hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-14 13:33:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

PHRAS-262 #fix remove postlog feature for guest access

Browse Source
This commit is contained in:
Nicolas Le Goff
2014-10-08 20:18:49 +02:00
parent c29b971f64
commit 26617ba5cc
4 changed files with 8 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
lib/Alchemy/Phrasea/Controller/Root/Login.php
View File

@@ -102,23 +102,6 @@ class Login implements ControllerProviderInterface
$controllers->get('/', 'login.controller:login') $controllers->get('/', 'login.controller:login')
->before(function (Request $request) use ($app) { ->before(function (Request $request) use ($app) {
if (null !== $response = $app['firewall']->requireNotAuthenticated()) { if (null !== $response = $app['firewall']->requireNotAuthenticated()) {
return $response;
}
if (null !== $request->query->get('postlog')) {
// if isset postlog parameter, set cookie and log out current user
// then post login operation like getting baskets from an invit session
// could be done by Session_handler authentication process
$params = array();
if (null !== $redirect = $request->query->get('redirect')) {
$params = array('redirect' => ltrim($redirect, '/'));
}
$response = $app->redirectPath('logout', $params);
$response->headers->setCookie(new Cookie('postlog', 1));
return $response; return $response;
} }
@@ -745,7 +728,6 @@ class Login implements ControllerProviderInterface
$response->headers->clearCookie('persistent'); $response->headers->clearCookie('persistent');
$response->headers->clearCookie('last_act'); $response->headers->clearCookie('last_act');
$response->headers->clearCookie('postlog');
return $response; return $response;
} }
@@ -850,7 +832,6 @@ class Login implements ControllerProviderInterface
$response = $app->redirectPath('prod'); $response = $app->redirectPath('prod');
} }
$response->headers->clearCookie('postlog');
$response->headers->clearCookie('last_act'); $response->headers->clearCookie('last_act');
return $response; return $response;
@@ -1062,21 +1043,6 @@ class Login implements ControllerProviderInterface
$response = $this->generateAuthResponse($app, $app['browser'], $request->request->get('redirect')); $response = $this->generateAuthResponse($app, $app['browser'], $request->request->get('redirect'));
$response->headers->clearCookie('invite-usr-id'); $response->headers->clearCookie('invite-usr-id');
if ($request->cookies->has('postlog') && $request->cookies->get('postlog') == '1') {
if (!$user->is_guest() && $request->cookies->has('invite-usr_id')) {
if ($user->get_id() != $inviteUsrId = $request->cookies->get('invite-usr_id')) {
$repo = $app['EM']->getRepository('Entities\Basket');
$baskets = $repo->findBy(array('usr_id' => $inviteUsrId));
foreach ($baskets as $basket) {
$basket->setUsrId($user->get_id());
$app['EM']->persist($basket);
}
}
}
}
if ($request->request->get('remember-me') == '1') { if ($request->request->get('remember-me') == '1') {
$nonce = \random::generatePassword(16); $nonce = \random::generatePassword(16);
$string = $app['browser']->getBrowser() . '_' . $app['browser']->getPlatform(); $string = $app['browser']->getBrowser() . '_' . $app['browser']->getPlatform();

9
templates/web/common/dialog_export.html.twig
View File

@@ -79,7 +79,14 @@
{% if app['phraseanet.registry'].get('GV_needAuth2DL') and app['authentication'].getUser().is_guest() %} {% if app['phraseanet.registry'].get('GV_needAuth2DL') and app['authentication'].getUser().is_guest() %}
<script type="text/javascript"> <script type="text/javascript">
p4.Dialog.get(1).Close(); p4.Dialog.get(1).Close();
parent.login({act:"dwnl",lst:"{{ lst }}",SSTTID:"{{ ssttid }}"}); var $dialog = p4.Dialog.Create({
size : '500x100',
closeOnEscape : true,
closeButton:false,
title : "{{ "Unauthorized action"|trans }}"
}, 2);
$dialog.setContent("{{ "Guest, you must be authenticated to have the right to download."|trans }}");
</script> </script>
{% else %} {% else %}
{% if download.get_total_download() <= 0 and download.get_total_order() <= 0 and download.get_total_ftp() <= 0%} {% if download.get_total_download() <= 0 and download.get_total_order() <= 0 and download.get_total_ftp() <= 0%}

10
tests/Alchemy/Tests/Phrasea/Controller/Root/LoginTest.php
View File

@@ -99,16 +99,6 @@ class LoginTest extends \PhraseanetWebTestCaseAuthenticatedAbstract
$this->assertEquals('/prod/', $response->headers->get('location')); $this->assertEquals('/prod/', $response->headers->get('location'));
} }
public function testLoginRedirectPostLog()
{
$this->logout(self::$DI['app']);
self::$DI['client']->request('GET', '/login/', array('postlog' => '1', 'redirect' => 'prod'));
$response = self::$DI['client']->getResponse();
$this->assertTrue($response->isRedirect());
$this->assertEquals('/login/logout/?redirect=prod', $response->headers->get('location'));
}
/** /**
* @dataProvider provideFlashMessages * @dataProvider provideFlashMessages
*/ */

12
www/include/jquery.common.js
View File

@@ -93,18 +93,6 @@ $(document).ready(function () {
}); });
function login(what) {
if (confirm(language.confirmRedirectAuth)) {
if (what != undefined) {
EcrireCookie('last_act', what, null, '/');
}
self.location.replace('/login/?postlog=1');
}
return false;
}
function EcrireCookie(nom, valeur) { function EcrireCookie(nom, valeur) {
var argv = EcrireCookie.arguments; var argv = EcrireCookie.arguments;
var argc = EcrireCookie.arguments.length; var argc = EcrireCookie.arguments.length;