/** * @param Dispatcher $dispatcher * * @return bool */ public function beforeExecuteRoute(Dispatcher $dispatcher) { $returnVal = true; $lang = $this->getUriParameter('language'); $controllerName = $dispatcher->getControllerName(); if ('1' != $this->config->application->debug) { $lang = $this->getUriParameter('language'); $lang = $lang ? $lang : 'en'; $key = preg_replace('/[^a-zA-Z0-9\\_]/', '', $lang . '-' . $dispatcher->getControllerName() . '-' . $dispatcher->getActionName() . '-' . implode('-', $dispatcher->getParams())); $this->view->cache(array('key' => $key)); if ($this->view->getCache()->exists($key)) { $returnVal = false; } } $auth = $this->session->get('auth'); $identity = $this->auth->getIdentity(); if (!$auth) { $role = 'Guests'; } else { $role = $identity['profile']; } // Check if the user have permission to the current option $actionName = $dispatcher->getActionName(); if (!$this->acl->isAllowed($role, $controllerName, $actionName)) { $this->flash->notice('You don\'t have access to this module: ' . $controllerName . ':' . $actionName); if ($this->acl->isAllowed($identity['profile'], $controllerName, 'index')) { $dispatcher->forward(array('controller' => $controllerName, 'action' => 'index')); } $returnVal = false; } else { $this->requestInitialize($controllerName); } return $returnVal; }
/** * This action is executed before execute any action in the application */ public function beforeDispatch(Event $event, Dispatcher $dispatcher) { if ($this->config->application->user_login_form_cookies) { //use cookies $auth = $this->_getCookie('auth'); if (!$auth) { $role = 'Guests'; } else { $role = $this->_getCookie('role'); $role = 'Person'; } } else { $auth = $this->session->get('auth'); $auth = $this->_getCookie('auth'); if (!$auth) { $role = 'Guests'; } else { $role = $auth['role']; // $role='Common'; } } $controller = $dispatcher->getControllerName(); $action = $dispatcher->getActionName(); $acl = $this->getAcl(); $allowed = $acl->isAllowed($role, $controller, $action); if ($allowed != Acl::ALLOW) { $this->flash->error("You don't have access to this module"); $dispatcher->forward(array('controller' => 'user', 'action' => 'login')); return false; } }
public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher) { $auth = $this->session->get('auth'); if (!$auth) { $role = 'INVITADO'; } else { $role = $auth["rol_nombre"]; } //nombre del controlador al que intentamos acceder $controller = $dispatcher->getControllerName(); //nombre de la acción a la que intentamos acceder $action = $dispatcher->getActionName(); //obtenemos la Lista de Control de Acceso(acl) que hemos creado $acl = $this->getAcl(); //boolean(true | false) si tenemos permisos devuelve true en otro caso false $allowed = $acl->isAllowed($role, $controller, $action); //si el usuario no tiene acceso a la zona que intenta acceder //se lo redirecciona a login. (o habria que enviarlo al index? ) //con un mensaje flash if ($allowed != \Phalcon\Acl::ALLOW) { $this->flash->error("<p>ZONA RESTRINGIDA, NO TIENES PERMISO PARA ACCEDER A LA SECCIÓN SOLICITADA</p>"); $dispatcher->forward(array('controller' => 'index', 'action' => 'index')); return false; } }
public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher) { // Check whether the "auth" variable exists in session to define the active role $auth = $this->session->get('auth'); if (!$auth) { $role = 'Guests'; } else { $role = 'Users'; } // Take the active controller/action from the dispatcher $controller = $dispatcher->getControllerName(); $action = $dispatcher->getActionName(); // Obtain the ACL list $acl = $this->getAcl(); // Check if the Role have access to the controller (resource) $allowed = $acl->isAllowed($role, $controller, $action); if ($allowed != Acl::ALLOW) { // If he doesn't have access forward him to the index controller $this->flash->error("You don't have access to this module"); $dispatcher->forward(array('controller' => 'index', 'action' => 'index')); // Returning "false" we tell to the dispatcher to stop the current operation return false; } //return true; }
/** * Generate a route based on the current URL. * * @param $path_info * @return string The routed URL. */ public function routeFromHere($path_info) { $new_path = array('module' => $this->_dispatcher->getModuleName(), 'controller' => $this->_dispatcher->getControllerName(), 'action' => $this->_dispatcher->getActionName(), 'params' => (array) $this->_dispatcher->getParams()); if (isset($path_info['module'])) { $new_path['module'] = $path_info['module']; unset($path_info['module']); } if (isset($path_info['controller'])) { $new_path['controller'] = $path_info['controller']; unset($path_info['controller']); } if (isset($path_info['action'])) { $new_path['action'] = $path_info['action']; unset($path_info['action']); } if (count($path_info) > 0) { foreach ((array) $path_info as $param_key => $param_value) { $new_path['params'][$param_key] = $param_value; } } if (isset($new_path['params']['name'])) { // Allow support for named routes. $route_name = $new_path['params']['name']; unset($new_path['params']['name']); return $this->named($route_name, $new_path['params']); } else { return $this->route($new_path); } }
public function beforeDispatch(Event $event, Dispatcher $dispatcher) { //check whether the 'auth' variable exists in session (if logged in) $auth = $this->session->get('auth'); if ($auth) { //logged in $role = 'Users'; } else { //not logged in $role = 'Guests'; } //take the active controller/action from the dispatcher $controller = $dispatcher->getControllerName(); $action = $dispatcher->getActionName(); //obtain the ACL list $acl = $this->getAcl(false); //check if the role has access to the controller (resource) $allowed = $acl->isAllowed($role, $controller, $action); if ($allowed != Acl::ALLOW) { //does not have access to the controller, fwd to index $this->flashSession->error("{$role} don't have access to this page!"); $dispatcher->forward(array('controller' => 'index', 'action' => 'index')); //return false to tell dispatcher to stop current operation return false; } else { //user is allowed in (do nothing) if ($controller == 'admin' && $action == 'updateAcl') { //update acl $acl = $this->getAcl(true); } } }
public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher) { echo $resource = $this->_module . '-' . $dispatcher->getControllerName(), PHP_EOL; // frontend-dashboard echo $access = $dispatcher->getActionName(); // null }
public function beforeExecuteRoute(Dispatcher $dispatcher) { $actionName = $dispatcher->getActionName(); $controllerName = $dispatcher->getControllerName() . 'Controller'; $nameSpaceName = $dispatcher->getNamespaceName(); $className = $nameSpaceName . '\\' . ucwords($controllerName); $no_auth_array = []; if (class_exists($className)) { $no_auth_array = array_merge($className::$no_auth_array, self::$no_auth_array); } if (in_array($actionName, $no_auth_array)) { return true; } if ($this->isLogin()) { //判断是否有权限操作此资源 if (!$this->isAllowed($actionName)) { //echo '没有权限'; $dispatcher->forward(array('controller' => 'index', 'action' => 'noauth')); //die(); return false; } return true; } else { if (!($host = $this->request->getServerName())) { $host = $this->request->getHttpHost(); } $sourceUrl = $this->request->getScheme() . '://' . $host . $this->request->getURI(); $url = $this->request->getScheme() . '://' . $host . self::USER_LOGIN_URL . '?ref=' . $sourceUrl; $this->redirect($url); } }
public function beforeExecuteRoute(Event $event,Dispatcher $dispatcher){ //return; //$this->session->destroy(); $role=$this->session->get('role'); if(!$role){ $role=self::GUEST; } //Get the current Controller & Action from the dispatcher $controller=$dispatcher->getControllerName(); $action=$dispatcher->getActionName(); //Get the ACL rule list $acl=$this->_getAcl(); //See if they have permission $allowed=$acl->isAllowed($role, $controller,$action); if($allowed!=Acl::ALLOW){ $this->flash->error('You Don\'t Have Permission To Access This Area'); $this->response->redirect('index'); //Stops the dispatcher at current operation return false; } }
/** * Execute before the router so we can determine if this is a provate controller, and must be authenticated, or a * public controller that is open to all. * * @param Dispatcher $dispatcher * @return boolean */ public function beforeExecuteRoute(Dispatcher $dispatcher) { $controllerName = $dispatcher->getControllerName(); // Only check permissions on private controllers if ($this->acl->isPrivate($controllerName)) { // Get the current identity $identity = $this->auth->getIdentity(); // If there is no identity available the user is redirected to index/index if (!is_array($identity)) { $this->flash->notice('You don\'t have access to this module: private'); $dispatcher->forward(array('controller' => 'index', 'action' => 'index')); return false; } // Check if the user have permission to the current option $actionName = $dispatcher->getActionName(); if (!$this->acl->isAllowed($identity['profile'], $controllerName, $actionName)) { $this->flash->notice('You don\'t have access to this module: ' . $controllerName . ':' . $actionName); if ($this->acl->isAllowed($identity['profile'], $controllerName, 'index')) { $dispatcher->forward(array('controller' => $controllerName, 'action' => 'index')); } else { $dispatcher->forward(array('controller' => 'user_control', 'action' => 'index')); } return false; } } }
/** * This action is executed before execute any action in the application */ public function beforeDispatch(Event $event, Dispatcher $dispatcher) { $controller = \strtolower($dispatcher->getControllerName()); $action = \strtolower($dispatcher->getActionName()); $resource = "{$controller}::{$action}"; $role = 'GUEST'; if ($this->session->get('authenticated')) { $user = User::findFirstByIdUser($this->session->get('idUser')); if ($user) { $role = $user->role->name; $userEfective = new stdClass(); $userEfective->enable = false; $efective = $this->session->get('userEfective'); if (isset($efective)) { $userEfective->enable = true; $role = $efective->role->name; $user->role = $efective->role; } // Inyectar el usuario $this->_dependencyInjector->set('userData', $user); $this->_dependencyInjector->set('userEfective', $userEfective); } } $map = $this->getControllerMap(); $this->publicurls = array('error::index', 'error::notavailable', 'error::unauthorized', 'error::forbidden', 'session::login', 'session::logout', 'session::recoverpass', 'session::resetpassword', 'session::setnewpass', 'session::questionpass', 'session::changepass'); if ($role == 'GUEST') { if (!in_array($resource, $this->publicurls)) { $this->response->redirect("session/login"); return false; } } else { if ($resource == 'session::login') { $this->response->redirect("index"); return false; } else { $acl = $this->getAcl(); $this->logger->log("Validando el usuario con rol [{$role}] en [{$resource}]"); if (!isset($map[$resource])) { $this->logger->log("El recurso no se encuentra registrado"); $dispatcher->forward(array('controller' => 'error', 'action' => 'index')); return false; } $reg = $map[$resource]; foreach ($reg as $resources => $actions) { foreach ($actions as $act) { if (!$acl->isAllowed($role, $resources, $act)) { $this->logger->log('Acceso denegado'); $dispatcher->forward(array('controller' => 'error', 'action' => 'forbidden')); return false; } } } $mapForLoginLikeAnyUser = array('session::superuser'); if (in_array($resource, $mapForLoginLikeAnyUser)) { $this->session->set('userEfective', $user); } return true; } } }
/** * @param Dispatcher $dispatcher */ public function beforeExecuteRoute(Dispatcher $dispatcher) { $controllerName = $dispatcher->getControllerName(); $actionName = $dispatcher->getActionName(); // This confirm a private zone //check for a closed controller and Action is exist a current session if ($this->acl->isClosed($controllerName, $actionName)) { if (!is_null($this->auth->getAccess())) { //This redirect to another Controller/Action $this->response->redirect('dashboard'); // Disable the view to avoid rendering $this->view->disable(); } return true; } if ($this->acl->isPrivate($controllerName)) { if (!is_null($this->auth->getAccess())) { //echo "Logeado"; } else { //Display a error by a flash component $this->flash->notice('Upss! Access denied, Please Registry first or Login into Kangoo'); //Execute the dispatcher to move above the user $dispatcher->forward(array('controller' => 'index', 'action' => 'index')); return false; } } }
/** * This action is executed before execute any action in the application * * @param Event $event * @param Dispatcher $dispatcher * @return bool */ public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher) { $module = $dispatcher->getModuleName(); $controller = $module . ':' . $dispatcher->getControllerName(); $action = $dispatcher->getActionName(); $auth = $this->auth->getIdentity(); $role = 'Visitante'; $url = '/' . $module; $name = ''; if (!$auth) { $this->auth->setGuest($name, $role, $url); } else { if ($auth['usuario_tipo'] == 'Visitante' && $action != 'auth') { if ($auth['home'] != $url) { $this->auth->setGuest($name, $role, $url); } } else { $role = $auth['usuario_tipo']; } } $acl = $this->getAcl(); $allowed = $acl->isAllowed($role, $controller, $action); if ($allowed != Acl::ALLOW) { $dispatcher->forward(array('controller' => 'errors', 'action' => 'show401')); return false; } }
/** * This action is executed after execute any action in the application. * * @param PhalconEvent $event Event object. * @param Dispatcher $dispatcher Dispatcher object. * * @return mixed */ public function afterExecuteRoute(PhEvent $event, Dispatcher $dispatcher) { $config = $this->getDI()->get('config')->toArray(); $controllerName = $dispatcher->getControllerName(); $actionName = $dispatcher->getActionName(); $this->getDI()->get('view')->pick($controllerName . '/' . $config['global']['template'][$controllerName] . '/' . $actionName); }
/** * This action is executed before execute any action in the application. * * @param PhalconEvent $event Event object. * @param Dispatcher $dispatcher Dispatcher object. * * @return mixed */ public function beforeDispatch(PhEvent $event, Dispatcher $dispatcher) { $di = $this->getDI(); $cookie = $di->getCookie(); $session = $di->getSession(); $config = $di->getConfig(); $languageCode = ''; if ($di->get('app')->isConsole()) { return; } // Detect language from cookie if ($cookie->has('languageCode')) { $languageCode = $cookie->get('languageCode')->getValue(); } else { // Get default language from language model $languageCode = LanguageModel::findFirst(['default = :isdefault: AND status = :enable:', 'bind' => ['isdefault' => LanguageModel::IS_DEFAULT, 'enable' => LanguageModel::STATUS_ENABLE]])->code; } // Set language code to session if ($session->has('languageCode') && $session->get('languageCode') != $languageCode || !$session->has('languageCode')) { $session->set('languageCode', $languageCode); } $messages = []; $directory = $di->get('registry')->directories->modules . ucfirst($dispatcher->getModuleName()) . '/Lang/' . $languageCode . '/' . strtolower($dispatcher->getControllerName()); $extension = '.php'; if (file_exists($directory . $extension)) { require $directory . $extension; } // add default core lang package require $di->get('registry')->directories->modules . self::DEFAULT_LANG_PACK . '/Lang/' . $languageCode . '/default.php'; $translate = new PhTranslateArray(['content' => array_merge($messages, $default)]); $di->set('lang', $translate); return !$event->isStopped(); }
/** * Execute before the router so we can determine if this is a private controller, and must be authenticated, or a * public controller that is open to all. * * @param Dispatcher $dispatcher * @return boolean */ public function beforeExecuteRoute(Dispatcher $dispatcher) { $controllerName = $dispatcher->getControllerName(); // this is not namespaced $controllerName = $dispatcher->getHandlerClass(); // this IS namespaced // Only check permissions on private controllers // By virtue of extending BaseAuth, this is a private controller // Get the current identity $identity = $this->auth->getIdentity(); // If there is no identity available the user is redirected to index/index if (!is_array($identity)) { $this->flashSession->warning('Please sign in.'); $dispatcher->forward(array('controller' => 'session', 'action' => 'login')); return false; } //$this->flash->notice( \Dsc\Lib\Debug::dump( $identity ) ); // Check if the user have permission to the current option $actionName = $dispatcher->getActionName(); if (!$this->acl->isAllowed($identity['profile'], $controllerName, $actionName)) { $this->flash->warning('You don\'t have access to: ' . $controllerName . ' : ' . $actionName); if ($this->acl->isAllowed($identity['profile'], $controllerName, 'index')) { $dispatcher->forward(array('controller' => $controllerName, 'action' => 'index')); } else { $dispatcher->forward(array('controller' => 'User_Control', 'action' => 'index')); } return false; } }
/** * {@inheritdoc} * * @param \Phalcon\Events\Event $event * @param \Phalcon\Mvc\Dispatcher $dispatcher */ public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher) { $translate = $this->getDI()->getTranslate(); $module = $this->router->getModuleName(); $moduleDefault = $this->router->getDefaultModule(); $controller = $dispatcher->getControllerName(); $action = $dispatcher->getActionName(); // If the resource is public than allow the action and return true if ($this->acl->isPublic($module, $controller, $action)) { return true; } try { // If there is no identity available the resource is downgraded until finally it // redirects to the index/index of the default module if (!$this->auth->hasIdentity()) { $this->flash->notice($translate->gettext("You don't have access to the restricted resource")); if ($this->acl->isPublic($module, $controller, 'index')) { return $this->stopAndForwardModuleSafe($module, $controller, 'index', $dispatcher); } else { if ($this->acl->isPublic($module, 'index', 'index')) { return $this->stopAndForwardModuleSafe($module, 'index', 'index', $dispatcher); } else { return $this->stopAndForwardModuleSafe($moduleDefault, 'index', 'index', $dispatcher); } } } } catch (\Exception $e) { error_log('Security Error: ' . $e->getMessage()); return false; } // If the auth system requires the user password be reset then force this action // by canceling anything but the change password action. This redirects to prevent // double POSTing from a signin action to the change password action. if ($this->auth->doesNeedToChangePassword()) { if ("web:settings.changePassword" != "{$module}:{$controller}.{$action}") { $this->getDI()->getResponse()->redirect('settings/changePassword'); return false; } } try { $role = $this->auth->getRole(); // Check if the user has permission and attempts to downgrade the resource // until it finally gives up and redirects to the index/index of the default module if (!$this->acl->isAllowed($role, $module, $controller, $action)) { $this->flash->notice($translate->gettext('You do not have access to the resource')); if ($this->acl->isAllowed($role, $module, $controller, 'index')) { return $this->stopAndForwardModuleSafe($module, $controller, 'index', $dispatcher); } else { if ($this->acl->isAllowed($role, $module, $controller, 'index')) { return $this->stopAndForwardModuleSafe($module, 'index', 'index', $dispatcher); } else { return $this->stopAndForwardModuleSafe($moduleDefault, 'index', 'index', $dispatcher); } } } } catch (\Exception $e) { error_log('Security Error: ' . $e->getMessage()); return false; } }
/** * @param \Phalcon\Mvc\Dispatcher $dispatcher * @return bool */ public function beforeExecuteRoute(\Phalcon\Mvc\Dispatcher $dispatcher) { $identity = $this->auth->getIdentity(); if (!is_array($identity) && $dispatcher->getControllerName() != 'user' && ($dispatcher->getActionName() != 'login' || $dispatcher->getActionName() != 'register')) { $this->flashSession->notice('Please Login'); $dispatcher->forward(['controller' => 'user', 'action' => 'login']); return false; } }
public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher) { $controller = $dispatcher->getControllerName(); if ($controller == 'rss') { return true; } if (!$this->session->get('auth') && $controller != 'session') { $dispatcher->forward(array('controller' => 'session', 'action' => 'index')); return false; } }
/** * This action is executed before execute any action in the application * * @param Event $event * @param Dispatcher $dispatcher * * @return boolean success */ public function beforeDispatch(Event $event, Dispatcher $dispatcher) { $success = true; $acl = $this->getAcl(); $allowed = $acl->isAllowed($this->session->get('auth') ? 'Users' : 'Guests', $dispatcher->getControllerName(), $dispatcher->getActionName()); if ($allowed != Acl::ALLOW) { $dispatcher->forward(['controller' => 'status', 'action' => 'index', 'params' => [401]]); $this->session->destroy(); } return $success; }
public function beforeExecuteRoute(Dispatcher $dispatcher) { $this->view->setVar('user', $this->user); $role = $this->user ? 'user' : 'guest'; if ($dispatcher->getControllerName() !== 'static') { if (!$this->acl->isAllowed($role, $this->router->getControllerName(), $this->router->getActionName())) { $dispatcher->forward(['controller' => 'static', 'action' => 'error403']); return false; } } }
public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher) { // Is client controller if ($dispatcher->getControllerName() == 'client') { // has client access return; } if (!$this->session->has('auth')) { if ($dispatcher->getControllerName() != 'login') { $dispatcher->forward(array('controller' => 'login', 'action' => 'index')); return false; } return; } else { if ($dispatcher->getControllerName() == 'login') { $dispatcher->forward(array('controller' => 'index', 'action' => 'index')); return false; } } }
/** * Check if the controller / action needs identity * * @param array $config * @param Dispatcher $dispatcher * @return boolean */ private function needsIdentity($config, Dispatcher $dispatcher) { $actionName = $dispatcher->getActionName(); $controllerName = $dispatcher->getControllerName(); if ($config['type'] == 'public') { // all except .. return $this->checkPublicResources($config['resources'], $actionName, $controllerName); } else { return $this->checkPrivateResources($config['resources'], $actionName, $controllerName); } return false; }
/** * After route executed event * Setup actions json responsibility * * @param \Phalcon\Mvc\Dispatcher $dispatcher * @access public * @return null */ public function afterExecuteRoute(\Phalcon\Mvc\Dispatcher $dispatcher) { // setup only layout to show before load ajax // disable action view as default $this->view->disableLevel([View::LEVEL_ACTION_VIEW => true]); if ($this->request->isAjax() == true) { // disable layouts $this->view->disableLevel([View::LEVEL_LAYOUT => true, View::LEVEL_MAIN_LAYOUT => true]); // return clean current template width variable return $this->view->getRender($dispatcher->getControllerName(), $dispatcher->getActionName()); } }
public function beforeDispatch(\Phalcon\Events\Event $event, \Phalcon\Mvc\Dispatcher $dispatcher) { $controller = $dispatcher->getControllerName(); $action = $dispatcher->getActionName(); $dbUser = null; $userId = $this->session->get('identity'); if (!$userId) { } else { $dbUser = \BullSoft\Sample\Models\User::findFirst(intval($userId)); $this->di->set('user', $dbUser); } return true; }
/** * @param Dispatcher $dispatcher * * @return bool */ public function beforeExecuteRoute(Dispatcher $dispatcher) { if (!$this->config->application->debug) { $lang = $this->getLang(); $key = preg_replace('/[^a-zA-Z0-9\\_]/', '', $lang . '-' . $dispatcher->getControllerName() . '-' . $dispatcher->getActionName() . '-' . implode('-', $dispatcher->getParams())); $this->view->cache(array('key' => $key)); if ($this->view->getCache()->exists($key)) { return false; } } $this->requestInitialize(); return true; }
/** * @param Event $event * @param Dispatcher $dispatcher * @return bool */ public function beforeDispatch($event, $dispatcher) { $controller = $dispatcher->getControllerName(); $action = $dispatcher->getActionName(); if ($controller == 'admin' && $action == 'login') { return true; } if (!AdminAuthHelper::instance()->loggedIn()) { $dispatcher->forward(['controller' => 'admin', 'action' => 'login']); return false; } return true; }
public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher) { $auth = $this->session->get('auth'); $controller = $dispatcher->getControllerName(); $action = $dispatcher->getActionName(); if (!$auth) { if ($controller != 'auth' && $action != 'login') { $dispatcher->forward(array('controller' => 'auth', 'action' => 'login')); $this->flash->error($controller); $this->flash->error($action); return false; } } }
public function __construct(DefaultAcl $acl, Dispatcher $dispatcher) { $role = $this->getRole(); $module = $dispatcher->getModuleName(); $controller = $dispatcher->getControllerName(); $action = $dispatcher->getActionName(); $resourceKey = $module . '/' . $controller; $resourceVal = $action; if ($acl->isResource($resourceKey)) { if (!$acl->isAllowed($role, $resourceKey, $resourceVal)) { $this->accessDenied($role, $resourceKey, $resourceVal); } } }
public function beforeDispatch(Event $event, Dispatcher $dispatcher) { $userType = $this->session->get('userType'); if (!$userType) { $userType = 'none'; } $controller = $dispatcher->getControllerName(); $action = $dispatcher->getActionName(); $acl = $this->_getAcl(); $allowed = $acl->isAllowed($userType, $controller, $action); if ($allowed != Acl::ALLOW) { $dispatcher->forward(array('controller' => 'index', 'action' => 'index')); } }