Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save michael-e/d3aff27a70a37814894c to your computer and use it in GitHub Desktop.
Save michael-e/d3aff27a70a37814894c to your computer and use it in GitHub Desktop.
/*-------------------------------------------------------------------------
Role Manager: (replace in members/extension.driver.php when using Abffilter)
-------------------------------------------------------------------------*/
public function checkFrontendPagePermissions($context) {
$isLoggedIn = false;
$errors = array();
// Checks $_REQUEST to see if a Member Action has been requested,
// member-action['login'] and member-action['logout']/?member-action=logout
// are the only two supported at this stage.
if(is_array($_REQUEST['member-action'])){
list($action) = array_keys($_REQUEST['member-action']);
} else {
$action = $_REQUEST['member-action'];
}
// Check to see a Member is already logged in.
$isLoggedIn = $this->getMemberDriver()->isLoggedIn($errors);
// Logout
if(trim($action) == 'logout') {
/**
* Fired just before a member is logged out (and page redirection),
* this delegate provides the current Member ID
*
* @delegate MembersPreLogout
* @param string $context
* '/frontend/'
* @param integer $member_id
* The Member ID of the member who is about to logged out
*/
Symphony::ExtensionManager()->notifyMembers('MembersPreLogout', '/frontend/', array(
'member_id' => $this->getMemberDriver()->getMemberID()
));
$this->getMemberDriver()->logout();
// If a redirect is provided, redirect to that, otherwise return the user
// to the index of the site. Issue #51 & #121
if(isset($_REQUEST['redirect'])) redirect($_REQUEST['redirect']);
redirect(URL);
}
// Login
else if(trim($action) == 'login' && !is_null($_POST['fields'])) {
// If a Member is already logged in and another Login attempt is requested
// log the Member out first before trying to login with new details.
if($isLoggedIn) {
$this->getMemberDriver()->logout();
}
if($this->getMemberDriver()->login($_POST['fields'])) {
/**
* Fired just after a Member has successfully logged in, this delegate
* provides the current Member ID. This delegate is fired just before
* the page redirection (if it is provided)
*
* @delegate MembersPostLogin
* @param string $context
* '/frontend/'
* @param integer $member_id
* The Member ID of the member who just logged in.
* @param Entry $member
* The Entry object of the logged in Member.
*/
Symphony::ExtensionManager()->notifyMembers('MembersPostLogin', '/frontend/', array(
'member_id' => $this->getMemberDriver()->getMemberID(),
'member' => $this->getMemberDriver()->getMember()
));
Symphony::ExtensionManager()->notifyMembers('MembersLoginSuccess', '/frontend/', array(
'member_id' => $this->getMemberDriver()->getMemberID(),
'member' => $this->getMemberDriver()->getMember()
));
if(isset($_POST['redirect'])) redirect($_POST['redirect']);
}
else {
self::$_failed_login_attempt = true;
Symphony::ExtensionManager()->notifyMembers('MembersLoginFailure', '/frontend/', array(
'member_id' => $this->getMemberDriver()->getMemberID(),
'member' => $this->getMemberDriver()->getMember()
));
}
}
$this->Member->initialiseMemberObject();
if($isLoggedIn && $this->getMemberDriver()->getMember() instanceOf Entry) {
$this->updateSystemTimezoneOffset($this->getMemberDriver()->getMemberID());
if(!is_null(extension_Members::getFieldHandle('role'))) {
$role_data = $this->getMemberDriver()->getMember()->getData(extension_Members::getField('role')->get('id'));
}
}
// If there is no role field, or a Developer is logged in, return, as Developers
// should be able to access every page.
if(
is_null(extension_Members::getFieldHandle('role'))
|| (Frontend::instance()->Author instanceof Author && Frontend::instance()->Author->isDeveloper())
) return;
$role_id = ($isLoggedIn) ? $role_data['role_id'] : Role::PUBLIC_ROLE;
$role = RoleManager::fetch($role_id);
if($role instanceof Role && !$role->canAccessPage((int)$context['page_data']['id'])) {
// User has no access to this page, so look for a custom 403 page
if($row = PageManager::fetchPageByType('403')) {
$row['type'] = PageManager::fetchPageTypes($row['id']);
$row['filelocation'] = PageManager::resolvePageFileLocation($row['path'], $row['handle']);
$context['page_data'] = $row;
return;
}
else {
// No custom 403, just throw default 403
GenericExceptionHandler::$enabled = true;
throw new SymphonyErrorPage(
__('The page you have requested has restricted access permissions.'),
__('Forbidden'),
'error',
array('header' => 'HTTP/1.0 403 Forbidden')
);
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment