function beforeFilter()
{
if (!$this->Session->check('Document.continue')) {
$this->Session->write('Action.type', $this->action);
$this->redirect(array('controller' => 'points', 'action' => 'process'));
}
}
/**
* Pass-thru function for ACL check instance. Check methods
* are used to check whether or not an ARO can access an ACO
*
* @param string $aro ARO The requesting object identifier.
* @param string $aco ACO The controlled object identifier.
* @param string $action Action (defaults to *)
* @return boolean Success
* @access public
*/
function check($aro, $aco, $action = "*")
{
$path = $this->__cachePath($aro, $aco, $action);
if ($this->Session->check($path)) {
return $this->Session->read($path);
} else {
$check = parent::check($aro, $aco, $action);
$this->Session->write($path, $check);
return $check;
}
}
/**
* Authenticate a user using Linkedin Auth Cookie.
*
* @param CakeRequest $request The request to authenticate with.
* @param CakeResponse $response The response to add headers to.
* @return mixed Either false on failure, or an array of user data on success.
*/
public function authenticate(CakeRequest $request, CakeResponse $response)
{
if ($user = $this->getUser($request)) {
$this->access_token = $user->access_token;
$userModel = $this->settings['userModel'];
list($plugin, $model) = pluginSplit($userModel);
$fields = $this->settings['fields'];
$conditions = array($model . '.' . $fields['username'] => $user->member_id);
if (!empty($this->settings['scope'])) {
$conditions = array_merge($conditions, $this->settings['scope']);
}
$result = ClassRegistry::init($userModel)->find('first', array('conditions' => $conditions, 'recursive' => 0));
if (empty($result) || empty($result[$model])) {
$session_name = $this->settings['session'];
SessionComponent::write($session_name, $user);
return false;
}
unset($result[$model][$fields['password']]);
if (isset($result[$model]['linkedin'])) {
unset($result[$model]['linkedin']);
}
$user->id = $result[$model]['_id'];
$session_name = $this->settings['session'];
SessionComponent::write($session_name, $user);
return $result[$model];
}
return false;
}
/**
* dispatch to user action:
* - upload
* - download
* - index (for earn points)
* requires Session var "Points.dispatch" given by PointsController::process()
* @see PointsController::process()
*/
function _dispatch()
{
$action = $this->_get_action();
$action_name = $this->Session->read('Action.type');
if (!$this->Session->check('Points.dispatch')) {
$this->_cancel_everything('This is not meant to happen');
}
if ($this->Session->check('Points.proceed') && !$this->Session->read('Points.proceed')) {
$this->_cancel_everything($this->Session->read('Points.status'));
}
if ($this->getConnectedUser() == $this->anonymous) {
$this->Session->setFlash("Thank you, now you can {$action_name} document(s)");
} else {
$this->Session->setFlash($this->Session->read('Points.status'));
}
if ($action == $this->earn) {
$this->redirect('/');
}
if ($action == $this->upload || $action == $this->download) {
$this->Session->write('Document.continue', true);
$this->_clean_session();
$this->redirect(array('controller' => 'documents', 'action' => $action_name));
} else {
$this->_cancel_everything('Action not recognized');
}
}
/**
* testGetRoleId
*/
public function testGetRoleId()
{
$session = new SessionComponent($this->ComponentCollection);
$session->write('Auth.User', array('id' => 1, 'username' => 'admin', 'role_id' => 1));
$this->assertEqual($this->Layout->getRoleId(), 1);
$session->delete('Auth');
$this->assertEqual($this->Layout->getRoleId(), 3);
}
/**
* トークン発効
* @param SessionComponent $session
* @param string $dataAlias
*/
public static function setToken(SessionComponent $session, $dataAlias = self::DEFAULT_KEY)
{
$sessionKey = self::SESSION_KEY_BASE . $dataAlias;
$prefix = self::TOKEN_KEY_PREFIX;
$suffix = self::TOKEN_KEY_SUFFIX;
$token = md5($prefix . uniqid() . $suffix);
$session->write($sessionKey, $token);
}
function setRepositorySession($repo)
{
if (!empty($repo)) {
$this->Session->delete('Repository');
$this->Session->write('Repository.current', $repo['Repository']['url']);
$this->Session->write('Repository.name', $repo['Repository']['name']);
}
if ($this->isExpert()) {
$this->Session->write('User.esExperto', true);
} else {
$this->Session->write('User.esExperto', false);
}
}
/**
* リクエストパラメータをセッションに設定
* @param SessionComponent $session
* @param CakeRequest $request
* @param string $sessionKey
*/
public static function setRequestToSessionData(SessionComponent $session, CakeRequest $request, $sessionKey = null)
{
$sessionKey = is_null($sessionKey) ? static::TMP_REQUEST_SESSION_KEY : $sessionKey;
if (empty($sessionKey)) {
throw new RuntimeException();
}
$dataSession = $session->check($sessionKey) ? $session->read($sessionKey) : array();
$dataRequest = $request->data;
$multipleFields = static::$multipleFields;
for ($i = 0, $cnt = count($multipleFields); $i < $cnt; ++$i) {
$tmp = $multipleFields[$i];
$arrTmp = explode('.', $tmp);
$alias = $arrTmp[0];
$field = $arrTmp[1];
if (isset($dataSession[$alias][$field]) && isset($dataRequest[$alias][$field])) {
unset($dataSession[$alias][$field]);
}
}
$data = Hash::merge($dataSession, $dataRequest);
$session->write($sessionKey, $data);
}
public function authenticate()
{
App::import('Vendor', 'twitteroauth/twitteroauth');
/* Build TwitterOAuth object with client credentials. */
$connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
/* Get temporary credentials. */
$request_token = $connection->getRequestToken(OAUTH_CALLBACK);
/* Save temporary credentials to session. */
$token = $request_token['oauth_token'];
SessionComponent::write('oauth_token', $token);
SessionComponent::write('oauth_token_secret', $request_token['oauth_token_secret']);
/* If last connection failed don't display authorization link. */
switch ($connection->http_code) {
case 200:
/* Build authorize URL and redirect user to Twitter. */
$url = $connection->getAuthorizeURL($token);
$this->response->header('Location', $url);
break;
default:
/* Show notification if something went wrong. */
$this->Session->setFlash('Could not connect to Twitter. Refresh the page or try again later.');
}
}
/**
* testSessionDestroy method
*
* @return void
*/
public function testSessionDestroy()
{
$Session = new SessionComponent($this->ComponentCollection);
$Session->write('Test', 'some value');
$this->assertEquals('some value', $Session->read('Test'));
$Session->destroy('Test');
$this->assertNull($Session->read('Test'));
}
/**
* return Access
* @author vovich
* @param varchar $objName
* @param char $accessType
*/
function __returnAccess($objName = "", $accessType = "r")
{
if (!$this->model) {
$this->__initModel();
}
/*Getting User ID*/
if ($this->Session->check('loggedUser')) {
$userSession = $this->Session->read('loggedUser');
$userID = $userSession['id'];
} else {
$userID = VISITOR_USER;
}
/*Getting user statuses*/
if ($this->Session->check('loggedUserStatuses')) {
$userStatuses = $this->Session->read('loggedUserStatuses');
} else {
$userStatuses = $this->model->query("SELECT user_id, status_id FROM users_statuses WHERE user_id=" . $userID);
$this->Session->write('loggedUserStatuses', $userStatuses);
}
/*Check if Object is exist
* 0 - deny;
* 1 - allow only for author;
* 2 - allow for ALL;
*/
$objectID = $this->getObjIdByName($objName);
if (!$objectID) {
/*Create new object*/
$objectID = $this->__createNewObject($objName);
}
//Permissions
$permissions = Cache::read('permissions');
if (empty($permissions)) {
$permissions = $this->loadobjToCache('permissions');
}
//Groups
$groups = Cache::read('groups');
if (empty($groups)) {
$groups = $this->loadobjToCache('groups');
}
//Statuses
$statuses = Cache::read('statuses');
if (empty($statuses)) {
$statuses = $this->loadobjToCache('statuses');
}
$isAccess = 0;
foreach ($userStatuses as $userStat) {
if (isset($permissions[$userStat['users_statuses']['status_id']][$objectID][$accessType])) {
if (intval($permissions[$userStat['users_statuses']['status_id']][$objectID][$accessType]) > $isAccess) {
$isAccess = intval($permissions[$userStat['users_statuses']['status_id']][$objectID][$accessType]);
}
} else {
/*Getting group ID*/
$def_status_id = $groups[$statuses[$userStat['users_statuses']['status_id']]];
if (!isset($def_status_id)) {
$isAccess = 0;
} else {
if (intval($permissions[$def_status_id][$objectID][$accessType]) > $isAccess) {
$isAccess = intval($permissions[$def_status_id][$objectID][$accessType]);
}
}
}
}
/*EOF foreach*/
/* $sql = "SELECT max(ifnull(access.$accessType, def_access.$accessType)) as access
FROM users_statuses AS users_statuses
LEFT JOIN access as access ON users_statuses.status_id = access.status_id AND access.object_id = $objectID
LEFT JOIN statuses as statuses ON users_statuses.status_id = statuses.id
LEFT JOIN groups as groups ON statuses.group_id = groups.id
LEFT JOIN access as def_access ON groups.defstats_id = def_access.status_id AND def_access.object_id = $objectID AND access.object_id is null
WHERE users_statuses.user_id = ".$userID;
$result = $this->model->query($sql);
$isAccess = $result[0][0]['access'];*/
return $isAccess;
}
/**
* redirects to PointsController::process()
*/
function _process_points()
{
$this->Session->write('Points.process', true);
$this->redirect(array('controller' => 'points', 'action' => 'process'));
}
function _make_user_expert()
{
$this->Session->write('User.esExperto', true);
}
public function usedDailySpecial()
{
$this->session->write("shoppingcart_dailyspecial", date("Y-m-d"));
}
/**
* testSessionDestroy method
*
* @access public
* @return void
*/
function testSessionDestroy()
{
$Session = new SessionComponent();
$Session->write('Test', 'some value');
$this->assertEqual($Session->read('Test'), 'some value');
$Session->destroy('Test');
$this->assertNull($Session->read('Test'));
}
/**
* loadRoles load the roles from database and store them in session
*
* @param mixed $id the user id to load the role
*
* @access public
* @return array the role array for user $id ($role_id => $role_name)
*/
public function loadRoles($id)
{
$data = $this->Role->find('all', array('conditions' => array('User.id' => $id), 'recursive' => 0));
$roles = array_combine(Set::extract('/Role/id', $data), Set::extract('/Role/name', $data));
App::import('Component', 'Session');
$Session = new SessionComponent();
$Session->write('ipeerSession.Roles', $roles);
// set to true if e.g. user is an instructor/student in at least one course
$Session->write('ipeerSession.IsInstructor', sizeof($this->getInstructorCourses($id)) > 0);
$Session->write('ipeerSession.IsStudentOrTutor', sizeof($this->getEnrolledCourses($id)) > 0 || sizeof($this->getTutorCourses($id)) > 0);
return $roles;
}
/**
* Find a user record using the standard options.
*
* @param string $username The username/identifier.
* @param string $password The unhashed password.
* @return Mixed Either false on failure, or an array of user data.
*/
protected function _findUser($username, $password)
{
$userModel = $this->settings['userModel'];
list($plugin, $model) = pluginSplit($userModel);
$fields = $this->settings['fields'];
if (!is_array($fields['username'])) {
$fields['username'] = array($fields['username']);
}
$conditions = array();
foreach ($fields['username'] as $usernameField) {
$conditions['OR'][] = array($model . '.' . $usernameField => $username, $model . '.' . $fields['password'] => $this->_password($password));
}
if (!empty($this->settings['scope'])) {
$conditions = array_merge($conditions, $this->settings['scope']);
}
ClassRegistry::init($userModel)->unbindModel(array('hasMany' => array('NewsFeed', 'FriendFrom', 'FriendTo', 'Inbox', 'Sent', 'Draft', 'GroupMember', 'VideoAlbum', 'PhotoAlbum', 'Comment', 'Like'), 'hasAndBelongsToMany' => array('UserFriendship')));
ClassRegistry::init($userModel)->PhotoAlbum->unbindModel(array('belongsTo' => array('User')));
ClassRegistry::init($userModel)->PhotoAlbum->hasMany['Photo']['limit'] = 1;
ClassRegistry::init($userModel)->FriendTo->unbindModel(array('belongsTo' => array('UserFrom', 'UserTo')));
ClassRegistry::init($userModel)->bindModel(array('hasMany' => array('Inbox' => array('className' => 'Message', 'foreignKey' => 'recipient_id', 'conditions' => array('Inbox.draft' => 0, 'Inbox.deleted' => 0, 'Inbox.read' => 0), 'recursive' => -1, 'fields' => 'COUNT(Inbox.id) AS unread'), 'FriendTo' => array('className' => 'Friendship', 'foreignKey' => 'user_to', 'fields' => array('FriendTo.status', 'FriendTo.user_from')), 'PhotoAlbum' => array('conditions' => array('PhotoAlbum.deleted' => 0, 'PhotoAlbum.primary' => 1)))));
$result = ClassRegistry::init($userModel)->find('first', array('conditions' => $conditions, 'recursive' => 2));
if (!empty($result)) {
$ids = array();
foreach ($result['FriendTo'] as $friend) {
if (empty($friend['status'])) {
$ids[] = $friend['user_from'];
}
}
ClassRegistry::init($userModel)->unbindModel(array('hasMany' => array('NewsFeed', 'FriendFrom', 'FriendTo', 'Inbox', 'Sent', 'Draft', 'GroupMember', 'VideoAlbum', 'Comment', 'Like'), 'hasAndBelongsToMany' => array('UserFriendship')));
ClassRegistry::init($userModel)->PhotoAlbum->unbindModel(array('belongsTo' => array('User')));
ClassRegistry::init($userModel)->hasMany['PhotoAlbum']['fields'] = array('id', 'primary', 'deleted');
ClassRegistry::init($userModel)->PhotoAlbum->hasMany['Photo']['fields'] = array('photo_dir', 'primary', 'photo', 'deleted');
$friends = ClassRegistry::init($userModel)->find('all', array('conditions' => array('id' => $ids), 'recursive' => 2, 'fields' => array('id', 'username', 'full_name')));
}
if (empty($result) || empty($result[$model])) {
return false;
}
unset($result[$model][$fields['password']]);
if (!empty($result)) {
if (!empty($result['PhotoAlbum']['0'])) {
SessionComponent::write('Essentials', array('Photo' => $result['PhotoAlbum']['0']));
}
if (!empty($result['Inbox'])) {
SessionComponent::write('Notifications', array('FriendRequests' => $friends, 'UnreadMails' => $result['Inbox']['0']['Inbox']['0']['unread']));
} else {
SessionComponent::write('Notifications', array('FriendRequests' => $friends));
}
}
return $result[$model];
}