mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-14 05:23:21 +00:00
PHRAS-262 #fix remove postlog feature for guest access
This commit is contained in:
Nicolas Le Goff
@@ -102,23 +102,6 @@ class Login implements ControllerProviderInterface
|
||||
$controllers->get('/', 'login.controller:login')
|
||||
->before(function (Request $request) use ($app) {
|
||||
if (null !== $response = $app['firewall']->requireNotAuthenticated()) {
|
||||
return $response;
|
||||
}
|
||||
|
||||
if (null !== $request->query->get('postlog')) {
|
||||
|
||||
// if isset postlog parameter, set cookie and log out current user
|
||||
// then post login operation like getting baskets from an invit session
|
||||
// could be done by Session_handler authentication process
|
||||
|
||||
$params = array();
|
||||
|
||||
if (null !== $redirect = $request->query->get('redirect')) {
|
||||
$params = array('redirect' => ltrim($redirect, '/'));
|
||||
}
|
||||
|
||||
$response = $app->redirectPath('logout', $params);
|
||||
$response->headers->setCookie(new Cookie('postlog', 1));
|
||||
|
||||
return $response;
|
||||
}
|
||||
@@ -745,7 +728,6 @@ class Login implements ControllerProviderInterface
|
||||
|
||||
$response->headers->clearCookie('persistent');
|
||||
$response->headers->clearCookie('last_act');
|
||||
$response->headers->clearCookie('postlog');
|
||||
|
||||
return $response;
|
||||
}
|
||||
@@ -850,7 +832,6 @@ class Login implements ControllerProviderInterface
|
||||
$response = $app->redirectPath('prod');
|
||||
}
|
||||
|
||||
$response->headers->clearCookie('postlog');
|
||||
$response->headers->clearCookie('last_act');
|
||||
|
||||
return $response;
|
||||
@@ -1062,21 +1043,6 @@ class Login implements ControllerProviderInterface
|
||||
$response = $this->generateAuthResponse($app, $app['browser'], $request->request->get('redirect'));
|
||||
$response->headers->clearCookie('invite-usr-id');
|
||||
|
||||
if ($request->cookies->has('postlog') && $request->cookies->get('postlog') == '1') {
|
||||
if (!$user->is_guest() && $request->cookies->has('invite-usr_id')) {
|
||||
if ($user->get_id() != $inviteUsrId = $request->cookies->get('invite-usr_id')) {
|
||||
|
||||
$repo = $app['EM']->getRepository('Entities\Basket');
|
||||
$baskets = $repo->findBy(array('usr_id' => $inviteUsrId));
|
||||
|
||||
foreach ($baskets as $basket) {
|
||||
$basket->setUsrId($user->get_id());
|
||||
$app['EM']->persist($basket);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($request->request->get('remember-me') == '1') {
|
||||
$nonce = \random::generatePassword(16);
|
||||
$string = $app['browser']->getBrowser() . '_' . $app['browser']->getPlatform();
|
||||
|
||||
@@ -79,7 +79,14 @@
|
||||
{% if app['phraseanet.registry'].get('GV_needAuth2DL') and app['authentication'].getUser().is_guest() %}
|
||||
<script type="text/javascript">
|
||||
p4.Dialog.get(1).Close();
|
||||
parent.login({act:"dwnl",lst:"{{ lst }}",SSTTID:"{{ ssttid }}"});
|
||||
var $dialog = p4.Dialog.Create({
|
||||
size : '500x100',
|
||||
closeOnEscape : true,
|
||||
closeButton:false,
|
||||
title : "{{ "Unauthorized action"|trans }}"
|
||||
}, 2);
|
||||
|
||||
$dialog.setContent("{{ "Guest, you must be authenticated to have the right to download."|trans }}");
|
||||
</script>
|
||||
{% else %}
|
||||
{% if download.get_total_download() <= 0 and download.get_total_order() <= 0 and download.get_total_ftp() <= 0%}
|
||||
|
||||
@@ -99,16 +99,6 @@ class LoginTest extends \PhraseanetWebTestCaseAuthenticatedAbstract
|
||||
$this->assertEquals('/prod/', $response->headers->get('location'));
|
||||
}
|
||||
|
||||
public function testLoginRedirectPostLog()
|
||||
{
|
||||
$this->logout(self::$DI['app']);
|
||||
|
||||
self::$DI['client']->request('GET', '/login/', array('postlog' => '1', 'redirect' => 'prod'));
|
||||
$response = self::$DI['client']->getResponse();
|
||||
$this->assertTrue($response->isRedirect());
|
||||
$this->assertEquals('/login/logout/?redirect=prod', $response->headers->get('location'));
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider provideFlashMessages
|
||||
*/
|
||||
|
||||
@@ -93,18 +93,6 @@ $(document).ready(function () {
|
||||
|
||||
});
|
||||
|
||||
|
||||
function login(what) {
|
||||
if (confirm(language.confirmRedirectAuth)) {
|
||||
if (what != undefined) {
|
||||
EcrireCookie('last_act', what, null, '/');
|
||||
}
|
||||
self.location.replace('/login/?postlog=1');
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
function EcrireCookie(nom, valeur) {
|
||||
var argv = EcrireCookie.arguments;
|
||||
var argc = EcrireCookie.arguments.length;
|
||||
|
||||
Reference in New Issue
Block a user