/** * Checks whether the user is authorized to use a specific module * @param \Zend_Session_Namespace $session The session namespace * @param string $url The URL to check against * @return boolean */ public static function isAuthorized(\Zend_Session_Namespace $session, $url) { $authorized = false; $module = Functions::getModuleNameFromURL($url); switch ($session->getNamespace()) { case 'internal': $visitor_ip = $_SERVER['HTTP_X_FORWARDED_FOR'] ?: $_SERVER['REMOTE_ADDR']; $authorized = static::cidrCheck($visitor_ip, unserialize(ALLOWED_IPS)) && static::checkUserPrivileges($session->user_name, $module); break; case 'student': $authorized = $module === 'student'; break; case 'faculty': $authorized = $module === 'faculty'; break; case 'professor': $authorized = $module === 'professor'; break; case 'cron': $authorized = true; break; default: throw new \InvalidArgumentException('Invalid user class.'); } // @TODO Move to a callback function if (!$authorized) { header('Location: https://' . URL_CUSTOM_HANDLERS . '/403.php'); exit; } return $authorized; }
/** * test for method getNamespace() * * @group ZF-1982 * @return void */ public function testGetNameSpaceMethod() { Zend_Session::$_unitTestEnabled = true; $namespace = array('FooBar', 'Foo_Bar', 'Foo-Bar', 'Foo1000'); foreach ($namespace as $v) { $s = new Zend_Session_Namespace($v); $this->assertEquals($v, $s->getNamespace()); } }
/** * The Zend ProgressBar handles the communication through * an adapter interface. * * @return \Zend_ProgressBar */ public function getProgressBar() { if (!$this->progressBar instanceof \Zend_ProgressBar) { $this->setProgressBar(new \Zend_ProgressBar($this->getProgressBarAdapter(), 0, 100, $this->_session->getNamespace() . '_pb')); } return $this->progressBar; }
/** * Gets the user ID * @param \Zend_Session_Namespace $session The session object * @return int|null */ private function getUserId(\Zend_Session_Namespace $session = null) { if ($session === null) { return null; } switch ($session->getNamespace()) { case 'internal': case 'student': case 'faculty': return (int) $session->user_id; case 'cron': return CRON_USER_ID; case 'professor': default: return null; } }