/** * Called before the controller action. You can use this method to configure and customize components * or perform logic that needs to happen before each controller action. * * @param object $c current controller object * @return void */ function beforeFilter(&$c) { $user = $this->__getActiveUser(); UsermgmtInIt($this); $pageRedirect = $c->Session->read('permission_error_redirect'); $c->Session->delete('permission_error_redirect'); $controller = $c->params['controller']; $action = $c->params['action']; $actionUrl = $controller . '/' . $action; $requested = isset($controller->params['requested']) && $controller->params['requested'] == 1 ? true : false; $permissionFree = array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied', 'users/customer_register', 'users/customer_login'); if ((empty($pageRedirect) || $actionUrl != 'users/login') && !$requested && !in_array($actionUrl, $permissionFree)) { App::import("Model", "Usermgmt.UserGroup"); $userGroupModel = new UserGroup(); if (!$this->isLogged()) { if (!$userGroupModel->isGuestAccess($controller, $action)) { $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG); $c->Session->write('permission_error_redirect', '/users/login'); $c->Session->setFlash('You need to be signed in to view this page.'); $c->Session->write('Usermgmt.OriginAfterLogin', '/' . $c->params->url); $c->redirect('/login'); } } else { if (!$userGroupModel->isUserGroupAccess($controller, $action, $this->getGroupId())) { $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG); $c->Session->write('permission_error_redirect', '/users/login'); $c->redirect('/accessDenied'); } } } }
/** * Called before the controller action. You can use this method to configure and customize components * or perform logic that needs to happen before each controller action. * * @param object $c current controller object * @return void */ function beforeFilter(&$c) { UsermgmtInIt($this); $user = $this->__getActiveUser(); $pageRedirect = $c->Session->read('permission_error_redirect'); $c->Session->delete('permission_error_redirect'); $controller = $c->params['controller']; $action = $c->params['action']; $actionUrl = $controller . '/' . $action; $requested = isset($c->params['requested']) && $c->params['requested'] == 1 ? true : false; $permissionFree = array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied', 'users/emailVerification'); $access = str_replace(' ', '', ucwords(str_replace('_', ' ', $controller))) . '/' . $action; $allControllers = $this->ControllerList->getControllerWithMethods(); $errorPage = false; if (!in_array($access, $allControllers)) { $errorPage = true; } if ((empty($pageRedirect) || $actionUrl != 'users/login') && !$requested && !in_array($actionUrl, $permissionFree) && !$errorPage) { App::import("Model", "Usermgmt.UserGroup"); $userGroupModel = new UserGroup(); if (!$this->isLogged()) { if (!$userGroupModel->isGuestAccess($controller, $action)) { $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG); $c->Session->write('permission_error_redirect', '/users/login'); $c->Session->setFlash('You need to be signed in to view this page.'); $cUrl = '/' . $c->params->url; if (!empty($_SERVER['QUERY_STRING'])) { $rUrl = $_SERVER['REQUEST_URI']; $pos = strpos($rUrl, $cUrl); $cUrl = substr($rUrl, $pos, strlen($rUrl)); } $c->Session->write('Usermgmt.OriginAfterLogin', $cUrl); $c->redirect('/login'); } } else { if (!$userGroupModel->isUserGroupAccess($controller, $action, $this->getGroupId())) { $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG); $c->Session->write('permission_error_redirect', '/users/login'); $c->redirect('/accessDenied'); } } } }
/** * Called before the controller action. You can use this method to configure and customize components * or perform logic that needs to happen before each controller action. * * @param object $c current controller object * @return void */ function authorize(&$controller) { $user = $this->getUser(); $pageRedirect = $controller->Session->read('permission_error_redirect'); $controller->Session->delete('permission_error_redirect'); $action = $controller->params['action']; $actionUrl = $controller->params['controller'] . '/' . $action; $this->updateActivity($controller, $actionUrl); $requested = isset($controller->params['requested']) && $controller->params['requested'] == 1 ? true : false; if (!in_array($actionUrl, unserialize(PERMISSION_FREE)) && empty($pageRedirect) && !$requested && !in_array($controller->params['controller'], array('css', 'img'))) { App::import("Model", "Users.UserGroup"); $userGroupModel = new UserGroup(); if (!$this->User->isLogged()) { if (!$userGroupModel->isGuestAccess($controller->params['controller'], $action)) { $controller->Session->write('permission_error_redirect', array('plugin' => 'users', 'controller' => 'users', 'action' => 'login')); $controller->Session->setFlash(__('You need to be signed in to view this page!'), 'warning'); $cUrl = '/' . $controller->params->url; if (!empty($_SERVER['QUERY_STRING'])) { $rUrl = $_SERVER['REQUEST_URI']; $pos = strpos($rUrl, $cUrl); $cUrl = substr($rUrl, $pos, strlen($rUrl)); } if ($controller->request->is('ajax')) { $controller->Session->write('Authorization.Redirect', $_SERVER['HTTP_REFERER']); $controller->redirect(array('plugin' => 'users', 'controller' => 'users', 'action' => 'login')); } $controller->Session->write('Authorization.Redirect', $cUrl); $controller->redirect(array('plugin' => 'users', 'controller' => 'users', 'action' => 'login')); } } else { if (!$userGroupModel->isUserGroupAccess($controller->params['controller'], $action, $this->User->Group->id())) { $controller->redirect(array('plugin' => 'users', 'controller' => 'users', 'action' => 'accessDenied')); } } } elseif (!empty($pageRedirect)) { $controller->redirect($pageRedirect); } $this->setLanguage($this->getLanguage()); }
/** * Called before the controller action. You can use this method to configure and customize components * or perform logic that needs to happen before each controller action. * * @param object $c current controller object * @return void */ function beforeFilter(&$c) { $this->c = $c; UsermgmtInIt($this); //todo make it more clear // set user info here if ($c->userAgent == 'wechat') { // update location ? $wechatUserInfo = $this->Session->read('wechatUserInfo'); //$wechatUserInfo = NULL; $acToken = ''; $rToken = ''; $acExpr = 0; $openId = NULL; App::import("Model", "WeChatDataModel"); $this->WeChatDataModel = new WeChatDataModel(); App::import("Model", "Usermgmt.User"); $this->User = new User(); App::import("Model", "WeChatUser"); $this->WechatUser = new WechatUser(); if ($wechatUserInfo) { $openId = $wechatUserInfo->openid; } else { //use refresh token first //shall we refresh first ? $code = ''; if (array_key_exists('code', $_GET)) { if ($_GET['code'] == 'code') { //redirect for the code $this->redirectForCode(); } else { $code = $_GET['code']; } } else { $this->redirectForCode(); } $ret = $this->WeChatDataModel->getWebAcToken($code); if ($ret == NULL) { //again? $this->log("redirect again "); $this->redirectForCode(); } $user = $this->WeChatDataModel->getUserByWebAcToken($ret->openid, $ret->access_token); $acToken = $ret->access_token; $rToken = $ret->refresh_token; $acExpr = $ret->expires_in; $this->Session->write('wechatUserInfo', $user); $wechatUserInfo = $user; $openId = $ret->openid; } /*user account about wechat's system is done*/ //bind our system id; //wechat user data stored in db // wechatUser: in our DB ; wechatUserInfo: in cookie and wechat's system // they are different $username = $wechatUserInfo->nickname; $wechatUser = $this->WeChatDataModel->getWechatUserByOpenId($openId); if (!$wechatUser) { ///yes //create sys user if ($username == '') { $wechatUserInfo = $this->Session->read('wechatUserInfo'); $username = $wechatUserInfo->nickname; } //create and bind it $count = 0; while ($this->User->findByFirstName($username)) { if ($count == 0) { $username = '******' . $username; } else { $username = $userInfo['name'] . "{$count}"; $count += 1; } } $sysUser = $this->newEmptyUserByWechat($openId, $username); //$this->UserAuth->debug($openId, $username); //var_dump($sysUser); //bind $userId = $sysUser['User']['id']; $data = array(); $data['WechatUser']['iz_user_id'] = $userId; $data['WechatUser']['wechat_name'] = $username; // when we update these? todo $data['WechatUser']['open_id'] = $openId; $data['WechatUser']['access_token'] = $acToken; $expTime = $acExpr + time(); $exptimeStamp = date("Y-m-d H:i:s", $expTime); $data['WechatUser']['access_token_expire'] = $exptimeStamp; $data['WechatUser']['refresh_token'] = $rToken; $this->WechatUser->save($data); $wechatUser = $this->WeChatDataModel->getWechatUserByOpenId($openId); } $c->wechatUser = $wechatUser; // got the info of our system' user account $userId = $wechatUser['WechatUser']['iz_user_id']; // login our sys $sysUser = $this->User->findById($userId); $this->login($sysUser); $this->setUser($c); } $user = $this->__getActiveUser(); $pageRedirect = $c->Session->read('permission_error_redirect'); $c->Session->delete('permission_error_redirect'); $controller = $c->params['controller']; $action = $c->params['action']; $actionUrl = $controller . '/' . $action; $requested = isset($c->params['requested']) && $c->params['requested'] == 1 ? true : false; $permissionFree = array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied', 'users/emailVerification'); $access = str_replace(' ', '', ucwords(str_replace('_', ' ', $controller))) . '/' . $action; $allControllers = $this->ControllerList->getControllerWithMethods(); $errorPage = false; if (!in_array($access, $allControllers)) { $errorPage = true; } if ((empty($pageRedirect) || $actionUrl != 'users/login') && !$requested && !in_array($actionUrl, $permissionFree) && !$errorPage) { App::import("Model", "Usermgmt.UserGroup"); $userGroupModel = new UserGroup(); if (!$this->isLogged()) { //redirect to login if (!$userGroupModel->isGuestAccess($controller, $action)) { $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG); $c->Session->write('permission_error_redirect', '/users/login'); $c->Session->setFlash(__('您需要登陆才能看这个页面哦...')); $cUrl = '/' . $c->params->url; if (!empty($_SERVER['QUERY_STRING'])) { $rUrl = $_SERVER['REQUEST_URI']; $pos = strpos($rUrl, $cUrl); $cUrl = substr($rUrl, $pos, strlen($rUrl)); } $c->Session->write('Usermgmt.OriginAfterLogin', $cUrl); $c->redirect('/login'); } } else { //logged $this->setUser($c); if (!$userGroupModel->isUserGroupAccess($controller, $action, $this->getGroupId())) { $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG); $c->Session->write('permission_error_redirect', '/users/login'); $c->redirect('/accessDenied'); } } } }