public function __construct() { $this->session = Injector::inst()->create('Session', array()); $this->controller = new Controller(); $this->controller->setSession($this->session); $this->controller->pushCurrent(); }
public function preRequest(SS_HTTPRequest $request, Session $session, DataModel $model) { // Bootstrap session so that Session::get() accesses the right instance $dummyController = new Controller(); $dummyController->setSession($session); $dummyController->setRequest($request); $dummyController->pushCurrent(); // Block non-authenticated users from setting the stage mode if (!Versioned::can_choose_site_stage($request)) { $permissionMessage = sprintf(_t("ContentController.DRAFT_SITE_ACCESS_RESTRICTION", 'You must log in with your CMS password in order to view the draft or archived content. ' . '<a href="%s">Click here to go back to the published site.</a>'), Controller::join_links(Director::baseURL(), $request->getURL(), "?stage=Live")); // Force output since RequestFilter::preRequest doesn't support response overriding $response = Security::permissionFailure($dummyController, $permissionMessage); $session->inst_save(); $dummyController->popCurrent(); // Prevent output in testing if (class_exists('SapphireTest', false) && SapphireTest::is_running_test()) { throw new SS_HTTPResponse_Exception($response); } $response->output(); die; } Versioned::choose_site_stage(); $dummyController->popCurrent(); return true; }
public function preRequest(SS_HTTPRequest $request, Session $session, DataModel $model) { $headerName = Config::inst()->get('ApiKeyRequestFilter', 'header_name'); if ($key = $request->getHeader($headerName)) { try { $matchingKey = MemberApiKey::findByKey($key); } catch (LogicException $e) { } if ($matchingKey) { // Log-in can't have session injected, we need to to push $session into the global state $controller = new Controller(); $controller->setSession($session); $controller->pushCurrent(); $matchingKey->Member()->logIn(); // Undo our global state manipulation $controller->popCurrent(); $matchingKey->markUsed(); } else { throw new SS_HTTPResponse_Exception("Bad X-API-Key", 400); } } return true; }