/**
* Authentication by array
*
* @param TlalokesRegistry $reg
*/
public static function validate ( TlalokesRegistry &$reg )
{
if ( count( $_SESSION['profiles'] ) >= 1 ) {
// check if role is enabled
$roles = AuthRolesBss::getByPK( $_SESSION['role'] );
if ( is_string( $roles ) ) {
tlalokes_error_msg( $roles );
} else {
if ( $roles['role_status'] == 0 ) {
tlalokes_error_msg( 'Authentication: Your role is not enabled' );
}
}
// check if controller is available in profile
foreach ( $_SESSION['profiles'] as $profile ) {
// get permission
$p = AuthAccessPermissionsBss::getByCtl( $reg->conf['current']['controller'], $profile );
if ( !is_string( $p ) ) {
// validate method access
$methods = explode( ',', $p['methods'] );
foreach ( $methods as $method ) {
if ( $reg->conf['current']['action'] == $method ) {
tlalokes_error_msg( 'Authentication: Your profile has no '.
'access to this action' );
}
}
}
unset( $p );
}
}
}
/**
* login action
*
* @ActionDefinition( file='auth.tpl', propel )
*/
public function login ()
{
if ( !isset( $_SESSION['profiles'] ) || !isset( $_SESSION['role'] ) ) {
// verify method
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
// validate form
if ( !isset( $this->request->email ) || !$this->request->email ) {
$this->response->exception = 'Provide an email';
} elseif ( !isset( $this->request->password ) ||
!$this->request->password ) {
$this->response->exception = 'Provide a password';
} else {
// check if account exists
$user = AuthUsersBss::getByEmail( $this->request->email );
if ( is_string( $user ) ) {
$this->response->exception = $user;
} else {
// check password
if ( $user['password'] == tlalokes_core_crypt( $this->request->password ) ) {
$_SESSION['user_id'] = $user['id'];
// check role
$role = AuthRolesBss::getByName( $user['role_name'] );
if ( $role['role_status'] == 1 ) {
// set access profile
$profiles = AuthAccessProfilesRolesBss::getProfilesByRole( $role['id'] );
if ( is_string( $profiles ) ) {
$this->response->exception = $profiles;
} else {
foreach( $profiles as $profile ) {
$_SESSION['profiles'][] = $profile['profile'];
}
}
unset( $profiles );
// set role
$_SESSION['role'] = $role['id'];
unset( $role );
$this->response->flag = true;
}
} else {
$this->response->exception = 'Password invalid';
}
}
}
}
} else {
$this->response->flag = true;
}
}
/**
* Filter AuthAccessProfilesRoles
*
* @ActionDefinition( layout='auth_layout.tpl', zone='content:access_profiles_roles_display;', propel )
*/
public function filter ()
{
$response = AuthAccessProfilesRolesBss::filter( $this->request );
if ( is_array( $response ) ) {
$this->response->vars = $_SERVER['QUERY_STRING'];
$this->response->pager = $response['pager'];
$this->response->list = $response['data'];
// get reference's content for auth_access_profiles
$auth_access_profiles = AuthAccessProfilesBss::getAll( $this->request );
$this->response->auth_access_profiles = $auth_access_profiles['data'];
// get reference's content for auth_roles
$auth_roles = AuthRolesBss::getAll( $this->request );
$this->response->auth_roles = $auth_roles['data'];
} else {
$this->response->exception = $response;
$list = AuthAccessProfilesRolesBss::getAll( $this->request );
$this->response->list = $list['pager'];
$this->response->data = $list['data'];
}
}
/**
* Filter AuthRoles
*
* @ActionDefinition( layout='auth_layout.tpl', zone='content:roles_display;', propel )
*/
public function filter ()
{
$response = AuthRolesBss::filter( $this->request );
if ( is_array( $response ) ) {
$this->response->vars = $_SERVER['QUERY_STRING'];
$this->response->pager = $response['pager'];
$this->response->list = $response['data'];
} else {
$this->response->exception = $response;
$list = AuthRolesBss::getAll( $this->request );
$this->response->list = $list['pager'];
$this->response->data = $list['data'];
}
}
