Exemple #1
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $this->_initAcl();
     if ($this->_auth->hasIdentity()) {
         $ident = $this->_auth->getIdentity();
         $date = new Zend_Date();
         $ident->last_login = $date->get(DATABASE_DATE_FORMAT);
         $ident->save();
     }
     if ($request->getControllerName() != 'admin' && $request->getModuleName() != 'admin') {
         return;
     }
     // if this is not admin skip the rest
     if (!$this->_auth->hasIdentity() && !($request->getControllerName() == 'auth' && $request->getActionName() == 'login' && $request->getModuleName() == 'admin')) {
         $redirect = new Zend_Controller_Action_Helper_Redirector();
         $redirect->gotoSimple('login', 'auth', 'admin');
     }
     if ($request->getModuleName() == 'user' && $request->getControllerName() == 'admin' && $request->getActionName() == 'profile') {
         return;
     }
     // the profile is a free resource
     $resource = $request->getModuleName() . '_' . $request->getControllerName();
     $hasResource = $this->_acl->has($resource);
     if ($hasResource && !$this->_acl->isAllowed('fansubcms_user_custom_role_logged_in_user', $resource, $request->getActionName())) {
         throw new FansubCMS_Exception_Denied('The user is not allowd to do this');
     }
 }
Exemple #2
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     if (!Zend_Auth::getInstance()->hasIdentity() && ($request->getControllerName() != 'index' && $request->getControllerName() != 'error')) {
         $request->setControllerName('index');
         $request->setActionName('index');
     }
 }
Exemple #3
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $auth = Zend_Auth::getInstance();
     $publicPages = array();
     $publicPages['controllers'] = array('login');
     $publicPages['actions'] = array();
     $controllerName = $request->getControllerName();
     if ($auth->hasIdentity() || in_array($controllerName, $publicPages['controllers'])) {
         return true;
     }
     throw new WebVista_App_AuthException('You must be authenticated to access the system.');
     $roleId = $auth->getIdentity()->roleId;
     $acl = WebVista_Acl::getInstance();
     if (!$acl->hasRole($roleId)) {
         $error = "Sorry, the requested user role '" . $roleId . "' does not exist";
     }
     if (!$acl->has($request->getModuleName() . '_' . $request->getControllerName())) {
         $error = "Sorry, the requested controller '" . $request->getControllerName() . "' does not exist as an ACL resource";
     }
     if (!$acl->isAllowed($roleId, $request->getModuleName() . '_' . $request->getControllerName(), $request->getActionName())) {
         $error = "Sorry, the page you requested does not exist or you do not have access";
     }
     if (isset($error)) {
         throw new WebVista_App_AuthException('You must be authenticated to access the system.');
     }
 }
Exemple #4
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     if ('company' == $request->getControllerName()) {
         $tsn = $request->tsn ? $request->tsn : $_COOKIE['tsn'];
         if ($tsn) {
             $token = Token::create($tsn);
             $token->update_sync_time();
         } else {
             $token = Token::create_abstract('123');
         }
         if ($token->is_logined() == true) {
             if ($token->is_expire()) {
                 $token->destroy();
                 include_once LIB_PATH . '/view_helper/BuildUrl.php';
                 $url_builder = new Zend_View_Helper_BuildUrl();
                 $referer = SearchFilter::slashes($url_builder->buildUrl($request->getActionName(), $request->getControllerName(), $request->getModuleName()));
                 $login_url = $url_builder->buildUrl('login', 'auth', 'index', array('redirect' => $referer));
                 $redirector = new Zend_Controller_Action_Helper_Redirector();
                 $redirector->gotoUrl($login_url);
                 return;
             }
             $token->register();
         } else {
             if ('auth' != $request->getActionName()) {
                 $token->destroy();
                 $request->setModuleName('index');
                 $request->setControllerName('auth');
                 $request->setActionName('login');
             }
         }
     }
 }
Exemple #5
0
 protected function _checkSkipAcl(Zend_Controller_Request_Abstract $request, $type)
 {
     // verificação de requisicao - Caso ajax, verifica se a action é delete, senao, SKIP nele.
     if ($request->isXmlHttpRequest() && !in_array($request->getActionName(), $this->_arrAjaxNotSkip)) {
         return TRUE;
     }
     $configs = Zend_Registry::get('configs');
     $skip = $configs['security']['skip'][$type];
     $result = FALSE;
     $result = in_array($request->getActionName(), $skip);
     foreach ($skip as $routers) {
         $route = explode('/', $routers);
         switch (count($route)) {
             case 1:
                 // action
                 $result = in_array($request->getActionName(), $skip);
                 break;
             case 2:
                 // controller/action
                 $result = in_array($request->getControllerName() . '/' . $request->getActionName(), $skip);
                 break;
             case 3:
                 // module/controller/action
                 $result = in_array($request->getModuleName() . '/' . $request->getControllerName() . '/' . $request->getActionName(), $skip);
                 break;
         }
         if ($result) {
             return TRUE;
         }
     }
     return $result;
 }
Exemple #6
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $storage = new Zend_Auth_Storage_Session();
     $data = $storage->read();
     $role = $data['emprole'];
     if ($role == 1) {
         $role = 'admin';
     }
     $request->getModuleName();
     $request->getControllerName();
     $request->getActionName();
     $module = $request->getModuleName();
     $resource = $request->getControllerName();
     $privilege = $request->getActionName();
     $this->id_param = $request->getParam('id');
     $allowed = false;
     $acl = $this->_getAcl();
     $moduleResource = "{$module}:{$resource}";
     if ($resource == 'profile') {
         $role = 'viewer';
     }
     if ($resource == 'services') {
         $role = 'services';
     }
     if ($role != '') {
         if ($acl->has($moduleResource)) {
             $allowed = $acl->isAllowed($role, $moduleResource, $privilege);
         }
         if (!$allowed) {
             $request->setControllerName('error');
             $request->setActionName('error');
         }
     }
 }
Exemple #7
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $controller = "";
     $action = "";
     $module = "";
     /*	if($request->getControllerName() == "index" ){
     			$controller = $request->getControllerName();
     			$action     = $request->getActionName();
     			$module     = $request->getModuleName();
     		}
     		else if ( !$this->_auth->hasIdentity() ) {
     			
     		}*/
     if (!$this->_isAuthorized($request->getControllerName(), $request->getActionName())) {
         if (!$this->_auth->hasIdentity()) {
             if (!in_array($request->getControllerName(), $this->_moRedirect) && !Application_Model_Redirect::hasRequestUri()) {
                 Application_Model_Redirect::saveRequestUri("/" . $request->getControllerName() . "/" . $request->getActionName());
             }
             $controller = $this->_notLoggedRoute['controller'];
             $action = $this->_notLoggedRoute['action'];
             $module = $this->_notLoggedRoute['module'];
         } else {
             $controller = $this->_forbiddenRoute['controller'];
             $action = $this->_forbiddenRoute['action'];
             $module = $this->_forbiddenRoute['module'];
         }
     } else {
         $controller = $request->getControllerName();
         $action = $request->getActionName();
         $module = $request->getModuleName();
     }
     $request->setControllerName($controller);
     $request->setActionName($action);
     $request->setModuleName($module);
 }
Exemple #8
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $loginController = 'authentication';
     $loginAction = 'login';
     $auth = Zend_Auth::getInstance();
     // If user is not logged in and is not requesting login page
     // - redirect to login page.
     if (!$auth->hasIdentity() && $request->getControllerName() != $loginController && $request->getActionName() != $loginAction) {
         $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
         $redirector->gotoSimpleAndExit($loginAction, $loginController);
     }
     // User is logged in or on login page.
     if ($auth->hasIdentity()) {
         // Is logged in
         // Let's check the credential
         $acl = new Tynex_Models_TynexAcl();
         $identity = $auth->getIdentity();
         // role is a column in the user table (database)
         $isAllowed = $acl->isAllowed($identity->role, $request->getControllerName(), $request->getActionName());
         if (!$isAllowed) {
             $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
             $redirector->gotoUrlAndExit('/');
         }
     }
 }
Exemple #9
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     if (!in_array($request->getModuleName(), array('qg', 'painel'))) {
         return;
     }
     $controller = "";
     $action = "";
     $module = "";
     if (!$this->_auth->hasIdentity()) {
         $controller = $this->_notLoggedRoute['controller'];
         $action = $this->_notLoggedRoute['action'];
         $module = $request->getModuleName();
     } else {
         if (!$this->_isAuthorized($request->getModuleName(), $request->getControllerName(), $request->getActionName())) {
             $controller = $this->_forbiddenRoute['controller'];
             $action = $this->_forbiddenRoute['action'];
             $module = $request->getModuleName();
         } else {
             $controller = $request->getControllerName();
             $action = $request->getActionName();
             $module = $request->getModuleName();
         }
     }
     $request->setControllerName($controller);
     $request->setActionName($action);
     $request->setModuleName($module);
 }
Exemple #10
0
 function hasAccessUrl(Zend_Controller_Request_Abstract $request)
 {
     $acl = $this->getAcl();
     $url1 = $request->getModuleName() . '::*';
     $url2 = $request->getModuleName() . '::' . $request->getControllerName() . '::*';
     $url3 = $request->getModuleName() . '::' . $request->getControllerName() . '::' . $request->getActionName();
     return $acl->has($url1) && $acl->isAllowed($this->getRole(), $url1) || $acl->has($url2) && $acl->isAllowed($this->getRole(), $url2) || $acl->has($url3) && $acl->isAllowed($this->getRole(), $url3);
 }
Exemple #11
0
 public static function getModulesIdsByRequest(Zend_Controller_Request_Abstract $request)
 {
     $map = self::getMapModules();
     if (isset($map[$request->getModuleName()][$request->getControllerName()][$request->getActionName()])) {
         return $map[$request->getModuleName()][$request->getControllerName()][$request->getActionName()];
     } else {
         return false;
     }
 }
Exemple #12
0
 /**
  * @param $request
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $id = Zend_Auth::getInstance()->getIdentity();
     if (empty($id)) {
         // If it is not the login action of the authentication controller then forward to the login form
         if (!($request->getControllerName() === 'authentication' || $request->getControllerName() === 'favicon.ico' || $request->getControllerName() === 'error' || $request->getControllerName() === 'index')) {
             $this->_response->setRedirect('/login');
         }
     }
 }
Exemple #13
0
 /**
  *
  * @access protected
  * @return void
  */
 protected function _includeCssController()
 {
     $ds = '/';
     //DIRECTORY_SEPARATOR;
     $file = 'public' . $ds . 'styles' . $ds . $this->_request->getModuleName() . $ds . $this->_request->getControllerName() . '.css';
     if (file_exists(APPLICATION_PATH . $ds . '..' . $ds . $file)) {
         $view = Zend_Controller_Front::getInstance()->getParam('bootstrap')->getResource('view');
         $view->headLink()->appendStylesheet($view->baseUrl($file));
     }
 }
Exemple #14
0
 public function preDispatch(\Zend_Controller_Request_Abstract $request)
 {
     if ($request->getControllerName() == "login" || $request->getControllerName() == "privilegese" || $request->getControllerName() == "index" || $request->getControllerName() == "error" || $request->getControllerName() == "document") {
         return;
     }
     $hasPrivilege = self::hasPrivilige($request);
     if ($hasPrivilege == false) {
         $request->setControllerName("privileges");
         $request->setActionName("index");
     }
 }
 public function getInstance(Zend_Controller_Request_Abstract $request)
 {
     if (!is_null($request->getModuleName())) {
         $controller = $this->_loadCommand($request->getControllerName(), $request->getModuleName());
         return $controller;
     } elseif (!is_null($request->getControllerName())) {
         $controller = $this->_loadCommand($request->getControllerName());
         return $controller;
     } else {
         return $this->_loadCommand($this->getDefaultControllerName());
     }
 }
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     if (preg_match('/(.*)\\.popup$/', $request->getControllerName(), $matches)) {
         Zend_Layout::getMvcInstance()->setInflectorTarget('../../views/scripts/:script.popup.:suffix');
         $request->setControllerName($matches[1]);
     } else {
         if (preg_match('/(.*)\\.raw$/', $request->getControllerName(), $matches)) {
             Zend_Layout::getMvcInstance()->setInflectorTarget('../../views/scripts/:script.raw.:suffix');
             $request->setControllerName($matches[1]);
         }
     }
 }
 public function routeShutdown(Zend_Controller_Request_Abstract $request)
 {
     /* Redirect to the upgrade controller if an upgrade is neccessary */
     if (Phprojekt_Auth::isLoggedIn() && ($request->getModuleName() != 'Core' || $request->getControllerName() != 'Upgrade') && ($request->getControllerName() != 'Login' || $request->getActionName() != 'logout')) {
         $migration = new Phprojekt_Migration($this->_extensions);
         if ($migration->needsUpgrade()) {
             $this->_request->setModuleName('Core');
             $this->_request->setControllerName('Upgrade');
             $this->_request->setActionName('index');
         }
     }
 }
Exemple #18
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $this->layout = Zend_Layout::getMvcInstance();
     $auth = Zend_Auth::getInstance();
     $authorizedModules = array("painel");
     if ($request->getModuleName() == 'default') {
         $this->layout->setLayout("layout.default");
     } elseif ($request->getControllerName() == "error") {
         $this->layout->setLayout("layout.default");
     } else {
         if ($request->getControllerName() == "login") {
             $this->layout->setLayout("layout.login");
         } else {
             if ($auth->hasIdentity()) {
                 if ($auth->getIdentity()->sessao == "admin") {
                     $this->layout->setLayout("layout.painel");
                 } else {
                     $auth->clearIdentity();
                     header("location: /painel/login");
                     exit;
                 }
             } else {
                 header("location: /painel/login");
                 exit;
             }
         }
     }
     /*
     
     if($request->getModuleName() == 'default'){
     	$this->layout->setLayout("layout.default");
     } else {
     	if($request->getControllerName() == "login"){
     		$this->layout->setLayout("layout.login");
     	}else{
     		if($auth->hasIdentity()) {
     			if($auth->getIdentity()->sessao == "admin") {
     				$this->layout->setLayout("layout.painel");
     			}else{
     				$auth->clearIdentity();
     					
     				header("location: /painel/login");
     				exit;
     			}
     		}else{
     			header("location: /painel/login");
     			exit;
     		}
     	}
     }
     */
 }
Exemple #19
0
 public function routeShutdown(Zend_Controller_Request_Abstract $request)
 {
     try {
         $this->_statusRules($request->getModuleName(), $request->getControllerName(), $request->getActionName(), $request->getParam('resourceStack'));
         $this->_aclRules($request->getModuleName(), $request->getControllerName(), $request->getActionName(), $request->getParam('resourceStack'), $request->getQuery());
         $this->_workflowRules($request->getModuleName(), $request->getControllerName(), $request->getActionName(), $request->getParam('resourceStack'));
     } catch (Saf_Controller_Front_Plugin_RouteRules_Exception $e) {
         Saf_Debug::out('Enforcing Routing Rule: ' . $e->getMessage());
         $request->setModuleName($e->getModuleName());
         $request->setControllerName($e->getControllerName());
         $request->setActionName($e->getActionName());
         $request->setParam('resourceStack', $e->getResourceStack());
     }
 }
 public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request)
 {
     if ($request->getModuleName() == 'admin') {
         if (!$this->_auth->hasIdentity()) {
             if ($request->getControllerName() == 'index' && $request->getActionName() == 'login') {
                 return true;
             }
             $this->getResponse()->setRedirect(Zend_Controller_Front::getInstance()->getBaseUrl() . '/' . 'admin/index/login');
         } else {
             if ($request->getControllerName() == 'index' && $request->getActionName() == 'login') {
                 $this->getResponse()->setRedirect(Zend_Controller_Front::getInstance()->getBaseUrl() . '/' . 'admin/index');
             }
         }
     }
 }
Exemple #21
0
 public function routeShutdown(Zend_Controller_Request_Abstract $request)
 {
     $layout = Zend_Layout::getMvcInstance();
     $layoutConfig = Zend_Json::decode(file_get_contents(APPLICATION_PATH . '/configs/layout.json'), true);
     $layoutName = 'layout';
     if (isset($layoutConfig[$request->getControllerName()])) {
         if (is_array($layoutConfig[$request->getControllerName()]) && isset($layoutConfig[$request->getControllerName()][$request->getActionName()])) {
             $layoutName = $layoutConfig[$request->getControllerName()][$request->getActionName()];
         } else {
             $layoutName = $layoutConfig[$request->getControllerName()];
         }
     }
     $layout->setLayout('layouts/' . $layoutName);
     parent::routeShutdown($request);
 }
Exemple #22
0
 /**
  * @param Zend_Controller_Request_Abstract $oHttpRequest
  */
 public function preDispatch(Zend_Controller_Request_Abstract $oHttpRequest)
 {
     $sControllerName = $oHttpRequest->getControllerName();
     $sActionName = $oHttpRequest->getActionName();
     $aRequestedParams = $oHttpRequest->getUserParams();
     $sQuery = '';
     unset($aRequestedParams['controller']);
     unset($aRequestedParams['action']);
     // Define user role
     if (Zend_Auth::getInstance()->hasIdentity()) {
         $aData = Zend_Auth::getInstance()->getStorage()->read();
         $sRole = $aData['role'];
     } else {
         // Default role
         $sRole = 'guest';
     }
     // Check access
     if (!$this->_oAcl->isAllowed($sRole, $sControllerName, $sActionName)) {
         $oHttpRequest->setParam('referer_controller', $sControllerName);
         $oHttpRequest->setParam('referer_action', $sActionName);
         $aParams = array();
         if (count($aRequestedParams)) {
             foreach ($aRequestedParams as $sKey => $sValue) {
                 $aParams[] = $sKey;
                 $aParams[] = $sValue;
             }
             $sQuery = implode('/', $aParams) . '/';
         }
         $oHttpRequest->setParam('query', $sQuery);
         $oHttpRequest->setControllerName('auth')->setActionName('login');
         $this->_response->setHttpResponseCode(401);
     }
 }
Exemple #23
0
 /**
  * routeShutdown
  * 在 路由器 完成请求的路由后被调用
  * @param Zend_Controller_Request_Abstract $request 
  * @return void
  */
 public function routeShutdown(Zend_Controller_Request_Abstract $request)
 {
     /**
      * 检测请求的Content-type类型
      */
     $pathinfo = $request->getPathInfo();
     if (!empty($pathinfo)) {
         if ($extension = pathinfo($pathinfo, PATHINFO_EXTENSION)) {
             if (preg_match('/^[-a-z0-9]+$/i', $extension)) {
                 $request->setParam(static::KEY_EXT, strtolower($extension));
             }
         }
     }
     /**
      * 检测是否支持json响应
      */
     if ($request->getParam(static::KEY_EXT) == '') {
         $accept = $request->getServer('HTTP_ACCEPT');
         if (!empty($accept)) {
             if (strpos($accept, 'json') !== false) {
                 $request->setParam(static::KEY_EXT, 'json');
             }
         }
     }
     /**
      * 格式化请求目标信息,不允许[-a-zA-Z0-9]以外的字符
      */
     $pattern = '/[^-a-zA-Z0-9].*/';
     $request->setModuleName(preg_replace($pattern, '', $request->getModuleName()));
     $request->setControllerName(preg_replace($pattern, '', $request->getControllerName()));
     $request->setActionName(preg_replace($pattern, '', $request->getActionName()));
 }
 public function postDispatch(Zend_Controller_Request_Abstract $request)
 {
     $layout = Zend_Layout::getMvcInstance();
     // the name "maintenanceMode" is also referred to in the Admin_MaintenanceController,
     // so if you change the filename, it needs to be changed there too
     $maintenanceModeFileName = 'maintenanceMode';
     $register = new Ot_Config_Register();
     $identity = Zend_Auth::getInstance()->getIdentity();
     $role = empty($identity->role) ? $register->defaultRole->getValue() : $identity->role;
     if (isset($identity->masquerading) && $identity->masquerading == true && isset($identity->realAccount) && !is_null($identity->realAccount) && isset($identity->realAccount->role)) {
         $role = $identity->realAccount->role;
     }
     $acl = Zend_Registry::get('acl');
     $view = $layout->getView();
     $viewRenderer = Zend_Controller_Action_HelperBroker::getExistingHelper('ViewRenderer');
     if (is_file(APPLICATION_PATH . '/../overrides/' . $maintenanceModeFileName) && (!$request->isXmlHttpRequest() && !$viewRenderer->getNeverRender())) {
         if (!$acl->isAllowed($role, 'ot_maintenance', 'index')) {
             if (!($request->getModuleName() == 'ot' && $request->getControllerName() == 'login' && $request->getActionName() == 'index')) {
                 $response = $this->getResponse();
                 $layout->disableLayout();
                 $response->setBody($view->maintenanceMode()->publicLayout());
             }
         } else {
             $response = $this->getResponse();
             // there's no point in setting text here if it's a redirect
             if ($response->isRedirect()) {
                 $response->setBody('');
             } else {
                 $response->setBody($view->maintenanceMode()->header() . $response->getBody());
             }
         }
     }
 }
Exemple #25
0
 /**
  *
  * @param Zend_Controller_Request_Abstract $request
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $options = Zend_Controller_Front::getInstance()->getParam('bootstrap')->getApplication()->getOptions();
     $config = new Zend_Config($options);
     $acl = new My_Acl($config);
     $role = 'guest';
     if (Zend_Auth::getInstance()->hasIdentity()) {
         $role = 'user';
         if (Zend_Auth::getInstance()->hasIdentity()) {
             return;
         } else {
             $login = Zend_Auth::getInstance()->getIdentity();
             $user = My_Model::get('Users')->getUserByEmail($login);
             if ($user->admin == 1) {
                 $role = 'admin';
             }
         }
     }
     $controller = $request->getControllerName();
     $action = $request->getActionName();
     $resource = $controller;
     $privilege = $action;
     if (!$acl->has($resource)) {
         $resource = null;
     }
     if (is_null($privilege)) {
         $privilege = 'index';
     }
     if (!$acl->isAllowed($role, $resource, $privilege)) {
         //            $flash = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger');
         //            $flash->addMessage('Access Denied');
         $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('Redirector');
         $redirector->gotoSimpleAndExit('login', 'admin');
     }
 }
Exemple #26
0
 public function routeShutdown(Zend_Controller_Request_Abstract $request)
 {
     if ('admin' == $request->getModuleName() && 'Login' != $request->getControllerName()) {
         // Immediate ACL check to make sure they have identity
         $allowUser = defined('DEBUG_MODE') ? true : false;
         // blacklist system
         $user = $request->getParam('User', null);
         if ($user instanceof Showcase_User) {
             // OK user has identity, check the roles
             //$allowUser = Zend_registry::get('Acl')->isAllowed($user->getRoles(), "CMS User") ? true : false;
             $allowUser = $user->isCmsaccess;
         }
         if (!$allowUser) {
             $request->setControllerName('Login')->setModuleName('index')->setActionName('index')->setDispatched(false);
         } else {
             Showcase_Controller_Action_HelperBroker::addPath(Package::buildPath(SITE_DIR, 'classes', 'Controller', 'Action', 'Helper', 'Admin'), 'Showcase_Controller_Action_Helper_Admin');
             // Cretae a new helper path for administrative privileges
             //$request->setParam('Admin', Showcase_Admin::getInstance());
             // Set the instance of the Admin object
             //$request->getParam('View')->assign('admin', $request->getParam('Admin'));
             // And inject it into the view so it can help things for Smarty
             // Include the CMS JS scripts
             //$request->getParam('View')->assign('javaScripts', array('/include/js/admin/js/cms'));
             // Check if the user wants to force a manual cache clearance
             //if ($request->getParam('flushCache')) {
             //	Showcase_Content_Cache::flushCache();
             //}
         }
     }
 }
Exemple #27
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     if ($request->isXmlHttpRequest()) {
         return;
     }
     $module = $request->getModuleName();
     $controller = $request->getControllerName();
     $action = $request->getActionName();
     $isAllowed = false;
     if (Zend_Auth::getInstance()->hasIdentity()) {
         $user = Zend_Auth::getInstance()->getIdentity();
         require_once APPLICATION_PATH . '/modules/core/services/Acl.php';
         $acl = Core_Services_Acl::getInstance();
         if (in_array(strtolower($module . '_' . $controller . '_' . $action), array('default_index_index', 'identity_account_logout'))) {
             $isAllowed = true;
         } else {
             $isAllowed = $acl->isUserOrRoleAllowed($user, $module, $controller, $action);
         }
     }
     if (!$isAllowed) {
         if (Zend_Auth::getInstance()->hasIdentity()) {
             $forwardAction = 'deny';
         } else {
             $forwardAction = 'login';
         }
         $sReturn = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
         $sReturn = base64_encode($sReturn);
         $request->setModuleName('core')->setControllerName('Auth')->setActionName($forwardAction)->setParam('returnUrl', $sReturn)->setDispatched(true);
     }
 }
Exemple #28
0
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     //clear session from search session
     //$this->clearSession();
     $session_user = new Zend_Session_Namespace('auth');
     $module = $request->getModuleName();
     $controller = $request->getControllerName();
     $action = $request->getActionName();
     $url = $module . "/" . $controller . "/" . $action;
     $_url = "";
     //have login
     if (isset($session_user->arr_acl)) {
         $arr_acl = $session_user->arr_acl;
         $valid_action = FALSE;
         foreach ($arr_acl as $acl) {
             if ($module == $acl["module"] && $controller == $acl["controller"]) {
                 $valid_action = TRUE;
                 break;
             } elseif ($module === "rsvAcl" && $controller === "user" && $action === "change-password") {
                 //all user level can change password all
                 $valid_action = TRUE;
                 break;
             } elseif ($module === "rsvAcl" && $session_user->level === "1") {
                 //user level 1 can access all action in module "rsvAcl"
                 $valid_action = TRUE;
                 break;
             }
         }
         //redirect to homepage
         if (!$valid_action) {
             //just open block below
             if ($url !== "default/index/index" && $url !== "default/error/error" && $url !== "default/index/changepassword" && $url !== "default/index/logout") {
                 $_url = '/';
             }
             $_have = false;
             foreach ($this->_exception_url as $i => $val) {
                 if ($url === $val) {
                     $_have = true;
                     break;
                 }
             }
             if (!$_have) {
                 $_url = '/';
             }
         } else {
             $_url = $this->rewriteUrl($url);
         }
     } else {
         //no login
         //redirect to login page
         if ($url !== "default/index/index") {
             $_url = "/";
         }
     }
     if (!empty($_url)) {
         // 	 		echo"url here". $_url;exit();
         $_url = "/home";
         Application_Form_FrmMessage::redirectUrl($_url);
     }
 }
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $auth = Zend_Auth::getInstance();
     $isAllowed = false;
     $controller = $request->getControllerName();
     $action = $request->getActionName();
     // Generate the resource name
     $resourceName = $controller . '/' . $action;
     // Don't block errors
     if ($resourceName == 'error/error') {
         return;
     }
     $resources = $this->acl->getResources();
     if (!in_array($resourceName, $resources)) {
         $request->setControllerName('error')->setActionName('error')->setDispatched(true);
         throw new Zend_Controller_Action_Exception('This page does not exist', 404);
         return;
     }
     // Check if user can access this resource or not
     $isAllowed = $this->acl->isAllowed(Zend_Registry::get('role'), $resourceName);
     // Forward user to access denied or login page if this is guest
     if (!$isAllowed) {
         if (!Zend_Auth::getInstance()->hasIdentity()) {
             $forwardAction = 'login';
         } else {
             $forwardAction = 'deny';
         }
         $request->setControllerName('index')->setActionName($forwardAction)->setDispatched(true);
     }
 }
Exemple #30
0
 /**
  * Hlavni logika ACL
  *
  * @param $request
  */
 public function preDispatch(Zend_Controller_Request_Abstract $request)
 {
     $controller = $request->getControllerName();
     $action = $request->getActionName();
     $module = $request->getModuleName();
     $auth = Zend_Auth::getInstance();
     if ($auth->hasIdentity()) {
         $acl = new Zend_Acl();
         $identity = $auth->getIdentity();
         $acl->addRole(new Zend_Acl_Role('user'))->addRole(new Zend_Acl_Role('owner'))->addRole(new Zend_Acl_Role('admin'), 'owner');
         if ($identity->owner == true) {
             $inherit = 'owner';
         } elseif ($identity->administrator == true) {
             $inherit = 'admin';
         } else {
             $inherit = 'user';
         }
         $acl->addRole(new Zend_Acl_Role($identity->email), $inherit);
         $projekt = $request->getParam('projekt');
         // Zakladni resource
         foreach ($this->_resources as $val => $key) {
             $acl->add(new Zend_Acl_Resource($key));
         }
         // Prava pro zakladni resource
         $acl->allow('owner');
         $acl->deny('admin', 'account');
         $acl->allow('user', array('index', 'project', 'assignment', 'calendar', 'people', 'auth', 'redir'));
         $acl->deny('user', 'account');
         $acl->deny('user', 'project', $this->_create);
         $acl->deny('user', 'people', $this->_create);
         $acl->deny('user', 'project', $this->_manage);
         $acl->deny('user', 'people', $this->_manage);
         if ($request->id == $identity->iduser) {
             $acl->allow('user', 'people', $this->_manage);
         }
         // Resource pro projektovou podsekci
         $this->_projectAcl($acl, $identity);
         Zend_Registry::set('acl', $acl);
         if ($identity->administrator == 1) {
             $isAllowed = true;
         } elseif (in_array($projekt . '|' . $request->getControllerName(), $this->_resources)) {
             $isAllowed = $acl->isAllowed($identity->email, $projekt . '|' . $request->getControllerName(), $request->getActionName());
         } elseif (in_array($request->getControllerName(), $this->_resources)) {
             $isAllowed = $acl->isAllowed($identity->email, $request->getControllerName(), $request->getActionName());
         } else {
             $isAllowed = false;
         }
         $error = $request->getParam('error_handler');
         if (is_null($error)) {
             if (!$isAllowed) {
                 $module = $this->_noacl['module'];
                 $controller = $this->_noacl['controller'];
                 $action = $this->_noacl['action'];
             }
         }
         $request->setModuleName($module);
         $request->setControllerName($controller);
         $request->setActionName($action);
     }
 }