/** * @param string $username * @param string $password * * @return bool */ public function authCallback($username, $password) { try { $accessManager = AccessManager::singleton(); $authResult = $accessManager->checkLogin($username, $password); // module development must be enabled to login via WebDav $quota = new \Cms\Quota(); if (!$quota->getModuleQuota()->getEnableDev()) { Registry::getLogger()->log(__METHOD__, __LINE__, sprintf('DAV access denied: module development is disabled (%s)', $username), SbLog::ERR); return false; } // login success? if (!$accessManager->isAuthResultValid($authResult)) { Registry::getLogger()->log(__METHOD__, __LINE__, sprintf('DAV access denied: incorrect user credentials (%s)', $username), SbLog::NOTICE); return false; } // only superusers are allowed to login via webdav $identity = $authResult->getIdentity(); if (!is_array($identity) || !isset($identity['superuser']) || $identity['superuser'] != true) { Registry::getLogger()->log(__METHOD__, __LINE__, sprintf('DAV access denied: user is not a superuser (%s)', $username), SbLog::ERR); return false; } } catch (\Exception $e) { Registry::getLogger()->logException(__METHOD__, __LINE__, $e, SbLog::ERR); return false; } // authentication successful return true; }
public function infoAction() { $quota = new \Cms\Quota(); $serverData = array('mode' => CmsVersion::getMode(), 'maxUploadSize' => $this->getMaxUploadSize(), 'urls' => $this->getPublicUrlEndpoints(), 'quota' => $quota->toArray(), 'supportedPublishTypes' => $this->getSupportedPublishTypes(), 'language' => Registry::getConfig()->translation->default); $this->responseData->setData(new ServerInfoResponse($serverData)); // XHR request if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest') { // return as json $this->setResponseType(self::RESPONSE_TYPE_JSON); return; } // return as javascript $this->setResponseType(self::RESPONSE_TYPE_JS_VAR, array('name' => 'CMSSERVER')); return; }
/** * @param \Cms\Access\Auth\Result|null $authResult * * @throws \Cms\Exception */ protected function checkIfSpaceIsExpired($authResult) { $quota = new \Cms\Quota(); if (!$quota->isSpaceExpired()) { return; } $exceptionData = array(); if ($authResult instanceof \Cms\Access\Auth\Result) { $identity = $authResult->getIdentity(); if (isset($identity['owner']) && $identity['owner'] == true) { $cfg = Registry::getConfig(); if (isset($cfg->owner) && isset($cfg->owner->dashboardUrl)) { $exceptionData['redirect'] = $cfg->owner->dashboardUrl; } } } throw new \Cms\Exception(9, __METHOD__, __LINE__, $exceptionData); }