON
         // JSON
         case stristr($format, 'application/json'):
         default:
             // Note the fall through!
             $request->setParam('format', 'json');
             break;
     }
 }
 public function process(Zend_Controller_Request_Abstract $request)
 {
     //$this->product_id = $request->getPost('id');
     foreach ($request->getParam('inventory') as $key => $value) {
         echo 'key: ' . $key . ' value: ' . $value . '<br/>';
         $v = $this->sanitize($value);
         if (substr($key, 0, 4) == 'sys_' && $key != 'generalImages' && $key != 'id') {
             $this->{$key} = $v;
             $this->inventoryProduct->{$key} = $v;
         } elseif ($key != 'generalImages' && $key != 'id') {
             $this->inventoryProduct->profile->{$key} = $v;
         } else {
             $this->{$key} = $value;
         }
     }
     $this->inventoryProduct->product_id = $this->productID;
     $this->inventoryProduct->uploader_id = $this->userID;
     $this->inventoryProduct->sys_price = $this->sys_price;
     echo 'inventory product_id is: ' . $this->productID;
     if (!$this->_validateOnly && !$this->hasError()) {
         $this->inventoryProduct->save();
     }
     //return true if no errors have occurred
     return !$this->hasError();
 }
Example #20
0
 /**
  * Apply decimal range filter to product collection
  *
  * @param Zend_Controller_Request_Abstract $request
  * @param Mage_Catalog_Block_Layer_Filter_Decimal $filterBlock
  * @return Mage_Catalog_Model_Layer_Filter_Decimal
  */
 public function apply(Zend_Controller_Request_Abstract $request, $filterBlock)
 {
     $attributeCode = $this->getAttributeModel()->getAttributeCode();
     /** @var Amasty_Shopby_Helper_Attributes $attributeHelper */
     $attributeHelper = Mage::helper('amshopby/attributes');
     if (!$attributeHelper->lockApplyFilter($attributeCode, 'attr')) {
         return $this;
     }
     if (!$this->calculateRanges()) {
         $this->_items = array($this->_createItem('', 0, 0));
     }
     $filterBlock->setValueFrom(Mage::helper('amshopby')->__('From'));
     $filterBlock->setValueTo(Mage::helper('amshopby')->__('To'));
     $input = $request->getParam($this->getRequestVar());
     $fromTo = $this->_parseRequestedValue($input);
     if (is_null($fromTo)) {
         return $this;
     }
     list($from, $to) = $fromTo;
     $this->_getResource()->applyFilterToCollection($this, $from, $to);
     $filterBlock->setValueFrom($from);
     if ($to > 0) {
         $filterBlock->setValueTo($to);
     } else {
         $filterBlock->setValueTo('');
     }
     $this->getLayer()->getState()->addFilter($this->_createItem($this->_renderItemLabel($from, $to, true), $input));
     if ($this->hideAfterSelection()) {
         $this->_items = array();
     } elseif ($this->calculateRanges()) {
         $this->_items = array($this->_createItem('', 0, 0));
     }
     return $this;
 }
Example #21
0
 /**
  * Predispatch method to authenticate user
  *
  * @param Zend_Controller_Request_Abstract $request
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     //user only to login for access to admin functions
     /*if ('admin' != $request->getModuleName()) {
           return;
       }
        
       if (App_Model_Users::isLoggedIn() && App_Model_Users::isAdmin()) {
           //user is logged in and allowed to access admin functions
           return;
       }*/
     if ('admin' == $request->getModuleName()) {
         return;
     }
     /**
      * User not logged in or not allowed to access admin ... redirect to login.
      * Note: if user is logged in but not authorised, we redirect to login
      * to allow user to login as a different user with the right permissions.
      */
     Zend_Session::destroy(true);
     if ($request->getActionName() != 'logincheck') {
         $request->setModuleName('default')->setControllerName('login')->setActionName('index');
         //->setDispatched(FALSE);
         header("Location:http://" . $_SERVER['HTTP_HOST'] . "/login/index");
     }
 }
Example #22
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     if ($request->getModuleName() === "admin" && !Zend_Auth::getInstance()->hasIdentity()) {
         $request->setModuleName("admin")->setControllerName("auth")->setActionName("login");
         $request->setDispatched();
     }
 }
Example #23
0
 public function routeShutdown(Zend_Controller_Request_Abstract $request)
 {
     $params = $request->getParams();
     $auth = Zend_Auth::getInstance();
     Zend_Registry::set('Zend_Auth', $auth);
     if ($auth->hasIdentity()) {
         $view = Zend_Controller_Front::getInstance()->getParam('bootstrap')->getResource('view');
         $identity = $auth->getIdentity();
         $userDb = new Users_Model_DbTable_User();
         $user = array('id' => $identity->id, 'username' => $identity->username, 'name' => $identity->name, 'email' => $identity->email, 'clientid' => $identity->clientid);
         $authNamespace = new Zend_Session_Namespace('Zend_Auth');
         $authNamespace->user = $user['username'];
         if ($_SESSION['__ZF']['Zend_Auth']['ENT'] - time() < 3600) {
             $authNamespace->setExpirationSeconds(3600);
         }
         Zend_Registry::set('User', $user);
         $view->user = $user;
         $clientDb = new Application_Model_DbTable_Client();
         $client = $clientDb->getClient($user['clientid']);
         Zend_Registry::set('Client', $client);
     } elseif ($params['module'] != 'users' && $params['action'] != 'login') {
         $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
         if (isset($params['id']) && $params['id']) {
             $redirector->gotoSimple('login', 'user', 'users', array('url' => $params['module'] . '|' . $params['controller'] . '|' . $params['action'] . '|' . $params['id']));
         } else {
             $redirector->gotoSimple('login', 'user', 'users', array('url' => $params['module'] . '|' . $params['controller'] . '|' . $params['action']));
         }
     }
 }
Example #24
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     // инициилизация объектов
     $auth = Zend_Auth::getInstance();
     $acl = Zend_Registry::get('acl');
     // если есть залогиненый пользователь
     if ($auth->hasIdentity()) {
         $role = $auth->getIdentity()->role;
     } else {
         $role = 'guest';
     }
     // если нет вообще такой роли, то будет гость
     if (!$acl->hasRole($role)) {
         $role = 'guest';
     }
     // наши ресурсы
     $controller = $request->controller;
     $action = $request->action;
     // если контроллер не существует тогда нулл
     if (!$acl->has($controller)) {
         $controller = null;
     }
     // если не существует перенаправляем на ошибку
     if (!$acl->isAllowed($role, $controller, $action)) {
         $request->setControllerName($this->_controller['controller']);
         $request->setActionName($this->_controller['action']);
     }
 }
Example #25
0
 /**
  * @param Zend_Controller_Request_Abstract $request
  * @return void
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $this->setSessionLifeTime();
     if (!in_array($request->getModuleName(), $this->modules)) {
         return;
     }
     if (Zend_Auth::getInstance()->hasIdentity()) {
         $user = Zend_Registry::get('container')->getService('user')->getCurrentUser();
         if (!$user->isAdmin()) {
             // can't go into admin
             $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
             $redirector->direct('index', 'index', 'default');
         }
         // set user for application
         $GLOBALS['g_user'] = $user;
         Zend_Registry::set('user', $user);
         // set view user
         $view = Zend_Registry::get('view');
         $view->currentUser = $user;
         // set view navigation acl
         $acl = Zend_Registry::get('acl')->getAcl($user);
         /* @var $acl Zend_Acl */
         $view->navigation()->setAcl($acl);
         $view->navigation()->setRole($user);
         return;
     }
 }
 /**
  * Gets content panel for the Debugbar
  *
  * @return string
  */
 public function getPanel()
 {
     $this->_request = Zend_Controller_Front::getInstance()->getRequest();
     $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer');
     if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) {
         $viewVars = $this->_cleanData($viewRenderer->view->getVars());
     } else {
         $viewVars = "No 'getVars()' method in view class";
     }
     $vars = '<div style="width:50%;float:left;">';
     $vars .= '<h4>View variables</h4>' . '<div id="ZFDebug_vars" style="margin-left:-22px">' . $viewVars . '</div>' . '<h4>Request parameters</h4>' . '<div id="ZFDebug_requests" style="margin-left:-22px">' . $this->_cleanData($this->_request->getParams()) . '</div>';
     $vars .= '</div><div style="width:45%;float:left;">';
     if ($this->_request->isPost()) {
         $vars .= '<h4>Post variables</h4>' . '<div id="ZFDebug_post" style="margin-left:-22px">' . $this->_cleanData($this->_request->getPost()) . '</div>';
     }
     $vars .= '<h4>Constants</h4>';
     $constants = get_defined_constants(true);
     ksort($constants['user']);
     $vars .= '<div id="ZFDebug_constants" style="margin-left:-22px">' . $this->_cleanData($constants['user']) . '</div>';
     $registry = Zend_Registry::getInstance();
     $vars .= '<h4>Zend Registry</h4>';
     $registry->ksort();
     $vars .= '<div id="ZFDebug_registry" style="margin-left:-22px">' . $this->_cleanData($registry) . '</div>';
     $cookies = $this->_request->getCookie();
     $vars .= '<h4>Cookies</h4>' . '<div id="ZFDebug_cookie" style="margin-left:-22px">' . $this->_cleanData($cookies) . '</div>';
     $vars .= '</div><div style="clear:both">&nbsp;</div>';
     return $vars;
 }
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     if ($request->getParam('isAdmin')) {
         $layout = Zend_Layout::getMvcInstance();
         $layout->setLayout('admin');
     }
 }
Example #28
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $auth = Zend_Auth::getInstance();
     $acl = Zend_Registry::get('acl');
     //перевірка на ролі
     if ($auth->hasIdentity()) {
         $role = $auth->getIdentity()->role;
     } else {
         $role = 'guest';
     }
     //якщо ролі не існує
     if (!$acl->hasRole($role)) {
         $role = 'guest';
     }
     $controller = $request->controller;
     $action = $request->action;
     //якщо контролера не існує
     if (!$acl->has($controller)) {
         $controller = null;
     }
     //якщо юзер не має доступу
     if (!$acl->isAllowed($role, $controller, $action)) {
         $request->setControllerName($this->_controller['controller']);
         $request->setActionName($this->_controller['action']);
     }
 }
Example #29
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $auth = Zend_Auth::getInstance();
     $isAllowed = false;
     $controller = $request->getControllerName();
     $action = $request->getActionName();
     // Generate the resource name
     $resourceName = $controller . '/' . $action;
     // Don't block errors
     if ($resourceName == 'error/error') {
         return;
     }
     $resources = $this->acl->getResources();
     if (!in_array($resourceName, $resources)) {
         $request->setControllerName('error')->setActionName('error')->setDispatched(true);
         throw new Zend_Controller_Action_Exception('This page does not exist', 404);
         return;
     }
     // Check if user can access this resource or not
     $isAllowed = $this->acl->isAllowed(Zend_Registry::get('role'), $resourceName);
     // Forward user to access denied or login page if this is guest
     if (!$isAllowed) {
         if (!Zend_Auth::getInstance()->hasIdentity()) {
             $forwardAction = 'login';
         } else {
             $forwardAction = 'deny';
         }
         $request->setControllerName('index')->setActionName($forwardAction)->setDispatched(true);
     }
 }
 /**
  * Apply category filter to layer
  *
  * @param   Zend_Controller_Request_Abstract $request
  * @param   Mage_Core_Block_Abstract $filterBlock
  * @return  Mage_Catalog_Model_Layer_Filter_Category
  */
 public function apply(Zend_Controller_Request_Abstract $request, $filterBlock)
 {
     $filter = (int) $request->getParam($this->getRequestVar());
     if (!$filter) {
         return $this;
     }
     // load data for applied category
     $this->_appliedCategory = Mage::getModel('catalog/category')->setStoreId(Mage::app()->getStore()->getId())->load($filter);
     if ($this->_appliedCategory->getId()) {
         // create join and conditions for additional category filter
         $tableAlias = 'category_layered_' . $this->_rootCategory->getId();
         $conditions = array();
         $conditions['category_id'] = $filter;
         $conditions['store_id'] = Mage::app()->getStore()->getId();
         if (!$this->_appliedCategory->getIsAnchor()) {
             $conditions['is_parent'] = 1;
         }
         $this->getLayer()->getProductCollection()->joinTable(array($tableAlias => 'catalog/category_product_index'), "product_id=entity_id", array($tableAlias . '_cat_id' => 'category_id', $tableAlias . '_store_id' => 'store_id'), $conditions, 'inner');
         // add filter to layer state
         $this->getLayer()->getState()->addFilter($this->_createItem($this->_appliedCategory->getName(), $filter));
         // if current applied category has no children reset items array (for hiding filter block)
         if (!$this->_appliedCategory->getChildrenCategories()) {
             $this->_items = array();
         }
     }
     return $this;
 }