/** * Init function. * * There are only a few actions that a normal user can do requesting the Core controller. * The function check them, and allow the acction or not, * if not, the user is redirected to the login form or throws an exception. * * @throws Zend_Controller_Action_Exception If the user is not an admin. * * @return void */ public function preDispatch() { parent::preDispatch(); if (!Phprojekt_Auth::isAdminUser()) { $valid = false; // Add exceptions for public calls into the Core $controller = strtolower($this->getRequest()->getControllerName()); $action = $this->getRequest()->getActionName(); if ($controller == 'history' && $action == 'jsonList') { $valid = true; } else { if ($controller == 'module' && $action == 'jsonGetGlobalModules') { $valid = true; } else { if ($controller == 'role' && $action == 'jsonGetModulesAccess') { $valid = true; } else { if ($controller == 'user' && $action == 'jsonGetUsers') { $valid = true; } else { if ($controller == 'user' && $action == 'jsonGetProxyableUsers') { $valid = true; } else { if ($controller == 'tab' && $action == 'jsonList') { $valid = true; } else { if ($controller == 'setting') { $valid = true; } else { if ($controller == 'upgrade') { $valid = true; } } } } } } } } if (!$valid) { $this->getResponse()->setRawHeader('HTTP/1.1 401 Authorization Require'); $this->getResponse()->sendHeaders(); exit; } } }
/** * Overwrite preDispatch from the indexController. * We need to stop the view from rendering. */ public function preDispatch() { parent::preDispatch(); $this->_helper->viewRenderer->setNoRender(true); }