/**
* Replace standard admin login form with HTTP Basic authentication
*
* @param AbstractAction $subject
* @param callable $proceed
* @param RequestInterface $request
* @return ResponseInterface
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.NPathComplexity)
*/
public function aroundDispatch(AbstractAction $subject, \Closure $proceed, RequestInterface $request)
{
$resource = isset($this->aclResources[$request->getControllerName()]) ? isset($this->aclResources[$request->getControllerName()][$request->getActionName()]) ? $this->aclResources[$request->getControllerName()][$request->getActionName()] : $this->aclResources[$request->getControllerName()] : null;
$type = $request->getParam('type');
$resourceType = isset($this->aclResources[$type]) ? $this->aclResources[$type] : null;
if (!$resource || !$resourceType) {
return parent::aroundDispatch($subject, $proceed, $request);
}
$session = $this->_auth->getAuthStorage();
// Try to login using HTTP-authentication
if (!$session->isLoggedIn()) {
list($login, $password) = $this->httpAuthentication->getCredentials();
try {
$this->_auth->login($login, $password);
} catch (AuthenticationException $e) {
$this->logger->critical($e);
}
}
// Verify if logged in and authorized
if (!$session->isLoggedIn() || !$this->authorization->isAllowed($resource) || !$this->authorization->isAllowed($resourceType)) {
$this->httpAuthentication->setAuthenticationFailed('RSS Feeds');
return $this->_response;
}
return parent::aroundDispatch($subject, $proceed, $request);
}
/**
* @param \Magento\Backend\App\AbstractAction $subject
* @param callable $proceed
* @param \Magento\Framework\App\RequestInterface $request
*
* @return mixed
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
*/
public function aroundDispatch(\Magento\Backend\App\AbstractAction $subject, \Closure $proceed, \Magento\Framework\App\RequestInterface $request)
{
$requestedActionName = $request->getActionName();
if (in_array($requestedActionName, $this->_openActions)) {
$request->setDispatched(true);
} else {
if ($this->_auth->getUser()) {
$this->_auth->getUser()->reload();
}
if (!$this->_auth->isLoggedIn()) {
$this->_processNotLoggedInUser($request);
} else {
$this->_auth->getAuthStorage()->prolong();
$backendApp = null;
if ($request->getParam('app')) {
$backendApp = $this->backendAppList->getCurrentApp();
}
if ($backendApp) {
$resultRedirect = $this->resultRedirectFactory->create();
$baseUrl = \Magento\Framework\App\Request\Http::getUrlNoScript($this->backendUrl->getBaseUrl());
$baseUrl = $baseUrl . $backendApp->getStartupPage();
return $resultRedirect->setUrl($baseUrl);
}
}
}
$this->_auth->getAuthStorage()->refreshAcl();
return $proceed($request);
}
/**
* Get wizard step by request
*
* @param \Magento\Framework\App\RequestInterface $request
* @return \Magento\Framework\Object|bool
*/
public function getStepByRequest(\Magento\Framework\App\RequestInterface $request)
{
foreach ($this->_steps as $step) {
if ($step->getController() == $request->getControllerName() && $step->getAction() == $request->getActionName()) {
return $step;
}
}
return false;
}
/**
* Dispatch actions allowed for not authorized users
*
* @param ActionInterface $subject
* @param \Closure $proceed
* @param RequestInterface $request
* @return mixed
*/
public function aroundDispatch(ActionInterface $subject, \Closure $proceed, RequestInterface $request)
{
$action = strtolower($request->getActionName());
$pattern = '/^(' . implode('|', $this->allowedActions) . ')$/i';
if (!preg_match($pattern, $action)) {
if (!$this->session->authenticate()) {
$subject->getActionFlag()->set('', ActionInterface::FLAG_NO_DISPATCH, true);
}
} else {
$this->session->setNoReferer(true);
}
$result = $proceed($request);
$this->session->unsNoReferer(false);
return $result;
}
/**
* @param \Magento\Backend\App\AbstractAction $subject
* @param callable $proceed
* @param \Magento\Framework\App\RequestInterface $request
*
* @return mixed
* @SuppressWarnings(PHPMD.UnusedFormalParameter)
*/
public function aroundDispatch(\Magento\Backend\App\AbstractAction $subject, \Closure $proceed, \Magento\Framework\App\RequestInterface $request)
{
$requestedActionName = $request->getActionName();
if (in_array($requestedActionName, $this->_openActions)) {
$request->setDispatched(true);
} else {
if ($this->_auth->getUser()) {
$this->_auth->getUser()->reload();
}
if (!$this->_auth->isLoggedIn()) {
$this->_processNotLoggedInUser($request);
} else {
$this->_auth->getAuthStorage()->prolong();
}
}
$this->_auth->getAuthStorage()->refreshAcl();
return $proceed($request);
}
/**
* Check if a request is session check
*
* @return bool
*/
protected function isSessionCheckRequest()
{
return $this->request->getModuleName() == 'security' && $this->request->getActionName() == 'check';
}
/**
* Return whether page is tax configuration
*
* @return bool
*/
protected function isTaxConfigPage()
{
return $this->request->getModuleName() == 'admin' && $this->request->getControllerName() == 'system_config' && $this->request->getActionName() == 'edit' && $this->request->getParam('section') == 'tax';
}
/**
* Return whether page is queue page
*
* @return bool
*/
protected function isQueuePage()
{
return $this->request->getModuleName() == 'avatax' && $this->request->getControllerName() == 'queue' && $this->request->getActionName() == 'index';
}
