public function preDispatch(Zend_Controller_Request_Abstract $request) { if ($request->isXmlHttpRequest()) { return; } $module = $request->getModuleName(); $controller = $request->getControllerName(); $action = $request->getActionName(); $isAllowed = false; if (Zend_Auth::getInstance()->hasIdentity()) { $user = Zend_Auth::getInstance()->getIdentity(); require_once APPLICATION_PATH . '/modules/core/services/Acl.php'; $acl = Core_Services_Acl::getInstance(); if (in_array(strtolower($module . '_' . $controller . '_' . $action), array('default_index_index', 'identity_account_logout'))) { $isAllowed = true; } else { $isAllowed = $acl->isUserOrRoleAllowed($user, $module, $controller, $action); } } if (!$isAllowed) { if (Zend_Auth::getInstance()->hasIdentity()) { $forwardAction = 'deny'; } else { $forwardAction = 'login'; } $sReturn = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; $sReturn = base64_encode($sReturn); $request->setModuleName('core')->setControllerName('Auth')->setActionName($forwardAction)->setParam('returnUrl', $sReturn)->setDispatched(true); } }
protected function _checkSkipAcl(Zend_Controller_Request_Abstract $request, $type) { // verificação de requisicao - Caso ajax, verifica se a action é delete, senao, SKIP nele. if ($request->isXmlHttpRequest() && !in_array($request->getActionName(), $this->_arrAjaxNotSkip)) { return TRUE; } $configs = Zend_Registry::get('configs'); $skip = $configs['security']['skip'][$type]; $result = FALSE; $result = in_array($request->getActionName(), $skip); foreach ($skip as $routers) { $route = explode('/', $routers); switch (count($route)) { case 1: // action $result = in_array($request->getActionName(), $skip); break; case 2: // controller/action $result = in_array($request->getControllerName() . '/' . $request->getActionName(), $skip); break; case 3: // module/controller/action $result = in_array($request->getModuleName() . '/' . $request->getControllerName() . '/' . $request->getActionName(), $skip); break; } if ($result) { return TRUE; } } return $result; }
public function routeShutdown(Zend_Controller_Request_Abstract $request) { if (in_array(System_String::StrToLower($request->getControllerName()), array('admin', 'panel')) && false == $request->isXmlHttpRequest() && false == $request->getParam('direct')) { $redirector = new Zend_Controller_Action_Helper_Redirector(); $redirector->gotoUrlAndExit('#' . $this->_view->baseUrl() . $this->_view->currentUrl()); } }
/** * Class constructor * * * @param Zend_Controller_Request_Abstract $request * @param Zend_Controller_Response_Abstract $response * @param array $invokeArgs Any additional invocation arguments * @return void */ public function __construct(\Zend_Controller_Request_Abstract $request, \Zend_Controller_Response_Abstract $response, array $invokeArgs = array()) { if ($request->isXmlHttpRequest()) { $response->setHeader('content-type', 'application/x-www-form-urlencoded; charset=iso-8859-1', true); } parent::__construct($request, $response, $invokeArgs); }
public function postDispatch(Zend_Controller_Request_Abstract $request) { $layout = Zend_Layout::getMvcInstance(); // the name "maintenanceMode" is also referred to in the Admin_MaintenanceController, // so if you change the filename, it needs to be changed there too $maintenanceModeFileName = 'maintenanceMode'; $register = new Ot_Config_Register(); $identity = Zend_Auth::getInstance()->getIdentity(); $role = empty($identity->role) ? $register->defaultRole->getValue() : $identity->role; if (isset($identity->masquerading) && $identity->masquerading == true && isset($identity->realAccount) && !is_null($identity->realAccount) && isset($identity->realAccount->role)) { $role = $identity->realAccount->role; } $acl = Zend_Registry::get('acl'); $view = $layout->getView(); $viewRenderer = Zend_Controller_Action_HelperBroker::getExistingHelper('ViewRenderer'); if (is_file(APPLICATION_PATH . '/../overrides/' . $maintenanceModeFileName) && (!$request->isXmlHttpRequest() && !$viewRenderer->getNeverRender())) { if (!$acl->isAllowed($role, 'ot_maintenance', 'index')) { if (!($request->getModuleName() == 'ot' && $request->getControllerName() == 'login' && $request->getActionName() == 'index')) { $response = $this->getResponse(); $layout->disableLayout(); $response->setBody($view->maintenanceMode()->publicLayout()); } } else { $response = $this->getResponse(); // there's no point in setting text here if it's a redirect if ($response->isRedirect()) { $response->setBody(''); } else { $response->setBody($view->maintenanceMode()->header() . $response->getBody()); } } } }
/** * * Zend Framework provided front controller hook * Here used to intercept XmlHttpRequests sent off for javascript error logging */ public function routeStartup(Zend_Controller_Request_Abstract $request) { if ($request->__get('monitori') == 'x' && $request->isXmlHttpRequest()) { $monitor = Zend_Registry::get('monitor'); $message = "A javascript error was detected.\n" . "================================\n" . "Message: " . $_POST['message'] . ";\n" . "Uri: " . $_POST['errorUrl'] . ";\n" . "Line: " . $_POST['errorLine'] . ";\n" . ";"; $monitor->writeLog($message, 4, 'javascript-error'); } }
/** * @todo: This has nothing to do with the langselector, so maybe move it to its own plugin * */ public function postDispatch(Zend_Controller_Request_Abstract $request) { // Don't save ajax call url's as the last request if (!$request->isXmlHttpRequest()) { $lastRequest = Zend_Controller_Action_HelperBroker::getStaticHelper('lastRequest'); $lastRequest->saveRequestUri($request->getRequestUri()); } }
/** * deleteAction * @author Cornelius Hansjakob <*****@*****.**> * @version 1.0 */ public function deleteAction() { $this->core->logger->debug('core->controllers->FolderController->deleteAction()'); $this->getModelFolders(); if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) { $this->objModelFolders->deleteFolderNode($this->objRequest->getParam("id")); $this->view->blnShowFormAlert = true; } $this->renderScript('folder/form.phtml'); }
/** * deleteAction * @author Cornelius Hansjakob <*****@*****.**> * @version 1.0 */ public function deleteAction() { $this->core->logger->debug('properties->controllers->CategoryController->deleteAction()'); $this->getModelCategories(); if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) { $this->objModelCategories->deleteCategoryNode($this->objRequest->getParam("id")); $this->view->blnShowFormAlert = true; } $this->renderScript('category/form.phtml'); }
public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request) { $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer'); $viewRenderer->init(); if (!$request->isXmlHttpRequest()) { // set up variables that the view may want to know $viewRenderer->view->module = $request->getModuleName(); $viewRenderer->view->controller = $request->getControllerName(); $viewRenderer->view->action = $request->getActionName(); } }
/** * */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $module = $request->getModuleName(); $controller = $request->getControllerName(); $action = $request->getActionName(); $front = Zend_Controller_Front::getInstance(); $logger = $front->getParam('bootstrap')->getResource('logger'); $logger->setEventItem('http', $request->isXmlHttpRequest() ? 'AJAX' : $request->getMethod()); $logger->setEventItem('module', $module); $logger->setEventItem('controller', $controller); $logger->setEventItem('action', $action); }
/** * Called before Zend_Controller_Front begins evaluating the * request against its routes. * * @param AbstractRequest $request * @return void */ public function routeStartup(AbstractRequest $request) { if (!$request instanceof HttpRequest) { return; } if ($request->getQuery('monitor') === 'x' && $request->isXmlHttpRequest()) { $message = "A javascript error was detected.\n" . "================================\n" . 'Message: ' . $request->getPost('message', '') . "\n" . 'URI: ' . $request->getPost('errorUrl', 'unknown') . "\n" . 'Line: ' . $request->getPost('errorLine', 'unknown') . "\n"; Zend_Registry::get('monitor')->writeLog($message, Zend_Log::WARN, 'javascript-error'); // Immediately return empty response $this->getResponse()->setBody('')->sendResponse(); exit; } }
/** * deleteAction * @author Daniel Rotter <*****@*****.**> * @version 1.0 */ public function deleteAction() { $this->core->logger->debug('widgets->blog->CommentController->deleteAction'); $this->_helper->viewRenderer->setNoRender(); try { if ($this->objRequest->getPost() && $this->objRequest->isXmlHttpRequest()) { $this->getModelBlogEntryComment()->deleteBlogEntryComment($this->objRequest->getParam('id')); } } catch (Exception $exc) { $this->core->logger->err($exc); exit; } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { $layout = Zend_Controller_Action_HelperBroker::getStaticHelper('Layout'); $view = Zend_Controller_Action_HelperBroker::getStaticHelper('ViewRenderer')->view; $layout->setLayout('solo'); if ($request->isXmlHttpRequest()) { $layout->disableLayout(); } if ($request->getParam('layout')) { $layout->setLayout($request->getParam('layout')); } $view->theme = Tri_Config::get('tri_theme'); $view->appCharset = Tri_Config::get('tri_app_charset'); }
public function preDispatch(Zend_Controller_Request_Abstract $request) { // Get the view renderer $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer'); $viewRenderer->initView(); if ($request->getParam('isAdmin') && !$request->isXmlHttpRequest() && Zend_Auth::getInstance()->hasIdentity()) { $this->_acl = Zend_Controller_Action_HelperBroker::getStaticHelper('BuildAcl')->direct(); $this->_adminNav = Zend_Controller_Action_HelperBroker::getStaticHelper('AdminNav')->direct(); $viewRenderer->view->navigation($this->_adminNav)->setAcl($this->_acl)->setRole(Zend_Auth::getInstance()->getIdentity()->role); } // Check if we are in the public module if ($request->getModuleName() == 'public' || $request->getParam('public')) { $viewRenderer->view->navigation($this->_publicNav); } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { /* // qu'on puisse tester directement le profil // Le profil est sauvegardé alors en session if ($request->getParam(IDENTITE_ID_PROFIL) && APP_ENV != 'production') { $nRole = $request->getParam(IDENTITE_ID_PROFIL); Projet_Acl_Acl::setDefaultRole($nRole); Zend_View_Helper_Navigation_HelperAbstract::setDefaultRole($nRole); $oIdent[IDENTITE_ID_PROFIL] = $nRole; $this->_auth->getStorage()->write($oIdent); } else */ # if (is_array($oIdent) && array_key_exists(IDENTITE_ID_PROFIL, $oIdent)) { # $nRole = $oIdent[IDENTITE_ID_PROFIL]; # } else { # $nRole = 2; # } // On intercepte le nom de la ressource (controller) et du privilège demandé (action). $sModule = $request->getModuleName(); $sController = $request->getControllerName(); $sAction = $request->getActionName(); // La ressource n'existe pas. // commenté car la ressource est créé automatiquement si on ne l'a pas déclaré dans acl.ini # if (!$this->_acl->has($sResource)) { # $this->_controller->gotoSimple(self::FAIL_ACL_ACTION, self::FAIL_ACL_CONTROLLER, self::FAIL_ACL_MODULE, array("messageWarn" => 1)); # } // TODO: vérifier qu'on est pas sur la route d'authentification // Le profil utilisé n'existe pas ou n'est pas reconnu par l'application. # if (!$this->_acl->hasRole($nRole) ) { # $this->_controller->gotoRouteAndExit(array("messageWarn" => 2), self::FAIL_AUTH_ROUTE); # } # if (!$sModule || !$sController || !$sAction) { # return; # $this->_controller->gotoRouteAndExit(array("messageWarn" => 4), self::FAIL_ROUTE); # } // La ressource demandée n'est pas accessible pour ce role avec ces privilèges. if (!Projet_Acl_Acl::defaultIsAllowed(Projet_DataHelper::resource($sModule, $sController, $sAction))) { // si requête ajax if ($request->isXmlHttpRequest()) { die(Projet_DataHelper::translate(self::CLE_FAIL_ACL)); } Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger')->setNamespace('warning')->addMessage(self::CLE_FAIL_ACL); $this->_controller->gotoRouteAndExit(array(), self::FAIL_ACL_ROUTE); } }
/** * Callback method called before dispatch loop start * * @param Zend_Controller_Request_Abstract $request * @return void */ public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request) { $session = new Zend_Session_Namespace('ajax'); // check if current request is XmlHttp (AJAX) if ((!$request instanceof Zend_Controller_Request_Http || !$request->isXmlHttpRequest()) && null === $session->action) { // if not - do nothing and return from function return; } // check if Zend_Layout has been instantinated if (null !== ($layout = Zend_Layout::getMvcInstance())) { // if so - set "ajax" layout $layout->setLayout('ajax'); } // and disable layout (one can enable layout when needed) self::disableLayout(); }
/** * dashboardAction * @author Thomas Schedler <*****@*****.**> * @version 1.0 */ public function dashboardAction() { $this->core->logger->debug('global->controllers->ElementController->dashboardAction()'); try { $this->getModelFolders(); if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) { $intRootLevelId = $this->objRequest->getParam('rootLevelId'); $intLimitNumber = 10; $objGlobals = $this->objModelFolders->loadLimitedRootLevelChilds($intRootLevelId, $intLimitNumber); $this->view->assign('objGlobals', $objGlobals); $this->view->assign('limit', $intLimitNumber); } } catch (Exception $exc) { $this->core->logger->err($exc); exit; } }
/** * Set layout * * @param Zend_Controller_Request_Abstract $request Request parameters * @access public * @return Gene_Controller_Plugin_Layout Fluent interface */ public function preDispatch(Zend_Controller_Request_Abstract $request) { $front = Zend_Controller_Front::getInstance(); $config = $front->getParam('config'); if (!isset($config['layouts'])) { return; } $plugin = $front->getPlugin('Zend_Layout_Controller_Plugin_Layout'); if ($plugin === false) { return; } $layout = $plugin->getLayout(); // If request is ajax, disable layout. if ($request->isXmlHttpRequest() === true) { $layout->disableLayout(); return $this; } // Get module name. controller name. $module = $request->getModuleName(); $controller = $request->getControllerName(); if (isset($this->_layoutPath[$module][$controller])) { $file = $this->_layoutPath[$module][$controller]; } else { // Get layout file from path.ini. if (isset($config['layouts'][$module][$controller]) && is_file($config['layouts'][$module][$controller])) { $file = $config['layouts'][$module][$controller]; } else { if (isset($config['layouts'][$module])) { if (is_array($config['layouts'][$module])) { $file = $config['layouts'][$module][0]; } else { $file = $config['layouts'][$module]; } } else { //$file = reset($config['layouts']); $layoutPath = rtrim($config['rootDir'], '\\//') . DIRECTORY_SEPARATOR . 'app' . DIRECTORY_SEPARATOR . 'layouts' . DIRECTORY_SEPARATOR . $module . '.' . $layout->getViewSuffix(); $file = $layoutPath; } } } $this->_layoutPath[$module][$controller] = $file; $pathArray = pathinfo($file); $layout->setLayoutPath($pathArray['dirname'])->setLayout($pathArray['filename'])->setViewSuffix($pathArray['extension']); return $this; }
public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request) { if ($identity = Zend_Auth::getInstance()->getIdentity()) { $id = $identity->id; $u = new Logic_User(); if ($u->ifPasswordExpire($id) && ($request->getControllerName() != 'user' || $request->getActionName() != 'changepassword')) { if ($request->isXmlHttpRequest()) { $request->setControllerName('user'); $request->setActionName('changepassword'); $view = Zend_Layout::getMvcInstance()->getView(); $view->redirect = '/user/changepassword'; } else { $redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); $redirector->gotoSimpleAndExit('changepassword', 'user', null, array()); } } } }
/** * Pre dispatch * * @return void */ public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request) { if ($request->isXmlHttpRequest()) { return; } $front = Zend_Controller_Front::getInstance(); if (!$front->hasPlugin('Zend_Controller_Plugin_ActionStack')) { $actionStack = new Zend_Controller_Plugin_ActionStack(); $front->registerPlugin($actionStack, 95); } else { $actionStack = $front->getPlugin('Zend_Controller_Plugin_ActionStack'); } $controllerName = $request->getControllerName(); if (0 !== strcasecmp('vanillaauth', $controllerName)) { $menuAction = clone $request; $menuAction->setActionName('menu')->setControllerName('menu'); $actionStack->pushStack($menuAction); } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { $rootDir = dirname(dirname(dirname(__FILE__))); $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer'); $viewRenderer->init(); $view = $viewRenderer->view; $this->_view = $view; // set up common variables for the view $view->module = $request->getModuleName(); $view->controller = $request->getControllerName(); $view->action = $request->getActionName(); //If the request is an XHR, render Ajax layout. if ($request->isXmlHttpRequest()) { Zend_Layout::startMvc(array('layoutPath' => $rootDir . '/application/modules/default/views/layouts', 'layout' => 'ajax')); } else { //var_dump($this->_view->layout()->isEnabled()); Zend_Layout::startMvc(array('layoutPath' => $rootDir . '/application/modules/default/views/layouts', 'layout' => 'common')); } }
/** * listdeleteAction * @author Cornelius Hansjakob <*****@*****.**> * @version 1.0 */ public function listdeleteAction() { $this->core->logger->debug('contacts->controllers->MemberController->listdeleteAction()'); try { if ($this->objRequest->isPost() && $this->objRequest->isXmlHttpRequest()) { $strTmpUserIds = trim($this->objRequest->getParam('values'), '[]'); $arrMemberIds = array(); $arrMemberIds = split('\\]\\[', $strTmpUserIds); if (count($arrMemberIds) > 1) { $this->getModelMembers()->deleteMembers($arrMemberIds); } else { $this->getModelMembers()->deleteMember($arrMemberIds[0]); } } $this->_forward('list', 'member', 'contacts'); } catch (Exception $exc) { $this->core->logger->err($exc); } }
/** * Despliega la página de Error de Servidor */ private function displayInternalServerError() { $this->view->contentTitle = 'Internal Server Error'; $this->setRawHeader('HTTP/1.1 500 Internal Server Error'); if ($this->request->isXmlHttpRequest()) { $this->view->setTpl('_error')->setLayoutFile(false); $this->view->message = $this->exception->getMessage(); } else { $this->view->message = $this->exception->getMessage(); $this->view->trace = $this->getFormatedTrace($this->exception->getTraceAsString()); $this->view->type = get_class($this->exception); $file = $this->exception->getFile(); $line = $this->exception->getLine(); $this->view->file = $file; $this->view->line = $line; $source = $this->getCode($file, $line); $this->view->source = $source; } }
/** * this function routes all requests that come in to the default module to the index controller / index action * * @param zend_controller_request $request */ public function preDispatch(Zend_Controller_Request_Abstract $request) { if (!$request->isXmlHttpRequest()) { //load the module, controller, and action for reference $this->module = $request->getModuleName(); $this->controller = $request->getControllerName(); $this->action = $request->getActionName(); //load the section if (isset($this->sections[$this->controller])) { $this->section = $this->sections[$this->controller]; } else { $this->section = $this->defaultSection; } if ($this->_isAdminPage($request)) { $this->view->isAdminPage = true; //load config $config = Zend_Registry::get('config'); //setup layout $options = array('layout' => $config->design->adminLayout, 'layoutPath' => $config->design->adminLayoutFolder, 'contentKey' => 'form'); $this->layout = Zend_Layout::startMvc($options); $this->view = $this->layout->getView(); //load the common helpers Digitalus_View_RegisterHelpers::register($this->view); $this->view->setScriptPath($config->filepath->adminViews); //load language files $translate = null; foreach ($config->language->translations as $locale => $translation) { if (is_object($translate)) { $translate->addTranslation($config->language->path . '/' . $translation . '.csv', $locale); } else { $translate = new Zend_Translate('csv', $config->language->path . '/' . $translation . '.csv', $locale); } } $locale = $config->language->defaultLocale; # $translate->setLocale($locale); $translate->setCache(Zend_Registry::get('cache')); $this->view->translate = $translate; //page links $this->view->toolbarLinks = array(); } } }
public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request) { // Zend_Layout::startMvc(); if ($request->isXmlHttpRequest()) { Zend_Layout::getMvcInstance()->disableLayout(); } $viewRenderer = Zend_Controller_Action_HelperBroker::getStaticHelper('viewRenderer'); $viewRenderer->init(); $view = $viewRenderer->view; if ($request->getModuleName() != 'default') { $paths = $view->getScriptPaths(); $paths[] = ROOT . '/application/' . APP . '/views/scripts/'; $view->setScriptPath($paths); } $view->addHelperPath(ROOT . '/application/' . APP . '/views/helpers/', 'Intranet_View_Helper_'); $view->doctype('XHTML1_STRICT'); $view->headMeta()->appendHttpEquiv('Content-Type', 'text/html;charset=utf-8'); $view->baseUrl = $request->getBaseUrl(); $view->module = $request->getModuleName(); $view->controller = $request->getControllerName(); $view->action = $request->getActionName(); }
public function preDispatch(Zend_Controller_Request_Abstract $request) { if (!$request->isXmlHttpRequest()) { $config = Zend_Registry::get('config'); $return = array(); if (isset($config['logic']['classname']) && is_array($config['logic']['classname'])) { $cm = Zend_Controller_Front::getInstance()->getParam('bootstrap')->getResource('cachemanager')->getCache('longcache'); if (!($return = $cm->load('constant_cache'))) { $return = array(); foreach ($config['logic']['classname'] as $logic) { $ob = new ReflectionClass($logic); $constants = $ob->getConstants(); foreach ($constants as $key => $constant) { $return[$logic][$key] = $constant; } } $cm->save($return); } } Zend_Controller_Front::getInstance()->getParam('bootstrap')->getResource('view')->constant = $return; return $return; } }
public function preDispatch(Zend_Controller_Request_Abstract $request) { $controller = $request->getControllerName(); $action = $request->getActionName(); $resource = $controller . ':' . $action; $auth = " [Acceso autorizado.]"; $login = new Zend_Session_Namespace('datosuserlog'); $nompers = $login->nompers; if (!in_array($resource, $this->_blackList) && ($nompers == '' || $nompers == null)) { if ($request->isXmlHttpRequest()) { $request->setControllerName('logeo')->setActionName('redirect'); } else { $request->setControllerName('logeo')->setActionName('index'); } $auth = " [Acceso no autorizado.]"; } if (strlen($login->codcajero) != 0 && in_array($controller, $this->_executeController) && !in_array($action, $this->_executeView)) { $nombrestore = 'tesoreria.verif_est_caja'; $arraydatos[] = $login->codcajero; $cn = new Model_DataAdapter(); $datos = $cn->ejec_store_procedura_sql($nombrestore, $arraydatos); if (count($datos)) { if ($datos[0][0] == '1' || $datos[0][0] == '3') { $mensaje = $datos[0][1]; } else { $mensaje = $datos[0][1]; } } else { $mensaje = 'Aperture su caja.'; } $this->_logger->info($mensaje); if ($mensaje != 'Ok') { $request->setControllerName('cajaflujo')->setActionName('aperturar')->setParam('mensaje', $mensaje); } } $this->_logger->info($resource . $auth); }
/** * Predispatch * Checks if the current user identified by roleName has rights to the requested url (module/controller/action) * If not, it will call denyAccess to be redirected to errorPage * * @return void **/ public function preDispatch(Zend_Controller_Request_Abstract $request) { $controller = strtolower($request->getControllerName()); if (in_array($controller, array("api", "auth", "locale"))) { $this->setRoleName("G"); } elseif (!Zend_Auth::getInstance()->hasIdentity()) { if ($controller !== 'login') { if ($request->isXmlHttpRequest()) { $url = 'http://' . $request->getHttpHost() . '/login'; $json = Zend_Json::encode(array('auth' => false, 'url' => $url)); // Prepare response $this->getResponse()->setHttpResponseCode(401)->setBody($json)->sendResponse(); //redirectAndExit() cleans up, sends the headers and stops the script Zend_Controller_Action_HelperBroker::getStaticHelper('redirector')->redirectAndExit(); } else { $r = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); $r->gotoSimpleAndExit('index', 'login', $request->getModuleName()); } } } else { $userInfo = Zend_Auth::getInstance()->getStorage()->read(); $this->setRoleName($userInfo->type); Zend_View_Helper_Navigation_HelperAbstract::setDefaultAcl($this->_acl); Zend_View_Helper_Navigation_HelperAbstract::setDefaultRole($this->_roleName); $resourceName = ''; if ($request->getModuleName() != 'default') { $resourceName .= strtolower($request->getModuleName()) . ':'; } $resourceName .= $controller; /** Check if the controller/action can be accessed by the current user */ if (!$this->getAcl()->has($resourceName) || !$this->getAcl()->isAllowed($this->_roleName, $resourceName, $request->getActionName())) { /** Redirect to access denied page */ $this->denyAccess(); } } }
/** * Test if blogger is allowed to perform action * * @param Zend_Controller_Request_Abstract $request * @return bool */ public function isAllowed(\Zend_Controller_Request_Abstract $request, User $user = null) { if (in_array($request->getControllerName(), array('blog', 'auth'))) { return TRUE; } if ($request->isXmlHttpRequest()) { return TRUE; } if ($request->getParam('controller') == 'ad.php') { return TRUE; } if ($request->isPost() && $request->getParam('controller') == 'articles' && in_array($request->getParam('action'), $this->postArticleActions)) { if ($this->isRequestedArticleEditable($request, $user)) { return TRUE; } } if ($request->isGet() && $request->getParam('controller') == 'articles' && in_array($request->getParam('action'), $this->getArticleActions) && isset($user)) { if ($this->isRequestedArticleEditable($request, $user)) { return TRUE; } } return FALSE; }