예제 #1
0
 public function setDynamicRules()
 {
     $context = $this->getContext();
     $user = $context->getUser();
     $request = $context->getRequest();
     $module = $request->getParameter('module');
     $action = $request->getParameter('action');
     $cache = false;
     $lifetime = 0;
     $withLayout = false;
     //the following actions will not be hard cached when access is restricted to admins only
     $nuclearCachingExceptions = array('sfGuardAuth' => array('signin' => true), 'home' => array('contact' => true, 'join' => true, 'confirmed' => true, 'requested' => true, 'joined' => true, 'confirmEmail' => true, 'chat' => true));
     //if access is restricted to admins only, pages not in the home module will be cached for a week
     if (sfConfig::get('app_login_admin_only') == 'on' && (!$user->isAuthenticated() || !sfGuardUserTable::isAdmin($user->getGuardUser()->id)) && !isset($nuclearCachingExceptions[$module][$action])) {
         $cache = true;
         $withLayout = true;
         $lifetime = self::WEEK_LIFETIME;
     } elseif ($lifetime = self::$alwaysCached[$module][$action]) {
         $cache = true;
         $withLayout = $request->isXmlHttpRequest() || !$user->isAuthenticated();
     } elseif (!$user->isAuthenticated() && ($lifetime = self::$outsideCached[$module][$action])) {
         $cache = true;
         $withLayout = true;
     } elseif ($user->isAuthenticated() && ($lifetime = self::$insideCached[$module][$action])) {
         $cache = true;
         $withLayout = false;
     }
     if ($cache) {
         $context->getViewCacheManager()->addCache($module, $action, array('withLayout' => $withLayout, 'lifeTime' => $lifetime));
     }
 }
예제 #2
0
 public function executeSignin($request)
 {
     $user = $this->getUser();
     if ($user->isAuthenticated()) {
         return $this->redirect('@homepage');
     }
     if ($request->getParameter('no_layout')) {
         $this->setLayout(false);
     }
     $this->form = new LoginForm();
     if ($request->isMethod('post')) {
         $this->form->bind($request->getParameter('signin'));
         if ($this->form->isValid()) {
             $values = $this->form->getValues();
             //check that email has been confirmed
             $profile = Doctrine::getTable('sfGuardUserProfile')->findOneByEmail($values['username']);
             if (!$profile->is_confirmed) {
                 $request->setError('', "This email address hasn't been confirmed; check your inbox for an email with a confirmation link");
                 $this->getUser()->setAuthenticated(false);
                 return sfView::SUCCESS;
             }
             if (!$profile->User->is_active) {
                 $request->setError('', "This account is disabled; contact the system administrator");
                 $this->getUser()->setAuthenticated(false);
                 return sfView::SUCCESS;
             }
             //if logins restricted to admins only, check that they have admin powers
             if (sfConfig::get('app_login_admin_only') == 'on') {
                 if (!sfGuardUserTable::isAdmin($profile->user_id)) {
                     $request->setError('', "Login has been disabled for non-administrators. Please try again later.");
                     $this->getUser()->setAuthenticated(false);
                     return sfView::SUCCESS;
                 }
             }
             $remember = isset($values['remember']);
             $this->getUser()->signIn($values['user'], $remember);
             if (!($signinUrl = $request->getParameter('referer'))) {
                 $signinUrl = sfConfig::get('app_sf_guard_plugin_success_signinUrl', $user->getReferer($request->getReferer()));
             }
             $url = LsRouting::generateUrlForRedirect($signinUrl);
             return $this->redirect('' != $url ? $url : '@homepage');
         }
     } else {
         if ($request->isXmlHttpRequest()) {
             $this->getResponse()->setHeaderOnly(true);
             $this->getResponse()->setStatusCode(401);
             return sfView::NONE;
         }
         $user->setReferer($request->getReferer());
         $module = sfConfig::get('sf_login_module');
         if ($this->getModuleName() != $module) {
             return $this->redirect($module . '/' . sfConfig::get('sf_login_action'));
         }
     }
 }
예제 #3
0
 public function execute($filterChain)
 {
     $context = $this->getContext();
     $user = $context->getUser();
     $firstCall = $this->isFirstCall();
     //attempt to log in user if they have the sfRemember cookie
     if (sfconfig::get('app_login_enabled') && $firstCall && (!$user->isAuthenticated() || !$user->getGuardUser())) {
         if ($cookie = $context->getRequest()->getCookie(sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'))) {
             $q = Doctrine_Query::create()->from('sfGuardRememberKey r')->innerJoin('r.sfGuardUser u')->where('r.remember_key = ?', $cookie);
             //if login restricted to admins only
             if (sfConfig::get('app_login_admin_only') == 'on') {
                 $q->leftJoin('u.sfGuardUserGroup g')->leftJoin('u.sfGuardUserPermission p')->andWhere('g.group_id = 1 OR p.permission_id = 1');
             }
             if ($q->count()) {
                 $user->signIn($q->fetchOne()->sfGuardUser);
             } else {
                 $context->getResponse()->setCookie(sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'), false, time() - 86400);
             }
         }
     }
     if ($firstCall && sfConfig::get('app_login_admin_only') == 'on' && $user->isAuthenticated()) {
         if (!sfGuardUserTable::isAdmin($user->getGuardUser()->id)) {
             $options = $context->getStorage()->getOptions();
             $cookieName = $options['session_name'];
             $user->setAuthenticated(false);
             $context->getResponse()->setCookie(sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'), false, time() - 86400);
             $context->getResponse()->setCookie($cookieName, false, time() - 86400);
         }
     }
     if (!sfconfig::get('app_login_enabled')) {
         $user->signOut();
     }
     $filterChain->execute();
     //set cookie to indicate whether user us logged in
     if (sfconfig::get('app_login_enabled') && $user->isAuthenticated()) {
         $context->getResponse()->setCookie('LittleSisUser', true);
     } else {
         $context->getResponse()->setCookie('LittleSisUser', false, time() - 86400);
     }
 }