Example #1
0
 public function onRoute(\Zend\EventManager\EventInterface $e)
 {
     $application = $e->getApplication();
     $routeMatch = $e->getRouteMatch();
     $sm = $application->getServiceManager();
     $auth = $sm->get('Zend\\Authentication\\AuthenticationService');
     $config = $sm->get('Config');
     $acl = new Acl($config);
     // everyone is guest until logging in
     $role = Acl::DEFAULT_ROLE;
     // The default role is guest $acl
     if ($auth->hasIdentity()) {
         $user = $auth->getIdentity();
         $role = $user->getRole()->getName();
     }
     $controller = $routeMatch->getParam('controller');
     $action = $routeMatch->getParam('action');
     if (!$acl->hasResource($controller)) {
         throw new \Exception('Resource ' . $controller . ' not defined');
     }
     if (!$acl->isAllowed($role, $controller, $action)) {
         $url = $e->getRouter()->assemble(array(), array('name' => 'home'));
         $response = $e->getResponse();
         $response->getHeaders()->addHeaderLine('Location', $url);
         // The HTTP response status code 302 Found is a common way of performing a redirection.
         // http://en.wikipedia.org/wiki/HTTP_302
         $response->setStatusCode(302);
         $response->sendHeaders();
         exit;
     }
 }
Example #2
0
 /**
  * {@inheritdoc}
  */
 public function onBootstrap(EventInterface $e)
 {
     /** @var \Zend\Mvc\MvcEvent $e */
     /** @var \Zend\Mvc\Application $application */
     $application = $e->getApplication();
     /** @var \Zend\EventManager\EventManager $events */
     $events = $application->getEventManager();
     /** @var \Zend\EventManager\SharedEventManager $sharedEvents */
     $sharedEvents = $events->getSharedManager();
     $moduleRouteListener = new ModuleRouteListener();
     $moduleRouteListener->attach($events);
     // Override Zend\Mvc\View\Http\InjectTemplateListener
     // to process templates by Vendor/Module
     $injectTemplateListener = new InjectTemplateListener();
     $sharedEvents->attach('Zend\\Stdlib\\DispatchableInterface', MvcEvent::EVENT_DISPATCH, [$injectTemplateListener, 'injectTemplate'], -89);
     $response = $e->getResponse();
     if ($response instanceof \Zend\Http\Response) {
         $headers = $response->getHeaders();
         if ($headers) {
             $headers->addHeaderLine('Cache-Control', 'no-cache, no-store, must-revalidate');
             $headers->addHeaderLine('Pragma', 'no-cache');
             $headers->addHeaderLine('Expires', '1970-01-01');
         }
     }
 }
Example #3
0
 public function onBootstrap(EventInterface $event)
 {
     /*$eventManager        = $e->getApplication()->getEventManager();
       $moduleRouteListener = new ModuleRouteListener();
       $moduleRouteListener->attach($eventManager);*/
     $application = $event->getTarget();
     $serviceManager = $application->getServiceManager();
     $translator = $serviceManager->get('translator');
     $translator->setLocale(\Locale::acceptFromHttp($_SERVER['HTTP_ACCEPT_LANGUAGE']))->setFallbackLocale('en_US');
     $application->getEventManager()->attach(MvcEvent::EVENT_DISPATCH, function (MvcEvent $event) use($serviceManager) {
         $request = $event->getRequest();
         $response = $event->getResponse();
         if (!($request instanceof HttpRequest && $response instanceof HttpResponse)) {
             return;
             // CLI application maybe?
         }
         $authAdapter = $serviceManager->get('AuthenticationAdapter');
         $authAdapter->setRequest($request);
         $authAdapter->setResponse($response);
         $result = $authAdapter->authenticate();
         if ($result->isValid()) {
             return;
             // OK
         }
         $response->setContent('Access denied');
         $response->setStatusCode(HttpResponse::STATUS_CODE_401);
         $event->setResult($response);
         // to end
         return false;
         // event propagation stop
     });
 }
Example #4
0
 public function onRoute(\Zend\EventManager\EventInterface $e)
 {
     $application = $e->getApplication();
     $routeMatch = $e->getRouteMatch();
     $sm = $application->getServiceManager();
     $auth = $sm->get('Zend\\Authentication\\AuthenticationService');
     $config = $sm->get('Config');
     $acl = new Acl($config);
     $role = Acl::DEFAULT_ROLE;
     if ($auth->hasIdentity()) {
         $user = $auth->getIdentity();
         $role = $user->getUserRole()->getRole();
     }
     $controller = $routeMatch->getParam('controller');
     $action = $routeMatch->getParam('action');
     if (!$acl->hasResource($controller)) {
         throw new \Exception('Resource ' . $controller . ' not defined');
     }
     if (!$acl->isAllowed($role, $controller, $action)) {
         $url = $e->getRouter()->assemble(array(), array('name' => 'home/login'));
         $response = $e->getResponse();
         $response->getHeaders()->addHeaderLine('Location', $url);
         $response->setStatusCode(302);
         $response->sendHeaders();
         exit;
     }
 }
Example #5
0
 /**
  * {@inheritdoc}
  */
 public function onBootstrap(EventInterface $e)
 {
     /** @var \Zend\Mvc\MvcEvent $e */
     /** @var \Zend\Mvc\Application $application */
     $application = $e->getApplication();
     /** @var \Zend\EventManager\EventManager $events */
     $events = $application->getEventManager();
     /** @var \Zend\EventManager\SharedEventManager $sharedEvents */
     $sharedEvents = $events->getSharedManager();
     $moduleRouteListener = new ModuleRouteListener();
     $moduleRouteListener->attach($events);
     // Override Zend\Mvc\View\Http\InjectTemplateListener
     // to process templates by Vendor/Module
     $injectTemplateListener = new InjectTemplateListener();
     $sharedEvents->attach('Zend\\Stdlib\\DispatchableInterface', MvcEvent::EVENT_DISPATCH, [$injectTemplateListener, 'injectTemplate'], -89);
     $response = $e->getResponse();
     if ($response instanceof \Zend\Http\Response) {
         $headers = $response->getHeaders();
         if ($headers) {
             $headers->addHeaderLine('Cache-Control', 'no-cache, no-store, must-revalidate');
             $headers->addHeaderLine('Pragma', 'no-cache');
             $headers->addHeaderLine('Expires', '1970-01-01');
             $headers->addHeaderLine('X-Frame-Options: SAMEORIGIN');
             $headers->addHeaderLine('X-Content-Type-Options: nosniff');
             $xssHeaderValue = strpos($_SERVER['HTTP_USER_AGENT'], XssProtection::IE_8_USER_AGENT) === false ? XssProtection::HEADER_ENABLED : XssProtection::HEADER_DISABLED;
             $headers->addHeaderLine('X-XSS-Protection: ' . $xssHeaderValue);
         }
     }
 }
Example #6
0
 public function outputCompress(EventInterface $e)
 {
     $app = $e->getApplication();
     $eventManager = $app->getEventManager();
     $serviceManager = $app->getServiceManager();
     $minifyHtmlService = $serviceManager->get('VcoZfMinify\\Service\\MinifyHtmlService');
     $response = $e->getResponse();
     if (method_exists($response, 'getBody')) {
         $response->setContent($minifyHtmlService->minify($response->getBody()));
     }
 }
Example #7
0
 public function onBootstrap(EventInterface $e)
 {
     $e->getApplication()->getServiceManager()->get('translator');
     $eventManager = $e->getApplication()->getEventManager();
     $moduleRouteListener = new ModuleRouteListener();
     $moduleRouteListener->attach($eventManager);
     $headers = $e->getResponse()->getHeaders();
     $headers->addHeaderLine('Access-Control-Allow-Origin: *');
     $headers->addHeaderLine('Access-Control-Allow-Methods: PUT, GET, POST, PATCH, DELETE, OPTIONS');
     $headers->addHeaderLine('Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept');
     $this->initConfig($e);
     $e->getApplication()->getEventManager()->attach('render', array($this, 'registerJsonStrategy'), 100);
 }
 public function onRoute(\Zend\EventManager\EventInterface $e)
 {
     // Event manager of the app
     $application = $e->getApplication();
     $routeMatch = $e->getRouteMatch();
     $sm = $application->getServiceManager();
     $auth = $sm->get('Zend\\Authentication\\AuthenticationService');
     $acl = $sm->get('acl');
     // everyone is guest until logging in
     $role = Acl::DEFAULT_ROLE;
     // The default role is guest $acl
     if ($auth->hasIdentity()) {
         $user = $auth->getIdentity();
         $role = $user->getRole()->getName();
     }
     $controller = $routeMatch->getParam('controller');
     $action = $routeMatch->getParam('action');
     if (!$acl->hasResource($controller)) {
         throw new \Exception('Resource ' . $controller . ' not defined');
     }
     if (!$acl->isAllowed($role, $controller, $action)) {
         $response = $e->getResponse();
         $config = $sm->get('config');
         $redirect_route = $config['acl']['redirect_route'];
         if (!empty($redirect_route)) {
             $url = $e->getRouter()->assemble($redirect_route['params'], $redirect_route['options']);
             $response->getHeaders()->addHeaderLine('Location', $url);
             // The HTTP response status code 302 Found is a common way of performing a redirection.
             // http://en.wikipedia.org/wiki/HTTP_302
             $response->setStatusCode(302);
             $response->sendHeaders();
             exit;
         } else {
             //Status code 403 responses are the result of the web server being configured to deny access,
             //for some reason, to the requested resource by the client.
             //http://en.wikipedia.org/wiki/HTTP_403
             $response->setStatusCode(403);
             $response->setContent('
                 <html>
                     <head>
                         <title>403 Forbidden</title>
                     </head>
                     <body>
                         <h1>403 Forbidden</h1>
                     </body>
                 </html>');
             return $response;
         }
     }
 }
Example #9
0
 public function onRoute(\Zend\EventManager\EventInterface $e)
 {
     $application = $e->getApplication();
     $routeMatch = $e->getRouteMatch();
     $sm = $application->getServiceManager();
     $auth = $sm->get('Zend\\Authentication\\AuthenticationService');
     $config = $sm->get('Config');
     $acl = new Acl($config);
     // everyone is guest untill it gets logged in
     $role = Acl::DEFAULT_ROLE;
     // The default role is guest $acl
     // with Doctrine
     if ($auth->hasIdentity()) {
         $user = $auth->getIdentity();
         $usrlId = $user->getUsrlId();
         // Use a view to get the name of the role
         // TODO we don't need that if the names of the roles are comming from the DB
         switch ($usrlId) {
             case 1:
                 $role = Acl::DEFAULT_ROLE;
                 // guest
                 break;
             case 2:
                 $role = 'member';
                 break;
             case 3:
                 $role = 'admin';
                 break;
             default:
                 $role = Acl::DEFAULT_ROLE;
                 // guest
                 break;
         }
     }
     $controller = $routeMatch->getParam('controller');
     $action = $routeMatch->getParam('action');
     if (!$acl->hasResource($controller)) {
         throw new \Exception('Resource ' . $controller . ' not defined');
     }
     if (!$acl->isAllowed($role, $controller, $action)) {
         $url = $e->getRouter()->assemble(array(), array('name' => 'home'));
         $response = $e->getResponse();
         $response->getHeaders()->addHeaderLine('Location', $url);
         // The HTTP response status code 302 Found is a common way of performing a redirection.
         // http://en.wikipedia.org/wiki/HTTP_302
         $response->setStatusCode(302);
         $response->sendHeaders();
         exit;
     }
 }
Example #10
0
 protected function redirect(EventInterface $e, $route)
 {
     $app = $e->getApplication();
     $sm = $app->getServiceManager();
     /** @var \Zend\Mvc\Router\Http\TreeRouteStack $route */
     $currentRoute = $app->getMvcEvent()->getRouteMatch()->getMatchedRouteName();
     if ($currentRoute == $route) {
         return false;
     }
     $matchedRoute = $sm->get('Router')->assemble(array(), array('name' => $route));
     $response = $e->getResponse();
     $response->getHeaders()->addHeaderLine('Location', $matchedRoute);
     $response->setStatusCode(302);
     $response->sendHeaders();
     $e->stopPropagation();
     return false;
 }
Example #11
0
 public function onRoute(\Zend\EventManager\EventInterface $e)
 {
     // Event manager of the app
     $application = $e->getApplication();
     $routeMatch = $e->getRouteMatch();
     $sm = $application->getServiceManager();
     $auth = $sm->get('Zend\\Authentication\\AuthenticationService');
     $acl = $sm->get('acl');
     // everyone is guest until logging in
     $role = Acl::DEFAULT_ROLE;
     // The default role is guest $acl
     if ($auth->hasIdentity()) {
         $user = $auth->getIdentity();
         $role = $user->getRole()->getName();
     }
     $controller = $routeMatch->getParam('controller');
     $action = $routeMatch->getParam('action');
     if (!$acl->hasResource($controller)) {
         throw new \Exception('Resource ' . $controller . ' not defined');
     }
     if (!$acl->isAllowed($role, $controller, $action)) {
         $response = $e->getResponse();
         $config = $sm->get('config');
         $redirect_route = $config['acl']['redirect_route'];
         if (!empty($redirect_route['options']['params'])) {
             $url = $e->getRouter()->assemble($redirect_route['params'], $redirect_route['options']);
             $response->getHeaders()->addHeaderLine('Location', $url);
             $response->setStatusCode(302);
             $response->sendHeaders();
             exit;
         } else {
             $response->setStatusCode(403);
             $response->setContent('
                 <html>
                     <head>
                         <title>403 Forbidden</title>
                     </head>
                     <body>
                         <h1>403 Forbidden</h1>
                     </body>
                 </html>');
             return $response;
         }
     }
 }
 /**
  * Listen to the "render" event and render additional layout segments
  *
  * @param  MvcEvent $e
  * @return null
  */
 public function renderLayoutSegments(EventInterface $e)
 {
     // get view Model
     $viewModel = $e->getViewModel();
     /* @var $viewModel ViewModel */
     // add an additional header segment to layout
     $header = new ViewModel();
     $header->setTemplate('layout/header');
     $viewModel->addChild($header, 'header');
     // add an additional sidebar segment to layout
     $sidebar = new ViewModel();
     $sidebar->setTemplate('layout/sidebar');
     $viewModel->addChild($sidebar, 'sidebar');
     // add an additional footer segment to layout
     $footer = new ViewModel();
     $footer->setTemplate('layout/footer');
     $viewModel->addChild($footer, 'footer');
     // return response
     return $e->getResponse();
 }
Example #13
0
 public function renderSeo(EventInterface $e)
 {
     $sm = $e->getApplication()->getServiceManager();
     $config = $sm->get('config');
     $routes = $config['seo']['seo_routes'];
     $seoRoute = $e->getRouteMatch()->getMatchedRouteName();
     $params = $e->getRouteMatch()->getParams();
     $id = $params['id'];
     $type = $routes[$seoRoute];
     $seo = $this->seoService->getSeoByTypeId($id, $type);
     if ($seo) {
         // get view Model
         $renderer = $sm->get('Zend\\View\\Renderer\\PhpRenderer');
         $renderer->headTitle()->append(ucfirst($seo->getTitle()));
         $renderer->headMeta()->appendName('description', $seo->getDescription());
         $renderer->headMeta()->setName('keywords', $seo->getKeywords());
     }
     // return response
     return $e->getResponse();
 }
Example #14
0
 public function onBootstrap(EventInterface $e)
 {
     /**
      * Log any Uncaught Exceptions, including all Exceptions in the stack
      */
     $sharedManager = $e->getApplication()->getEventManager()->getSharedManager();
     $sm = $e->getApplication()->getServiceManager();
     $config = $sm->get('Config');
     if (isset($config['VcoZfLogger']) && isset($config['VcoZfLogger']['exceptionhandler']) && $config['VcoZfLogger']['exceptionhandler'] === true) {
         $sharedManager->attach('Zend\\Mvc\\Application', 'dispatch.error', function ($e) use($sm) {
             $response = $e->getResponse();
             $ex = $e->getParam('exception');
             $logger = $sm->get('VcoZfLogger');
             $statusCode = method_exists($response, 'getStatusCode') ? $response->getStatusCode() : null;
             $priority = $statusCode == 404 ? Logger::ERR : Logger::CRIT;
             if ($ex) {
                 do {
                     $logger->log($priority, sprintf("%s:%d %s (%d) [%s]", $ex->getFile(), $ex->getLine(), $ex->getMessage(), $ex->getCode(), get_class($ex)));
                 } while ($ex = $ex->getPrevious());
             }
         });
     }
 }
Example #15
0
 public function onRoute(EventInterface $e)
 {
     $application = $e->getApplication();
     $routeMatch = $e->getRouteMatch();
     $sm = $application->getServiceManager();
     // Authentication
     //        $auth = $sm->get('Zend\Authentication\AuthenticationService');
     /**
      * @Todo check if session container 'User' still exists
      */
     $UserContainer = new Container('User');
     //Authorization with database (check module.config.php)
     $acl = $sm->get('acl');
     // everyone is guest until it gets logged in
     $role = AclDb::DEFAULT_ROLE;
     if ($UserContainer->id) {
         $role = $UserContainer->activeRole;
     }
     $resource = $routeMatch->getParam('controller');
     $privilege = $routeMatch->getParam('action');
     if (!$acl->hasResource($resource)) {
         throw new \Exception('Resource ' . $resource . ' not defined');
     }
     if (!$acl->isAllowed($role, $resource, $privilege)) {
         // Get acl configuration to redirect route
         $response = $e->getResponse();
         $config = $sm->get('config');
         $redirect_route = $config['acl']['redirect_route'];
         $url = $e->getRouter()->assemble($redirect_route['params'], $redirect_route['options']);
         $response->getHeaders()->addHeaderLine('Location', $url);
         // The HTTP response status code 302 Found is a common way of performing a redirection.
         $response->setStatusCode(302);
         $response->sendHeaders();
         exit;
     }
 }
Example #16
0
 /**
  * Check if ssl is forced or not
  *
  * @param EventInterface $event Mvc event
  *
  * @return null|Zend\Http\PhpEnvironment\Response
  */
 public function check(EventInterface $event)
 {
     $coreConfig = $event->getApplication()->getServiceManager()->get('CoreConfig');
     $matchedRouteName = $event->getRouteMatch()->getMatchedRouteName();
     $request = $event->getRequest();
     $uri = $request->getUri();
     if ($matchedRouteName === 'cms') {
         if ($uri->getScheme() === 'https' or $coreConfig->getValue('force_frontend_ssl')) {
             $newUri = new Uri($coreConfig->getValue('secure_frontend_base_path'));
             $newUri->setScheme('https');
         } else {
             $newUri = new Uri($coreConfig->getValue('unsecure_frontend_base_path'));
         }
     } else {
         if ($uri->getScheme() === 'https' or $coreConfig->getValue('force_backend_ssl')) {
             $newUri = new Uri($coreConfig->getValue('secure_backend_base_path'));
             $newUri->setScheme('https');
         } else {
             $newUri = new Uri($coreConfig->getValue('unsecure_backend_base_path'));
         }
     }
     if (!empty($newUri) and $newUri->isValid() and ($newUri->getHost() != '' and $uri->getHost() != $newUri->getHost()) or $newUri->getScheme() != '' and $uri->getScheme() != $newUri->getScheme()) {
         $uri->setPort($newUri->getPort());
         if ($newUri->getHost() != '') {
             $uri->setHost($newUri->getHost());
         }
         if ($newUri->getScheme() != '') {
             $uri->setScheme($newUri->getScheme());
         }
         $response = $event->getResponse();
         $response->setStatusCode(302);
         $response->getHeaders()->addHeaderLine('Location', $request->getUri());
         $event->stopPropagation();
         return $response;
     }
 }
Example #17
0
 public function onBootstrap(EventInterface $e)
 {
     $serviceManager = $e->getApplication()->getServiceManager();
     $config = $e->getApplication()->getServiceManager()->get('config');
     $translator = $serviceManager->get('translator');
     // Gestion de la locale
     if (PHP_SAPI !== 'cli') {
         //translator
         // Gestion locale pour le back
         if ($serviceManager->get('router')->match($serviceManager->get('request')) && strpos($serviceManager->get('router')->match($serviceManager->get('request'))->getMatchedRouteName(), 'admin') !== false) {
             if ($e->getRequest()->getCookie() && $e->getRequest()->getCookie()->offsetExists('pg_locale_back')) {
                 $locale = $e->getRequest()->getCookie()->offsetGet('pg_locale_back');
             }
         }
         if (empty($locale)) {
             if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
                 $locale = \Locale::acceptFromHttp($_SERVER['HTTP_ACCEPT_LANGUAGE']);
             } else {
                 $locale = 'fr_FR';
             }
         }
         $translator->setLocale($locale);
         // plugins
         $translate = $serviceManager->get('viewhelpermanager')->get('translate');
         $translate->getTranslator()->setLocale($locale);
         $options = $serviceManager->get('playgroundcore_module_options');
         $options->setLocale($locale);
     }
     // positionnement de la langue pour les traductions de date avec strftime
     setlocale(LC_TIME, "fr_FR", 'fr_FR.utf8', 'fra');
     AbstractValidator::setDefaultTranslator($translator, 'playgroundcore');
     /*
      * Entity translation based on Doctrine Gedmo library
      */
     $doctrine = $serviceManager->get('doctrine.entitymanager.orm_default');
     $evm = $doctrine->getEventManager();
     $translatableListener = new \Gedmo\Translatable\TranslatableListener();
     // TODO : Set the Default locale to be taken from config
     $translatableListener->setDefaultLocale('fr_FR');
     // If no translation is found, fallback to entity data
     $translatableListener->setTranslationFallback(true);
     // set Locale
     if (!empty($locale)) {
         $translatableListener->setTranslatableLocale($locale);
     }
     $evm->addEventSubscriber($translatableListener);
     /**
      * Adding a Filter to slugify a string (make it URL compliiant)
      */
     $filterChain = new \Zend\Filter\FilterChain();
     $filterChain->getPluginManager()->setInvokableClass('slugify', 'PlaygroundCore\\Filter\\Slugify');
     $filterChain->attach(new Filter\Slugify());
     // Start the session container
     $sessionConfig = new SessionConfig();
     $sessionConfig->setOptions($config['session']);
     $sessionManager = new SessionManager($sessionConfig);
     $sessionManager->start();
     /**
      * Optional: If you later want to use namespaces, you can already store the
      * Manager in the shared (static) Container (=namespace) field
      */
     \Zend\Session\Container::setDefaultManager($sessionManager);
     // Google Analytics : When the render event is triggered, we invoke the view helper to
     // render the javascript code.
     $e->getApplication()->getEventManager()->attach(\Zend\Mvc\MvcEvent::EVENT_RENDER, function (\Zend\Mvc\MvcEvent $e) use($serviceManager) {
         $view = $serviceManager->get('ViewHelperManager');
         $plugin = $view->get('googleAnalytics');
         $plugin();
         $pluginOG = $view->get('facebookOpengraph');
         $pluginOG();
     });
     if (PHP_SAPI !== 'cli') {
         $session = new Container('facebook');
         $fb = $e->getRequest()->getPost()->get('signed_request');
         if ($fb) {
             list($encoded_sig, $payload) = explode('.', $fb, 2);
             $sig = base64_decode(strtr($encoded_sig, '-_', '+/'));
             $data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
             $session->offsetSet('signed_request', $data);
             // This fix exists only for safari on Windows : we need to redirect the user to the page outside of iframe
             // for the cookie to be accepted. Core just adds a 'redir_fb_page_id' var to alert controllers
             // that they need to send the user back to FB...
             if (!count($_COOKIE) > 0 && strpos($_SERVER['HTTP_USER_AGENT'], 'Safari')) {
                 echo '<script type="text/javascript">' . 'window.top.location.href = window.location.href+"?redir_fb_page_id=' . $data["page"]["id"] . '";' . '</script>';
             }
             // This fix exists only for IE6+, when this app is embedded into an iFrame : The P3P policy has to be set.
             $response = $e->getResponse();
             if ($response instanceof \Zend\Http\Response && (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') || strpos($_SERVER['HTTP_USER_AGENT'], 'rv:11.'))) {
                 $response->getHeaders()->addHeaderLine('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');
             }
         }
     }
 }
 /**
  * Listen to the "render" event and render additional layout segments
  *
  * @param  MvcEvent $e
  *
  * @return null
  */
 public function renderLayoutSegments(EventInterface $e)
 {
     // get view Model
     $viewModel = $e->getViewModel();
     /* @var $viewModel ViewModel */
     // only for normal View Models
     if (!$viewModel instanceof JsonModel) {
         // add an additional header segment to layout
         $header = new ViewModel();
         $header->setTemplate('layout/header');
         $viewModel->addChild($header, 'header');
         // add an additional footer segment to layout
         $footer = new ViewModel();
         $footer->setTemplate('layout/footer');
         $viewModel->addChild($footer, 'footer');
     }
     // return response
     return $e->getResponse();
 }
 public function onRoute(\Zend\EventManager\EventInterface $e)
 {
     $application = $e->getApplication();
     $routeMatch = $e->getRouteMatch();
     $sm = $application->getServiceManager();
     $auth = $sm->get('Zend\\Authentication\\AuthenticationService');
     $config = $sm->get('Config');
     $acl = new Acl($config);
     $role = Acl::DEFAULT_ROLE;
     if ($auth->hasIdentity()) {
         $user = $auth->getIdentity();
         switch ($user->role_id) {
             case 1:
                 $role = Acl::ADMIN_ROLE;
                 break;
             case 2:
                 $role = Acl::TEACHER_ROLE;
                 break;
             case 3:
                 $role = Acl::STUDENT_ROLE;
                 break;
             default:
                 $role = Acl::DEFAULT_ROLE;
                 break;
         }
     }
     $controller = $routeMatch->getParam('controller');
     $action = $routeMatch->getParam('action');
     if (!$acl->hasResource($controller)) {
         throw new \Exception('Resource ' . $controller . ' not defined');
     }
     if (!$acl->isAllowed($role, $controller, $action)) {
         $url = $e->getRouter()->assemble(array(), array('name' => 'errors/no-permission'));
         $response = $e->getResponse();
         $response->getHeaders()->addHeaderLine('Location', $url);
         $response->setStatusCode(403);
         $response->sendHeaders();
         exit;
     }
 }
Example #20
0
 /**
  * Listen to the bootstrap event
  *
  * @param \Zend\EventManager\EventInterface $event
  * @return array
  */
 public function onBootstrap(EventInterface $event)
 {
     /* @var $event          \Zend\Mvc\MvcEvent */
     /* @var $application    \Zend\Mvc\Application */
     /* @var $serviceManager \Zend\ServiceManager\ServiceManager */
     $application = $event->getApplication();
     $serviceManager = $application->getServiceManager();
     $application->getEventManager()->getSharedManager()->attach('Zend\\Mvc\\Application', MvcEvent::EVENT_DISPATCH_ERROR, array($this, 'onDispatchError'));
     $response = $event->getResponse();
     if ($response instanceof HttpResponse && $serviceManager->has('RedirectToDomain')) {
         $redirect = $serviceManager->get('RedirectToDomain');
         $path = '';
         $request = $event->getRequest();
         if ($request instanceof HttpRequest && $redirect->getUsePath()) {
             $path = $request->getRequestUri();
         }
         $url = $redirect->getUrl($path);
         $response->setStatusCode(302)->getHeaders()->addHeaders(array('Location' => $url, 'X-Redirect-Reason' => $redirect->getReason()));
         $this->response = $response->setContent(sprintf('<meta http-equiv="refresh" content="0;url=%1$s">' . '<a href="%1$s">%1$s</a>', htmlspecialchars($url)));
     }
 }
Example #21
0
 public function onRoute(EventInterface $poEvent)
 {
     $loApplication = $poEvent->getApplication();
     $loRouteMatch = $poEvent->getRouteMatch();
     $loServiceManager = $loApplication->getServiceManager();
     $loEventManager = $loApplication->getEventManager();
     $loEvents = $loEventManager->getSharedManager();
     $loSession = new Session();
     $loUser = $loSession->getRegister('OnionAuth');
     $laMenu = Config::getAppOptions('menu');
     $lsRole = Acl::DEFAULT_ROLE;
     //guest
     if ($loUser !== null) {
         $lnGroup = $loUser->get('UserGroup_id');
         if (isset($laMenu['groups'][$lnGroup])) {
             $lsRole = $laMenu['groups'][$lnGroup];
         }
     }
     $laMenu = $laMenu[$lsRole];
     $loEvents->attach('Zend\\Mvc\\Controller\\AbstractActionController', 'dispatch', function ($event) use($laMenu, $loUser) {
         $loController = $event->getTarget();
         $loController->layout()->laMenu = $laMenu;
         $loController->layout()->loUser = $loUser;
         $loController->layout()->loController = $loController;
     }, 100);
     $lsController = $loRouteMatch->getParam('__CONTROLLER__');
     $lsAction = $loRouteMatch->getParam('action');
     if (empty($lsController)) {
         $lsController = 'Index';
     }
     if (empty($lsAction)) {
         $lsAction = 'index';
     }
     $laConfigAcl = Config::getAppOptions('acl');
     $loAcl = new Acl($laConfigAcl);
     if (!$loAcl->hasResource($lsController)) {
         throw new \Exception('Resource ' . $lsController . ' not defined');
     }
     Debug::debug("Route: {$lsController}/{$lsAction}");
     if (!$loAcl->isAllowed($lsRole, $lsController, $lsAction)) {
         if ($lsController != 'Index' && $lsAction != 'index') {
             $loFlashMessenger = new FlashMessenger();
             $loFlashMessenger->addMessage(array('id' => 'Access-' . microtime(true), 'hidden' => false, 'push' => false, 'type' => 'danger', 'msg' => Translator::i18n('Você não tem permissão para executar esta ação!')));
         }
         $lsUrl = $poEvent->getRouter()->assemble(array(), array('name' => 'access', 'query' => array('urlFrom' => base64_encode($_SERVER['REQUEST_URI']))));
         $loResponse = $poEvent->getResponse();
         $loResponse->getHeaders()->addHeaderLine('Location', $lsUrl);
         $loResponse->setStatusCode(302);
         $loResponse->sendHeaders();
         exit;
     }
 }
Example #22
0
 /**
  * @param EventInterface $event
  */
 public function logResponse(EventInterface $event)
 {
     if ($event->getRequest() instanceof \Zend\Http\PhpEnvironment\Request) {
         $contentType = $event->getResponse()->getHeaders()->get('Content-Type');
         $content = $event->getResponse()->getContent();
         if ($contentType instanceof \Zend\Http\Header\ContentType) {
             if (in_array($event->getResponse()->getHeaders()->get('Content-Type')->getMediaType(), $this->getIgnoreMediaTypes())) {
                 $content = 'BINARY';
             }
         }
         $this->getLog()->debug(print_r(array($event->getRequest()->getUri()->getHost() => array('Response' => array('statusCode' => $event->getResponse()->getStatusCode(), 'contentType' => !$event->getResponse()->getHeaders()->get('Content-Type') ? 'unknown' : $event->getResponse()->getHeaders()->get('Content-Type')->getMediaType(), 'content' => $content))), true));
     }
 }