protected function _checkSkipAcl(Zend_Controller_Request_Abstract $request, $type) { // verificação de requisicao - Caso ajax, verifica se a action é delete, senao, SKIP nele. if ($request->isXmlHttpRequest() && !in_array($request->getActionName(), $this->_arrAjaxNotSkip)) { return TRUE; } $configs = Zend_Registry::get('configs'); $skip = $configs['security']['skip'][$type]; $result = FALSE; $result = in_array($request->getActionName(), $skip); foreach ($skip as $routers) { $route = explode('/', $routers); switch (count($route)) { case 1: // action $result = in_array($request->getActionName(), $skip); break; case 2: // controller/action $result = in_array($request->getControllerName() . '/' . $request->getActionName(), $skip); break; case 3: // module/controller/action $result = in_array($request->getModuleName() . '/' . $request->getControllerName() . '/' . $request->getActionName(), $skip); break; } if ($result) { return TRUE; } } return $result; }
public function preDispatch(Zend_Controller_Request_Abstract $request) { $loginController = 'authentication'; $loginAction = 'login'; $auth = Zend_Auth::getInstance(); // If user is not logged in and is not requesting login page // - redirect to login page. if (!$auth->hasIdentity() && $request->getControllerName() != $loginController && $request->getActionName() != $loginAction) { $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector'); $redirector->gotoSimpleAndExit($loginAction, $loginController); } // User is logged in or on login page. if ($auth->hasIdentity()) { // Is logged in // Let's check the credential $acl = new Tynex_Models_TynexAcl(); $identity = $auth->getIdentity(); // role is a column in the user table (database) $isAllowed = $acl->isAllowed($identity->role, $request->getControllerName(), $request->getActionName()); if (!$isAllowed) { $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector'); $redirector->gotoUrlAndExit('/'); } } }
public function routeShutdown(Zend_Controller_Request_Abstract $request) { Zend_Layout::getMvcInstance()->setLayout($request->getModuleName()); Zend_Layout::getMvcInstance()->setLayoutPath(APPLICATION_PATH . "/modules/" . $request->getModuleName() . "/layouts/scripts"); $eh = Zend_Controller_Front::getInstance()->getPlugin("Zend_Controller_Plugin_ErrorHandler"); $eh->setErrorHandlerModule($request->getModuleName()); }
public function postDispatch(Zend_Controller_Request_Abstract $request) { $layout = Zend_Layout::getMvcInstance(); // the name "maintenanceMode" is also referred to in the Admin_MaintenanceController, // so if you change the filename, it needs to be changed there too $maintenanceModeFileName = 'maintenanceMode'; $register = new Ot_Config_Register(); $identity = Zend_Auth::getInstance()->getIdentity(); $role = empty($identity->role) ? $register->defaultRole->getValue() : $identity->role; if (isset($identity->masquerading) && $identity->masquerading == true && isset($identity->realAccount) && !is_null($identity->realAccount) && isset($identity->realAccount->role)) { $role = $identity->realAccount->role; } $acl = Zend_Registry::get('acl'); $view = $layout->getView(); $viewRenderer = Zend_Controller_Action_HelperBroker::getExistingHelper('ViewRenderer'); if (is_file(APPLICATION_PATH . '/../overrides/' . $maintenanceModeFileName) && (!$request->isXmlHttpRequest() && !$viewRenderer->getNeverRender())) { if (!$acl->isAllowed($role, 'ot_maintenance', 'index')) { if (!($request->getModuleName() == 'ot' && $request->getControllerName() == 'login' && $request->getActionName() == 'index')) { $response = $this->getResponse(); $layout->disableLayout(); $response->setBody($view->maintenanceMode()->publicLayout()); } } else { $response = $this->getResponse(); // there's no point in setting text here if it's a redirect if ($response->isRedirect()) { $response->setBody(''); } else { $response->setBody($view->maintenanceMode()->header() . $response->getBody()); } } } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { $context = $request->getHeader('X-Zrt-Format'); if ($context) { $request->setParam('format', $context); } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { $storage = new Zend_Auth_Storage_Session(); $data = $storage->read(); $role = $data['emprole']; if ($role == 1) { $role = 'admin'; } $request->getModuleName(); $request->getControllerName(); $request->getActionName(); $module = $request->getModuleName(); $resource = $request->getControllerName(); $privilege = $request->getActionName(); $this->id_param = $request->getParam('id'); $allowed = false; $acl = $this->_getAcl(); $moduleResource = "{$module}:{$resource}"; if ($resource == 'profile') { $role = 'viewer'; } if ($resource == 'services') { $role = 'services'; } if ($role != '') { if ($acl->has($moduleResource)) { $allowed = $acl->isAllowed($role, $moduleResource, $privilege); } if (!$allowed) { $request->setControllerName('error'); $request->setActionName('error'); } } }
/** * * @param Zend_Controller_Request_Abstract $request */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $options = Zend_Controller_Front::getInstance()->getParam('bootstrap')->getApplication()->getOptions(); $config = new Zend_Config($options); $acl = new My_Acl($config); $role = 'guest'; if (Zend_Auth::getInstance()->hasIdentity()) { $role = 'user'; if (Zend_Auth::getInstance()->hasIdentity()) { return; } else { $login = Zend_Auth::getInstance()->getIdentity(); $user = My_Model::get('Users')->getUserByEmail($login); if ($user->admin == 1) { $role = 'admin'; } } } $controller = $request->getControllerName(); $action = $request->getActionName(); $resource = $controller; $privilege = $action; if (!$acl->has($resource)) { $resource = null; } if (is_null($privilege)) { $privilege = 'index'; } if (!$acl->isAllowed($role, $resource, $privilege)) { // $flash = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger'); // $flash->addMessage('Access Denied'); $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector'); $redirector->gotoSimpleAndExit('login', 'admin'); } }
/** * Apply category filter to layer * * @param Zend_Controller_Request_Abstract $request * @param Mage_Core_Block_Abstract $filterBlock * @return Mage_Catalog_Model_Layer_Filter_Category */ public function apply(Zend_Controller_Request_Abstract $request, $filterBlock) { $layer = Mage::helper('conversionpro')->getCurrentLayer(); $filter = (int) $request->getParam($this->getRequestVar()); if (!$filter) { return $this; } $this->_categoryId = Mage::helper('conversionpro')->getCategoryIdByAnswerId($filter); Mage::register('current_category_filter', $this->getCategory(), true); $this->_appliedCategory = Mage::getModel('catalog/category')->setStoreId(Mage::app()->getStore()->getId())->load($this->_categoryId); // For some reason, this class runs twice, and not as a singelton, so we have no way of monitoring // whether the state filter was already added or not by using some class parameter. Instead, // we're going over all the filters to see if any has 'Category' for the name, and only adding the state // tag if we can't find one. $isFilterApplied = false; $filters = $this->getLayer()->getState()->getFilters(); foreach ($filters as $filter) { if ($filter->getName() == $this->getName()) { $isFilterApplied = true; } } //If there's no state tag for the cateogry yet, create it. if (!$isFilterApplied) { //If this category exists in Magento, it will execute normally. In any other case, we assume that the chosen // answer doesn't exist in Magento and apply it as a regular filter. The getCategoryIdByAnswerText() function // saves the answer's text to $this->_categoryId in these cases, so we can use that as the state tag's // label. if ($this->_isValidCategory($this->_appliedCategory)) { $this->getLayer()->getState()->addFilter($this->_createItem($this->_appliedCategory->getName(), $this->_categoryId)); } else { $this->getLayer()->getState()->addFilter($this->_createItem($this->_categoryId, $filter)); } } return $this; }
public function preDispatch(Zend_Controller_Request_Abstract $request) { if ($this->_auth->hasIdentity()) { $role = $this->_auth->getIdentity()->getUser()->role; } else { $role = 'guest'; } $controller = $request->controller; $action = $request->action; $module = $request->module; $resource = $controller; if (!$this->_acl->has($resource)) { $resource = null; } if (!$this->_acl->isAllowed($role, $resource, $action)) { if (!$this->_auth->hasIdentity()) { $module = self::NO_AUTH_MODULE; $controller = self::NO_AUTH_CONTROLLER; $action = self::NO_AUTH_ACTION; } else { $module = self::NO_ACL_MODULE; $controller = self::NO_ACL_CONTROLLER; $action = self::NO_ACL_ACTION; } } $request->setModuleName($module); $request->setControllerName($controller); $request->setActionName($action); }
/** * this function routes all requests that come in to the default module to the index controller / index action * * @param zend_controller_request $request */ public function preDispatch(Zend_Controller_Request_Abstract $request) { if ($request->module == 'public' && $request->controller != 'plugin') { $request->setControllerName('index'); $request->setActionName('index'); } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { //clear session from search session //$this->clearSession(); $session_user = new Zend_Session_Namespace('auth'); $module = $request->getModuleName(); $controller = $request->getControllerName(); $action = $request->getActionName(); $url = $module . "/" . $controller . "/" . $action; $_url = ""; //have login if (isset($session_user->arr_acl)) { $arr_acl = $session_user->arr_acl; $valid_action = FALSE; foreach ($arr_acl as $acl) { if ($module == $acl["module"] && $controller == $acl["controller"]) { $valid_action = TRUE; break; } elseif ($module === "rsvAcl" && $controller === "user" && $action === "change-password") { //all user level can change password all $valid_action = TRUE; break; } elseif ($module === "rsvAcl" && $session_user->level === "1") { //user level 1 can access all action in module "rsvAcl" $valid_action = TRUE; break; } } //redirect to homepage if (!$valid_action) { //just open block below if ($url !== "default/index/index" && $url !== "default/error/error" && $url !== "default/index/changepassword" && $url !== "default/index/logout") { $_url = '/'; } $_have = false; foreach ($this->_exception_url as $i => $val) { if ($url === $val) { $_have = true; break; } } if (!$_have) { $_url = '/'; } } else { $_url = $this->rewriteUrl($url); } } else { //no login //redirect to login page if ($url !== "default/index/index") { $_url = "/"; } } if (!empty($_url)) { // echo"url here". $_url;exit(); $_url = "/home"; Application_Form_FrmMessage::redirectUrl($_url); } }
public function apply(Zend_Controller_Request_Abstract $request, $filterBlock) { $filter = $request->getParam($this->getRequestVar()); if (is_null($filter)) { return parent::apply($request, $filterBlock); } if (!is_numeric($filter)) { if (Mage::registry('current_category')) { $collection = Mage::getModel('catalog/category')->getCollection()->addAttributeToFilter('parent_id', Mage::registry('current_category')->getId())->addAttributeToFilter('is_active', 1)->addAttributeToSelect('name')->addAttributeToFilter('name', $filter); $this->_appliedCategory = $collection->getFirstItem(); if (!$this->_appliedCategory->getProductCollection()->count()) { $this->_appliedCategory = $this->_getCategoryByName($filter); } } else { $this->_appliedCategory = $this->_getCategoryByName($filter); } if ($this->_appliedCategory) { $this->_categoryId = $filter = $this->_appliedCategory->getId(); } } else { $this->_categoryId = $filter; $this->_appliedCategory = Mage::getModel('catalog/category')->setStoreId(Mage::app()->getStore()->getId())->load($filter); } if ($this->_isValidCategory($this->_appliedCategory)) { $this->getLayer()->getProductCollection()->addCategoryFilter($this->_appliedCategory); $this->getLayer()->getState()->addFilter($this->_createItem($this->_appliedCategory->getName(), $filter)); } return $this; }
public function routeShutdown(Zend_Controller_Request_Abstract $request) { if (!$this->_domain) { $error = false; if ($request->getParam('lang') && !$this->_issession) { $this->_session->lang = $this->_model->fetchOne('id', array('`stitle` = ?' => $request->getParam('lang'))); if (!$this->_session->lang) { $error = true; } } $this->_lang = $this->_model->fetchRow(null, '(`id` = ' . (int) $this->_session->lang . ') DESC, (`default` = 1) DESC'); if ($this->_lang) { $this->_lang = new Zkernel_View_Data($this->_lang); $this->_lang->session = $this->_issession; if (!$this->_domain) { unset($this->_lang->domain); } } $this->_lang->_default = $this->getDefault(); $this->_lang->_ids = $this->_model->fetchIds(); $front = Zend_Controller_Front::getInstance(); $router = $front->getRouter(); $router->setGlobalParam('lang', $this->_lang->stitle); $this->save(); if ($error) { throw new Zend_Controller_Action_Exception('Not Found', 404); } } if (!$this->_domain && !$this->_issession && substr($_SERVER['REQUEST_URI'], 0, 8) == '/control') { header('Location: /' . $this->_lang->_default->stitle . $_SERVER['REQUEST_URI'], true, 301); exit; } }
/** * Add the appropriate view scripts directories for a given request. * This is pretty much the glue between the plugin broker and the * View object, since it uses data from the plugin broker to determine what * script paths will be available to the view. * * @param Zend_Controller_Request_Abstract $request Request object. * @return void */ public function preDispatch(Zend_Controller_Request_Abstract $request) { // Getting the module name from the request object is pretty much the main // reason why this needs to be in a controller plugin and can't be localized // to the view script. $moduleName = $request->getModuleName(); $isPluginModule = !in_array($moduleName, array('default', null)); $themeType = is_admin_theme() ? 'admin' : 'public'; $pluginScriptDirs = $this->_pluginMvc->getViewScriptDirs($themeType); // Remove the current plugin, if any, from the set of "normal" plugin paths if ($isPluginModule && isset($pluginScriptDirs[$moduleName])) { $currentPluginScriptDirs = $pluginScriptDirs[$moduleName]; unset($pluginScriptDirs[$moduleName]); } // Add all the "normal" plugin paths foreach ($pluginScriptDirs as $modulePaths) { $this->_addPathsToView($modulePaths); } // Add the theme and core paths $this->_addThemePaths($themeType); // Add plugin and theme-override paths for current plugin if ($isPluginModule) { if (isset($currentPluginScriptDirs)) { $this->_addPathsToView($currentPluginScriptDirs); } $this->_addOverridePathForPlugin($themeType, $moduleName); } }
/** * Hlavni logika ACL * * @param $request */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $controller = $request->getControllerName(); $action = $request->getActionName(); $module = $request->getModuleName(); $auth = Zend_Auth::getInstance(); if ($auth->hasIdentity()) { $acl = new Zend_Acl(); $identity = $auth->getIdentity(); $acl->addRole(new Zend_Acl_Role('user'))->addRole(new Zend_Acl_Role('owner'))->addRole(new Zend_Acl_Role('admin'), 'owner'); if ($identity->owner == true) { $inherit = 'owner'; } elseif ($identity->administrator == true) { $inherit = 'admin'; } else { $inherit = 'user'; } $acl->addRole(new Zend_Acl_Role($identity->email), $inherit); $projekt = $request->getParam('projekt'); // Zakladni resource foreach ($this->_resources as $val => $key) { $acl->add(new Zend_Acl_Resource($key)); } // Prava pro zakladni resource $acl->allow('owner'); $acl->deny('admin', 'account'); $acl->allow('user', array('index', 'project', 'assignment', 'calendar', 'people', 'auth', 'redir')); $acl->deny('user', 'account'); $acl->deny('user', 'project', $this->_create); $acl->deny('user', 'people', $this->_create); $acl->deny('user', 'project', $this->_manage); $acl->deny('user', 'people', $this->_manage); if ($request->id == $identity->iduser) { $acl->allow('user', 'people', $this->_manage); } // Resource pro projektovou podsekci $this->_projectAcl($acl, $identity); Zend_Registry::set('acl', $acl); if ($identity->administrator == 1) { $isAllowed = true; } elseif (in_array($projekt . '|' . $request->getControllerName(), $this->_resources)) { $isAllowed = $acl->isAllowed($identity->email, $projekt . '|' . $request->getControllerName(), $request->getActionName()); } elseif (in_array($request->getControllerName(), $this->_resources)) { $isAllowed = $acl->isAllowed($identity->email, $request->getControllerName(), $request->getActionName()); } else { $isAllowed = false; } $error = $request->getParam('error_handler'); if (is_null($error)) { if (!$isAllowed) { $module = $this->_noacl['module']; $controller = $this->_noacl['controller']; $action = $this->_noacl['action']; } } $request->setModuleName($module); $request->setControllerName($controller); $request->setActionName($action); } }
protected function _login(Zend_Controller_Request_Abstract $request) { $userLogin = $request->getPost('login'); $userName = trim($userLogin['alias']); $userPass = trim($userLogin['pass']); if ($userName == '') { $this->_exceptions[] = self::NO_USERNAME; return false; } if ($userPass == '') { $this->_exceptions[] = self::NO_PASSWORD; return false; } $auth = Zend_Auth::getInstance(); $adapter = new Showcase_Auth_Adapter($userName, $userPass); $result = $auth->authenticate($adapter); if ($result) { if ($result->getCode() !== Zend_Auth_Result::SUCCESS) { // Let form know that login has failed... $this->_exceptions[] = self::LOGIN_FAILED; return false; } // YAY! Authentication was a success return true; } return false; }
/** * Authenticate a user. * @param Zend_Controller_Request_Abstract $request The current request * @param Zend_Controller_Response_Abstract $response The current response * @return Array|Boolean User data, or FALSE */ public function authenticate(Zend_Controller_Request_Abstract $request, Zend_Controller_Response_Abstract $response) { $authVars = new Garp_Util_Configuration($this->_getAuthVars()->toArray()); $authVars->obligate('model')->obligate('identityColumn')->obligate('credentialColumn')->setDefault('hashMethod', 'MD5')->setDefault('salt', ''); if (!$request->getPost($authVars['identityColumn']) || !$request->getPost($authVars['credentialColumn'])) { $this->_addError('Insufficient data received'); return false; } $identityValue = $request->getPost($authVars['identityColumn']); $credentialValue = $request->getPost($authVars['credentialColumn']); $ini = Zend_Registry::get('config'); $sessionColumns = null; if (!empty($ini->auth->login->sessionColumns)) { $sessionColumns = $ini->auth->login->sessionColumns; $sessionColumns = explode(',', $sessionColumns); } $model = new Model_AuthLocal(); try { $result = $model->tryLogin($identityValue, $credentialValue, $authVars, $sessionColumns); return $result->toArray(); } catch (Garp_Auth_Adapter_Db_UserNotFoundException $e) { $this->_addError('The email address is not found'); } catch (Garp_Auth_Adapter_Db_InvalidPasswordException $e) { $this->_addError('The password is invalid'); } return false; }
/** * @param Zend_Controller_Request_Abstract $request */ public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request) { if (!$request instanceof Zend_Controller_Request_Http) { return; } // Accept URI parameter over Accept header for specifying of desired response format $format = $this->getRequest()->getParam('format') ?: $request->getHeader('Accept'); // @todo Need to look into implementing Accept header supporting multiple types with quality factors switch (true) { // XML case stristr($format, 'text/xml') && !stristr($format, 'html'): $request->setParam('format', 'xml'); break; // JSONP/Javascript // JSONP/Javascript case stristr($format, 'text/javascript'): $request->setParam('format', 'js'); break; // JSON // JSON case stristr($format, 'application/json'): default: // Note the fall through! $request->setParam('format', 'json'); break; } }
public function process(Zend_Controller_Request_Abstract $request) { //$this->product_id = $request->getPost('id'); foreach ($request->getParam('inventory') as $key => $value) { echo 'key: ' . $key . ' value: ' . $value . '<br/>'; $v = $this->sanitize($value); if (substr($key, 0, 4) == 'sys_' && $key != 'generalImages' && $key != 'id') { $this->{$key} = $v; $this->inventoryProduct->{$key} = $v; } elseif ($key != 'generalImages' && $key != 'id') { $this->inventoryProduct->profile->{$key} = $v; } else { $this->{$key} = $value; } } $this->inventoryProduct->product_id = $this->productID; $this->inventoryProduct->uploader_id = $this->userID; $this->inventoryProduct->sys_price = $this->sys_price; echo 'inventory product_id is: ' . $this->productID; if (!$this->_validateOnly && !$this->hasError()) { $this->inventoryProduct->save(); } //return true if no errors have occurred return !$this->hasError(); }
/** * Apply decimal range filter to product collection * * @param Zend_Controller_Request_Abstract $request * @param Mage_Catalog_Block_Layer_Filter_Decimal $filterBlock * @return Mage_Catalog_Model_Layer_Filter_Decimal */ public function apply(Zend_Controller_Request_Abstract $request, $filterBlock) { $attributeCode = $this->getAttributeModel()->getAttributeCode(); /** @var Amasty_Shopby_Helper_Attributes $attributeHelper */ $attributeHelper = Mage::helper('amshopby/attributes'); if (!$attributeHelper->lockApplyFilter($attributeCode, 'attr')) { return $this; } if (!$this->calculateRanges()) { $this->_items = array($this->_createItem('', 0, 0)); } $filterBlock->setValueFrom(Mage::helper('amshopby')->__('From')); $filterBlock->setValueTo(Mage::helper('amshopby')->__('To')); $input = $request->getParam($this->getRequestVar()); $fromTo = $this->_parseRequestedValue($input); if (is_null($fromTo)) { return $this; } list($from, $to) = $fromTo; $this->_getResource()->applyFilterToCollection($this, $from, $to); $filterBlock->setValueFrom($from); if ($to > 0) { $filterBlock->setValueTo($to); } else { $filterBlock->setValueTo(''); } $this->getLayer()->getState()->addFilter($this->_createItem($this->_renderItemLabel($from, $to, true), $input)); if ($this->hideAfterSelection()) { $this->_items = array(); } elseif ($this->calculateRanges()) { $this->_items = array($this->_createItem('', 0, 0)); } return $this; }
/** * Predispatch method to authenticate user * * @param Zend_Controller_Request_Abstract $request */ public function preDispatch(Zend_Controller_Request_Abstract $request) { //user only to login for access to admin functions /*if ('admin' != $request->getModuleName()) { return; } if (App_Model_Users::isLoggedIn() && App_Model_Users::isAdmin()) { //user is logged in and allowed to access admin functions return; }*/ if ('admin' == $request->getModuleName()) { return; } /** * User not logged in or not allowed to access admin ... redirect to login. * Note: if user is logged in but not authorised, we redirect to login * to allow user to login as a different user with the right permissions. */ Zend_Session::destroy(true); if ($request->getActionName() != 'logincheck') { $request->setModuleName('default')->setControllerName('login')->setActionName('index'); //->setDispatched(FALSE); header("Location:http://" . $_SERVER['HTTP_HOST'] . "/login/index"); } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { if ($request->getModuleName() === "admin" && !Zend_Auth::getInstance()->hasIdentity()) { $request->setModuleName("admin")->setControllerName("auth")->setActionName("login"); $request->setDispatched(); } }
public function routeShutdown(Zend_Controller_Request_Abstract $request) { $params = $request->getParams(); $auth = Zend_Auth::getInstance(); Zend_Registry::set('Zend_Auth', $auth); if ($auth->hasIdentity()) { $view = Zend_Controller_Front::getInstance()->getParam('bootstrap')->getResource('view'); $identity = $auth->getIdentity(); $userDb = new Users_Model_DbTable_User(); $user = array('id' => $identity->id, 'username' => $identity->username, 'name' => $identity->name, 'email' => $identity->email, 'clientid' => $identity->clientid); $authNamespace = new Zend_Session_Namespace('Zend_Auth'); $authNamespace->user = $user['username']; if ($_SESSION['__ZF']['Zend_Auth']['ENT'] - time() < 3600) { $authNamespace->setExpirationSeconds(3600); } Zend_Registry::set('User', $user); $view->user = $user; $clientDb = new Application_Model_DbTable_Client(); $client = $clientDb->getClient($user['clientid']); Zend_Registry::set('Client', $client); } elseif ($params['module'] != 'users' && $params['action'] != 'login') { $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); if (isset($params['id']) && $params['id']) { $redirector->gotoSimple('login', 'user', 'users', array('url' => $params['module'] . '|' . $params['controller'] . '|' . $params['action'] . '|' . $params['id'])); } else { $redirector->gotoSimple('login', 'user', 'users', array('url' => $params['module'] . '|' . $params['controller'] . '|' . $params['action'])); } } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { // инициилизация объектов $auth = Zend_Auth::getInstance(); $acl = Zend_Registry::get('acl'); // если есть залогиненый пользователь if ($auth->hasIdentity()) { $role = $auth->getIdentity()->role; } else { $role = 'guest'; } // если нет вообще такой роли, то будет гость if (!$acl->hasRole($role)) { $role = 'guest'; } // наши ресурсы $controller = $request->controller; $action = $request->action; // если контроллер не существует тогда нулл if (!$acl->has($controller)) { $controller = null; } // если не существует перенаправляем на ошибку if (!$acl->isAllowed($role, $controller, $action)) { $request->setControllerName($this->_controller['controller']); $request->setActionName($this->_controller['action']); } }
/** * @param Zend_Controller_Request_Abstract $request * @return void */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $this->setSessionLifeTime(); if (!in_array($request->getModuleName(), $this->modules)) { return; } if (Zend_Auth::getInstance()->hasIdentity()) { $user = Zend_Registry::get('container')->getService('user')->getCurrentUser(); if (!$user->isAdmin()) { // can't go into admin $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); $redirector->direct('index', 'index', 'default'); } // set user for application $GLOBALS['g_user'] = $user; Zend_Registry::set('user', $user); // set view user $view = Zend_Registry::get('view'); $view->currentUser = $user; // set view navigation acl $acl = Zend_Registry::get('acl')->getAcl($user); /* @var $acl Zend_Acl */ $view->navigation()->setAcl($acl); $view->navigation()->setRole($user); return; } }
/** * Gets content panel for the Debugbar * * @return string */ public function getPanel() { $this->_request = Zend_Controller_Front::getInstance()->getRequest(); $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer'); if ($viewRenderer->view && method_exists($viewRenderer->view, 'getVars')) { $viewVars = $this->_cleanData($viewRenderer->view->getVars()); } else { $viewVars = "No 'getVars()' method in view class"; } $vars = '<div style="width:50%;float:left;">'; $vars .= '<h4>View variables</h4>' . '<div id="ZFDebug_vars" style="margin-left:-22px">' . $viewVars . '</div>' . '<h4>Request parameters</h4>' . '<div id="ZFDebug_requests" style="margin-left:-22px">' . $this->_cleanData($this->_request->getParams()) . '</div>'; $vars .= '</div><div style="width:45%;float:left;">'; if ($this->_request->isPost()) { $vars .= '<h4>Post variables</h4>' . '<div id="ZFDebug_post" style="margin-left:-22px">' . $this->_cleanData($this->_request->getPost()) . '</div>'; } $vars .= '<h4>Constants</h4>'; $constants = get_defined_constants(true); ksort($constants['user']); $vars .= '<div id="ZFDebug_constants" style="margin-left:-22px">' . $this->_cleanData($constants['user']) . '</div>'; $registry = Zend_Registry::getInstance(); $vars .= '<h4>Zend Registry</h4>'; $registry->ksort(); $vars .= '<div id="ZFDebug_registry" style="margin-left:-22px">' . $this->_cleanData($registry) . '</div>'; $cookies = $this->_request->getCookie(); $vars .= '<h4>Cookies</h4>' . '<div id="ZFDebug_cookie" style="margin-left:-22px">' . $this->_cleanData($cookies) . '</div>'; $vars .= '</div><div style="clear:both"> </div>'; return $vars; }
public function preDispatch(Zend_Controller_Request_Abstract $request) { if ($request->getParam('isAdmin')) { $layout = Zend_Layout::getMvcInstance(); $layout->setLayout('admin'); } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { $auth = Zend_Auth::getInstance(); $acl = Zend_Registry::get('acl'); //перевірка на ролі if ($auth->hasIdentity()) { $role = $auth->getIdentity()->role; } else { $role = 'guest'; } //якщо ролі не існує if (!$acl->hasRole($role)) { $role = 'guest'; } $controller = $request->controller; $action = $request->action; //якщо контролера не існує if (!$acl->has($controller)) { $controller = null; } //якщо юзер не має доступу if (!$acl->isAllowed($role, $controller, $action)) { $request->setControllerName($this->_controller['controller']); $request->setActionName($this->_controller['action']); } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { $auth = Zend_Auth::getInstance(); $isAllowed = false; $controller = $request->getControllerName(); $action = $request->getActionName(); // Generate the resource name $resourceName = $controller . '/' . $action; // Don't block errors if ($resourceName == 'error/error') { return; } $resources = $this->acl->getResources(); if (!in_array($resourceName, $resources)) { $request->setControllerName('error')->setActionName('error')->setDispatched(true); throw new Zend_Controller_Action_Exception('This page does not exist', 404); return; } // Check if user can access this resource or not $isAllowed = $this->acl->isAllowed(Zend_Registry::get('role'), $resourceName); // Forward user to access denied or login page if this is guest if (!$isAllowed) { if (!Zend_Auth::getInstance()->hasIdentity()) { $forwardAction = 'login'; } else { $forwardAction = 'deny'; } $request->setControllerName('index')->setActionName($forwardAction)->setDispatched(true); } }
/** * Apply category filter to layer * * @param Zend_Controller_Request_Abstract $request * @param Mage_Core_Block_Abstract $filterBlock * @return Mage_Catalog_Model_Layer_Filter_Category */ public function apply(Zend_Controller_Request_Abstract $request, $filterBlock) { $filter = (int) $request->getParam($this->getRequestVar()); if (!$filter) { return $this; } // load data for applied category $this->_appliedCategory = Mage::getModel('catalog/category')->setStoreId(Mage::app()->getStore()->getId())->load($filter); if ($this->_appliedCategory->getId()) { // create join and conditions for additional category filter $tableAlias = 'category_layered_' . $this->_rootCategory->getId(); $conditions = array(); $conditions['category_id'] = $filter; $conditions['store_id'] = Mage::app()->getStore()->getId(); if (!$this->_appliedCategory->getIsAnchor()) { $conditions['is_parent'] = 1; } $this->getLayer()->getProductCollection()->joinTable(array($tableAlias => 'catalog/category_product_index'), "product_id=entity_id", array($tableAlias . '_cat_id' => 'category_id', $tableAlias . '_store_id' => 'store_id'), $conditions, 'inner'); // add filter to layer state $this->getLayer()->getState()->addFilter($this->_createItem($this->_appliedCategory->getName(), $filter)); // if current applied category has no children reset items array (for hiding filter block) if (!$this->_appliedCategory->getChildrenCategories()) { $this->_items = array(); } } return $this; }