public function onRoute(\Zend\EventManager\EventInterface $e) { $application = $e->getApplication(); $routeMatch = $e->getRouteMatch(); $sm = $application->getServiceManager(); $auth = $sm->get('Zend\\Authentication\\AuthenticationService'); $config = $sm->get('Config'); $acl = new Acl($config); $role = Acl::DEFAULT_ROLE; if ($auth->hasIdentity()) { $user = $auth->getIdentity(); $role = $user->getUserRole()->getRole(); } $controller = $routeMatch->getParam('controller'); $action = $routeMatch->getParam('action'); if (!$acl->hasResource($controller)) { throw new \Exception('Resource ' . $controller . ' not defined'); } if (!$acl->isAllowed($role, $controller, $action)) { $url = $e->getRouter()->assemble(array(), array('name' => 'home/login')); $response = $e->getResponse(); $response->getHeaders()->addHeaderLine('Location', $url); $response->setStatusCode(302); $response->sendHeaders(); exit; } }
public function onRoute(\Zend\EventManager\EventInterface $e) { $application = $e->getApplication(); $routeMatch = $e->getRouteMatch(); $sm = $application->getServiceManager(); $auth = $sm->get('Zend\\Authentication\\AuthenticationService'); $config = $sm->get('Config'); $acl = new Acl($config); // everyone is guest until logging in $role = Acl::DEFAULT_ROLE; // The default role is guest $acl if ($auth->hasIdentity()) { $user = $auth->getIdentity(); $role = $user->getRole()->getName(); } $controller = $routeMatch->getParam('controller'); $action = $routeMatch->getParam('action'); if (!$acl->hasResource($controller)) { throw new \Exception('Resource ' . $controller . ' not defined'); } if (!$acl->isAllowed($role, $controller, $action)) { $url = $e->getRouter()->assemble(array(), array('name' => 'home')); $response = $e->getResponse(); $response->getHeaders()->addHeaderLine('Location', $url); // The HTTP response status code 302 Found is a common way of performing a redirection. // http://en.wikipedia.org/wiki/HTTP_302 $response->setStatusCode(302); $response->sendHeaders(); exit; } }
public function onRoute(\Zend\EventManager\EventInterface $e) { // Event manager of the app $application = $e->getApplication(); $routeMatch = $e->getRouteMatch(); $sm = $application->getServiceManager(); $auth = $sm->get('Zend\\Authentication\\AuthenticationService'); $acl = $sm->get('acl'); // everyone is guest until logging in $role = Acl::DEFAULT_ROLE; // The default role is guest $acl if ($auth->hasIdentity()) { $user = $auth->getIdentity(); $role = $user->getRole()->getName(); } $controller = $routeMatch->getParam('controller'); $action = $routeMatch->getParam('action'); if (!$acl->hasResource($controller)) { throw new \Exception('Resource ' . $controller . ' not defined'); } if (!$acl->isAllowed($role, $controller, $action)) { $response = $e->getResponse(); $config = $sm->get('config'); $redirect_route = $config['acl']['redirect_route']; if (!empty($redirect_route)) { $url = $e->getRouter()->assemble($redirect_route['params'], $redirect_route['options']); $response->getHeaders()->addHeaderLine('Location', $url); // The HTTP response status code 302 Found is a common way of performing a redirection. // http://en.wikipedia.org/wiki/HTTP_302 $response->setStatusCode(302); $response->sendHeaders(); exit; } else { //Status code 403 responses are the result of the web server being configured to deny access, //for some reason, to the requested resource by the client. //http://en.wikipedia.org/wiki/HTTP_403 $response->setStatusCode(403); $response->setContent(' <html> <head> <title>403 Forbidden</title> </head> <body> <h1>403 Forbidden</h1> </body> </html>'); return $response; } } }
public function onRoute(\Zend\EventManager\EventInterface $e) { $application = $e->getApplication(); $routeMatch = $e->getRouteMatch(); $sm = $application->getServiceManager(); $auth = $sm->get('Zend\\Authentication\\AuthenticationService'); $config = $sm->get('Config'); $acl = new Acl($config); // everyone is guest untill it gets logged in $role = Acl::DEFAULT_ROLE; // The default role is guest $acl // with Doctrine if ($auth->hasIdentity()) { $user = $auth->getIdentity(); $usrlId = $user->getUsrlId(); // Use a view to get the name of the role // TODO we don't need that if the names of the roles are comming from the DB switch ($usrlId) { case 1: $role = Acl::DEFAULT_ROLE; // guest break; case 2: $role = 'member'; break; case 3: $role = 'admin'; break; default: $role = Acl::DEFAULT_ROLE; // guest break; } } $controller = $routeMatch->getParam('controller'); $action = $routeMatch->getParam('action'); if (!$acl->hasResource($controller)) { throw new \Exception('Resource ' . $controller . ' not defined'); } if (!$acl->isAllowed($role, $controller, $action)) { $url = $e->getRouter()->assemble(array(), array('name' => 'home')); $response = $e->getResponse(); $response->getHeaders()->addHeaderLine('Location', $url); // The HTTP response status code 302 Found is a common way of performing a redirection. // http://en.wikipedia.org/wiki/HTTP_302 $response->setStatusCode(302); $response->sendHeaders(); exit; } }
public function onRoute(\Zend\EventManager\EventInterface $e) { // Event manager of the app $application = $e->getApplication(); $routeMatch = $e->getRouteMatch(); $sm = $application->getServiceManager(); $auth = $sm->get('Zend\\Authentication\\AuthenticationService'); $acl = $sm->get('acl'); // everyone is guest until logging in $role = Acl::DEFAULT_ROLE; // The default role is guest $acl if ($auth->hasIdentity()) { $user = $auth->getIdentity(); $role = $user->getRole()->getName(); } $controller = $routeMatch->getParam('controller'); $action = $routeMatch->getParam('action'); if (!$acl->hasResource($controller)) { throw new \Exception('Resource ' . $controller . ' not defined'); } if (!$acl->isAllowed($role, $controller, $action)) { $response = $e->getResponse(); $config = $sm->get('config'); $redirect_route = $config['acl']['redirect_route']; if (!empty($redirect_route['options']['params'])) { $url = $e->getRouter()->assemble($redirect_route['params'], $redirect_route['options']); $response->getHeaders()->addHeaderLine('Location', $url); $response->setStatusCode(302); $response->sendHeaders(); exit; } else { $response->setStatusCode(403); $response->setContent(' <html> <head> <title>403 Forbidden</title> </head> <body> <h1>403 Forbidden</h1> </body> </html>'); return $response; } } }
/** * Load menu if module has view with name "menu.phtml" * * @param EventInterface $event Event * * @return void */ public function loadMenu(EventInterface $event) { if ($route = $event->getRouter()->getRoute('module')->match($event->getRequest())) { if ($route->getParam('module') === 'module') { return; } $filter = new Filter\Word\CamelCaseToSeparator(); $filter->setSeparator('-'); $filterChain = new Filter\FilterChain(); $filterChain->attach($filter)->attach(new Filter\StringToLower()); $template = $filterChain->filter($route->getParam('module')) . '/menu'; $target = $event->getTarget(); $resolver = $event->getApplication()->getServiceManager()->get('Zend\\View\\Resolver\\TemplatePathStack'); $navigation = $target->getServiceLocator()->get('navigation'); $navigation->findByRoute('module')->addPage(array('label' => $route->getParam('module'), 'route' => $event->getRouteMatch()->getMatchedRouteName(), 'active' => true)); if (false !== $resolver->resolve($template)) { $target->layout()->setVariable('moduleMenu', $template); } } }
public function onRoute(EventInterface $e) { $application = $e->getApplication(); $routeMatch = $e->getRouteMatch(); $sm = $application->getServiceManager(); // Authentication // $auth = $sm->get('Zend\Authentication\AuthenticationService'); /** * @Todo check if session container 'User' still exists */ $UserContainer = new Container('User'); //Authorization with database (check module.config.php) $acl = $sm->get('acl'); // everyone is guest until it gets logged in $role = AclDb::DEFAULT_ROLE; if ($UserContainer->id) { $role = $UserContainer->activeRole; } $resource = $routeMatch->getParam('controller'); $privilege = $routeMatch->getParam('action'); if (!$acl->hasResource($resource)) { throw new \Exception('Resource ' . $resource . ' not defined'); } if (!$acl->isAllowed($role, $resource, $privilege)) { // Get acl configuration to redirect route $response = $e->getResponse(); $config = $sm->get('config'); $redirect_route = $config['acl']['redirect_route']; $url = $e->getRouter()->assemble($redirect_route['params'], $redirect_route['options']); $response->getHeaders()->addHeaderLine('Location', $url); // The HTTP response status code 302 Found is a common way of performing a redirection. $response->setStatusCode(302); $response->sendHeaders(); exit; } }
public function onRoute(EventInterface $poEvent) { $loApplication = $poEvent->getApplication(); $loRouteMatch = $poEvent->getRouteMatch(); $loServiceManager = $loApplication->getServiceManager(); $loEventManager = $loApplication->getEventManager(); $loEvents = $loEventManager->getSharedManager(); $loSession = new Session(); $loUser = $loSession->getRegister('OnionAuth'); $laMenu = Config::getAppOptions('menu'); $lsRole = Acl::DEFAULT_ROLE; //guest if ($loUser !== null) { $lnGroup = $loUser->get('UserGroup_id'); if (isset($laMenu['groups'][$lnGroup])) { $lsRole = $laMenu['groups'][$lnGroup]; } } $laMenu = $laMenu[$lsRole]; $loEvents->attach('Zend\\Mvc\\Controller\\AbstractActionController', 'dispatch', function ($event) use($laMenu, $loUser) { $loController = $event->getTarget(); $loController->layout()->laMenu = $laMenu; $loController->layout()->loUser = $loUser; $loController->layout()->loController = $loController; }, 100); $lsController = $loRouteMatch->getParam('__CONTROLLER__'); $lsAction = $loRouteMatch->getParam('action'); if (empty($lsController)) { $lsController = 'Index'; } if (empty($lsAction)) { $lsAction = 'index'; } $laConfigAcl = Config::getAppOptions('acl'); $loAcl = new Acl($laConfigAcl); if (!$loAcl->hasResource($lsController)) { throw new \Exception('Resource ' . $lsController . ' not defined'); } Debug::debug("Route: {$lsController}/{$lsAction}"); if (!$loAcl->isAllowed($lsRole, $lsController, $lsAction)) { if ($lsController != 'Index' && $lsAction != 'index') { $loFlashMessenger = new FlashMessenger(); $loFlashMessenger->addMessage(array('id' => 'Access-' . microtime(true), 'hidden' => false, 'push' => false, 'type' => 'danger', 'msg' => Translator::i18n('Você não tem permissão para executar esta ação!'))); } $lsUrl = $poEvent->getRouter()->assemble(array(), array('name' => 'access', 'query' => array('urlFrom' => base64_encode($_SERVER['REQUEST_URI'])))); $loResponse = $poEvent->getResponse(); $loResponse->getHeaders()->addHeaderLine('Location', $lsUrl); $loResponse->setStatusCode(302); $loResponse->sendHeaders(); exit; } }
public function onRoute(\Zend\EventManager\EventInterface $e) { $application = $e->getApplication(); $routeMatch = $e->getRouteMatch(); $sm = $application->getServiceManager(); $auth = $sm->get('Zend\\Authentication\\AuthenticationService'); $config = $sm->get('Config'); $acl = new Acl($config); $role = Acl::DEFAULT_ROLE; if ($auth->hasIdentity()) { $user = $auth->getIdentity(); switch ($user->role_id) { case 1: $role = Acl::ADMIN_ROLE; break; case 2: $role = Acl::TEACHER_ROLE; break; case 3: $role = Acl::STUDENT_ROLE; break; default: $role = Acl::DEFAULT_ROLE; break; } } $controller = $routeMatch->getParam('controller'); $action = $routeMatch->getParam('action'); if (!$acl->hasResource($controller)) { throw new \Exception('Resource ' . $controller . ' not defined'); } if (!$acl->isAllowed($role, $controller, $action)) { $url = $e->getRouter()->assemble(array(), array('name' => 'errors/no-permission')); $response = $e->getResponse(); $response->getHeaders()->addHeaderLine('Location', $url); $response->setStatusCode(403); $response->sendHeaders(); exit; } }