/** * index method * * @return void */ function beforeFilter() { if ($this->request->params['action'] != 'login' && $this->request->params['action'] != 'logout') { $user = Authsome::get(); if ($user == "") { $this->Session->setFlash(__('No esta autenticado.'), 'flash_orange'); return $this->redirect(array('controller' => 'Users', 'action' => 'login')); } if ($user['User']['status'] == Configure::read('STATUS.MODIFIED')) { return $this->redirect(array('controller' => 'Users', 'action' => 'logout')); } switch ($user['User']['rol']) { case Configure::read('ROL.CHIEF'): # code... return $this->redirect(array('controller' => 'Sails', 'action' => 'indexComodoro')); break; case Configure::read('ROL.BOSS'): # code... return $this->redirect(array('controller' => 'Managements')); break; case Configure::read('ROL.PERSON'): # code... return $this->redirect(array('controller' => 'Users', 'action' => 'logout')); break; } } }
/** * Initialize component * * @param object $controller Instantiating controller * @access public */ function initialize(&$controller, $settings = array()) { if (!count($controller->uses) || get_parent_class($controller->{$controller->modelClass}) == 'Object') { return; } if (!$controller->{$controller->modelClass}->Behaviors->attached('Logable')) { return; } // Auto-import user data if AuthsomeComponent is in use if (class_exists('Authsome')) { if (!Authsome::get('guest')) { $controller->{$controller->modelClass}->setUserData(Authsome::get()); } } // Auto-import user data if AuthComponent is in use if (!empty($controller->Auth)) { $user = $controller->Auth->user(); if ($user !== null) { $controller->{$controller->modelClass}->setUserData(array('User' => $user)); } } $controller->{$controller->modelClass}->setRequestParameters($controller->params); $controller->{$controller->modelClass}->setUserBrowser($_SERVER['HTTP_USER_AGENT']); $controller->{$controller->modelClass}->setUserIp($_SERVER['REMOTE_ADDR']); }
function _isAuthorized(&$controller) { $action = strtolower($controller->params['action']); $authRequiredActions = array_map('strtolower', $this->settings['auth_required']); $authRequired = $authRequiredActions == array('*') || in_array($action, $authRequiredActions); if ($authRequired and Authsome::get('guest')) { $controller->Session->setFlash('Please login to access this resource'); $controller->redirect(array('controller' => 'users', 'action' => 'login')); } $authDeniedActions = array_map('strtolower', $this->settings['auth_denied']); $authDenied = $authDeniedActions == array('*') || in_array($action, $authDeniedActions); if ($authDenied and !Authsome::get('guest')) { $controller->Session->setFlash('You are already logged in'); $controller->redirect(array('controller' => 'users', 'action' => 'dashboard')); } $adminRequiredActions = array_map('strtolower', $this->settings['admin_required']); $adminRequired = $adminRequiredActions == array('*') || in_array($action, $adminRequiredActions); if ($adminRequired and Authsome::get('group') != 'administrator') { $controller->Session->setFlash('You must be an administrator to access this resource'); $controller->redirect(array('controller' => 'users', 'action' => 'dashboard')); } $deniedActions = array_map('strtolower', $this->settings['denied']); $denied = $deniedActions == array('*') || in_array($action, $deniedActions); if ($denied) { $controller->Session->setFlash('You do not have access to this resource'); $controller->redirect(array('controller' => 'users', 'action' => 'index')); } }
function beforeFilter() { $user = Authsome::get(); if ($user == "") { $this->Session->setFlash(__('No esta autenticado.'), 'flash_orange'); return $this->redirect(array('controller' => 'Users', 'action' => 'login')); } if ($user['User']['status'] == Configure::read('STATUS.MODIFIED')) { return $this->redirect(array('controller' => 'Users', 'action' => 'logout')); } switch ($user['User']['rol']) { case Configure::read('ROL.BOSS'): # code... return $this->redirect(array('controller' => 'Managements')); break; case Configure::read('ROL.ADMIN'): case Configure::read('ROL.SUB-ADMIN'): # code... return $this->redirect(array('controller' => 'pages')); break; case Configure::read('ROL.PERSON'): # code... return $this->redirect(array('controller' => 'Users', 'action' => 'logout')); break; } $chief = $this->Chief->findByUserId(Authsome::get('User.id')); $this->set('com', $chief['Chief']['last_name'] . ', ' . $chief['Chief']['name']); }
public function persist($duration = '2 weeks') { $userModel = $this->__getUserModel(); if (!method_exists($userModel, 'authsomePersist')) { throw new Exception($userModel->alias . '::authsomePersist() is not implemented!'); } $token = $userModel->authsomePersist(Authsome::get(), $duration); $token = $token . ':' . $duration; return $this->Cookie->write($this->settings['cookieKey'], $token, true, $duration); }
/** * Sets the User_id for the created_by and modified_by fields for this model * * @param object $model Model using the behavior * @return void * @author Matt Curry **/ function beforeValidate(&$model) { $settings = $this->settings[$model->alias]; $trackable_id = isset($model->trackable_id) ? $model->trackable_id : Authsome::get('id'); $trackable_id = !$trackable_id ? '0' : $trackable_id; if (empty($model->data[$model->alias][$model->primaryKey])) { $model->data[$model->alias][$settings['created_by_field']] = $trackable_id; } $model->data[$model->alias][$settings['modified_by_field']] = $trackable_id; return true; }
/** * List all projects * * @return void * @access public */ function index() { $this->loadModel('Project'); $currentUser = Authsome::get(); $currentUserId = $currentUser['User']['id']; $userGroup = $currentUser['UserGroup']['name']; if ($userGroup === ADMIN_USER_GROUP || $userGroup === INTERNAL_USER_GROUP) { $this->paginate['Project'] = array('contain' => array('Population.id', 'Population.project_id', 'Library.id', 'Library.project_id'), 'order' => 'Project.id'); $this->set('projects', $this->paginate()); } else { $projects = $this->Project->findUserProjects(); $this->set('projects', $projects); $this->render('index_no_pagination'); } }
function beforeSave(&$model) { if (!isset($model->id)) { return true; } $settings = $this->settings[$model->alias]; $count = count($settings['exception']); $user = Authsome::get(); if (!$user) { return false; } foreach ($settings['exception'] as $key => $value) { if ($user[$model->alias][$key] == $value) { $count--; } } if ($count == 0) { return true; } $rec = $model->find('first', array('conditions' => array("{$model->alias}.{$settings['model_field']}" => $model->id), 'contain' => false)); return $rec[$model->alias][$settings['model_field']] == Authsome::get('authsome_field'); }
/** * Returns associative array with datasets as keys (those for which * the logged in user has permissions and associative information * as values * * @param int $datasetType 0 all datasets, 1 only libraries, 2 only populations * @param int $projectId restrict returned datasets to a certain project * @return Array associative array with datasets as keys and associative information * as values * @access public */ public function findUserDatasets($datasetType = POPULATION_AND_LIBRARY_DATASETS, $projectId = null) { $userDatasets = array(); $currentUser = Authsome::get(); $currentUserId = $currentUser['User']['id']; $userGroup = $currentUser['UserGroup']['name']; //check if chached if (($userDatasets = Cache::read($currentUserId . $projectId . 'userDatasets')) === false) { if ($userGroup === ADMIN_USER_GROUP || $userGroup === INTERNAL_USER_GROUP) { if (is_null($projectId)) { if ($datasetType == POPULATION_AND_LIBRARY_DATASETS) { $query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t\t (SELECT 'population' as type,populations.name as name, populations.description as description, projects.name\n\t\t\t\t\t\t as project,projects.id as project_id from populations INNER JOIN projects ON(projects.id=populations.project_id)\n\t\t\t\t\t\t UNION SELECT 'library' as type,libraries.name as name, libraries.description as description,projects.name as project,\n\t\t\t\t\t\t projects.id as project_id from libraries INNER JOIN projects ON(projects.id=libraries.project_id)) \n\t\t\t\t\t\t as datasets ORDER BY datasets.project ASC, datasets.name ASC"; } else { if ($datasetType == LIBRARY_DATASETS) { $query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from (SELECT 'library' as type,libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id from libraries INNER JOIN projects ON(projects.id=libraries.project_id)) as datasets ORDER BY datasets.project ASC, datasets.name ASC"; } else { if ($datasetType == POPULATION_DATASETS) { $query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from (SELECT 'population' as type,populations.name as name, populations.description as description, projects.name as project,projects.id as project_id from populations INNER JOIN projects ON(projects.id=populations.project_id)) as datasets ORDER BY datasets.project ASC, datasets.name ASC"; } } } } else { if ($datasetType == POPULATION_AND_LIBRARY_DATASETS) { $query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from (SELECT 'population' as type,populations.name as name, populations.description as description, projects.name as project,projects.id as project_id from populations INNER JOIN projects ON(projects.id=populations.project_id) where projects.id={$projectId} UNION SELECT 'library' as type,libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id from libraries INNER JOIN projects ON(projects.id=libraries.project_id) where projects.id={$projectId}) as datasets ORDER BY datasets.project ASC, datasets.name ASC"; } else { if ($datasetType == LIBRARY_DATASETS) { $query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from (SELECT 'library' as type,libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id from libraries INNER JOIN projects ON(projects.id=libraries.project_id) where projects.id={$projectId}) as datasets ORDER BY datasets.project ASC, datasets.name ASC"; } else { if ($datasetType == POPULATION_DATASETS) { $query = "select datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from (SELECT 'population' as type,populations.name as name, populations.description as description, projects.name as project,projects.id as project_id from populations INNER JOIN projects ON(projects.id=populations.project_id)) as datasets ORDER BY datasets.project ASC, datasets.name ASC"; } } } } } else { if (is_null($projectId)) { if ($datasetType == POPULATION_AND_LIBRARY_DATASETS) { $query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT populations.name as name, populations.description as description, projects.name as project,projects.id as project_id,'population' as type from populations\n\t\t\t\t\t \tINNER JOIN projects on(projects.id=populations.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t \twhere projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1 UNION\n\t\t\t\t\t SELECT libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id,'library' as type from libraries\n\t\t\t\t\t INNER JOIN projects on(projects.id=libraries.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t where projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC"; } else { if ($datasetType == LIBRARY_DATASETS) { $query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id,'library' as type from libraries\n\t\t\t\t\t INNER JOIN projects on(projects.id=libraries.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t where projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC"; } else { if ($datasetType == POPULATION_DATASETS) { $query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT populations.name as name, populations.description as description, projects.name as project,projects.id as project_id,'population' as type from populations\n\t\t\t\t\t \tINNER JOIN projects on(projects.id=populations.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t \twhere projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC"; } } } } else { if ($datasetType == POPULATION_AND_LIBRARY_DATASETS) { $query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT populations.name as name, populations.description as description, projects.name as project,projects.id as project_id,'population' as type from populations\n\t\t\t\t\t \tINNER JOIN projects on(projects.id=populations.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t \twhere projects.id={$projectId} AND (projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1) UNION\n\t\t\t\t\t SELECT libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id,'library' as type from libraries\n\t\t\t\t\t INNER JOIN projects on(projects.id=libraries.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t where projects.id={$projectId} AND (projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1)) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC"; } else { if ($datasetType == LIBRARY_DATASETS) { $query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT libraries.name as name, libraries.description as description,projects.name as project,projects.id as project_id,'library' as type from libraries\n\t\t\t\t\t INNER JOIN projects on(projects.id=libraries.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t where projects.id={$projectId} AND (projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1)) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC"; } else { if ($datasetType == POPULATION_DATASETS) { $query = "SELECT datasets.name,datasets.description,datasets.project,datasets.project_id,datasets.type from\n\t\t\t\t\t \t(SELECT populations.name as name, populations.description as description, projects.name as project,projects.id as project_id, 'population' as type from populations\n\t\t\t\t\t \tINNER JOIN projects on(projects.id=populations.project_id) LEFT JOIN projects_users on(projects_users.project_id=projects.id)\n\t\t\t\t\t \twhere projects.id={$projectId} AND (projects.user_id = {$currentUserId} OR projects_users.user_id = {$currentUserId} OR projects.is_public=1)) as datasets\n\t\t\t\t\t ORDER BY datasets.project ASC, datasets.name ASC"; } } } } } $results = $this->query($query); foreach ($results as $result) { $datasetName = $result['datasets']['name']; $userDatasets[$datasetName] = $result['datasets']; } //cache query results Cache::write($currentUserId . $projectId . 'userDatasets', $userDatasets); } return $userDatasets; }
/** * Search all datasets * * @param String $query Lucene query string * @return void * @access public */ public function all($query = "*:*") { $this->loadModel('Project'); //adjust fields to allow search accross all samples including weighted datasets unset($this->searchFields['Search By Blast Statistics']); unset($this->searchFields['Search By Name']['hmm_name']); #unset($this->searchFields['Search By Name']['kegg_name']); unset($this->searchFields['Search By ID']['hmm_id']); #unset($this->searchFields['Search By ID']['kegg_id']); //if a query string has been passed in as a variable if ($query != "*:*") { $this->Session->write('searchField', 1); } else { $query = $this->data['Search']['query']; $field = $this->data['Search']['field']; try { $query = $this->generateLuceneQuery($query, $field); } catch (Exception $e) { $this->set('exception', $e->errorMessage()); $this->Session->write('query', $query); $this->Session->write('numHits', 0); $this->Session->write('searchField', $field); $this->render(); } } asort($this->searchFields['Search By ID']); asort($this->searchFields['Search By Name']); //get user id to make/get user specific cache $currentUser = Authsome::get(); $currentUserId = $currentUser['User']['id']; //try to use cache for default query *:*" if ($query != "*:*" || ($searchAllResults = Cache::read($currentUserId . 'searchAllResults')) === false) { //start search all $totalHits = 0; //returns all datasets the current user has access to $datasets = $this->Project->findUserDatasets(LIBRARY_DATASETS); $facets = array('habitat' => array(), 'location' => array(), 'filter' => array(), 'project' => array(), 'depth' => array()); foreach ($datasets as &$dataset) { $numHits = 0; //get number of hits try { $numHits = $this->Solr->count($dataset['name'], $query); } catch (Exception $e) { $this->set('exception', LUCENE_QUERY_EXCEPTION); break; } $totalHits += $numHits; $dataset['hits'] = $numHits; //get number of overall counts if ($query === '*:*') { $counts = $numHits; } else { $counts = $this->count($dataset['name']); } $dataset['counts'] = $counts; if ($numHits > 0) { $this->loadModel('Library'); $libraryMetadata = $this->Library->find('all', array('fields' => array('sample_habitat', 'sample_filter', 'sample_longitude', 'sample_latitude', 'sample_depth'), 'conditions' => array('Library.name' => $dataset['name']))); $habitat = $libraryMetadata[0]['Library']['sample_habitat']; $filter = $libraryMetadata[0]['Library']['sample_filter']; $depth = $libraryMetadata[0]['Library']['sample_depth']; $location = trim($libraryMetadata[0]['Library']['sample_latitude'] . " " . $libraryMetadata[0]['Library']['sample_longitude']); if (empty($habitat)) { $habitat = 'unassigned'; } if (empty($location)) { $location = 'unassigned'; } if (empty($filter)) { $filter = 'unassigned'; } if (empty($depth)) { $depth = 'unassigned'; } if (empty($dataset['project'])) { $project = 'unassigned'; } else { $project = $dataset['project']; } if (array_key_exists($habitat, $facets['habitat'])) { $facets['habitat'][$habitat] += $numHits; } else { $facets['habitat'][$habitat] = $numHits; } if (array_key_exists($location, $facets['location'])) { $facets['location'][$location] += $numHits; } else { $facets['location'][$location] = $numHits; } if (array_key_exists($depth, $facets['depth'])) { $facets['depth'][$depth] += $numHits; } else { $facets['depth'][$depth] = $numHits; } if (array_key_exists($filter, $facets['filter'])) { $facets['filter'][$filter] += $numHits; } else { $facets['filter'][$filter] = $numHits; } if (array_key_exists($project, $facets['project'])) { $facets['project'][$project] += $numHits; } else { $facets['project'][$project] = $numHits; } } if ($dataset['counts'] > 0) { $percent = round($dataset['hits'] / $dataset['counts'] * 100, 2); } else { $percent = 0; } $dataset['perc'] = $percent; } if ($totalHits > 0) { foreach ($facets as $key => $value) { arsort($facets[$key]); $facets[$key] = array_slice($facets[$key], 0, NUM_TOP_FACET_COUNTS, true); } } //sort results by absolute counts usort($datasets, array('SearchController', 'sortResultsByCounts')); //store everything in the searchAllResults object for caching $searchAllResults['datasets'] = $datasets; $searchAllResults['facets'] = $facets; $searchAllResults['numHits'] = $totalHits; $searchAllResults['query'] = $query; $searchAllResults['numDatasets'] = count($datasets); //cache query results if ($query === '*:*') { Cache::write($currentUserId . 'searchAllResults', $searchAllResults); } } //store data in session for search all view $this->Session->write('searchResults', $searchAllResults['datasets']); $this->Session->write('searchFields', $this->searchFields); $this->Session->write('query', $searchAllResults['query']); $this->Session->write('facets', $searchAllResults['facets']); $this->Session->write('numHits', $searchAllResults['numHits']); $this->Session->write('numDatasets', $searchAllResults['numDatasets']); }
public function _findAccount($state, $query, $results = array()) { if ($state == 'before') { $query['conditions'] = array("{$this->alias}.{$this->primaryKey}" => Authsome::get('id')); $query['fields'] = array('first_name', 'last_name', 'location'); return $query; } elseif ($state == 'after') { if (empty($results[0])) { return false; } return $results[0]; } }
/** * Wrapper around retrieving user data * * Can be overriden in the Model to provide advanced control * * @param array $result single Model record being authenticated against * @param string $key field to retrieve. Leave null to get entire User record * @return mixed User record. or null if no user is logged in. */ public function user(Model $Model, $result, $key = null) { if (method_exists($Model, 'user')) { return $Model->user($key, $result); } if (class_exists('AuthComponent')) { return AuthComponent::user($key); } if (class_exists('Authsome')) { return Authsome::get($key); } if (method_exists($Model, 'get')) { $className = get_class($Model); $ref = new ReflectionMethod($className, 'get'); if ($ref->isStatic()) { return $className::get($key); } } return false; }
function _login() { $this->layout = Configure::read('front_end_layout'); $guest = Authsome::get(); debug($guest); die; if (isset($_GET["ident"])) { if ($this->User->activateAccount($_GET)) { $this->flash("Thank you. Your account is now active.", "login"); } else { $this->flash("Sorry. There were problems in your account activation.", "login"); } } else { if (isset($user['success'])) { $user = $this->User->read(null, $user["User"]["id"]); $this->Session->write("User", $user); $this->Session->write("User.id", $user["User"]["id"]); $this->Session->write("UserGroup.id", $user["UserGroup"]["id"]); $this->Session->write("UserGroup.name", $user["UserGroup"]["name"]); $this->Session->write('Company.id', $user['Company']['id']); $this->redirect("/dashboard"); } elseif (isset($user['error'])) { $this->flash($user['error']['message'], 'login'); } } }
/** * Retrieves the user_id for the current model. Can be overriden in model * * This method tries to retrieve the trackable_id in the following order: * * - Model->getTrackableId() * - Model->trackable_id * - AuthComponent::user($user_primaryKey) * - Authsome::get($user_primaryKey) * - User::get($user_primaryKey) * * @param object $Model Model using the behavior * @return mixed user_id integer if available, false otherwise * @access public */ public function getTrackableId(Model $Model) { $trackableId = null; if (method_exists($Model, 'getTrackableId')) { $trackableId = $Model->getTrackableId(); } if (!empty($Model->trackable_id)) { $trackableId = $Model->trackable_id; } if (!$trackableId && class_exists('AuthComponent')) { $trackableId = AuthComponent::user($this->settings[$Model->alias]['user_primaryKey']); } if (!$trackableId && class_exists('Authsome')) { $trackableId = Authsome::get($this->settings[$Model->alias]['user_primaryKey']); } if (!$trackableId) { $className = get_class($Model); if (method_exists($className, 'get')) { $trackableId = $className::get($this->settings[$Model->alias]['user_primaryKey']); } } return $trackableId; }
function __findDashboard() { return $this->find('first', array('conditions' => array("{$this->alias}.{$this->primaryKey}" => Authsome::get($this->primaryKey)), 'contain' => false)); }
public function account() { if ($this->data) { if ($this->data['User']['new_password']) { $this->User->passwordReset(); $this->data['User']['password'] = $this->data['User']['new_password']; } if ($this->User->save($this->data)) { $this->Redirect->flash('account_saved', array('action' => 'index')); } $this->Redirect->flash('input_errors'); } $id = Authsome::get('User.id'); $this->data = $this->User->findById($id); }