/**
* @access private
* @param UserModel $user
* @throws Exception
* @return void
*/
private function _processUserStatus(UserModel $user)
{
switch ($user->status) {
// If the account is pending, they don't exist yet.
case UserStatus::Pending:
case UserStatus::Archived:
$this->errorCode = static::ERROR_USERNAME_INVALID;
break;
case UserStatus::Locked:
$this->errorCode = $this->_getLockedAccountErrorCode();
break;
case UserStatus::Suspended:
$this->errorCode = static::ERROR_ACCOUNT_SUSPENDED;
break;
case UserStatus::Active:
// Validate the password
if (craft()->users->validatePassword($user->password, $this->password)) {
if ($user->passwordResetRequired) {
$this->_id = $user->id;
$this->errorCode = static::ERROR_PASSWORD_RESET_REQUIRED;
craft()->users->sendForgotPasswordEmail($user);
} else {
if (craft()->request->isCpRequest() && !$user->can('accessCp')) {
$this->errorCode = static::ERROR_NO_CP_ACCESS;
} else {
if (craft()->request->isCpRequest() && !Craft::isSystemOn() && !$user->can('accessCpWhenSystemIsOff')) {
$this->errorCode = static::ERROR_NO_CP_OFFLINE_ACCESS;
} else {
// Finally, everything is well with the world. Let's log in.
$this->_id = $user->id;
$this->username = $user->username;
$this->errorCode = static::ERROR_NONE;
}
}
}
} else {
craft()->users->handleInvalidLogin($user);
// Was that one bad password too many?
if ($user->status == UserStatus::Locked) {
$this->errorCode = $this->_getLockedAccountErrorCode();
} else {
$this->errorCode = static::ERROR_PASSWORD_INVALID;
}
}
break;
default:
throw new Exception(Craft::t('User has unknown status “{status}”', array($user->status)));
}
}
/**
* Processes the request.
*
* @throws HttpException
*/
public function processRequest()
{
// If this is a resource request, we should respond with the resource ASAP
$this->_processResourceRequest();
// Validate some basics on the database configuration file.
$this->_validateDbConfigFile();
// Process install requests
$this->_processInstallRequest();
// If the system in is maintenance mode and it's a site request, throw a 503.
if (Craft::isInMaintenanceMode() && $this->request->isSiteRequest()) {
throw new HttpException(503);
}
// Set the target language
$this->setLanguage($this->_getTargetLanguage());
// Check if the app path has changed. If so, run the requirements check again.
$this->_processRequirementsCheck();
// If the track has changed, put the brakes on the request.
if (!$this->updates->isTrackValid()) {
if ($this->request->isCpRequest()) {
$this->runController('templates/invalidtrack');
$this->end();
} else {
throw new HttpException(503);
}
}
// Set the package components
$this->_setPackageComponents();
// isCraftDbUpdateNeeded will return true if we're in the middle of a manual or auto-update for Craft itself.
// If we're in maintenance mode and it's not a site request, show the manual update template.
if ($this->updates->isCraftDbUpdateNeeded() || Craft::isInMaintenanceMode() && $this->request->isCpRequest() || $this->request->getActionSegments() == array('update', 'cleanUp') || $this->request->getActionSegments() == array('update', 'rollback')) {
$this->_processUpdateLogic();
}
// Make sure that the system is on, or that the user has permission to access the site/CP while the system is off
if (Craft::isSystemOn() || $this->request->isActionRequest() && $this->request->getActionSegments() == array('users', 'login') || $this->request->isSiteRequest() && $this->userSession->checkPermission('accessSiteWhenSystemIsOff') || $this->request->isCpRequest() && $this->userSession->checkPermission('accessCpWhenSystemIsOff')) {
// Load the plugins
craft()->plugins->loadPlugins();
// Check if a plugin needs to update the database.
if ($this->updates->isPluginDbUpdateNeeded()) {
$this->_processUpdateLogic();
}
// If this is a non-login, non-validate, non-setPassword CP request, make sure the user has access to the CP
if ($this->request->isCpRequest() && !($this->request->isActionRequest() && $this->_isValidActionRequest())) {
// Make sure the user has access to the CP
$this->userSession->requireLogin();
$this->userSession->requirePermission('accessCp');
// If they're accessing a plugin's section, make sure that they have permission to do so
$firstSeg = $this->request->getSegment(1);
if ($firstSeg) {
$plugin = $plugin = $this->plugins->getPlugin($firstSeg);
if ($plugin) {
$this->userSession->requirePermission('accessPlugin-' . $plugin->getClassHandle());
}
}
}
// If this is an action request, call the controller
$this->_processActionRequest();
// If we're still here, finally let UrlManager do it's thing.
parent::processRequest();
} else {
// Log out the user
if ($this->userSession->isLoggedIn()) {
$this->userSession->logout(false);
}
if ($this->request->isCpRequest()) {
// Redirect them to the login screen
$this->userSession->requireLogin();
} else {
// Display the offline template
$this->runController('templates/offline');
}
}
}
/**
* Returns whether the system is on.
*
* @return string
*/
public function isSystemOn()
{
return Craft::isSystemOn();
}
