/**
* Execute before the router so we can determine if this is a private controller, and must be authenticated, or a
* public controller that is open to all.
*
* @param Dispatcher $dispatcher
* @return boolean
*/
public function beforeExecuteRoute(Dispatcher $dispatcher)
{
$controllerName = $dispatcher->getControllerName();
// this is not namespaced
$controllerName = $dispatcher->getHandlerClass();
// this IS namespaced
// Only check permissions on private controllers
// By virtue of extending BaseAuth, this is a private controller
// Get the current identity
$identity = $this->auth->getIdentity();
// If there is no identity available the user is redirected to index/index
if (!is_array($identity)) {
$this->flashSession->warning('Please sign in.');
$dispatcher->forward(array('controller' => 'session', 'action' => 'login'));
return false;
}
//$this->flash->notice( \Dsc\Lib\Debug::dump( $identity ) );
// Check if the user have permission to the current option
$actionName = $dispatcher->getActionName();
if (!$this->acl->isAllowed($identity['profile'], $controllerName, $actionName)) {
$this->flash->warning('You don\'t have access to: ' . $controllerName . ' : ' . $actionName);
if ($this->acl->isAllowed($identity['profile'], $controllerName, 'index')) {
$dispatcher->forward(array('controller' => $controllerName, 'action' => 'index'));
} else {
$dispatcher->forward(array('controller' => 'User_Control', 'action' => 'index'));
}
return false;
}
}
/**
* @param Event $event
* @param MvcDispatcher $dispatcher
*/
public function beforeExecuteRoute(Event $event, MvcDispatcher $dispatcher)
{
if ($dispatcher->getNamespaceName() !== $dispatcher->getDefaultNamespace()) {
/** @var MvcView $view */
$view = $dispatcher->getDI()->get('view');
if ($view->isDisabled()) {
return;
}
$viewPathParts = array_values(array_diff(explode('\\', strtolower($dispatcher->getHandlerClass())), explode('\\', strtolower($dispatcher->getDefaultNamespace()))));
$viewPathParts[] = $dispatcher->getActionName();
$view->setLayout($viewPathParts[0]);
$view->pick(implode(DIRECTORY_SEPARATOR, $viewPathParts));
}
}
public function beforeDispatch(\Phalcon\Events\Event $event, Dispatcher $dispatcher)
{
$id = $this->session->get(self::SESSION_USER_ID);
$sessionKey = $this->session->get(self::SESSION_KEY);
$user = $this->getCurrentUser();
if ($id && $user) {
if (!$user->validateSessionKey($sessionKey)) {
$this->session->destroy();
$this->response->redirect('');
return false;
}
// Allow access when logged in
} else {
if ($dispatcher->getHandlerClass() === 'AuthController' && $dispatcher->getActionName() === 'login') {
// Permit the login action when not logged in
} else {
// Handle everything with /auth/login for guests
$dispatcher->forward(array('controller' => 'auth', 'action' => 'login'));
}
}
}
