Congegni
/
libretime
mirror of https://github.com/libretime/libretime.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'cc-5709-airtime-analyzer' into saas 

Conflicts:
	airtime_mvc/application/configs/ACL.php
This commit is contained in:
Albert Santoni 2015-02-06 16:06:32 -05:00
parent a20f90cd2d 2a9790adf3
commit 2cf0f7da7a
2 changed files with 23 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
airtime_mvc/application/configs/ACL.php
View File

@ -54,8 +54,9 @@ $ccAcl->allow('G', 'index')
->allow('G', 'upgrade') ->allow('G', 'upgrade')
->allow('G', 'provisioning') ->allow('G', 'provisioning')
->allow('G', 'downgrade') ->allow('G', 'downgrade')
->allow('G', 'rest:media')
->allow('G', 'rest:show-image') ->allow('G', 'rest:show-image')
->allow('G', 'rest:media', 'get')
->allow('H', 'rest:media')
->allow('H', 'preference', 'is-import-in-progress') ->allow('H', 'preference', 'is-import-in-progress')
->allow('H', 'usersettings') ->allow('H', 'usersettings')
->allow('H', 'plupload') ->allow('H', 'plupload')

38
airtime_mvc/application/controllers/plugins/Acl_plugin.php
View File

@ -127,28 +127,32 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
throw new Zend_Controller_Exception("hi", 401); throw new Zend_Controller_Exception("hi", 401);
} }
} }
else //Non-REST, regular Airtime web app requests
{
//Redirect you to the login screen since you have no session.
if ($controller !== 'login') {
if ($controller !== 'login') { if ($request->isXmlHttpRequest()) {
if ($request->isXmlHttpRequest()) { $url = 'http://'.$request->getHttpHost().'/login';
$json = Zend_Json::encode(array('auth' => false, 'url' => $url));
$url = 'http://'.$request->getHttpHost().'/login'; // Prepare response
$json = Zend_Json::encode(array('auth' => false, 'url' => $url)); $this->getResponse()
->setHttpResponseCode(401)
->setBody($json)
->sendResponse();
// Prepare response //redirectAndExit() cleans up, sends the headers and stops the script
$this->getResponse() Zend_Controller_Action_HelperBroker::getStaticHelper('redirector')->redirectAndExit();
->setHttpResponseCode(401) } else {
->setBody($json) $r = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
->sendResponse(); $r->gotoSimpleAndExit('index', 'login', $request->getModuleName());
}
//redirectAndExit() cleans up, sends the headers and stops the script }
Zend_Controller_Action_HelperBroker::getStaticHelper('redirector')->redirectAndExit();
} else {
$r = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
$r->gotoSimpleAndExit('index', 'login', $request->getModuleName());
}
} }
} else { } else { //We have a session/identity.
// If we have an identity and we're making a RESTful request, // If we have an identity and we're making a RESTful request,
// we need to check the CSRF token // we need to check the CSRF token
if ($request->_action != "get" && $request->getModuleName() == "rest") { if ($request->_action != "get" && $request->getModuleName() == "rest") {