BUG: refs #0399. Replaced checks for admin and server side login checks.

Michael Grauer · Michael Grauer · commit ef21ef9e106a · 2011-12-19T17:39:42.000-05:00
Used the requireAdminPrivileges method as a replacement, and checked that
the pattern
if(!logged){ $this-&gt;haveToBeLogged(); return false; }
is used consistently as a check if the user is logged in.
diff --git a/core/controllers/AdminController.php b/core/controllers/AdminController.php
@@ -60,12 +60,9 @@ function taskAction()
     if(!$this->logged)
       {
       $this->haveToBeLogged();
-      return;
-      }
-    if(!$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
+      return false;
       }
+    $this->requireAdminPrivileges();
 
     $task = $this->_getParam("task");
     $params = $this->_getParam("params");
@@ -87,12 +84,9 @@ function indexAction()
     if(!$this->logged)
       {
       $this->haveToBeLogged();
-      return;
-      }
-    if(!$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
+      return false;
       }
+    $this->requireAdminPrivileges();
     $this->view->header = "Administration";
     $configForm = $this->Form->Admin->createConfigForm();
 
@@ -306,10 +300,7 @@ function indexAction()
   /** Used to display and filter the list of log messages */
   function showlogAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
     $this->requireAjaxRequest();
     $this->_helper->layout->disableLayout();
 
@@ -387,10 +378,7 @@ function showlogAction()
   /** Used to delete a list of log entries */
   function deletelogAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception('You should be an administrator');
-      }
+    $this->requireAdminPrivileges();
     $this->requireAjaxRequest();
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
@@ -416,10 +404,7 @@ function deletelogAction()
   /** function dashboard*/
   function dashboardAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
     $this->requireAjaxRequest();
 
     $this->_helper->layout->disableLayout();
@@ -433,10 +418,7 @@ function dashboardAction()
   /** upgrade database*/
   function upgradeAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
     $this->requireAjaxRequest();
     $this->_helper->layout->disableLayout();
 
@@ -500,12 +482,10 @@ function serversidefilechooserAction()
     {
     if(!$this->logged)
       {
-      throw new Zend_Exception("You should be logged in");
-      }
-    if(!$this->userSession->Dao->isAdmin())
-      {
-      throw new Zend_Exception("Administrative privileges required");
+      $this->haveToBeLogged();
+      return false;
       }
+    $this->requireAdminPrivileges();
 
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
@@ -571,12 +551,9 @@ function migratemidas2Action()
     if(!$this->logged)
       {
       $this->haveToBeLogged();
-      return;
-      }
-    if(!$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
+      return false;
       }
+    $this->requireAdminPrivileges();
 
     $this->assetstores = $this->Assetstore->getAll();
     $this->view->migrateForm = $this->Form->Migrate->createMigrateForm($this->assetstores);
diff --git a/core/controllers/AssetstoreController.php b/core/controllers/AssetstoreController.php
@@ -52,10 +52,7 @@ function indexAction()
   /** change default assetstore*/
   function defaultassetstoreAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
     $this->requireAjaxRequest();
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
@@ -80,10 +77,7 @@ function defaultassetstoreAction()
   /** delete an assetstore assetstore*/
   function deleteAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
     $this->requireAjaxRequest();
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
@@ -105,10 +99,7 @@ function deleteAction()
   /** edit an assetstore assetstore*/
   function editAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
     $this->requireAjaxRequest();
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
@@ -136,6 +127,8 @@ function editAction()
    */
   function addAction()
     {
+    $this->requireAdminPrivileges();
+    $this->requireAjaxRequest();
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
 
diff --git a/core/controllers/BrowseController.php b/core/controllers/BrowseController.php
@@ -141,9 +141,9 @@ public function movecopyAction()
         {
         throw new Zend_Exception("No element selected");
         }
-      if(!$this->view->logged)
+      if(!$this->logged)
         {
-        throw new Zend_Exception("Should be logged");
+        throw new Zend_Exception(MIDAS_LOGIN_REQUIRED);
         }
       $this->view->folders = $folders;
       $this->view->items = $items;
@@ -398,6 +398,7 @@ public function uploadedAction()
    */
   public function deleteAction()
     {
+    $this->requireAjaxRequest();
     if(!$this->logged)
       {
       throw new Zend_Exception('You must be logged in to delete resources.');
diff --git a/core/controllers/DownloadController.php b/core/controllers/DownloadController.php
@@ -19,7 +19,7 @@
 =========================================================================*/
 
 /**
- *  AJAX request for the admin Controller
+ *  Controller for downloading elements.
  */
 class DownloadController extends AppController
 {
diff --git a/core/controllers/FolderController.php b/core/controllers/FolderController.php
@@ -258,7 +258,7 @@ public function removeitemAction()
       }
     elseif(!$this->Item->policyCheck($item, $this->userSession->Dao, MIDAS_POLICY_ADMIN))
       {
-      throw new Zend_Exception('Admin permission on item required');
+      throw new Zend_Exception(MIDAS_ADMIN_PRIVILEGES_REQUIRED);
       }
 
     $this->Folder->removeItem($folder, $item);
diff --git a/core/controllers/ItemController.php b/core/controllers/ItemController.php
@@ -44,7 +44,7 @@ function editmetadataAction()
     $this->disableLayout();
     if(!$this->logged)
       {
-      throw new Zend_Exception("You have to be logged in to do that");
+      throw new Zend_Exception(MIDAS_LOGIN_REQUIRED);
       }
 
     $itemId = $this->_getParam("itemId");
diff --git a/core/controllers/UserController.php b/core/controllers/UserController.php
@@ -357,7 +357,7 @@ public function settingsAction()
     $userId = $this->_getParam('userId');
     if(isset($userId) && $userId != $this->userSession->Dao->getKey() && !$this->userSession->Dao->isAdmin())
       {
-      throw new Zend_Exception('You should be an admin');
+      throw new Zend_Exception(MIDAS_ADMIN_PRIVILEGES_REQUIRED);
       }
     else if(isset($userId))
       {
@@ -656,7 +656,7 @@ public function userpageAction()
 
     if(!isset($user_id) && !$this->logged)
       {
-      $this->view->header = $this->t("You should be logged in.");
+      $this->view->header = $this->t(MIDAS_LOGIN_REQUIRED);
       $this->_helper->viewRenderer->setNoRender();
       return false;
       }
@@ -722,7 +722,7 @@ public function manageAction()
 
     if(!isset($user_id) && !$this->logged)
       {
-      $this->view->header = $this->t("You should be logged in.");
+      $this->view->header = $this->t(MIDAS_LOGIN_REQUIRED);
       $this->_helper->viewRenderer->setNoRender();
       return false;
       }
diff --git a/modules/api/controllers/ConfigController.php b/modules/api/controllers/ConfigController.php
@@ -84,10 +84,7 @@ function usertabAction()
   /** index action*/
   function indexAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
 
     if(file_exists(BASE_PATH."/core/configs/api.local.ini"))
       {
diff --git a/modules/batchmake/controllers/ConfigController.php b/modules/batchmake/controllers/ConfigController.php
@@ -105,11 +105,7 @@ protected function createDefaultConfig($currentConfig)
    */
   public function indexAction()
     {
-
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
 
     // get all the properties, not just the batchmake config
     $fullConfig = $this->ModuleComponent->KWBatchmake->loadConfigProperties(null, false);
diff --git a/modules/cleanup/controllers/ConfigController.php b/modules/cleanup/controllers/ConfigController.php
@@ -9,10 +9,7 @@ class Cleanup_ConfigController extends Cleanup_AppController
   /** index action*/
   function indexAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception('You should be an administrator');
-      }
+    $this->requireAdminPrivileges();
 
     if(file_exists(BASE_PATH.'/core/configs/'.$this->moduleName.'.local.ini'))
       {
diff --git a/modules/communityagreement/controllers/ConfigController.php b/modules/communityagreement/controllers/ConfigController.php
@@ -35,10 +35,7 @@ class Communityagreement_ConfigController extends Communityagreement_AppControll
    */
   function indexAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
     }
 
   /** community agreement tab
diff --git a/modules/helloworld/controllers/ConfigController.php b/modules/helloworld/controllers/ConfigController.php
@@ -23,10 +23,7 @@ class Helloworld_ConfigController extends Helloworld_AppController
   /** index actop, */
   function indexAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
     }
 
 }//end class
diff --git a/modules/ldap/controllers/ConfigController.php b/modules/ldap/controllers/ConfigController.php
@@ -25,11 +25,8 @@ class Ldap_ConfigController extends Ldap_AppController
 
    function indexAction()
     {
-    if(!$this->logged||!$this->userSession->Dao->getAdmin()==1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
-      
+    $this->requireAdminPrivileges();
+    
     if(file_exists(BASE_PATH."/core/configs/ldap.local.ini"))
       {
       $applicationConfig = parse_ini_file(BASE_PATH."/core/configs/ldap.local.ini", true);
diff --git a/modules/metadataextractor/controllers/ConfigController.php b/modules/metadataextractor/controllers/ConfigController.php
@@ -27,10 +27,7 @@ class Metadataextractor_ConfigController extends Metadataextractor_AppController
    /** index action*/
    function indexAction()
     {
-    if(!$this->logged||!$this->userSession->Dao->getAdmin()==1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
       
     if(file_exists(BASE_PATH."/core/configs/".$this->moduleName.".local.ini"))
       {
diff --git a/modules/oai/controllers/ConfigController.php b/modules/oai/controllers/ConfigController.php
@@ -28,10 +28,7 @@ class Oai_ConfigController extends Oai_AppController
   /** index action*/
   function indexAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
 
     if(file_exists(BASE_PATH."/core/configs/".$this->moduleName.".local.ini"))
       {
diff --git a/modules/remoteprocessing/controllers/ConfigController.php b/modules/remoteprocessing/controllers/ConfigController.php
@@ -31,10 +31,7 @@ function downloadAction()
       {
       ob_end_clean();
       }
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
 
     $this->disableLayout();
     $this->disableView();
@@ -64,10 +61,7 @@ function downloadAction()
   /** index action*/
   function indexAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
 
     if(file_exists(BASE_PATH."/core/configs/".$this->moduleName.".local.ini"))
       {
diff --git a/modules/scheduler/controllers/ConfigController.php b/modules/scheduler/controllers/ConfigController.php
@@ -27,11 +27,8 @@ class Scheduler_ConfigController extends Scheduler_AppController
    /** index action*/
    function indexAction()
     {
-    if(!$this->logged||!$this->userSession->Dao->getAdmin()==1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
-
+    $this->requireAdminPrivileges();
+    
     $this->view->jobs = $this->Scheduler_Job->getJobsToRun();
     $this->view->jobsErrors = $this->Scheduler_Job->getLastErrors();
     }
diff --git a/modules/statistics/controllers/ConfigController.php b/modules/statistics/controllers/ConfigController.php
@@ -27,10 +27,7 @@ class Statistics_ConfigController extends Statistics_AppController
   /** index action*/
   function indexAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception('You should be an administrator');
-      }
+    $this->requireAdminPrivileges();
 
     if(file_exists(BASE_PATH.'/core/configs/'.$this->moduleName.'.local.ini'))
       {
diff --git a/modules/statistics/controllers/IndexController.php b/modules/statistics/controllers/IndexController.php
@@ -28,10 +28,7 @@ class Statistics_IndexController extends Statistics_AppController
   /** index action*/
   function indexAction()
     {
-    if(!$this->logged || !$this->userSession->Dao->getAdmin() == 1)
-      {
-      throw new Zend_Exception("You should be an administrator");
-      }
+    $this->requireAdminPrivileges();
 
     $assetstores = $this->Assetstore->getAll();
     $defaultSet = false;
diff --git a/modules/thumbnailcreator/controllers/ConfigController.php b/modules/thumbnailcreator/controllers/ConfigController.php
diff --git a/modules/visualize/controllers/ConfigController.php b/modules/visualize/controllers/ConfigController.php
diff --git a/modules/webdav/controllers/ConfigController.php b/modules/webdav/controllers/ConfigController.php

Original file line number	Diff line number	Diff line change
`@@ -141,9 +141,9 @@ public function movecopyAction()`
`141`	`141`	`{`
`142`	`142`	`throw new Zend_Exception("No element selected");`
`143`	`143`	`}`
`144`		`- if(!$this->view->logged)`
	`144`	`+ if(!$this->logged)`
`145`	`145`	`{`
`146`		`- throw new Zend_Exception("Should be logged");`
	`146`	`+ throw new Zend_Exception(MIDAS_LOGIN_REQUIRED);`
`147`	`147`	`}`
`148`	`148`	`$this->view->folders = $folders;`
`149`	`149`	`$this->view->items = $items;`
`@@ -398,6 +398,7 @@ public function uploadedAction()`
`398`	`398`	`*/`
`399`	`399`	`public function deleteAction()`
`400`	`400`	`{`
	`401`	`+ $this->requireAjaxRequest();`
`401`	`402`	`if(!$this->logged)`
`402`	`403`	`{`
`403`	`404`	`throw new Zend_Exception('You must be logged in to delete resources.');`
Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@`
`19`	`19`	`=========================================================================*/`
`20`	`20`
`21`	`21`	`/**`
`22`		`- * AJAX request for the admin Controller`
	`22`	`+ * Controller for downloading elements.`
`23`	`23`	`*/`
`24`	`24`	`class DownloadController extends AppController`
`25`	`25`	`{`
Original file line number	Diff line number	Diff line change
`@@ -258,7 +258,7 @@ public function removeitemAction()`
`258`	`258`	`}`
`259`	`259`	`elseif(!$this->Item->policyCheck($item, $this->userSession->Dao, MIDAS_POLICY_ADMIN))`
`260`	`260`	`{`
`261`		`- throw new Zend_Exception('Admin permission on item required');`
	`261`	`+ throw new Zend_Exception(MIDAS_ADMIN_PRIVILEGES_REQUIRED);`
`262`	`262`	`}`
`263`	`263`
`264`	`264`	`$this->Folder->removeItem($folder, $item);`
Original file line number	Diff line number	Diff line change
`@@ -44,7 +44,7 @@ function editmetadataAction()`
`44`	`44`	`$this->disableLayout();`
`45`	`45`	`if(!$this->logged)`
`46`	`46`	`{`
`47`		`- throw new Zend_Exception("You have to be logged in to do that");`
	`47`	`+ throw new Zend_Exception(MIDAS_LOGIN_REQUIRED);`
`48`	`48`	`}`
`49`	`49`
`50`	`50`	`$itemId = $this->_getParam("itemId");`
Original file line number	Diff line number	Diff line change
`@@ -357,7 +357,7 @@ public function settingsAction()`
`357`	`357`	`$userId = $this->_getParam('userId');`
`358`	`358`	`if(isset($userId) && $userId != $this->userSession->Dao->getKey() && !$this->userSession->Dao->isAdmin())`
`359`	`359`	`{`
`360`		`- throw new Zend_Exception('You should be an admin');`
	`360`	`+ throw new Zend_Exception(MIDAS_ADMIN_PRIVILEGES_REQUIRED);`
`361`	`361`	`}`
`362`	`362`	`else if(isset($userId))`
`363`	`363`	`{`
`@@ -656,7 +656,7 @@ public function userpageAction()`
`656`	`656`
`657`	`657`	`if(!isset($user_id) && !$this->logged)`
`658`	`658`	`{`
`659`		`- $this->view->header = $this->t("You should be logged in.");`
	`659`	`+ $this->view->header = $this->t(MIDAS_LOGIN_REQUIRED);`
`660`	`660`	`$this->_helper->viewRenderer->setNoRender();`
`661`	`661`	`return false;`
`662`	`662`	`}`
`@@ -722,7 +722,7 @@ public function manageAction()`
`722`	`722`
`723`	`723`	`if(!isset($user_id) && !$this->logged)`
`724`	`724`	`{`
`725`		`- $this->view->header = $this->t("You should be logged in.");`
	`725`	`+ $this->view->header = $this->t(MIDAS_LOGIN_REQUIRED);`
`726`	`726`	`$this->_helper->viewRenderer->setNoRender();`
`727`	`727`	`return false;`
`728`	`728`	`}`
Original file line number	Diff line number	Diff line change
`@@ -84,10 +84,7 @@ function usertabAction()`
`84`	`84`	`/** index action*/`
`85`	`85`	`function indexAction()`
`86`	`86`	`{`
`87`		`- if(!$this->logged \|\| !$this->userSession->Dao->getAdmin() == 1)`
`88`		`- {`
`89`		`- throw new Zend_Exception("You should be an administrator");`
`90`		`- }`
	`87`	`+ $this->requireAdminPrivileges();`
`91`	`88`
`92`	`89`	`if(file_exists(BASE_PATH."/core/configs/api.local.ini"))`
`93`	`90`	`{`
Original file line number	Diff line number	Diff line change
`@@ -9,10 +9,7 @@ class Cleanup_ConfigController extends Cleanup_AppController`
`9`	`9`	`/** index action*/`
`10`	`10`	`function indexAction()`
`11`	`11`	`{`
`12`		`- if(!$this->logged \|\| !$this->userSession->Dao->getAdmin() == 1)`
`13`		`- {`
`14`		`- throw new Zend_Exception('You should be an administrator');`
`15`		`- }`
	`12`	`+ $this->requireAdminPrivileges();`
`16`	`13`
`17`	`14`	`if(file_exists(BASE_PATH.'/core/configs/'.$this->moduleName.'.local.ini'))`
`18`	`15`	`{`