public static function checkAuthentication()
{
// initialize the session (if not initialized yet)
Session::init();
// if user is not logged in...
if (!Session::userIsLoggedIn()) {
if (LockModel::lockStatus() == false) {
// ... then treat user as "not logged in", destroy session, redirect to login page
Session::destroy();
header('location: ' . URL . 'login');
// to prevent fetching views via cURL (which "ignores" the header-redirect above) we leave the application
// the hard way, via exit(). @see https://github.com/panique/php-login/issues/453
// this is not optimal and will be fixed in future releases
exit;
} else {
Redirect::to('lock');
}
}
}
public function unlock()
{
LoginModel::login(Request::post('user_name'), Request::post('user_password'));
LockModel::unlock();
}
/**
* Attempt to lock a page, check for access and return the lock on success, redirect to the view
* page with an error on failure
*
* @param mixed PageModel or id of page being locked
* @param string the action we are checking for access to
* @return mixed
*/
private function lockPage($page, $action = 'approve')
{
if (!$page instanceof PageModel) {
$page = new PageModel(array('pageID' => $this->_getParam('id'), 'depth' => 'response'));
}
$lock = LockModel::obtain($page, $this->_user);
if ($lock === null) {
$this->flash('error', 'A lock could not be obtained for the requested page. Please ' . 'ensure you have access and try again later.');
$this->_redirector->gotoRouteAndExit(array('action' => 'view', 'id' => $page->pageID));
} elseif (!$this->_user->hasAccess($action, $page)) {
$this->denyAccess();
}
return $lock;
}
/**
* Set the expiration time for all new locks
*
* @param integer time (in seconds) to set for expiration
*/
public static function setExpiration($seconds)
{
self::$expirationTime = $seconds;
}
/**
* Render the lock icon next to a menu item where appropriate
*
* @param PageModel the page for which we are rendering a lock icon
* @return string
*/
protected function renderMenuLockIcon(PageModel $page)
{
$builder = new Tag_Builder();
if (LockModel::isLocked($page)) {
return ' ' . $builder->image('lock.png', array('class' => 'inline'));
}
return '';
}
public function testCanModifyAllowsAppropriateModification()
{
$page1 = new PageModel(array('pageID' => 1, 'depth' => 'page'));
$page2 = new PageModel(array('pageID' => 2, 'depth' => 'page'));
$user = new DbUserModel(array('dbUserID' => 1));
$lock = LockModel::obtain($page1, $user);
$this->assertTrue($lock instanceof LockModel);
$this->assertTrue($lock->canModify($page1));
$this->assertFalse($lock->canModify($page2));
}
