public function onRoute(EventInterface $poEvent) { $loApplication = $poEvent->getApplication(); $loRouteMatch = $poEvent->getRouteMatch(); $loServiceManager = $loApplication->getServiceManager(); $loEventManager = $loApplication->getEventManager(); $loEvents = $loEventManager->getSharedManager(); $loSession = new Session(); $loUser = $loSession->getRegister('OnionAuth'); $laMenu = Config::getAppOptions('menu'); $lsRole = Acl::DEFAULT_ROLE; //guest if ($loUser !== null) { $lnGroup = $loUser->get('UserGroup_id'); if (isset($laMenu['groups'][$lnGroup])) { $lsRole = $laMenu['groups'][$lnGroup]; } } $laMenu = $laMenu[$lsRole]; $loEvents->attach('Zend\\Mvc\\Controller\\AbstractActionController', 'dispatch', function ($event) use($laMenu, $loUser) { $loController = $event->getTarget(); $loController->layout()->laMenu = $laMenu; $loController->layout()->loUser = $loUser; $loController->layout()->loController = $loController; }, 100); $lsController = $loRouteMatch->getParam('__CONTROLLER__'); $lsAction = $loRouteMatch->getParam('action'); if (empty($lsController)) { $lsController = 'Index'; } if (empty($lsAction)) { $lsAction = 'index'; } $laConfigAcl = Config::getAppOptions('acl'); $loAcl = new Acl($laConfigAcl); if (!$loAcl->hasResource($lsController)) { throw new \Exception('Resource ' . $lsController . ' not defined'); } Debug::debug("Route: {$lsController}/{$lsAction}"); if (!$loAcl->isAllowed($lsRole, $lsController, $lsAction)) { if ($lsController != 'Index' && $lsAction != 'index') { $loFlashMessenger = new FlashMessenger(); $loFlashMessenger->addMessage(array('id' => 'Access-' . microtime(true), 'hidden' => false, 'push' => false, 'type' => 'danger', 'msg' => Translator::i18n('Você não tem permissão para executar esta ação!'))); } $lsUrl = $poEvent->getRouter()->assemble(array(), array('name' => 'access', 'query' => array('urlFrom' => base64_encode($_SERVER['REQUEST_URI'])))); $loResponse = $poEvent->getResponse(); $loResponse->getHeaders()->addHeaderLine('Location', $lsUrl); $loResponse->setStatusCode(302); $loResponse->sendHeaders(); exit; } }
/** * * @param unknown $poIdentity * @param unknown $psUrlFrom */ public function authentication($poAuthService, $poIdentity, $psUrlFrom = null, $poForm = null, $psType = 'onion') { $lsStatus = null; if ($poIdentity->getActive() == 1) { $laUserContext = null; if ($poIdentity->get('stIpContext') !== null) { $lsUserAgent = '*'; if ($poIdentity->get('stUserAgent') !== null) { $lsUserAgent = $poIdentity->get('stUserAgent'); } $laUserContext = array($poIdentity->get('stIpContext') => array('denied' => $poIdentity->get('isContextDenied'), $lsUserAgent => $poIdentity->get('stRegistrationToken'))); } if (Context::hasContextAccess($laUserContext)) { $loSession = new Session(); $loSession->clearRegister('OnionAuth'); $loSession->clearRegister('storage', 'Zend_Auth'); $poIdentity->getObject(); $poIdentity->set('stPassword', 'nono'); $poIdentity->set('stPasswordSalt', ''); $poIdentity->set('stAnswer', ''); $loSession->setRegister('OnionAuth', $poIdentity); $loIdentity = $loSession->getRegister('OnionAuth'); $poAuthService->getStorage()->write($poIdentity); if ($poForm->get('rememberme')->getValue() == 1) { $laOptions = Config::getAppOptions('settings'); $loSessionManager = new SessionManager(); $loSessionManager->rememberMe($laOptions['sessionLifeTime']); } Debug::debug($poIdentity->getUsername() . " [SUCCESS by {$psType}]"); Access::log($poIdentity, "SUCCESS by " . $psType); if ($psUrlFrom !== null) { if ('/' !== $psUrlFrom) { $psUrlFrom = base64_decode($psUrlFrom); } Debug::debug("Redirect to: ({$psUrlFrom})"); $this->redirect()->toUrl($psUrlFrom); } } else { $poForm->get('stUsername')->setMessages(array("Permissão negada para o contexto de acesso!")); $lsStatus = "CONTEXT DENIED"; } } else { $poForm->get('stUsername')->setMessages(array("Usuário desativado!")); $lsStatus = "USER DISABLED"; } return $lsStatus; }
public static function clearSection() { $loResource = Session::getRegister("app"); $loResource = null; Session::setRegister('app', $loResource); }
/** * * @param string $pbReturnObject * @return object|string|null */ public function getAuthenticatedUser($pbReturnObject = false) { $loSession = new Session(); $loUser = $loSession->getRegister('OnionAuth'); //$loAuthService = $this->getServiceLocator()->get('Zend\Authentication\AuthenticationService'); //if ($loAuthService->hasIdentity()) if (is_object($loUser)) { //$loUser = $loAuthService->getIdentity(); if ($pbReturnObject) { return $loUser; } else { return $loUser->get('id'); } } else { $this->flashMessenger()->addMessage(array('id' => $this->get('_sModule') . '-' . microtime(true), 'hidden' => $this->get('_bHiddenPushMessage'), 'push' => $this->get('_bPushMessage'), 'type' => 'danger', 'msg' => Translator::i18n('You need to be logged to execute this action!'))); } return null; }
/** * * @return \Onion\Mvc\Controller\unknown */ public function changePhoneExtensionAction() { $this->_sWindowType = $this->request('w', 'default'); $this->_bPushMessage = true; $lnUserId = $this->getAuthenticatedUser(); if ($lnUserId === null) { return $this->redirect()->toRoute('Access'); } $loEntity = $this->getEntityManager()->find($this->_sEntity, $lnUserId); $loEntity->getObject(); $loForm = Application::factory('User\\Form\\ChangePhoneExtensionForm'); $loForm->setObjectManager($this->getEntityManager()); $loForm->setActionType('edit'); $loForm->setEntity($this->_sEntity); $loForm->setForm(); $loForm->setWindowType($this->_sWindowType); $loForm->setCancelBtnType($this->_sWindowType == 'default' ? 'cancel' : 'close'); $loForm->setBindOnValidate(false); $loForm->bind($loEntity); $lsSecurity = $this->requestPost('security', null); if ($this->requestIsPost() && $lsSecurity !== null) { $loForm->setInputFilter($loForm->getInputFilter()); $loForm->setData($this->requestPost()); $loForm->setEntityData($loEntity); if ($loForm->isValid()) { $loForm->bindValues(); $laPostData = $loForm->getDataForm(); $loEntity->populate($laPostData); if ($this->entityFlush()) { $loSession = new Session(); $loUser = $loSession->getRegister('OnionAuth'); $loUser->setStPhoneExtension($laPostData['stPhoneExtension']); $loSession->setRegister('OnionAuth', $loUser); $this->flashMessenger()->addMessage(array('id' => $this->get('_sModule') . '-' . microtime(true), 'hidden' => $this->get('_bHiddenPushMessage'), 'push' => $this->get('_bPushMessage'), 'type' => 'success', 'msg' => Translator::i18n("The phone extension was successfully changed!"))); Event::log(array('userId' => $lnUserId, 'table' => 'User', 'action' => 'change-phone-extension', 'record' => $lnUserId), Event::INFO); } } } $loView = new ViewModel(array('lsBack' => $this->requestPost('back', 'index'), 'lsTitleS' => $this->_sTitleS, 'lsTitleP' => $this->_sTitleP, 'lsRoute' => $this->_sRoute, 'lsUsername' => $loEntity->getUsername(), 'lnId' => $lnUserId, 'loForm' => $loForm)); return $this->setResponseType($loView, null, true); }