/**
* Get the User performing this search
*
* @return Xerxes\Utility\User
*/
public function getUser()
{
if ($this->request instanceof Request) {
return $this->request->getUser();
} else {
return new User();
}
}
/**
* Create Authentication Scheme
*
* @param Request $request
*/
public function __construct(Request $request)
{
$this->request = $request;
$this->registry = Registry::getInstance();
// get the user from the request
$this->user = $this->request->getUser();
// send them back here when they are done
$this->return_url = $this->request->getParam("return");
// flesh out our return url
$base = $this->request->getBaseUrl();
$server = $this->request->getServerUrl();
if ($this->return_url == "") {
$this->return_url = $base;
// so send them home!
}
// @todo find out if some CAS servers are still tripping up on this
$params = array('controller' => 'authenticate', 'action' => 'validate', 'return' => $this->return_url);
$this->validate_url = $this->request->url_for($params, true);
}
/**
* Perform an authentication check on this request
*/
protected function checkAuthentication($action)
{
$id = $this->request->getControllerName();
$restricted = $this->controller_map->isRestricted($id, $action);
$requires_login = $this->controller_map->requiresLogin($id, $action);
// get user from session
$user = $this->request->getUser();
// this action requires authentication
if ($restricted || $requires_login) {
$redirect_to_login = false;
// this action requires a logged-in user, but user is not logged-in
if ($requires_login && !$user->isAuthenticated()) {
$redirect_to_login = true;
} elseif ($restricted && !$user->isAuthenticated() && !$user->isInLocalIpRange()) {
$redirect_to_login = true;
}
// redirect to login page
if ($redirect_to_login == true) {
return $this->redirectToLogin();
}
}
}
