public function onRoute(\Zend\EventManager\EventInterface $e)
{
$application = $e->getApplication();
$routeMatch = $e->getRouteMatch();
$sm = $application->getServiceManager();
$auth = $sm->get('Zend\\Authentication\\AuthenticationService');
$config = $sm->get('Config');
$acl = new Acl($config);
$role = Acl::DEFAULT_ROLE;
if ($auth->hasIdentity()) {
$user = $auth->getIdentity();
$role = $user->getUserRole()->getRole();
}
$controller = $routeMatch->getParam('controller');
$action = $routeMatch->getParam('action');
if (!$acl->hasResource($controller)) {
throw new \Exception('Resource ' . $controller . ' not defined');
}
if (!$acl->isAllowed($role, $controller, $action)) {
$url = $e->getRouter()->assemble(array(), array('name' => 'home/login'));
$response = $e->getResponse();
$response->getHeaders()->addHeaderLine('Location', $url);
$response->setStatusCode(302);
$response->sendHeaders();
exit;
}
}
public function onRoute(\Zend\EventManager\EventInterface $e)
{
$application = $e->getApplication();
$routeMatch = $e->getRouteMatch();
$sm = $application->getServiceManager();
$auth = $sm->get('Zend\\Authentication\\AuthenticationService');
$config = $sm->get('Config');
$acl = new Acl($config);
// everyone is guest until logging in
$role = Acl::DEFAULT_ROLE;
// The default role is guest $acl
if ($auth->hasIdentity()) {
$user = $auth->getIdentity();
$role = $user->getRole()->getName();
}
$controller = $routeMatch->getParam('controller');
$action = $routeMatch->getParam('action');
if (!$acl->hasResource($controller)) {
throw new \Exception('Resource ' . $controller . ' not defined');
}
if (!$acl->isAllowed($role, $controller, $action)) {
$url = $e->getRouter()->assemble(array(), array('name' => 'home'));
$response = $e->getResponse();
$response->getHeaders()->addHeaderLine('Location', $url);
// The HTTP response status code 302 Found is a common way of performing a redirection.
// http://en.wikipedia.org/wiki/HTTP_302
$response->setStatusCode(302);
$response->sendHeaders();
exit;
}
}
public function onRoute(\Zend\EventManager\EventInterface $e)
{
// Event manager of the app
$application = $e->getApplication();
$routeMatch = $e->getRouteMatch();
$sm = $application->getServiceManager();
$auth = $sm->get('Zend\\Authentication\\AuthenticationService');
$acl = $sm->get('acl');
// everyone is guest until logging in
$role = Acl::DEFAULT_ROLE;
// The default role is guest $acl
if ($auth->hasIdentity()) {
$user = $auth->getIdentity();
$role = $user->getRole()->getName();
}
$controller = $routeMatch->getParam('controller');
$action = $routeMatch->getParam('action');
if (!$acl->hasResource($controller)) {
throw new \Exception('Resource ' . $controller . ' not defined');
}
if (!$acl->isAllowed($role, $controller, $action)) {
$response = $e->getResponse();
$config = $sm->get('config');
$redirect_route = $config['acl']['redirect_route'];
if (!empty($redirect_route)) {
$url = $e->getRouter()->assemble($redirect_route['params'], $redirect_route['options']);
$response->getHeaders()->addHeaderLine('Location', $url);
// The HTTP response status code 302 Found is a common way of performing a redirection.
// http://en.wikipedia.org/wiki/HTTP_302
$response->setStatusCode(302);
$response->sendHeaders();
exit;
} else {
//Status code 403 responses are the result of the web server being configured to deny access,
//for some reason, to the requested resource by the client.
//http://en.wikipedia.org/wiki/HTTP_403
$response->setStatusCode(403);
$response->setContent('
<html>
<head>
<title>403 Forbidden</title>
</head>
<body>
<h1>403 Forbidden</h1>
</body>
</html>');
return $response;
}
}
}
public function onRoute(\Zend\EventManager\EventInterface $e)
{
$application = $e->getApplication();
$routeMatch = $e->getRouteMatch();
$sm = $application->getServiceManager();
$auth = $sm->get('Zend\\Authentication\\AuthenticationService');
$config = $sm->get('Config');
$acl = new Acl($config);
// everyone is guest untill it gets logged in
$role = Acl::DEFAULT_ROLE;
// The default role is guest $acl
// with Doctrine
if ($auth->hasIdentity()) {
$user = $auth->getIdentity();
$usrlId = $user->getUsrlId();
// Use a view to get the name of the role
// TODO we don't need that if the names of the roles are comming from the DB
switch ($usrlId) {
case 1:
$role = Acl::DEFAULT_ROLE;
// guest
break;
case 2:
$role = 'member';
break;
case 3:
$role = 'admin';
break;
default:
$role = Acl::DEFAULT_ROLE;
// guest
break;
}
}
$controller = $routeMatch->getParam('controller');
$action = $routeMatch->getParam('action');
if (!$acl->hasResource($controller)) {
throw new \Exception('Resource ' . $controller . ' not defined');
}
if (!$acl->isAllowed($role, $controller, $action)) {
$url = $e->getRouter()->assemble(array(), array('name' => 'home'));
$response = $e->getResponse();
$response->getHeaders()->addHeaderLine('Location', $url);
// The HTTP response status code 302 Found is a common way of performing a redirection.
// http://en.wikipedia.org/wiki/HTTP_302
$response->setStatusCode(302);
$response->sendHeaders();
exit;
}
}
public function onRoute(\Zend\EventManager\EventInterface $e)
{
// Event manager of the app
$application = $e->getApplication();
$routeMatch = $e->getRouteMatch();
$sm = $application->getServiceManager();
$auth = $sm->get('Zend\\Authentication\\AuthenticationService');
$acl = $sm->get('acl');
// everyone is guest until logging in
$role = Acl::DEFAULT_ROLE;
// The default role is guest $acl
if ($auth->hasIdentity()) {
$user = $auth->getIdentity();
$role = $user->getRole()->getName();
}
$controller = $routeMatch->getParam('controller');
$action = $routeMatch->getParam('action');
if (!$acl->hasResource($controller)) {
throw new \Exception('Resource ' . $controller . ' not defined');
}
if (!$acl->isAllowed($role, $controller, $action)) {
$response = $e->getResponse();
$config = $sm->get('config');
$redirect_route = $config['acl']['redirect_route'];
if (!empty($redirect_route['options']['params'])) {
$url = $e->getRouter()->assemble($redirect_route['params'], $redirect_route['options']);
$response->getHeaders()->addHeaderLine('Location', $url);
$response->setStatusCode(302);
$response->sendHeaders();
exit;
} else {
$response->setStatusCode(403);
$response->setContent('
<html>
<head>
<title>403 Forbidden</title>
</head>
<body>
<h1>403 Forbidden</h1>
</body>
</html>');
return $response;
}
}
}
/**
* Load menu if module has view with name "menu.phtml"
*
* @param EventInterface $event Event
*
* @return void
*/
public function loadMenu(EventInterface $event)
{
if ($route = $event->getRouter()->getRoute('module')->match($event->getRequest())) {
if ($route->getParam('module') === 'module') {
return;
}
$filter = new Filter\Word\CamelCaseToSeparator();
$filter->setSeparator('-');
$filterChain = new Filter\FilterChain();
$filterChain->attach($filter)->attach(new Filter\StringToLower());
$template = $filterChain->filter($route->getParam('module')) . '/menu';
$target = $event->getTarget();
$resolver = $event->getApplication()->getServiceManager()->get('Zend\\View\\Resolver\\TemplatePathStack');
$navigation = $target->getServiceLocator()->get('navigation');
$navigation->findByRoute('module')->addPage(array('label' => $route->getParam('module'), 'route' => $event->getRouteMatch()->getMatchedRouteName(), 'active' => true));
if (false !== $resolver->resolve($template)) {
$target->layout()->setVariable('moduleMenu', $template);
}
}
}
public function onRoute(EventInterface $e)
{
$application = $e->getApplication();
$routeMatch = $e->getRouteMatch();
$sm = $application->getServiceManager();
// Authentication
// $auth = $sm->get('Zend\Authentication\AuthenticationService');
/**
* @Todo check if session container 'User' still exists
*/
$UserContainer = new Container('User');
//Authorization with database (check module.config.php)
$acl = $sm->get('acl');
// everyone is guest until it gets logged in
$role = AclDb::DEFAULT_ROLE;
if ($UserContainer->id) {
$role = $UserContainer->activeRole;
}
$resource = $routeMatch->getParam('controller');
$privilege = $routeMatch->getParam('action');
if (!$acl->hasResource($resource)) {
throw new \Exception('Resource ' . $resource . ' not defined');
}
if (!$acl->isAllowed($role, $resource, $privilege)) {
// Get acl configuration to redirect route
$response = $e->getResponse();
$config = $sm->get('config');
$redirect_route = $config['acl']['redirect_route'];
$url = $e->getRouter()->assemble($redirect_route['params'], $redirect_route['options']);
$response->getHeaders()->addHeaderLine('Location', $url);
// The HTTP response status code 302 Found is a common way of performing a redirection.
$response->setStatusCode(302);
$response->sendHeaders();
exit;
}
}
public function onRoute(EventInterface $poEvent)
{
$loApplication = $poEvent->getApplication();
$loRouteMatch = $poEvent->getRouteMatch();
$loServiceManager = $loApplication->getServiceManager();
$loEventManager = $loApplication->getEventManager();
$loEvents = $loEventManager->getSharedManager();
$loSession = new Session();
$loUser = $loSession->getRegister('OnionAuth');
$laMenu = Config::getAppOptions('menu');
$lsRole = Acl::DEFAULT_ROLE;
//guest
if ($loUser !== null) {
$lnGroup = $loUser->get('UserGroup_id');
if (isset($laMenu['groups'][$lnGroup])) {
$lsRole = $laMenu['groups'][$lnGroup];
}
}
$laMenu = $laMenu[$lsRole];
$loEvents->attach('Zend\\Mvc\\Controller\\AbstractActionController', 'dispatch', function ($event) use($laMenu, $loUser) {
$loController = $event->getTarget();
$loController->layout()->laMenu = $laMenu;
$loController->layout()->loUser = $loUser;
$loController->layout()->loController = $loController;
}, 100);
$lsController = $loRouteMatch->getParam('__CONTROLLER__');
$lsAction = $loRouteMatch->getParam('action');
if (empty($lsController)) {
$lsController = 'Index';
}
if (empty($lsAction)) {
$lsAction = 'index';
}
$laConfigAcl = Config::getAppOptions('acl');
$loAcl = new Acl($laConfigAcl);
if (!$loAcl->hasResource($lsController)) {
throw new \Exception('Resource ' . $lsController . ' not defined');
}
Debug::debug("Route: {$lsController}/{$lsAction}");
if (!$loAcl->isAllowed($lsRole, $lsController, $lsAction)) {
if ($lsController != 'Index' && $lsAction != 'index') {
$loFlashMessenger = new FlashMessenger();
$loFlashMessenger->addMessage(array('id' => 'Access-' . microtime(true), 'hidden' => false, 'push' => false, 'type' => 'danger', 'msg' => Translator::i18n('Você não tem permissão para executar esta ação!')));
}
$lsUrl = $poEvent->getRouter()->assemble(array(), array('name' => 'access', 'query' => array('urlFrom' => base64_encode($_SERVER['REQUEST_URI']))));
$loResponse = $poEvent->getResponse();
$loResponse->getHeaders()->addHeaderLine('Location', $lsUrl);
$loResponse->setStatusCode(302);
$loResponse->sendHeaders();
exit;
}
}
public function onRoute(\Zend\EventManager\EventInterface $e)
{
$application = $e->getApplication();
$routeMatch = $e->getRouteMatch();
$sm = $application->getServiceManager();
$auth = $sm->get('Zend\\Authentication\\AuthenticationService');
$config = $sm->get('Config');
$acl = new Acl($config);
$role = Acl::DEFAULT_ROLE;
if ($auth->hasIdentity()) {
$user = $auth->getIdentity();
switch ($user->role_id) {
case 1:
$role = Acl::ADMIN_ROLE;
break;
case 2:
$role = Acl::TEACHER_ROLE;
break;
case 3:
$role = Acl::STUDENT_ROLE;
break;
default:
$role = Acl::DEFAULT_ROLE;
break;
}
}
$controller = $routeMatch->getParam('controller');
$action = $routeMatch->getParam('action');
if (!$acl->hasResource($controller)) {
throw new \Exception('Resource ' . $controller . ' not defined');
}
if (!$acl->isAllowed($role, $controller, $action)) {
$url = $e->getRouter()->assemble(array(), array('name' => 'errors/no-permission'));
$response = $e->getResponse();
$response->getHeaders()->addHeaderLine('Location', $url);
$response->setStatusCode(403);
$response->sendHeaders();
exit;
}
}
