/** * @return \Member */ protected static function getBasicAuthMember() { $realm = \Config::inst()->get('HttpAuth', 'Realm'); $permissionCode = \Config::inst()->get('HttpAuth', 'PermissionCode'); $isRunningTests = class_exists('SapphireTest', false) && \SapphireTest::is_running_test(); $tryUsingSessionLogin = $isRunningTests || \Config::inst()->get('HttpAuth', 'TryUsingSessionLogin'); try { $member = \BasicAuth::requireLogin($realm, $permissionCode, $tryUsingSessionLogin); return $member; } catch (\Exception $ex) { return null; } }
/** * If not logged in attempt HTTP auth and check permission, otherwise check logged in members permission * @throws PermissionFailureException * @return ReplicantAction this */ public function checkPerm() { if (!($member = Member::currentUserID())) { if ($member = BasicAuth::requireLogin("Replicant", static::$required_permission, true)) { $member->logIn(); $res = true; } } else { $res = Permission::check(static::$required_permission); } if (!$res) { $this->failed("Permission Failure: " . static::$required_permission)->output(); throw new PermissionFailureException("Not allowed to " . static::$required_permission); } return $this; }
/** * Initialisation function that is run before any action on the controller is called. * * @uses BasicAuth::requireLogin() */ function init() { // Test and development sites should be secured, via basic-auth if(Director::isTest() && $this->basicAuthEnabled && Security::database_is_ready()) { BasicAuth::requireLogin("SilverStripe test website. Use your CMS login", "ADMIN"); } // Directly access the session variable just in case the Group or Member tables don't yet exist if(Session::get('loggedInAs') && Security::database_is_ready()) { if($member = Member::currentUser()) { Cookie::set("PastMember", true); DB::query("UPDATE Member SET LastVisited = NOW() WHERE ID = $member->ID", null); } } // This is used to test that subordinate controllers are actually calling parent::init() - a common bug $this->baseInitCalled = true; }
function basicauthlogin() { $member = BasicAuth::requireLogin("SilverStripe login", 'ADMIN'); $member->LogIn(); }
function index($request) { // For 2.3 and 2.4 compatibility $bt = defined('DB::USE_ANSI_SQL') ? "\"" : "`"; BasicAuth::enable(); BasicAuth::requireLogin("CMS RSS feed access. Use your CMS login", "CMS_ACCESS_CMSMain"); $member = $this->getBasicAuthMember(); // Due to a bug in 2.3.0 we can't get the information that we need from $request $params = Director::urlParams(); // Default value if (!isset($params['Data']) || !$params['Data']) { $params['Data'] = 'all'; } switch ($params['Data']) { case 'all': $changes = $this->changes(); break; case 'page': if ((int) $params['PageID']) { $changes = $this->changes("{$bt}SiteTree{$bt}.{$bt}ID{$bt} = " . (int) $params['PageID']); } else { return new HTTPResponse("<h1>Bad Page ID</h1><p>Bad page ID when getting RSS feed of changes to a page.</p>", 400); } break; default: user_error("CMSChangeTracker Data param value '{$params['Data']}' not implemented; this is probably due to a bad URL rule.", E_USER_ERROR); } $processedChanges = new DataObjectSet(); foreach ($changes as $change) { if ($change->canEdit($member)) { $author = DataObject::get_by_id("Member", $change->AuthorID); $verbed = $change->Version == 1 ? "created" : "edited"; if ($author) { $changeTitle = "'{$change->Title}' {$verbed} by {$author->FirstName} {$author->Surname}"; $changeAuthor = "{$author->FirstName} {$author->Surname}"; $firstParagraph = "{$author->FirstName} {$author->Surname} (<a href=\"mailto:{$author->Email}\">{$author->Email}</a>) has {$verbed} the '{$change->Title}' page."; } else { $changeTitle = "'{$change->Title}' {$verbed}"; $changeAuthor = ""; $firstParagraph = "The '{$change->Title}' page has been {$verbed}."; } $actionLinks = ""; $cmsLink = Director::absoluteURL("admin/show/{$change->ID}"); $actionLinks .= "<li><a href=\"{$cmsLink}\">Edit in CMS</a></li>\n"; $page = DataObject::get_by_id('SiteTree', $change->ID); if ($page) { $link = $page->AbsoluteLink(); $actionLinks .= "<li><a href=\"{$link}\">See the page on site</a></li>\n"; } if ($change->Version > 1) { $prevVersion = $change->Version - 1; $diffLink = Director::absoluteURL("admin/compareversions/{$change->ID}/?From={$prevVersion}&To={$change->Version}"); $actionLinks .= "<li><a href=\"{$diffLink}\">See the changes in CMS</a></li>\n"; } $changeDescription = <<<HTML <p>{$firstParagraph}</p> <h3>Actions and links</h3> <ul> \t{$actionLinks} </ul> HTML; $processedChange = new CMSChangeTracker_Change(array("ChangeTitle" => $changeTitle, "Author" => $changeAuthor, "Content" => $changeDescription, "Link" => $change->Link() . "version/{$change->Version}")); $processedChanges->push($processedChange); } } $feed = new RSSFeed($processedChanges, Director::absoluteURL("admin/"), "SilverStripe Content Changes", "", "ChangeTitle"); return $feed->outputToBrowser(); }
/** * This function will return true if the site is in a test environment. * For information about environment types, see {@link Director::set_environment_type()}. */ static function isTest() { // Use ?isTest=1 to get test access on the live server, or explicitly set your environment if (isset($_GET['isTest'])) { if (Security::database_is_ready()) { BasicAuth::requireLogin("SilverStripe developer access. Use your CMS login", "ADMIN"); $_SESSION['isTest'] = $_GET['isTest']; } else { return true; } } if (self::isDev()) { return false; } if (self::$environment_type) { return self::$environment_type == 'test'; } // Check if we are running on one of the test servers if (isset($_SERVER['HTTP_HOST']) && in_array($_SERVER['HTTP_HOST'], Director::$test_servers)) { return true; } return false; }
/** * Initialisation function that is run before any action on the controller is called. */ function init() { // Test and development sites should be secured, via basic-auth if (ClassInfo::hasTable("Group") && ClassInfo::hasTable("Member") && Director::isTest() && $this->basicAuthEnabled) { BasicAuth::requireLogin("SilverStripe test website. Use your CMS login", "ADMIN"); } // Cookie::set("PastVisitor", true); // ClassInfo::hasTable() called to ensure that we're not in a very-first-setup stage if (ClassInfo::hasTable("Group") && ClassInfo::hasTable("Member") && ($member = Member::currentUser())) { Cookie::set("PastMember", true); DB::query("UPDATE Member SET LastVisited = NOW() WHERE ID = {$member->ID}", null); } // This is used to test that subordinate controllers are actually calling parent::init() - a common bug $this->baseInitCalled = true; }
/** * Enable basic auth on the API */ public function init() { $this->member = BasicAuth::requireLogin('Deploynaut API'); parent::init(); }
/** * Requires user to be logged in (via BasicAuth if not already logged in). * @return SS_HTTPResponse|void */ public function init() { BasicAuth::requireLogin('Please login'); parent::init(); }
/** * This function will return true if the site is in a test environment. * For information about environment types, see {@link Director::set_environment_type()}. * * @param $skipDatabase Skips database checks for current login permissions if set to TRUE, * which is useful for checks happening before the database is functional. */ public static function isTest($skipDatabase = false) { // Use ?isTest=1 to get test access on the live server, or explicitly set your environment if (!$skipDatabase && isset($_GET['isTest'])) { if (Security::database_is_ready()) { BasicAuth::requireLogin("SilverStripe developer access. Use your CMS login", "ADMIN"); $_SESSION['isTest'] = $_GET['isTest']; } else { return true; } } if (self::isDev($skipDatabase)) { return false; } if (Config::inst()->get('Director', 'environment_type')) { return Config::inst()->get('Director', 'environment_type') == 'test'; } // Check if we are running on one of the test servers $testServers = (array) Config::inst()->get('Director', 'test_servers'); if (isset($_SERVER['HTTP_HOST']) && in_array($_SERVER['HTTP_HOST'], $testServers)) { return true; } return false; }
/** * This function will return true if the site is in a development environment. * For information about environment types, see {@link Director::set_environment_type()}. */ static function isDev() { if (self::$environment_type) { return self::$environment_type == 'dev'; } // Use ?isDev=1 to get development access on the live server if (isset($_GET['isDev'])) { if (ClassInfo::ready()) { BasicAuth::requireLogin("SilverStripe developer access. Use your CMS login", "ADMIN"); $_SESSION['isDev'] = $_GET['isDev']; } else { return true; } } if (isset($_SESSION['isDev']) && $_SESSION['isDev']) { return true; } // Check if we are running on one of the development servers if (in_array($_SERVER['HTTP_HOST'], Director::$dev_servers)) { return true; } /* // Check if we are running on one of the test servers if(in_array($_SERVER['HTTP_HOST'], Director::$test_servers)) { return true; } */ return false; }
/** * @param null|int|Member $member * @param string $permission * * @return bool * * @throws SS_HTTPResponse_Exception */ function canAccess($member = null, $permission = "ADMIN") { if (!$member) { $member = Member::currentUser(); } if (!$member) { $member = BasicAuth::requireLogin('Environment Checker', $permission, false); } // We allow access to this controller regardless of live-status or ADMIN permission only // if on CLI. Access to this controller is always allowed in "dev-mode", or of the user is ADMIN. if (Director::isDev() || Director::is_cli() || empty($permission) || Permission::checkMember($member, $permission)) { return true; } // Extended access checks. // "Veto" style, return NULL to abstain vote. $canExtended = null; $results = $this->extend('canAccess', $member); if ($results && is_array($results)) { if (!min($results)) { return false; } else { return true; } } return false; }