/**
* @return array
*/
protected static function authenticate()
{
$principal = SecurityPrincipal::get();
if ($principal->authenticate(static::request()->username, static::request()->password)) {
Session::set('security.current_user', static::request()->username);
Session::set('security.authenticated', true);
$uri = Session::get('security.called_before_login');
Session::set('security.called_before_login', null);
return ['success' => true, 'controllerAction' => $uri];
} else {
return ['success' => false, 'controllerAction' => 'Security::login', 'params' => ['failure']];
}
}
/**
* @return bool
*/
public static function preProcess()
{
if (!parent::preProcess()) {
return false;
}
if (!static::$currentUser->isAuthenticated()) {
Session::set('security.called_before_login', $_SERVER['REQUEST_URI']);
static::redirect('Security::login');
return false;
} else {
if (static::$controllerRole == 'anonymous' || static::$currentUser->isInRole(static::$controllerRole)) {
return true;
} else {
return static::forbidden();
}
}
}
/**
* @return array[]
*/
public function getGroups()
{
if (!Session::get('security.ldap_groups')) {
$security = Config::get()->security;
$list = ldap_search($this->conn, $security->user_base_dn, 'objectclass=group');
$entries = ldap_get_entries($this->conn, $list);
unset($entries['count']);
Session::set('security.ldap_groups', array());
foreach ($entries as $entry) {
if (isset($entry[$security->groupname_attribute])) {
$groupDn = $entry["distinguishedname"][0];
if ($groupDn) {
Session::set('security.ldap_groups.' . $groupDn, $this->getGroupUsers($groupDn));
}
}
}
}
return Session::get('security.ldap_groups');
}