/**
* Called before the controller action. You can use this method to configure and customize components
* or perform logic that needs to happen before each controller action.
*
* @param object $c current controller object
* @return void
*/
function beforeFilter(&$c)
{
$user = $this->__getActiveUser();
UsermgmtInIt($this);
$pageRedirect = $c->Session->read('permission_error_redirect');
$c->Session->delete('permission_error_redirect');
$controller = $c->params['controller'];
$action = $c->params['action'];
$actionUrl = $controller . '/' . $action;
$requested = isset($controller->params['requested']) && $controller->params['requested'] == 1 ? true : false;
$permissionFree = array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied', 'users/customer_register', 'users/customer_login');
if ((empty($pageRedirect) || $actionUrl != 'users/login') && !$requested && !in_array($actionUrl, $permissionFree)) {
App::import("Model", "Usermgmt.UserGroup");
$userGroupModel = new UserGroup();
if (!$this->isLogged()) {
if (!$userGroupModel->isGuestAccess($controller, $action)) {
$c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
$c->Session->write('permission_error_redirect', '/users/login');
$c->Session->setFlash('You need to be signed in to view this page.');
$c->Session->write('Usermgmt.OriginAfterLogin', '/' . $c->params->url);
$c->redirect('/login');
}
} else {
if (!$userGroupModel->isUserGroupAccess($controller, $action, $this->getGroupId())) {
$c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
$c->Session->write('permission_error_redirect', '/users/login');
$c->redirect('/accessDenied');
}
}
}
}
/**
* Called before the controller action. You can use this method to configure and customize components
* or perform logic that needs to happen before each controller action.
*
* @param object $c current controller object
* @return void
*/
function beforeFilter(&$c)
{
UsermgmtInIt($this);
$user = $this->__getActiveUser();
$pageRedirect = $c->Session->read('permission_error_redirect');
$c->Session->delete('permission_error_redirect');
$controller = $c->params['controller'];
$action = $c->params['action'];
$actionUrl = $controller . '/' . $action;
$requested = isset($c->params['requested']) && $c->params['requested'] == 1 ? true : false;
$permissionFree = array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied', 'users/emailVerification');
$access = str_replace(' ', '', ucwords(str_replace('_', ' ', $controller))) . '/' . $action;
$allControllers = $this->ControllerList->getControllerWithMethods();
$errorPage = false;
if (!in_array($access, $allControllers)) {
$errorPage = true;
}
if ((empty($pageRedirect) || $actionUrl != 'users/login') && !$requested && !in_array($actionUrl, $permissionFree) && !$errorPage) {
App::import("Model", "Usermgmt.UserGroup");
$userGroupModel = new UserGroup();
if (!$this->isLogged()) {
if (!$userGroupModel->isGuestAccess($controller, $action)) {
$c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
$c->Session->write('permission_error_redirect', '/users/login');
$c->Session->setFlash('You need to be signed in to view this page.');
$cUrl = '/' . $c->params->url;
if (!empty($_SERVER['QUERY_STRING'])) {
$rUrl = $_SERVER['REQUEST_URI'];
$pos = strpos($rUrl, $cUrl);
$cUrl = substr($rUrl, $pos, strlen($rUrl));
}
$c->Session->write('Usermgmt.OriginAfterLogin', $cUrl);
$c->redirect('/login');
}
} else {
if (!$userGroupModel->isUserGroupAccess($controller, $action, $this->getGroupId())) {
$c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
$c->Session->write('permission_error_redirect', '/users/login');
$c->redirect('/accessDenied');
}
}
}
}
/**
* Called before the controller action. You can use this method to configure and customize components
* or perform logic that needs to happen before each controller action.
*
* @param object $c current controller object
* @return void
*/
function authorize(&$controller)
{
$user = $this->getUser();
$pageRedirect = $controller->Session->read('permission_error_redirect');
$controller->Session->delete('permission_error_redirect');
$action = $controller->params['action'];
$actionUrl = $controller->params['controller'] . '/' . $action;
$this->updateActivity($controller, $actionUrl);
$requested = isset($controller->params['requested']) && $controller->params['requested'] == 1 ? true : false;
if (!in_array($actionUrl, unserialize(PERMISSION_FREE)) && empty($pageRedirect) && !$requested && !in_array($controller->params['controller'], array('css', 'img'))) {
App::import("Model", "Users.UserGroup");
$userGroupModel = new UserGroup();
if (!$this->User->isLogged()) {
if (!$userGroupModel->isGuestAccess($controller->params['controller'], $action)) {
$controller->Session->write('permission_error_redirect', array('plugin' => 'users', 'controller' => 'users', 'action' => 'login'));
$controller->Session->setFlash(__('You need to be signed in to view this page!'), 'warning');
$cUrl = '/' . $controller->params->url;
if (!empty($_SERVER['QUERY_STRING'])) {
$rUrl = $_SERVER['REQUEST_URI'];
$pos = strpos($rUrl, $cUrl);
$cUrl = substr($rUrl, $pos, strlen($rUrl));
}
if ($controller->request->is('ajax')) {
$controller->Session->write('Authorization.Redirect', $_SERVER['HTTP_REFERER']);
$controller->redirect(array('plugin' => 'users', 'controller' => 'users', 'action' => 'login'));
}
$controller->Session->write('Authorization.Redirect', $cUrl);
$controller->redirect(array('plugin' => 'users', 'controller' => 'users', 'action' => 'login'));
}
} else {
if (!$userGroupModel->isUserGroupAccess($controller->params['controller'], $action, $this->User->Group->id())) {
$controller->redirect(array('plugin' => 'users', 'controller' => 'users', 'action' => 'accessDenied'));
}
}
} elseif (!empty($pageRedirect)) {
$controller->redirect($pageRedirect);
}
$this->setLanguage($this->getLanguage());
}
/**
* Called before the controller action. You can use this method to configure and customize components
* or perform logic that needs to happen before each controller action.
*
* @param object $c current controller object
* @return void
*/
function beforeFilter(&$c)
{
$this->c = $c;
UsermgmtInIt($this);
//todo make it more clear
// set user info here
if ($c->userAgent == 'wechat') {
// update location ?
$wechatUserInfo = $this->Session->read('wechatUserInfo');
//$wechatUserInfo = NULL;
$acToken = '';
$rToken = '';
$acExpr = 0;
$openId = NULL;
App::import("Model", "WeChatDataModel");
$this->WeChatDataModel = new WeChatDataModel();
App::import("Model", "Usermgmt.User");
$this->User = new User();
App::import("Model", "WeChatUser");
$this->WechatUser = new WechatUser();
if ($wechatUserInfo) {
$openId = $wechatUserInfo->openid;
} else {
//use refresh token first
//shall we refresh first ?
$code = '';
if (array_key_exists('code', $_GET)) {
if ($_GET['code'] == 'code') {
//redirect for the code
$this->redirectForCode();
} else {
$code = $_GET['code'];
}
} else {
$this->redirectForCode();
}
$ret = $this->WeChatDataModel->getWebAcToken($code);
if ($ret == NULL) {
//again?
$this->log("redirect again ");
$this->redirectForCode();
}
$user = $this->WeChatDataModel->getUserByWebAcToken($ret->openid, $ret->access_token);
$acToken = $ret->access_token;
$rToken = $ret->refresh_token;
$acExpr = $ret->expires_in;
$this->Session->write('wechatUserInfo', $user);
$wechatUserInfo = $user;
$openId = $ret->openid;
}
/*user account about wechat's system is done*/
//bind our system id;
//wechat user data stored in db
// wechatUser: in our DB ; wechatUserInfo: in cookie and wechat's system
// they are different
$username = $wechatUserInfo->nickname;
$wechatUser = $this->WeChatDataModel->getWechatUserByOpenId($openId);
if (!$wechatUser) {
///yes
//create sys user
if ($username == '') {
$wechatUserInfo = $this->Session->read('wechatUserInfo');
$username = $wechatUserInfo->nickname;
}
//create and bind it
$count = 0;
while ($this->User->findByFirstName($username)) {
if ($count == 0) {
$username = '******' . $username;
} else {
$username = $userInfo['name'] . "{$count}";
$count += 1;
}
}
$sysUser = $this->newEmptyUserByWechat($openId, $username);
//$this->UserAuth->debug($openId, $username);
//var_dump($sysUser);
//bind
$userId = $sysUser['User']['id'];
$data = array();
$data['WechatUser']['iz_user_id'] = $userId;
$data['WechatUser']['wechat_name'] = $username;
// when we update these? todo
$data['WechatUser']['open_id'] = $openId;
$data['WechatUser']['access_token'] = $acToken;
$expTime = $acExpr + time();
$exptimeStamp = date("Y-m-d H:i:s", $expTime);
$data['WechatUser']['access_token_expire'] = $exptimeStamp;
$data['WechatUser']['refresh_token'] = $rToken;
$this->WechatUser->save($data);
$wechatUser = $this->WeChatDataModel->getWechatUserByOpenId($openId);
}
$c->wechatUser = $wechatUser;
// got the info of our system' user account
$userId = $wechatUser['WechatUser']['iz_user_id'];
// login our sys
$sysUser = $this->User->findById($userId);
$this->login($sysUser);
$this->setUser($c);
}
$user = $this->__getActiveUser();
$pageRedirect = $c->Session->read('permission_error_redirect');
$c->Session->delete('permission_error_redirect');
$controller = $c->params['controller'];
$action = $c->params['action'];
$actionUrl = $controller . '/' . $action;
$requested = isset($c->params['requested']) && $c->params['requested'] == 1 ? true : false;
$permissionFree = array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied', 'users/emailVerification');
$access = str_replace(' ', '', ucwords(str_replace('_', ' ', $controller))) . '/' . $action;
$allControllers = $this->ControllerList->getControllerWithMethods();
$errorPage = false;
if (!in_array($access, $allControllers)) {
$errorPage = true;
}
if ((empty($pageRedirect) || $actionUrl != 'users/login') && !$requested && !in_array($actionUrl, $permissionFree) && !$errorPage) {
App::import("Model", "Usermgmt.UserGroup");
$userGroupModel = new UserGroup();
if (!$this->isLogged()) {
//redirect to login
if (!$userGroupModel->isGuestAccess($controller, $action)) {
$c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
$c->Session->write('permission_error_redirect', '/users/login');
$c->Session->setFlash(__('您需要登陆才能看这个页面哦...'));
$cUrl = '/' . $c->params->url;
if (!empty($_SERVER['QUERY_STRING'])) {
$rUrl = $_SERVER['REQUEST_URI'];
$pos = strpos($rUrl, $cUrl);
$cUrl = substr($rUrl, $pos, strlen($rUrl));
}
$c->Session->write('Usermgmt.OriginAfterLogin', $cUrl);
$c->redirect('/login');
}
} else {
//logged
$this->setUser($c);
if (!$userGroupModel->isUserGroupAccess($controller, $action, $this->getGroupId())) {
$c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
$c->Session->write('permission_error_redirect', '/users/login');
$c->redirect('/accessDenied');
}
}
}
}
