Forked from nathanhornby/Abffilter Role Manager replacement
Created
July 26, 2014 19:31
-
-
Save michael-e/d3aff27a70a37814894c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /*------------------------------------------------------------------------- | |
| Role Manager: (replace in members/extension.driver.php when using Abffilter) | |
| -------------------------------------------------------------------------*/ | |
| public function checkFrontendPagePermissions($context) { | |
| $isLoggedIn = false; | |
| $errors = array(); | |
| // Checks $_REQUEST to see if a Member Action has been requested, | |
| // member-action['login'] and member-action['logout']/?member-action=logout | |
| // are the only two supported at this stage. | |
| if(is_array($_REQUEST['member-action'])){ | |
| list($action) = array_keys($_REQUEST['member-action']); | |
| } else { | |
| $action = $_REQUEST['member-action']; | |
| } | |
| // Check to see a Member is already logged in. | |
| $isLoggedIn = $this->getMemberDriver()->isLoggedIn($errors); | |
| // Logout | |
| if(trim($action) == 'logout') { | |
| /** | |
| * Fired just before a member is logged out (and page redirection), | |
| * this delegate provides the current Member ID | |
| * | |
| * @delegate MembersPreLogout | |
| * @param string $context | |
| * '/frontend/' | |
| * @param integer $member_id | |
| * The Member ID of the member who is about to logged out | |
| */ | |
| Symphony::ExtensionManager()->notifyMembers('MembersPreLogout', '/frontend/', array( | |
| 'member_id' => $this->getMemberDriver()->getMemberID() | |
| )); | |
| $this->getMemberDriver()->logout(); | |
| // If a redirect is provided, redirect to that, otherwise return the user | |
| // to the index of the site. Issue #51 & #121 | |
| if(isset($_REQUEST['redirect'])) redirect($_REQUEST['redirect']); | |
| redirect(URL); | |
| } | |
| // Login | |
| else if(trim($action) == 'login' && !is_null($_POST['fields'])) { | |
| // If a Member is already logged in and another Login attempt is requested | |
| // log the Member out first before trying to login with new details. | |
| if($isLoggedIn) { | |
| $this->getMemberDriver()->logout(); | |
| } | |
| if($this->getMemberDriver()->login($_POST['fields'])) { | |
| /** | |
| * Fired just after a Member has successfully logged in, this delegate | |
| * provides the current Member ID. This delegate is fired just before | |
| * the page redirection (if it is provided) | |
| * | |
| * @delegate MembersPostLogin | |
| * @param string $context | |
| * '/frontend/' | |
| * @param integer $member_id | |
| * The Member ID of the member who just logged in. | |
| * @param Entry $member | |
| * The Entry object of the logged in Member. | |
| */ | |
| Symphony::ExtensionManager()->notifyMembers('MembersPostLogin', '/frontend/', array( | |
| 'member_id' => $this->getMemberDriver()->getMemberID(), | |
| 'member' => $this->getMemberDriver()->getMember() | |
| )); | |
| Symphony::ExtensionManager()->notifyMembers('MembersLoginSuccess', '/frontend/', array( | |
| 'member_id' => $this->getMemberDriver()->getMemberID(), | |
| 'member' => $this->getMemberDriver()->getMember() | |
| )); | |
| if(isset($_POST['redirect'])) redirect($_POST['redirect']); | |
| } | |
| else { | |
| self::$_failed_login_attempt = true; | |
| Symphony::ExtensionManager()->notifyMembers('MembersLoginFailure', '/frontend/', array( | |
| 'member_id' => $this->getMemberDriver()->getMemberID(), | |
| 'member' => $this->getMemberDriver()->getMember() | |
| )); | |
| } | |
| } | |
| $this->Member->initialiseMemberObject(); | |
| if($isLoggedIn && $this->getMemberDriver()->getMember() instanceOf Entry) { | |
| $this->updateSystemTimezoneOffset($this->getMemberDriver()->getMemberID()); | |
| if(!is_null(extension_Members::getFieldHandle('role'))) { | |
| $role_data = $this->getMemberDriver()->getMember()->getData(extension_Members::getField('role')->get('id')); | |
| } | |
| } | |
| // If there is no role field, or a Developer is logged in, return, as Developers | |
| // should be able to access every page. | |
| if( | |
| is_null(extension_Members::getFieldHandle('role')) | |
| || (Frontend::instance()->Author instanceof Author && Frontend::instance()->Author->isDeveloper()) | |
| ) return; | |
| $role_id = ($isLoggedIn) ? $role_data['role_id'] : Role::PUBLIC_ROLE; | |
| $role = RoleManager::fetch($role_id); | |
| if($role instanceof Role && !$role->canAccessPage((int)$context['page_data']['id'])) { | |
| // User has no access to this page, so look for a custom 403 page | |
| if($row = PageManager::fetchPageByType('403')) { | |
| $row['type'] = PageManager::fetchPageTypes($row['id']); | |
| $row['filelocation'] = PageManager::resolvePageFileLocation($row['path'], $row['handle']); | |
| $context['page_data'] = $row; | |
| return; | |
| } | |
| else { | |
| // No custom 403, just throw default 403 | |
| GenericExceptionHandler::$enabled = true; | |
| throw new SymphonyErrorPage( | |
| __('The page you have requested has restricted access permissions.'), | |
| __('Forbidden'), | |
| 'error', | |
| array('header' => 'HTTP/1.0 403 Forbidden') | |
| ); | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment