/** * Replace standard admin login form with HTTP Basic authentication * * @param AbstractAction $subject * @param callable $proceed * @param RequestInterface $request * @return ResponseInterface * @SuppressWarnings(PHPMD.UnusedFormalParameter) * @SuppressWarnings(PHPMD.CyclomaticComplexity) * @SuppressWarnings(PHPMD.NPathComplexity) */ public function aroundDispatch(AbstractAction $subject, \Closure $proceed, RequestInterface $request) { $resource = isset($this->aclResources[$request->getControllerName()]) ? isset($this->aclResources[$request->getControllerName()][$request->getActionName()]) ? $this->aclResources[$request->getControllerName()][$request->getActionName()] : $this->aclResources[$request->getControllerName()] : null; $type = $request->getParam('type'); $resourceType = isset($this->aclResources[$type]) ? $this->aclResources[$type] : null; if (!$resource || !$resourceType) { return parent::aroundDispatch($subject, $proceed, $request); } $session = $this->_auth->getAuthStorage(); // Try to login using HTTP-authentication if (!$session->isLoggedIn()) { list($login, $password) = $this->httpAuthentication->getCredentials(); try { $this->_auth->login($login, $password); } catch (AuthenticationException $e) { $this->logger->critical($e); } } // Verify if logged in and authorized if (!$session->isLoggedIn() || !$this->authorization->isAllowed($resource) || !$this->authorization->isAllowed($resourceType)) { $this->httpAuthentication->setAuthenticationFailed('RSS Feeds'); return $this->_response; } return parent::aroundDispatch($subject, $proceed, $request); }
/** * @param \Magento\Backend\App\AbstractAction $subject * @param callable $proceed * @param \Magento\Framework\App\RequestInterface $request * * @return mixed * @SuppressWarnings(PHPMD.UnusedFormalParameter) */ public function aroundDispatch(\Magento\Backend\App\AbstractAction $subject, \Closure $proceed, \Magento\Framework\App\RequestInterface $request) { $requestedActionName = $request->getActionName(); if (in_array($requestedActionName, $this->_openActions)) { $request->setDispatched(true); } else { if ($this->_auth->getUser()) { $this->_auth->getUser()->reload(); } if (!$this->_auth->isLoggedIn()) { $this->_processNotLoggedInUser($request); } else { $this->_auth->getAuthStorage()->prolong(); $backendApp = null; if ($request->getParam('app')) { $backendApp = $this->backendAppList->getCurrentApp(); } if ($backendApp) { $resultRedirect = $this->resultRedirectFactory->create(); $baseUrl = \Magento\Framework\App\Request\Http::getUrlNoScript($this->backendUrl->getBaseUrl()); $baseUrl = $baseUrl . $backendApp->getStartupPage(); return $resultRedirect->setUrl($baseUrl); } } } $this->_auth->getAuthStorage()->refreshAcl(); return $proceed($request); }
/** * Get wizard step by request * * @param \Magento\Framework\App\RequestInterface $request * @return \Magento\Framework\Object|bool */ public function getStepByRequest(\Magento\Framework\App\RequestInterface $request) { foreach ($this->_steps as $step) { if ($step->getController() == $request->getControllerName() && $step->getAction() == $request->getActionName()) { return $step; } } return false; }
/** * Dispatch actions allowed for not authorized users * * @param ActionInterface $subject * @param \Closure $proceed * @param RequestInterface $request * @return mixed */ public function aroundDispatch(ActionInterface $subject, \Closure $proceed, RequestInterface $request) { $action = strtolower($request->getActionName()); $pattern = '/^(' . implode('|', $this->allowedActions) . ')$/i'; if (!preg_match($pattern, $action)) { if (!$this->session->authenticate()) { $subject->getActionFlag()->set('', ActionInterface::FLAG_NO_DISPATCH, true); } } else { $this->session->setNoReferer(true); } $result = $proceed($request); $this->session->unsNoReferer(false); return $result; }
/** * @param \Magento\Backend\App\AbstractAction $subject * @param callable $proceed * @param \Magento\Framework\App\RequestInterface $request * * @return mixed * @SuppressWarnings(PHPMD.UnusedFormalParameter) */ public function aroundDispatch(\Magento\Backend\App\AbstractAction $subject, \Closure $proceed, \Magento\Framework\App\RequestInterface $request) { $requestedActionName = $request->getActionName(); if (in_array($requestedActionName, $this->_openActions)) { $request->setDispatched(true); } else { if ($this->_auth->getUser()) { $this->_auth->getUser()->reload(); } if (!$this->_auth->isLoggedIn()) { $this->_processNotLoggedInUser($request); } else { $this->_auth->getAuthStorage()->prolong(); } } $this->_auth->getAuthStorage()->refreshAcl(); return $proceed($request); }
/** * Check if a request is session check * * @return bool */ protected function isSessionCheckRequest() { return $this->request->getModuleName() == 'security' && $this->request->getActionName() == 'check'; }
/** * Return whether page is tax configuration * * @return bool */ protected function isTaxConfigPage() { return $this->request->getModuleName() == 'admin' && $this->request->getControllerName() == 'system_config' && $this->request->getActionName() == 'edit' && $this->request->getParam('section') == 'tax'; }
/** * Return whether page is queue page * * @return bool */ protected function isQueuePage() { return $this->request->getModuleName() == 'avatax' && $this->request->getControllerName() == 'queue' && $this->request->getActionName() == 'index'; }