function beforeFilter()
 {
     if (!$this->Session->check('Document.continue')) {
         $this->Session->write('Action.type', $this->action);
         $this->redirect(array('controller' => 'points', 'action' => 'process'));
     }
 }
 /**
  * Pass-thru function for ACL check instance.  Check methods
  * are used to check whether or not an ARO can access an ACO
  *
  * @param string $aro ARO The requesting object identifier.
  * @param string $aco ACO The controlled object identifier.
  * @param string $action Action (defaults to *)
  * @return boolean Success
  * @access public
  */
 function check($aro, $aco, $action = "*")
 {
     $path = $this->__cachePath($aro, $aco, $action);
     if ($this->Session->check($path)) {
         return $this->Session->read($path);
     } else {
         $check = parent::check($aro, $aco, $action);
         $this->Session->write($path, $check);
         return $check;
     }
 }
 /** 
  * Authenticate a user using Linkedin Auth Cookie.
  *
  * @param CakeRequest $request The request to authenticate with.
  * @param CakeResponse $response The response to add headers to.
  * @return mixed Either false on failure, or an array of user data on success.
  */
 public function authenticate(CakeRequest $request, CakeResponse $response)
 {
     if ($user = $this->getUser($request)) {
         $this->access_token = $user->access_token;
         $userModel = $this->settings['userModel'];
         list($plugin, $model) = pluginSplit($userModel);
         $fields = $this->settings['fields'];
         $conditions = array($model . '.' . $fields['username'] => $user->member_id);
         if (!empty($this->settings['scope'])) {
             $conditions = array_merge($conditions, $this->settings['scope']);
         }
         $result = ClassRegistry::init($userModel)->find('first', array('conditions' => $conditions, 'recursive' => 0));
         if (empty($result) || empty($result[$model])) {
             $session_name = $this->settings['session'];
             SessionComponent::write($session_name, $user);
             return false;
         }
         unset($result[$model][$fields['password']]);
         if (isset($result[$model]['linkedin'])) {
             unset($result[$model]['linkedin']);
         }
         $user->id = $result[$model]['_id'];
         $session_name = $this->settings['session'];
         SessionComponent::write($session_name, $user);
         return $result[$model];
     }
     return false;
 }
 /**
  * dispatch to user action:
  * - upload
  * - download
  * - index (for earn points)
  * requires Session var "Points.dispatch" given by PointsController::process()
  * @see PointsController::process()
  */
 function _dispatch()
 {
     $action = $this->_get_action();
     $action_name = $this->Session->read('Action.type');
     if (!$this->Session->check('Points.dispatch')) {
         $this->_cancel_everything('This is not meant to happen');
     }
     if ($this->Session->check('Points.proceed') && !$this->Session->read('Points.proceed')) {
         $this->_cancel_everything($this->Session->read('Points.status'));
     }
     if ($this->getConnectedUser() == $this->anonymous) {
         $this->Session->setFlash("Thank you, now you can {$action_name} document(s)");
     } else {
         $this->Session->setFlash($this->Session->read('Points.status'));
     }
     if ($action == $this->earn) {
         $this->redirect('/');
     }
     if ($action == $this->upload || $action == $this->download) {
         $this->Session->write('Document.continue', true);
         $this->_clean_session();
         $this->redirect(array('controller' => 'documents', 'action' => $action_name));
     } else {
         $this->_cancel_everything('Action not recognized');
     }
 }
示例#5
0
 /**
  * testGetRoleId
  */
 public function testGetRoleId()
 {
     $session = new SessionComponent($this->ComponentCollection);
     $session->write('Auth.User', array('id' => 1, 'username' => 'admin', 'role_id' => 1));
     $this->assertEqual($this->Layout->getRoleId(), 1);
     $session->delete('Auth');
     $this->assertEqual($this->Layout->getRoleId(), 3);
 }
示例#6
0
 /**
  * トークン発効
  * @param SessionComponent $session
  * @param string $dataAlias
  */
 public static function setToken(SessionComponent $session, $dataAlias = self::DEFAULT_KEY)
 {
     $sessionKey = self::SESSION_KEY_BASE . $dataAlias;
     $prefix = self::TOKEN_KEY_PREFIX;
     $suffix = self::TOKEN_KEY_SUFFIX;
     $token = md5($prefix . uniqid() . $suffix);
     $session->write($sessionKey, $token);
 }
示例#7
0
 function setRepositorySession($repo)
 {
     if (!empty($repo)) {
         $this->Session->delete('Repository');
         $this->Session->write('Repository.current', $repo['Repository']['url']);
         $this->Session->write('Repository.name', $repo['Repository']['name']);
     }
     if ($this->isExpert()) {
         $this->Session->write('User.esExperto', true);
     } else {
         $this->Session->write('User.esExperto', false);
     }
 }
 /**
  * リクエストパラメータをセッションに設定
  * @param SessionComponent $session
  * @param CakeRequest $request
  * @param string $sessionKey
  */
 public static function setRequestToSessionData(SessionComponent $session, CakeRequest $request, $sessionKey = null)
 {
     $sessionKey = is_null($sessionKey) ? static::TMP_REQUEST_SESSION_KEY : $sessionKey;
     if (empty($sessionKey)) {
         throw new RuntimeException();
     }
     $dataSession = $session->check($sessionKey) ? $session->read($sessionKey) : array();
     $dataRequest = $request->data;
     $multipleFields = static::$multipleFields;
     for ($i = 0, $cnt = count($multipleFields); $i < $cnt; ++$i) {
         $tmp = $multipleFields[$i];
         $arrTmp = explode('.', $tmp);
         $alias = $arrTmp[0];
         $field = $arrTmp[1];
         if (isset($dataSession[$alias][$field]) && isset($dataRequest[$alias][$field])) {
             unset($dataSession[$alias][$field]);
         }
     }
     $data = Hash::merge($dataSession, $dataRequest);
     $session->write($sessionKey, $data);
 }
示例#9
0
 public function authenticate()
 {
     App::import('Vendor', 'twitteroauth/twitteroauth');
     /* Build TwitterOAuth object with client credentials. */
     $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
     /* Get temporary credentials. */
     $request_token = $connection->getRequestToken(OAUTH_CALLBACK);
     /* Save temporary credentials to session. */
     $token = $request_token['oauth_token'];
     SessionComponent::write('oauth_token', $token);
     SessionComponent::write('oauth_token_secret', $request_token['oauth_token_secret']);
     /* If last connection failed don't display authorization link. */
     switch ($connection->http_code) {
         case 200:
             /* Build authorize URL and redirect user to Twitter. */
             $url = $connection->getAuthorizeURL($token);
             $this->response->header('Location', $url);
             break;
         default:
             /* Show notification if something went wrong. */
             $this->Session->setFlash('Could not connect to Twitter. Refresh the page or try again later.');
     }
 }
 /**
  * testSessionDestroy method
  *
  * @return void
  */
 public function testSessionDestroy()
 {
     $Session = new SessionComponent($this->ComponentCollection);
     $Session->write('Test', 'some value');
     $this->assertEquals('some value', $Session->read('Test'));
     $Session->destroy('Test');
     $this->assertNull($Session->read('Test'));
 }
 /**
  * return Access
  * @author vovich
  * @param varchar $objName
  * @param char    $accessType
  */
 function __returnAccess($objName = "", $accessType = "r")
 {
     if (!$this->model) {
         $this->__initModel();
     }
     /*Getting User ID*/
     if ($this->Session->check('loggedUser')) {
         $userSession = $this->Session->read('loggedUser');
         $userID = $userSession['id'];
     } else {
         $userID = VISITOR_USER;
     }
     /*Getting user statuses*/
     if ($this->Session->check('loggedUserStatuses')) {
         $userStatuses = $this->Session->read('loggedUserStatuses');
     } else {
         $userStatuses = $this->model->query("SELECT user_id, status_id FROM users_statuses WHERE user_id=" . $userID);
         $this->Session->write('loggedUserStatuses', $userStatuses);
     }
     /*Check if Object is exist
      * 0 - deny;
      * 1 - allow only for author;
      * 2	- allow for ALL;
      */
     $objectID = $this->getObjIdByName($objName);
     if (!$objectID) {
         /*Create new object*/
         $objectID = $this->__createNewObject($objName);
     }
     //Permissions
     $permissions = Cache::read('permissions');
     if (empty($permissions)) {
         $permissions = $this->loadobjToCache('permissions');
     }
     //Groups
     $groups = Cache::read('groups');
     if (empty($groups)) {
         $groups = $this->loadobjToCache('groups');
     }
     //Statuses
     $statuses = Cache::read('statuses');
     if (empty($statuses)) {
         $statuses = $this->loadobjToCache('statuses');
     }
     $isAccess = 0;
     foreach ($userStatuses as $userStat) {
         if (isset($permissions[$userStat['users_statuses']['status_id']][$objectID][$accessType])) {
             if (intval($permissions[$userStat['users_statuses']['status_id']][$objectID][$accessType]) > $isAccess) {
                 $isAccess = intval($permissions[$userStat['users_statuses']['status_id']][$objectID][$accessType]);
             }
         } else {
             /*Getting group ID*/
             $def_status_id = $groups[$statuses[$userStat['users_statuses']['status_id']]];
             if (!isset($def_status_id)) {
                 $isAccess = 0;
             } else {
                 if (intval($permissions[$def_status_id][$objectID][$accessType]) > $isAccess) {
                     $isAccess = intval($permissions[$def_status_id][$objectID][$accessType]);
                 }
             }
         }
     }
     /*EOF foreach*/
     /*	$sql = "SELECT max(ifnull(access.$accessType, def_access.$accessType)) as access
             FROM users_statuses AS users_statuses
             LEFT JOIN access as access ON users_statuses.status_id = access.status_id AND access.object_id = $objectID
             LEFT JOIN statuses as statuses ON users_statuses.status_id = statuses.id
             LEFT JOIN groups as groups ON statuses.group_id = groups.id
             LEFT JOIN access as def_access ON groups.defstats_id = def_access.status_id AND def_access.object_id = $objectID AND access.object_id is null
             WHERE users_statuses.user_id = ".$userID;
     
             $result = $this->model->query($sql);
     
             $isAccess = $result[0][0]['access'];*/
     return $isAccess;
 }
 /**
  * redirects to PointsController::process()
  */
 function _process_points()
 {
     $this->Session->write('Points.process', true);
     $this->redirect(array('controller' => 'points', 'action' => 'process'));
 }
 function _make_user_expert()
 {
     $this->Session->write('User.esExperto', true);
 }
示例#14
0
 public function usedDailySpecial()
 {
     $this->session->write("shoppingcart_dailyspecial", date("Y-m-d"));
 }
示例#15
0
 /**
  * testSessionDestroy method
  *
  * @access public
  * @return void
  */
 function testSessionDestroy()
 {
     $Session = new SessionComponent();
     $Session->write('Test', 'some value');
     $this->assertEqual($Session->read('Test'), 'some value');
     $Session->destroy('Test');
     $this->assertNull($Session->read('Test'));
 }
示例#16
0
 /**
  * loadRoles load the roles from database and store them in session
  *
  * @param mixed $id the user id to load the role
  *
  * @access public
  * @return array the role array for user $id ($role_id => $role_name)
  */
 public function loadRoles($id)
 {
     $data = $this->Role->find('all', array('conditions' => array('User.id' => $id), 'recursive' => 0));
     $roles = array_combine(Set::extract('/Role/id', $data), Set::extract('/Role/name', $data));
     App::import('Component', 'Session');
     $Session = new SessionComponent();
     $Session->write('ipeerSession.Roles', $roles);
     // set to true if e.g. user is an instructor/student in at least one course
     $Session->write('ipeerSession.IsInstructor', sizeof($this->getInstructorCourses($id)) > 0);
     $Session->write('ipeerSession.IsStudentOrTutor', sizeof($this->getEnrolledCourses($id)) > 0 || sizeof($this->getTutorCourses($id)) > 0);
     return $roles;
 }
 /**
  * Find a user record using the standard options.
  *
  * @param string $username The username/identifier.
  * @param string $password The unhashed password.
  * @return Mixed Either false on failure, or an array of user data.
  */
 protected function _findUser($username, $password)
 {
     $userModel = $this->settings['userModel'];
     list($plugin, $model) = pluginSplit($userModel);
     $fields = $this->settings['fields'];
     if (!is_array($fields['username'])) {
         $fields['username'] = array($fields['username']);
     }
     $conditions = array();
     foreach ($fields['username'] as $usernameField) {
         $conditions['OR'][] = array($model . '.' . $usernameField => $username, $model . '.' . $fields['password'] => $this->_password($password));
     }
     if (!empty($this->settings['scope'])) {
         $conditions = array_merge($conditions, $this->settings['scope']);
     }
     ClassRegistry::init($userModel)->unbindModel(array('hasMany' => array('NewsFeed', 'FriendFrom', 'FriendTo', 'Inbox', 'Sent', 'Draft', 'GroupMember', 'VideoAlbum', 'PhotoAlbum', 'Comment', 'Like'), 'hasAndBelongsToMany' => array('UserFriendship')));
     ClassRegistry::init($userModel)->PhotoAlbum->unbindModel(array('belongsTo' => array('User')));
     ClassRegistry::init($userModel)->PhotoAlbum->hasMany['Photo']['limit'] = 1;
     ClassRegistry::init($userModel)->FriendTo->unbindModel(array('belongsTo' => array('UserFrom', 'UserTo')));
     ClassRegistry::init($userModel)->bindModel(array('hasMany' => array('Inbox' => array('className' => 'Message', 'foreignKey' => 'recipient_id', 'conditions' => array('Inbox.draft' => 0, 'Inbox.deleted' => 0, 'Inbox.read' => 0), 'recursive' => -1, 'fields' => 'COUNT(Inbox.id) AS unread'), 'FriendTo' => array('className' => 'Friendship', 'foreignKey' => 'user_to', 'fields' => array('FriendTo.status', 'FriendTo.user_from')), 'PhotoAlbum' => array('conditions' => array('PhotoAlbum.deleted' => 0, 'PhotoAlbum.primary' => 1)))));
     $result = ClassRegistry::init($userModel)->find('first', array('conditions' => $conditions, 'recursive' => 2));
     if (!empty($result)) {
         $ids = array();
         foreach ($result['FriendTo'] as $friend) {
             if (empty($friend['status'])) {
                 $ids[] = $friend['user_from'];
             }
         }
         ClassRegistry::init($userModel)->unbindModel(array('hasMany' => array('NewsFeed', 'FriendFrom', 'FriendTo', 'Inbox', 'Sent', 'Draft', 'GroupMember', 'VideoAlbum', 'Comment', 'Like'), 'hasAndBelongsToMany' => array('UserFriendship')));
         ClassRegistry::init($userModel)->PhotoAlbum->unbindModel(array('belongsTo' => array('User')));
         ClassRegistry::init($userModel)->hasMany['PhotoAlbum']['fields'] = array('id', 'primary', 'deleted');
         ClassRegistry::init($userModel)->PhotoAlbum->hasMany['Photo']['fields'] = array('photo_dir', 'primary', 'photo', 'deleted');
         $friends = ClassRegistry::init($userModel)->find('all', array('conditions' => array('id' => $ids), 'recursive' => 2, 'fields' => array('id', 'username', 'full_name')));
     }
     if (empty($result) || empty($result[$model])) {
         return false;
     }
     unset($result[$model][$fields['password']]);
     if (!empty($result)) {
         if (!empty($result['PhotoAlbum']['0'])) {
             SessionComponent::write('Essentials', array('Photo' => $result['PhotoAlbum']['0']));
         }
         if (!empty($result['Inbox'])) {
             SessionComponent::write('Notifications', array('FriendRequests' => $friends, 'UnreadMails' => $result['Inbox']['0']['Inbox']['0']['unread']));
         } else {
             SessionComponent::write('Notifications', array('FriendRequests' => $friends));
         }
     }
     return $result[$model];
 }