Skip to content

Commit

Permalink
authentication refactoring
Browse files Browse the repository at this point in the history
  • Loading branch information
@hugo187
hugo187 committed Jul 2, 2014
1 parent 2912642 commit 17042cd
Show file tree
Hide file tree
Showing 29 changed files with 413 additions and 414 deletions.
41 changes: 20 additions & 21 deletions controllers/bo/backoffice.php
View file
Expand Up @@ -32,29 +32,28 @@ public function mainAction() {
$this->tpl->assign("ACTIVE_{$active}", 'active');

/**
* simple ACL
* ACL - show everything to all until client_acl is ready (TODO)
*/

$username = $_SESSION['authentication']['username'];

if ($GLOBALS['Auth']->isAdmin($username) || $GLOBALS['Auth']->isEditor($username)) $this->tpl->parse('content.fe_edit');

if ($GLOBALS['Auth']->isAdmin($username) || $GLOBALS['Auth']->isEditor($username)) $this->tpl->parse('content.pages');
if ($GLOBALS['Auth']->isAdmin($username) || $GLOBALS['Auth']->isEditor($username)) $this->tpl->parse('content.news');
if ($GLOBALS['Auth']->isAdmin($username) || $GLOBALS['Auth']->isEditor($username)) $this->tpl->parse('content.media');
if ($GLOBALS['Auth']->isAdmin($username) && $GLOBALS['Auth']->isEcommerce()) $this->tpl->parse('content.products');
if ($GLOBALS['Auth']->isAdmin($username) || $GLOBALS['Auth']->isWarehouse($username)) {
if ($GLOBALS['Auth']->isEcommerce()) $this->tpl->parse('content.orders');

if (Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {

$this->tpl->parse('content.fe_edit');
$this->tpl->parse('content.pages');
$this->tpl->parse('content.news');
$this->tpl->parse('content.media');
$this->tpl->parse('content.products');
$this->tpl->parse('content.orders');
$this->tpl->parse('content.stock');
$this->tpl->parse('content.customers');
$this->tpl->parse('content.stats');
$this->tpl->parse('content.marketing');
$this->tpl->parse('content.comments');
$this->tpl->parse('content.surveys');
$this->tpl->parse('content.advanced');
$this->tpl->parse('content.recipes');
$this->tpl->parse('content.stores');

}
if ($GLOBALS['Auth']->isWarehouse($username)) $this->tpl->parse('content.stock');
if ($GLOBALS['Auth']->isAdmin($username)) $this->tpl->parse('content.customers');
if ($GLOBALS['Auth']->isAdmin($username) && $GLOBALS['Auth']->isEcommerce()) $this->tpl->parse('content.stats');
if ($GLOBALS['Auth']->isAdmin($username) && $GLOBALS['Auth']->isEcommerce()) $this->tpl->parse('content.marketing');
if ($GLOBALS['Auth']->isAdmin($username)) $this->tpl->parse('content.comments');
if ($GLOBALS['Auth']->isAdmin($username)) $this->tpl->parse('content.surveys');
if ($GLOBALS['Auth']->isAdmin($username)) $this->tpl->parse('content.advanced');
if ($GLOBALS['Auth']->isAdmin($username) && $GLOBALS['Auth']->isEcommerce()) $this->tpl->parse('content.recipes');
if ($GLOBALS['Auth']->isAdmin($username) && $GLOBALS['Auth']->isEcommerce()) $this->tpl->parse('content.stores');

return true;
}
Expand Down
4 changes: 2 additions & 2 deletions controllers/bo/backoffice_wrapper.php
View file
Expand Up @@ -19,9 +19,9 @@ public function mainAction() {
require_once('lib/onxshop.authentication.php');
$Auth = new Onxshop_Authentication();
if ($_SESSION['authentication']['authenticity'] < 1 && $_GET['login'] != 1) {
if (!Onxshop_Bo_Authentication::getInstance()->isAuthenticated() && $_GET['login'] != 1) {
onxshopGoTo("/?login=1");
} else if ($_SESSION['authentication']['authenticity'] < 1) {
} else if (!Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
$Auth->login();
}
*/
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/client/customer_detail.php
View file
Expand Up @@ -17,7 +17,7 @@ public function mainAction() {
* check input
*/

if ($_SESSION['client']['customer']['id'] == 0 && $_SESSION['authentication']['authenticity'] < 1) {
if ($_SESSION['client']['customer']['id'] == 0 && !Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
msg('controllers/client/customer_detail: You must logged in.', 'error');
onxshopGoTo("/");
} else {
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/client/customer_edit.php
View file
Expand Up @@ -17,7 +17,7 @@ public function mainAction() {
* check input
*/

if ($_SESSION['client']['customer']['id'] == 0 && $_SESSION['authentication']['authenticity'] < 1) {
if ($_SESSION['client']['customer']['id'] == 0 && !Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
msg('controllers/client/customer_detail: You must logged in.', 'error');
onxshopGoTo("/");
} else {
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/client/edit.php
View file
Expand Up @@ -13,7 +13,7 @@ class Onxshop_Controller_Component_Client_Edit extends Onxshop_Controller {

public function mainAction() {

if ($_SESSION['client']['customer']['id'] == 0 && $_SESSION['authentication']['authenticity'] < 1) {
if ($_SESSION['client']['customer']['id'] == 0 && !Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
msg('client_edit: You must be logged in first.', 'error');
onxshopGoTo("/");
}
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/client/login.php
View file
Expand Up @@ -55,7 +55,7 @@ public function mainAction() {
}

/* log in as client from backoffice */
if ($_SESSION['authentication']['authenticity'] > 0 && $this->GET['client']['email']) {
if (Onxshop_Bo_Authentication::getInstance()->isAuthenticated() && $this->GET['client']['email']) {

$customer_detail = $Customer->getClientByEmail($this->GET['client']['email']);

Expand Down
2 changes: 1 addition & 1 deletion controllers/component/ecommerce/delivery_detail.php
View file
Expand Up @@ -37,7 +37,7 @@ public function mainAction() {
if (is_numeric($order_id)) $order_data = $Order->getOrder($order_id);

//security check of owner
if ($order_data['basket']['customer_id'] !== $_SESSION['client']['customer']['id'] && $_SESSION['authentication']['authenticity'] == 0) {
if ($order_data['basket']['customer_id'] !== $_SESSION['client']['customer']['id'] && !Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
msg('unauthorized access to view transaction detail', 'error');
} else {
$delivery_list = $Delivery->getDeliveryListByOrderId($order_id);
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/ecommerce/gift_card.php
View file
Expand Up @@ -24,7 +24,7 @@ public function mainAction() {
$order_detail = $Order->getOrder($this->GET['order_id']);

//check owner
if ($order_data['basket']['customer_id'] !== $_SESSION['client']['customer']['id'] && $_SESSION['authentication']['authenticity'] == 0) {
if ($order_data['basket']['customer_id'] !== $_SESSION['client']['customer']['id'] && !Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
msg('gift_card:unauthorized access to view order detail');
return false;
} else {
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/ecommerce/invoice.php
View file
Expand Up @@ -56,7 +56,7 @@ public function mainAction() {

//security check of the owner
$is_owner = $order_data['basket']['customer_id'] == $_SESSION['client']['customer']['id'];
$is_bo_user = $_SESSION['authentication']['authenticity'] > 0;
$is_bo_user = Onxshop_Bo_Authentication::getInstance()->isAuthenticated();
$is_guest_user = $order_data['client']['customer']['status'] == 5;
$is_same_session = $order_data['php_session_id'] == session_id() || $order_data['php_session_id'] == $this->GET['php_session_id'];
$has_code = !empty($this->GET['code']) && verifyHash($order_data['id'], $this->GET['code']);
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/ecommerce/invoice_detail.php
View file
Expand Up @@ -34,7 +34,7 @@ public function mainAction() {
if (is_numeric($order_id)) $order_data = $Order->getOrder($order_id);

//security check of owner
if ($order_data['basket']['customer_id'] !== $_SESSION['client']['customer']['id'] && $_SESSION['authentication']['authenticity'] == 0) {
if ($order_data['basket']['customer_id'] !== $_SESSION['client']['customer']['id'] && !Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
msg('unauthorized access to view invoice detail', 'error');
} else {

Expand Down
2 changes: 1 addition & 1 deletion controllers/component/ecommerce/order_detail.php
View file
Expand Up @@ -47,7 +47,7 @@ public function mainAction() {

//security check of the owner
$is_owner = $order_data['basket']['customer_id'] == $_SESSION['client']['customer']['id'];
$is_bo_user = $_SESSION['authentication']['authenticity'] > 0;
$is_bo_user = Onxshop_Bo_Authentication::getInstance()->isAuthenticated();
$is_guest_user = $order_data['client']['customer']['status'] == 5;
$is_same_session = $order_data['php_session_id'] == session_id() || $order_data['php_session_id'] == $this->GET['php_session_id'];
$has_code = !empty($this->GET['code']) && verifyHash($order_data['id'], $this->GET['code']);
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/ecommerce/order_list.php
View file
Expand Up @@ -15,7 +15,7 @@ public function mainAction() {

if ($_SESSION['client']['customer']['id'] > 0) {
$customer_id = $_SESSION['client']['customer']['id'];
} else if ($_SESSION['authentication']['authenticity'] > 0) {
} else if (Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
$customer_id = $this->GET['customer_id'];
} else {
msg('orders: You must be logged in first.', 'error');
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/ecommerce/payment.php
View file
Expand Up @@ -115,7 +115,7 @@ public function mainPaymentAction() {
*/

$is_owner = $order_data['basket']['customer_id'] == $_SESSION['client']['customer']['id'];
$is_bo_user = $_SESSION['authentication']['authenticity'] > 0;
$is_bo_user = Onxshop_Bo_Authentication::getInstance()->isAuthenticated();
$is_guest_user = $order_data['client']['customer']['status'] == 5;
$is_same_session = $order_data['php_session_id'] == session_id() || $order_data['php_session_id'] == $this->GET['php_session_id'];
$has_code = !empty($this->GET['code']) && verifyHash($order_data['id'], $this->GET['code']);
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/ecommerce/referral.php
View file
Expand Up @@ -149,7 +149,7 @@ protected function getActiveCustomerId() {

if ($_SESSION['client']['customer']['id'] > 0) {
$customer_id = $_SESSION['client']['customer']['id'];
} else if ($_SESSION['authentication']['authenticity'] > 0) {
} else if (Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
$customer_id = $this->GET['customer_id'];
} else {
$customer_id = false;
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/ecommerce/return.php
View file
Expand Up @@ -214,7 +214,7 @@ public function getActiveCustomerId() {

if ($_SESSION['client']['customer']['id'] > 0) {
$customer_id = $_SESSION['client']['customer']['id'];
} else if ($_SESSION['authentication']['authenticity'] > 0) {
} else if (Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
$customer_id = $this->GET['customer_id'];
} else {
$customer_id = false;
Expand Down
2 changes: 1 addition & 1 deletion controllers/component/ecommerce/transaction_detail.php
View file
Expand Up @@ -37,7 +37,7 @@ public function mainAction() {
if (is_numeric($order_id)) $order_data = $Order->getOrder($order_id);

//security check of owner
if ($order_data['basket']['customer_id'] !== $_SESSION['client']['customer']['id'] && $_SESSION['authentication']['authenticity'] == 0) {
if ($order_data['basket']['customer_id'] !== $_SESSION['client']['customer']['id'] && !Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
msg('unauthorized access to view transaction detail', 'error');
} else {
$transaction_list = $Transaction->getListForOrderId($order_id);
Expand Down
8 changes: 4 additions & 4 deletions controllers/node.php
View file
Expand Up @@ -71,7 +71,7 @@ public function processNode() {
* check if page is published, but keep it available in edit mode
*/

if ($node_data['publish'] == 0 && $node_data['node_group'] == 'page' && $_SESSION['authentication']['authenticity'] < 1) {
if ($node_data['publish'] == 0 && $node_data['node_group'] == 'page' && !Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
// display 404 page
$_Onxshop_Request = new Onxshop_Request('node~id=' . $this->Node->conf['id_map-404'].'~');
$node_data['content'] = $_Onxshop_Request->getContent();
Expand Down Expand Up @@ -206,7 +206,7 @@ public function processNode() {

// don't show edit icons when shared parameter is 1 (passed from shared content)
// and not authenticated for the backend
if ($this->GET['shared'] == 0 && $_SESSION['authentication']['authenticity'] > 0) {
if ($this->GET['shared'] == 0 && Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
if ($node_data['node_group'] == 'content' && $_SESSION['fe_edit_mode'] == 'edit') {
if ($node_data['node_controller'] == 'shared') {
$this->tpl->assign("SOURCE", $source);
Expand Down Expand Up @@ -248,7 +248,7 @@ public function checkVisibility($node_data) {

if ($this->Node->checkDisplayPermission($node_data, $force_admin_visibility)) {
//don't display hidden node in preview mode
if ($node_data['publish'] == 0 && $_SESSION['authentication']['authenticity'] > 0 && $_SESSION['fe_edit_mode'] == 'preview' ) $visibility1 = false;
if ($node_data['publish'] == 0 && Onxshop_Bo_Authentication::getInstance()->isAuthenticated() && $_SESSION['fe_edit_mode'] == 'preview' ) $visibility1 = false;
else $visibility1 = true;
}

Expand All @@ -274,7 +274,7 @@ public function checkVisibility($node_data) {
public function _checkPermissionForExtraCSS($node_data) {

//add css class when when logged in and using edit or move mode
if ($_SESSION['authentication']['authenticity'] > 0 && ($_SESSION['fe_edit_mode'] == 'edit' || $_SESSION['fe_edit_mode'] == 'move')) return true;
if (Onxshop_Bo_Authentication::getInstance()->isAuthenticated() && ($_SESSION['fe_edit_mode'] == 'edit' || $_SESSION['fe_edit_mode'] == 'move')) return true;
else return false;

}
Expand Down
2 changes: 1 addition & 1 deletion controllers/node/page/default.php
View file
Expand Up @@ -18,7 +18,7 @@ public function mainAction() {
//force to nonSSL
/*
if ($node_data['require_ssl'] == 0) {
if (array_key_exists('HTTPS', $_SERVER) && $_SESSION['authentication']['authenticity'] < 1) {
if (array_key_exists('HTTPS', $_SERVER) && !Onxshop_Bo_Authentication::getInstance()->isAuthenticated()) {
header("HTTP/1.1 301 Moved Permanently");
header("Location: http://{$_SERVER['SERVER_NAME']}{$_SERVER['REQUEST_URI']}");
exit;
Expand Down
2 changes: 1 addition & 1 deletion controllers/uri_mapping.php
View file
Expand Up @@ -50,7 +50,7 @@ public function mainAction() {
//force login when request is from bo/ folder
if (preg_match('/bo\//', $controller_request)) {

$auth = $GLOBALS['Auth']->login();
$auth = Onxshop_Bo_Authentication::getInstance()->login();
if (!$auth) $controller_request = 'sys/401';
$_SESSION['use_page_cache'] = false;
}
Expand Down
4 changes: 2 additions & 2 deletions docs/UPGRADE-1.6.x-to-1.7.0
View file
@@ -1,7 +1,7 @@
createdb -U {DBUSER} -h localhost -E UTF8 -T {DB-1_6} {DB-1_7}
psql -U {DBUSER} -h localhost {DB-1_6} < onxshop_dir/docs/database/upgrade-1.6.x-to-1.7.0.sql

rename $_SESSION['authentication']['logon'] to $_SESSION['authentication']['authenticity']
change $_SESSION['authentication']['logon'] and $_SESSION['authentication']['authenticity']
to Onxshop_Bo_Authentication::getInstance()->isAuthenticated()

clean up of htaccess

0 comments on commit 17042cd

Please sign in to comment.