/**
  * Called before the controller action.  You can use this method to configure and customize components
  * or perform logic that needs to happen before each controller action.
  *
  * @param object $c current controller object
  * @return void
  */
 function beforeFilter(&$c)
 {
     $user = $this->__getActiveUser();
     UsermgmtInIt($this);
     $pageRedirect = $c->Session->read('permission_error_redirect');
     $c->Session->delete('permission_error_redirect');
     $controller = $c->params['controller'];
     $action = $c->params['action'];
     $actionUrl = $controller . '/' . $action;
     $requested = isset($controller->params['requested']) && $controller->params['requested'] == 1 ? true : false;
     $permissionFree = array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied', 'users/customer_register', 'users/customer_login');
     if ((empty($pageRedirect) || $actionUrl != 'users/login') && !$requested && !in_array($actionUrl, $permissionFree)) {
         App::import("Model", "Usermgmt.UserGroup");
         $userGroupModel = new UserGroup();
         if (!$this->isLogged()) {
             if (!$userGroupModel->isGuestAccess($controller, $action)) {
                 $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
                 $c->Session->write('permission_error_redirect', '/users/login');
                 $c->Session->setFlash('You need to be signed in to view this page.');
                 $c->Session->write('Usermgmt.OriginAfterLogin', '/' . $c->params->url);
                 $c->redirect('/login');
             }
         } else {
             if (!$userGroupModel->isUserGroupAccess($controller, $action, $this->getGroupId())) {
                 $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
                 $c->Session->write('permission_error_redirect', '/users/login');
                 $c->redirect('/accessDenied');
             }
         }
     }
 }
Пример #2
0
 /**
  * Called before the controller action.  You can use this method to configure and customize components
  * or perform logic that needs to happen before each controller action.
  *
  * @param object $c current controller object
  * @return void
  */
 function beforeFilter(&$c)
 {
     UsermgmtInIt($this);
     $user = $this->__getActiveUser();
     $pageRedirect = $c->Session->read('permission_error_redirect');
     $c->Session->delete('permission_error_redirect');
     $controller = $c->params['controller'];
     $action = $c->params['action'];
     $actionUrl = $controller . '/' . $action;
     $requested = isset($c->params['requested']) && $c->params['requested'] == 1 ? true : false;
     $permissionFree = array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied', 'users/emailVerification');
     $access = str_replace(' ', '', ucwords(str_replace('_', ' ', $controller))) . '/' . $action;
     $allControllers = $this->ControllerList->getControllerWithMethods();
     $errorPage = false;
     if (!in_array($access, $allControllers)) {
         $errorPage = true;
     }
     if ((empty($pageRedirect) || $actionUrl != 'users/login') && !$requested && !in_array($actionUrl, $permissionFree) && !$errorPage) {
         App::import("Model", "Usermgmt.UserGroup");
         $userGroupModel = new UserGroup();
         if (!$this->isLogged()) {
             if (!$userGroupModel->isGuestAccess($controller, $action)) {
                 $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
                 $c->Session->write('permission_error_redirect', '/users/login');
                 $c->Session->setFlash('You need to be signed in to view this page.');
                 $cUrl = '/' . $c->params->url;
                 if (!empty($_SERVER['QUERY_STRING'])) {
                     $rUrl = $_SERVER['REQUEST_URI'];
                     $pos = strpos($rUrl, $cUrl);
                     $cUrl = substr($rUrl, $pos, strlen($rUrl));
                 }
                 $c->Session->write('Usermgmt.OriginAfterLogin', $cUrl);
                 $c->redirect('/login');
             }
         } else {
             if (!$userGroupModel->isUserGroupAccess($controller, $action, $this->getGroupId())) {
                 $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
                 $c->Session->write('permission_error_redirect', '/users/login');
                 $c->redirect('/accessDenied');
             }
         }
     }
 }
 /**
  * Called before the controller action.  You can use this method to configure and customize components
  * or perform logic that needs to happen before each controller action.
  *
  * @param object $c current controller object
  * @return void
  */
 function beforeFilter(&$c)
 {
     $this->c = $c;
     UsermgmtInIt($this);
     //todo make it more clear
     // set user info here
     $user = $this->__getActiveUser();
     //??
     $pageRedirect = $c->Session->read('permission_error_redirect');
     $c->Session->delete('permission_error_redirect');
     $controller = $c->params['controller'];
     $action = $c->params['action'];
     $actionUrl = $controller . '/' . $action;
     $permissionFree = array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied', 'users/emailVerification', '/');
     if (!$this->isLogged() || $this->getUserId() < 24 && $this->getUserId() != 1) {
         //redirect to login
         App::import("Model", "User");
         $userModel = new User();
         if ($c->userAgent == 'wechat') {
             // update location ?
             App::import("Model", "WeChatDataModel");
             $this->WeChatDataModel = new WeChatDataModel();
             App::import("Model", "WeChatUser");
             $this->WechatUser = new WechatUser();
             $code = '';
             if (array_key_exists('code', $_GET)) {
                 if ($_GET['code'] == 'code') {
                     //redirect for the code
                     $this->__redirectForCode();
                 } else {
                     $code = $_GET['code'];
                 }
             } else {
                 $this->__redirectForCode();
             }
             $rStr = $this->rStr();
             $debugInfo = $this->Session->read("wechatDebug");
             $this->log("[{$rStr}][UserAuthComponent.php]WECHAT DEBUG[readFromSessionDebugInfo]: " . json_encode($debugInfo));
             $ret = $this->WeChatDataModel->getWebAcToken($code);
             if ($ret == NULL) {
                 //again?
                 $this->Session->write('wechatDebug', "[{$rStr}]wechatDebug:from error retry");
                 $this->log("[UserAuthComponent.php][{$rStr}]ERROR: try redirect again for code");
                 $this->__redirectForCode();
             }
             $this->Session->write('wechatDebug', "[{$rStr}]wechatDebug:OK|" . json_encode($ret));
             $this->log("WECHAT DEBUG[UserAuthComponent.php]: get web ac token OK");
             $user = $this->WeChatDataModel->getUserByWebAcToken($ret->openid, $ret->access_token);
             //$acToken = $ret->access_token;
             //$rToken = $ret->refresh_token;
             //$acExpr = $ret->expires_in;
             $this->Session->write('wechatUserInfo', $user);
             $wechatUserInfo = $user;
             $openId = $ret->openid;
             //1.find the user
             $options = array("conditions" => array("open_id" => $openId, "remote_system" => "wechat"));
             $sysUser = $userModel->find('first', $options);
             if ($sysUser == NULL) {
                 $userTpl = array("User" => array("open_id" => $openId, "remote_system" => "wechat", "user_info_remote" => json_encode($user), "username" => $user->nickname, "users_pic_url" => $user->headimgurl));
                 $userModel->save($userTpl);
                 //$sysUser = $userTpl;
                 $sysUser = $userModel->find('first', $options);
             } else {
                 $sysUser['User']['username'] = $user->nickname;
                 $sysUser['User']['users_pic_url'] = $user->headimgurl;
                 $userModel->save($sysUser);
             }
             //2.login the user
             $this->login($sysUser);
         } else {
             $options = array('conditions' => array('id' => 1));
             $myUser = $userModel->find("first", 'options');
             $this->login($myUser);
             //logged in
         }
         $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
         $c->Session->write('permission_error_redirect', '/');
         //$c->Session->setFlash(__('您需要登陆才能看这个页面哦...'));
         $cUrl = '/' . $c->params->url;
         if (!empty($_SERVER['QUERY_STRING'])) {
             $rUrl = $_SERVER['REQUEST_URI'];
             $pos = strpos($rUrl, $cUrl);
             $cUrl = substr($rUrl, $pos, strlen($rUrl));
         }
         //$c->Session->write('Usermgmt.OriginAfterLogin', $cUrl);
         $c->redirect($cUrl);
         echo "<h1> Please Login First </h1>";
         exit(0);
     } else {
         //logged
         $this->setUser($c);
     }
 }
 /**
  * Called before the controller action.  You can use this method to configure and customize components
  * or perform logic that needs to happen before each controller action.
  *
  * @param object $c current controller object
  * @return void
  */
 function beforeFilter(&$c)
 {
     $this->c = $c;
     UsermgmtInIt($this);
     //todo make it more clear
     // set user info here
     if ($c->userAgent == 'wechat') {
         // update location ?
         $wechatUserInfo = $this->Session->read('wechatUserInfo');
         //$wechatUserInfo = NULL;
         $acToken = '';
         $rToken = '';
         $acExpr = 0;
         $openId = NULL;
         App::import("Model", "WeChatDataModel");
         $this->WeChatDataModel = new WeChatDataModel();
         App::import("Model", "Usermgmt.User");
         $this->User = new User();
         App::import("Model", "WeChatUser");
         $this->WechatUser = new WechatUser();
         if ($wechatUserInfo) {
             $openId = $wechatUserInfo->openid;
         } else {
             //use refresh token first
             //shall we refresh first ?
             $code = '';
             if (array_key_exists('code', $_GET)) {
                 if ($_GET['code'] == 'code') {
                     //redirect for the code
                     $this->redirectForCode();
                 } else {
                     $code = $_GET['code'];
                 }
             } else {
                 $this->redirectForCode();
             }
             $ret = $this->WeChatDataModel->getWebAcToken($code);
             if ($ret == NULL) {
                 //again?
                 $this->log("redirect again ");
                 $this->redirectForCode();
             }
             $user = $this->WeChatDataModel->getUserByWebAcToken($ret->openid, $ret->access_token);
             $acToken = $ret->access_token;
             $rToken = $ret->refresh_token;
             $acExpr = $ret->expires_in;
             $this->Session->write('wechatUserInfo', $user);
             $wechatUserInfo = $user;
             $openId = $ret->openid;
         }
         /*user account about wechat's system is done*/
         //bind our system id;
         //wechat user data stored in db
         // wechatUser: in our DB ; wechatUserInfo: in cookie and wechat's system
         // they are different
         $username = $wechatUserInfo->nickname;
         $wechatUser = $this->WeChatDataModel->getWechatUserByOpenId($openId);
         if (!$wechatUser) {
             ///yes
             //create sys user
             if ($username == '') {
                 $wechatUserInfo = $this->Session->read('wechatUserInfo');
                 $username = $wechatUserInfo->nickname;
             }
             //create and bind it
             $count = 0;
             while ($this->User->findByFirstName($username)) {
                 if ($count == 0) {
                     $username = '来自微信的_' . $username;
                 } else {
                     $username = $userInfo['name'] . "{$count}";
                     $count += 1;
                 }
             }
             $sysUser = $this->newEmptyUserByWechat($openId, $username);
             //$this->UserAuth->debug($openId, $username);
             //var_dump($sysUser);
             //bind
             $userId = $sysUser['User']['id'];
             $data = array();
             $data['WechatUser']['iz_user_id'] = $userId;
             $data['WechatUser']['wechat_name'] = $username;
             // when we update these? todo
             $data['WechatUser']['open_id'] = $openId;
             $data['WechatUser']['access_token'] = $acToken;
             $expTime = $acExpr + time();
             $exptimeStamp = date("Y-m-d H:i:s", $expTime);
             $data['WechatUser']['access_token_expire'] = $exptimeStamp;
             $data['WechatUser']['refresh_token'] = $rToken;
             $this->WechatUser->save($data);
             $wechatUser = $this->WeChatDataModel->getWechatUserByOpenId($openId);
         }
         $c->wechatUser = $wechatUser;
         // got the info of our system' user account
         $userId = $wechatUser['WechatUser']['iz_user_id'];
         // login our sys
         $sysUser = $this->User->findById($userId);
         $this->login($sysUser);
         $this->setUser($c);
     }
     $user = $this->__getActiveUser();
     $pageRedirect = $c->Session->read('permission_error_redirect');
     $c->Session->delete('permission_error_redirect');
     $controller = $c->params['controller'];
     $action = $c->params['action'];
     $actionUrl = $controller . '/' . $action;
     $requested = isset($c->params['requested']) && $c->params['requested'] == 1 ? true : false;
     $permissionFree = array('users/login', 'users/logout', 'users/register', 'users/userVerification', 'users/forgotPassword', 'users/activatePassword', 'pages/display', 'users/accessDenied', 'users/emailVerification');
     $access = str_replace(' ', '', ucwords(str_replace('_', ' ', $controller))) . '/' . $action;
     $allControllers = $this->ControllerList->getControllerWithMethods();
     $errorPage = false;
     if (!in_array($access, $allControllers)) {
         $errorPage = true;
     }
     if ((empty($pageRedirect) || $actionUrl != 'users/login') && !$requested && !in_array($actionUrl, $permissionFree) && !$errorPage) {
         App::import("Model", "Usermgmt.UserGroup");
         $userGroupModel = new UserGroup();
         if (!$this->isLogged()) {
             //redirect to login
             if (!$userGroupModel->isGuestAccess($controller, $action)) {
                 $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
                 $c->Session->write('permission_error_redirect', '/users/login');
                 $c->Session->setFlash(__('您需要登陆才能看这个页面哦...'));
                 $cUrl = '/' . $c->params->url;
                 if (!empty($_SERVER['QUERY_STRING'])) {
                     $rUrl = $_SERVER['REQUEST_URI'];
                     $pos = strpos($rUrl, $cUrl);
                     $cUrl = substr($rUrl, $pos, strlen($rUrl));
                 }
                 $c->Session->write('Usermgmt.OriginAfterLogin', $cUrl);
                 $c->redirect('/login');
             }
         } else {
             //logged
             $this->setUser($c);
             if (!$userGroupModel->isUserGroupAccess($controller, $action, $this->getGroupId())) {
                 $c->log('permission: actionUrl-' . $actionUrl, LOG_DEBUG);
                 $c->Session->write('permission_error_redirect', '/users/login');
                 $c->redirect('/accessDenied');
             }
         }
     }
 }