public static function user()
{
Log::info('Ravenly: fetching user.');
static $user;
if (is_null($user)) {
// First check session
$sesh_user = Session::get('Ravenly.user');
if (Ravenly::isValidUser($sesh_user)) {
Log::info('Ravenly: - User found in session, retrieving.');
$user = $sesh_user;
} else {
// Otherwise just fetch/create
Log::info('Ravenly: - user not previously set, creating.');
$class = Config::get('ravenly::auth.model') or 'Models\\User';
$crsid = Session::get('Ravenly.crsid');
// Now we see if we should create a new user, or fetch an old one
$exists = call_user_func($class . '::where_crsid', $crsid)->count() > 0;
if (!$exists) {
Log::info('Ravenly: - user not in database, creating new object.');
$user = new $class(array('crsid' => $crsid), false);
if (Config::get('ravenly::auth.autocreate')) {
Log::info('Ravenly: - autocreate set, so saving user.');
$user->save();
}
} else {
Log::info('Ravenly: - user exists in database, retrieving.');
$user = call_user_func($class . '::where_crsid', $crsid)->first();
}
Log::info('Ravenly: - fetching user details from LDAP.');
$user->fillFromLookup();
Session::put('Ravenly.user', $user);
}
}
return $user;
}
if ($l_status === false) {
Log::info('Ravenly: [!] login failed.');
return Response::error(403);
}
}
$status = Ravenly::authenticate(Ravenly::user());
if ($status === false) {
Log::info('Ravenly: [!] not authorised.');
return Response::error(403);
} else {
return $status;
}
});
/**
* Raven authentication filter for group requirement.
* Used if only a particular group should access.
* Login filter must be called first.
*
* e.g. $this->filter('before', 'raven:group', array('admin', 'committee'));
*/
Route::filter('raven:group', function () {
Log::info('Ravenly: group filter intiated.');
$groups = func_get_args();
$status = Ravenly::authenticate(Ravenly::user(), array('group' => $groups));
if ($status === false) {
Log::info('Ravenly: [!] not authorised, user not in group(s).');
return Response::error(403);
} else {
return $status;
}
});