mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-16 06:23:18 +00:00
Add firewalls
This commit is contained in:
Romain Neutron
@@ -26,7 +26,8 @@ class Collection implements ControllerProviderInterface
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireRightOnBase($app['request']->attributes->get('bas_id'), 'canadmin');
|
||||
$app['firewall']->requireAccessToModule('admin')
|
||||
->requireRightOnBase($app['request']->attributes->get('bas_id'), 'canadmin');
|
||||
});
|
||||
|
||||
/**
|
||||
|
||||
@@ -30,7 +30,7 @@ class Databoxes implements ControllerProviderInterface
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAdmin();
|
||||
$app['firewall']->requireAccessToModule('admin');
|
||||
});
|
||||
|
||||
|
||||
@@ -65,7 +65,10 @@ class Databoxes implements ControllerProviderInterface
|
||||
* return : Redirect Response
|
||||
*/
|
||||
$controllers->post('/', $this->call('createDatabase'))
|
||||
->bind('admin_database_new');
|
||||
->bind('admin_database_new')
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAdmin();
|
||||
});
|
||||
|
||||
/**
|
||||
* Mount a database
|
||||
@@ -81,7 +84,10 @@ class Databoxes implements ControllerProviderInterface
|
||||
* return : Redirect Response
|
||||
*/
|
||||
$controllers->post('/mount/', $this->call('databaseMount'))
|
||||
->bind('admin_database_mount');
|
||||
->bind('admin_database_mount')
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAdmin();
|
||||
});
|
||||
|
||||
/**
|
||||
* Upgrade all databases
|
||||
@@ -97,7 +103,10 @@ class Databoxes implements ControllerProviderInterface
|
||||
* return : Redirect Response
|
||||
*/
|
||||
$controllers->post('/upgrade/', $this->call('databasesUpgrade'))
|
||||
->bind('admin_databases_upgrade');
|
||||
->bind('admin_databases_upgrade')
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAdmin();
|
||||
});
|
||||
|
||||
return $controllers;
|
||||
}
|
||||
@@ -111,11 +120,7 @@ class Databoxes implements ControllerProviderInterface
|
||||
*/
|
||||
public function getDatabases(Application $app, Request $request)
|
||||
{
|
||||
$createBase = $mountBase = $upgradeAvailable = false;
|
||||
|
||||
if ($app['phraseanet.appbox']->upgradeavailable()) {
|
||||
$upgradeAvailable = true;
|
||||
}
|
||||
$createBase = $mountBase = false;
|
||||
|
||||
$sbasIds = array_merge(
|
||||
array_keys($app['phraseanet.user']->ACL()->get_granted_sbas(array('bas_manage')))
|
||||
@@ -133,9 +138,6 @@ class Databoxes implements ControllerProviderInterface
|
||||
|
||||
try {
|
||||
$databox = $app['phraseanet.appbox']->get_databox($sbasId);
|
||||
if ($databox->upgradeavailable()) {
|
||||
$upgradeAvailable = true;
|
||||
}
|
||||
|
||||
$sbas[$sbasId] = array(
|
||||
'version' => $databox->get_version(),
|
||||
@@ -183,7 +185,6 @@ class Databoxes implements ControllerProviderInterface
|
||||
return $app['twig']->render('admin/databases.html.twig', array(
|
||||
'files' => new \DirectoryIterator($app['phraseanet.registry']->get('GV_RootPath') . 'lib/conf.d/data_templates'),
|
||||
'sbas' => $sbas,
|
||||
'upgrade_available' => $upgradeAvailable,
|
||||
'error_msg' => $errorMsg,
|
||||
'recommendations' => $upgrader->getRecommendations(),
|
||||
'advices' => $request->query->get('advices', array()),
|
||||
|
||||
@@ -30,23 +30,18 @@ class Description implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAccessToModule('admin')
|
||||
->requireRightOnSbas($request->attributes->get('sbas_id'), 'bas_modify_struct');
|
||||
});
|
||||
|
||||
$controllers->get('/metadatas/search/', $this->call('metadataTypeAhead'));
|
||||
|
||||
$controllers->post('/{sbas_id}/', $this->call('updateDataboxStructure'))
|
||||
->before(function(Request $request) use ($app) {
|
||||
if (false === $app['phraseanet.user']->ACL()
|
||||
->has_right_on_sbas($request->attributes->get('sbas_id'), 'bas_modify_struct')) {
|
||||
throw new AccessDeniedHttpException('You are not allowed to access this zone');
|
||||
}
|
||||
})->assert('sbas_id', '\d+');
|
||||
->assert('sbas_id', '\d+');
|
||||
|
||||
$controllers->get('/{sbas_id}/', $this->call('getDataboxStructure'))
|
||||
->before(function(Request $request) use ($app) {
|
||||
if (false === $app['phraseanet.user']->ACL()
|
||||
->has_right_on_sbas($request->attributes->get('sbas_id'), 'bas_modify_struct')) {
|
||||
throw new AccessDeniedHttpException('You are not allowed to access this zone');
|
||||
}
|
||||
})->assert('sbas_id', '\d+');
|
||||
->assert('sbas_id', '\d+');
|
||||
|
||||
return $controllers;
|
||||
}
|
||||
|
||||
@@ -28,6 +28,10 @@ class Fields implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAccessToModule('admin');
|
||||
});
|
||||
|
||||
$controllers->get('/checkmulti/', function(PhraseaApplication $app, Request $request) {
|
||||
$multi = ($request->query->get('multi') === 'true');
|
||||
|
||||
|
||||
@@ -28,6 +28,13 @@ class Publications implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
/**
|
||||
* TODO NEUTRON verifier correlation avec tree
|
||||
*/
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAccessToModule('admin');
|
||||
});
|
||||
|
||||
$controllers->get('/list/', function(PhraseaApplication $app) {
|
||||
|
||||
$feeds = \Feed_Collection::load_all(
|
||||
|
||||
@@ -28,6 +28,11 @@ class Subdefs implements ControllerProviderInterface
|
||||
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAccessToModule('admin')
|
||||
->requireRightOnSbas($request->attributes->get('sbas_id'), 'bas_modify_struct');
|
||||
});
|
||||
|
||||
$controllers->get('/{sbas_id}/', function(Application $app, $sbas_id) {
|
||||
$databox = $app['phraseanet.appbox']->get_databox((int) $sbas_id);
|
||||
|
||||
|
||||
@@ -24,6 +24,10 @@ class TaskManager implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAdmin();
|
||||
});
|
||||
|
||||
$controllers->get('/', function(Application $app, Request $request) {
|
||||
return $app->redirect('/admin/task-manager/tasks/');
|
||||
});
|
||||
|
||||
@@ -29,6 +29,11 @@ class Users implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAccessToModule('admin')
|
||||
->requireRight('manageusers');
|
||||
});
|
||||
|
||||
$controllers->post('/rights/', function(Application $app) {
|
||||
$rights = new UserHelper\Edit($app, $app['request']);
|
||||
|
||||
|
||||
@@ -29,6 +29,10 @@ class Feed implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication();
|
||||
});
|
||||
|
||||
/**
|
||||
* I got a selection of docs, which publications are available forthese docs ?
|
||||
*/
|
||||
@@ -65,6 +69,8 @@ class Feed implements ControllerProviderInterface
|
||||
}
|
||||
|
||||
return $app->json($datas);
|
||||
})->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireRight('bas_chupub');
|
||||
});
|
||||
|
||||
$controllers->get('/entry/{id}/edit/', function(Application $app, Request $request, $id) {
|
||||
@@ -79,7 +85,10 @@ class Feed implements ControllerProviderInterface
|
||||
$datas = $app['twig']->render('prod/actions/publish/publish_edit.html.twig', array('entry' => $entry, 'feeds' => $feeds));
|
||||
|
||||
return new Response($datas);
|
||||
})->assert('id', '\d+');
|
||||
})->assert('id', '\d+')
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireRight('bas_chupub');
|
||||
});
|
||||
|
||||
$controllers->post('/entry/{id}/update/', function(Application $app, Request $request, $id) {
|
||||
$datas = array('error' => true, 'message' => '', 'datas' => '');
|
||||
@@ -150,7 +159,9 @@ class Feed implements ControllerProviderInterface
|
||||
}
|
||||
|
||||
return $app->json($datas);
|
||||
})->assert('id', '\d+');
|
||||
})->assert('id', '\d+')->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireRight('bas_chupub');
|
||||
});
|
||||
|
||||
$controllers->post('/entry/{id}/delete/', function(Application $app, Request $request, $id) {
|
||||
$datas = array('error' => true, 'message' => '');
|
||||
@@ -177,7 +188,9 @@ class Feed implements ControllerProviderInterface
|
||||
}
|
||||
|
||||
return $app->json($datas);
|
||||
})->assert('id', '\d+');
|
||||
})->assert('id', '\d+')->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireRight('bas_chupub');
|
||||
});
|
||||
|
||||
$controllers->get('/', function(Application $app, Request $request) {
|
||||
$request = $app['request'];
|
||||
|
||||
@@ -41,6 +41,11 @@ class Lazaret implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication()
|
||||
->requireRight('addrecord');
|
||||
});
|
||||
|
||||
/**
|
||||
* Lazaret Elements route
|
||||
*
|
||||
|
||||
@@ -28,6 +28,12 @@ class MoveCollection implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication()
|
||||
->requireRight('addrecord')
|
||||
->requireRight('deleterecord');
|
||||
});
|
||||
|
||||
$controllers->post('/', $this->call('displayForm'));
|
||||
$controllers->post('/apply/', $this->call('apply'));
|
||||
|
||||
|
||||
@@ -35,6 +35,11 @@ class Order implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication()
|
||||
->requireRight('order');
|
||||
});
|
||||
|
||||
/**
|
||||
* List all orders
|
||||
*
|
||||
@@ -50,7 +55,7 @@ class Order implements ControllerProviderInterface
|
||||
*/
|
||||
$controllers->get('/', $this->call('displayOrders'))
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireOrdersAdmin($app);
|
||||
$app['firewall']->requireOrdersAdmin();
|
||||
})
|
||||
->bind('prod_orders');
|
||||
|
||||
@@ -85,7 +90,7 @@ class Order implements ControllerProviderInterface
|
||||
*/
|
||||
$controllers->get('/{order_id}/', $this->call('displayOneOrder'))
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireOrdersAdmin($app);
|
||||
$app['firewall']->requireOrdersAdmin();
|
||||
})
|
||||
->bind('prod_order')
|
||||
->assert('order_id', '\d+');
|
||||
@@ -105,7 +110,7 @@ class Order implements ControllerProviderInterface
|
||||
*/
|
||||
$controllers->post('/{order_id}/send/', $this->call('sendOrder'))
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireOrdersAdmin($app);
|
||||
$app['firewall']->requireOrdersAdmin();
|
||||
})
|
||||
->bind('prod_order_send')
|
||||
->assert('order_id', '\d+');
|
||||
@@ -125,7 +130,7 @@ class Order implements ControllerProviderInterface
|
||||
*/
|
||||
$controllers->post('/{order_id}/deny/', $this->call('denyOrder'))
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireOrdersAdmin($app);
|
||||
$app['firewall']->requireOrdersAdmin();
|
||||
})
|
||||
->bind('prod_order_deny')
|
||||
->assert('order_id', '\d+');
|
||||
|
||||
@@ -95,6 +95,11 @@ class Push implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication()
|
||||
->requireRight('push');
|
||||
});
|
||||
|
||||
$userFormatter = $this->getUserFormatter();
|
||||
|
||||
$listFormatter = $this->getListFormatter();
|
||||
|
||||
@@ -14,7 +14,6 @@ namespace Alchemy\Phrasea\Controller\Prod;
|
||||
use Silex\Application;
|
||||
use Silex\ControllerProviderInterface;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Finder\Finder;
|
||||
use Alchemy\Phrasea\Helper;
|
||||
|
||||
@@ -31,6 +30,14 @@ class Root implements ControllerProviderInterface
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
|
||||
if (!$app->isAuthenticated() && null !== $request->query->get('nolog') && \phrasea::guest_allowed($app)) {
|
||||
$auth = new Session_Authentication_Guest($app);
|
||||
$app->openAccount($auth);
|
||||
|
||||
return $app->redirect('/prod/');
|
||||
}
|
||||
|
||||
$app['firewall']->requireAuthentication();
|
||||
});
|
||||
|
||||
|
||||
@@ -29,6 +29,10 @@ class Story implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication();
|
||||
});
|
||||
|
||||
$controllers->get('/create/', function(Application $app) {
|
||||
return $app['twig']->render('prod/Story/Create.html.twig', array());
|
||||
});
|
||||
|
||||
@@ -27,6 +27,10 @@ class TOU implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication();
|
||||
});
|
||||
|
||||
$controllers->post('/deny/{sbas_id}/', function(Application $app, Request $request, $sbas_id) {
|
||||
$ret = array('success' => false, 'message' => '');
|
||||
|
||||
|
||||
@@ -16,7 +16,6 @@ use DataURI;
|
||||
use Silex\Application;
|
||||
use Silex\ControllerProviderInterface;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
/**
|
||||
*
|
||||
@@ -30,6 +29,11 @@ class Tools implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication()
|
||||
->requireRight('doctools');
|
||||
});
|
||||
|
||||
$controllers->get('/', function(Application $app, Request $request) {
|
||||
|
||||
$records = RecordsRequest::fromRequest($app, $request, false);
|
||||
|
||||
@@ -41,6 +41,11 @@ class Upload implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication()
|
||||
->requireRight('addrecord');
|
||||
});
|
||||
|
||||
/**
|
||||
* Upload form route
|
||||
*
|
||||
|
||||
@@ -32,6 +32,10 @@ class UsrLists implements ControllerProviderInterface
|
||||
{
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication();
|
||||
});
|
||||
|
||||
/**
|
||||
* Get all lists
|
||||
*/
|
||||
|
||||
@@ -31,7 +31,7 @@ class Developers implements ControllerProviderInterface
|
||||
$controllers = $app['controllers_factory'];
|
||||
|
||||
$controllers->before(function() use ($app) {
|
||||
$app['firewall']->requireAuthentication($app);
|
||||
$app['firewall']->requireAuthentication();
|
||||
});
|
||||
|
||||
/**
|
||||
|
||||
@@ -53,9 +53,7 @@ class Login implements ControllerProviderInterface
|
||||
*/
|
||||
$controllers->get('/', $this->call('login'))
|
||||
->before(function(Request $request) use ($app) {
|
||||
if ($app->isAuthenticated()) {
|
||||
return $app->redirect('/' . $request->query->get('redirect', 'prod') . '/');
|
||||
}
|
||||
$app['firewall']->requireNotAuthenticated();
|
||||
|
||||
if (null !== $request->query->get('postlog')) {
|
||||
|
||||
@@ -85,7 +83,9 @@ class Login implements ControllerProviderInterface
|
||||
* return : HTML Response
|
||||
*/
|
||||
$controllers->post('/authenticate/', $this->call('authenticate'))
|
||||
->bind('login_authenticate');
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireNotAuthenticated();
|
||||
})->bind('login_authenticate');
|
||||
|
||||
/**
|
||||
* Logout
|
||||
@@ -101,7 +101,9 @@ class Login implements ControllerProviderInterface
|
||||
* return : HTML Response
|
||||
*/
|
||||
$controllers->get('/logout/', $this->call('logout'))
|
||||
->bind('logout');
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireAuthentication();
|
||||
})->bind('logout');
|
||||
|
||||
/**
|
||||
* Register a new user
|
||||
@@ -117,7 +119,9 @@ class Login implements ControllerProviderInterface
|
||||
* return : HTML Response
|
||||
*/
|
||||
$controllers->get('/register/', $this->call('displayRegisterForm'))
|
||||
->bind('login_register');
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireNotAuthenticated();
|
||||
})->bind('login_register');
|
||||
|
||||
/**
|
||||
* Register a new user
|
||||
@@ -133,7 +137,9 @@ class Login implements ControllerProviderInterface
|
||||
* return : HTML Response
|
||||
*/
|
||||
$controllers->post('/register/', $this->call('register'))
|
||||
->bind('submit_login_register');
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireNotAuthenticated();
|
||||
})->bind('submit_login_register');
|
||||
|
||||
/**
|
||||
* Register confirm
|
||||
@@ -149,7 +155,9 @@ class Login implements ControllerProviderInterface
|
||||
* return : HTML Response
|
||||
*/
|
||||
$controllers->get('/register-confirm/', $this->call('registerConfirm'))
|
||||
->bind('login_register_confirm');
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireNotAuthenticated();
|
||||
})->bind('login_register_confirm');
|
||||
|
||||
/**
|
||||
* Send confirmation mail
|
||||
@@ -165,7 +173,9 @@ class Login implements ControllerProviderInterface
|
||||
* return : HTML Response
|
||||
*/
|
||||
$controllers->get('/send-mail-confirm/', $this->call('sendConfirmMail'))
|
||||
->bind('login_send_mail');
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireNotAuthenticated();
|
||||
})->bind('login_send_mail');
|
||||
|
||||
/**
|
||||
* Forgot password
|
||||
@@ -181,7 +191,9 @@ class Login implements ControllerProviderInterface
|
||||
* return : HTML Response
|
||||
*/
|
||||
$controllers->get('/forgot-password/', $this->call('displayForgotPasswordForm'))
|
||||
->bind('login_forgot_password');
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireNotAuthenticated();
|
||||
})->bind('login_forgot_password');
|
||||
|
||||
/**
|
||||
* Renew password
|
||||
@@ -197,7 +209,9 @@ class Login implements ControllerProviderInterface
|
||||
* return : HTML Response
|
||||
*/
|
||||
$controllers->post('/forgot-password/', $this->call('renewPassword'))
|
||||
->bind('submit_login_forgot_password');
|
||||
->before(function(Request $request) use ($app) {
|
||||
$app['firewall']->requireNotAuthenticated();
|
||||
})->bind('submit_login_forgot_password');
|
||||
|
||||
return $controllers;
|
||||
}
|
||||
@@ -826,8 +840,7 @@ class Login implements ControllerProviderInterface
|
||||
|
||||
|
||||
$sql = "SELECT session_id FROM cache
|
||||
WHERE (lastaccess < DATE_SUB(NOW(), INTERVAL 1 MONTH) AND token IS NOT NULL)
|
||||
OR (lastaccess < DATE_SUB(NOW(), INTERVAL 30 MINUTE) AND token IS NULL)";
|
||||
WHERE lastaccess < DATE_SUB(NOW(), INTERVAL 1 MONTH)";
|
||||
|
||||
$stmt = $conn->prepare($sql);
|
||||
$stmt->execute();
|
||||
|
||||
@@ -16,7 +16,7 @@ class Firewall
|
||||
public function requireSetUp()
|
||||
{
|
||||
if (!$this->app['phraseanet.configuration-tester']->isInstalled()) {
|
||||
$this->app->abort(403, 'Phraseanet is not installed', array('X-Phraseanet-Redirect' => '/setup/'));
|
||||
$this->app->abort(302, 'Phraseanet is not installed', array('X-Phraseanet-Redirect' => '/setup/'));
|
||||
}
|
||||
|
||||
return null;
|
||||
@@ -113,7 +113,16 @@ class Firewall
|
||||
public function requireAuthentication()
|
||||
{
|
||||
if (!$this->app->isAuthenticated()) {
|
||||
$this->app->abort(403, 'You are not authenticated', array('X-Phraseanet-Redirect' => '/login/'));
|
||||
$this->app->abort(302, 'You are not authenticated', array('X-Phraseanet-Redirect' => '/login/'));
|
||||
}
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
public function requireNotAuthenticated()
|
||||
{
|
||||
if ($this->app->isAuthenticated()) {
|
||||
$this->app->abort(302, 'You are authenticated', array('X-Phraseanet-Redirect' => '/prod/'));
|
||||
}
|
||||
|
||||
return $this;
|
||||
|
||||
Reference in New Issue
Block a user