liquid_feedback_frontend

view app/main/_filter/21_auth.lua @ 641:26d6d5cb4c7c

find changesets by author, revision, files, or words in the commit message
Improved language selection and made it available public
author bsw
date Mon Jun 25 19:42:26 2012 +0200 (2012-06-25)
parents 4cee33ad5e16
children 344e5fdce8c9
line source
1 local auth_needed = not (
2 request.get_module() == 'index'
3 and (
4 request.get_view() == "index"
5 or request.get_view() == "login"
6 or request.get_action() == "login"
7 or request.get_view() == "register"
8 or request.get_action() == "register"
9 or request.get_view() == "about"
10 or request.get_view() == "reset_password"
11 or request.get_action() == "reset_password"
12 or request.get_view() == "confirm_notify_email"
13 or request.get_action() == "confirm_notify_email"
14 or request.get_view() == "menu"
15 or request.get_action() == "set_lang"
16 )
17 or request.get_module() == "openid"
18 )
19
20 if config.public_access then
21
22 if
23 request.get_module() == "area" and request.get_view() == "show"
24 or request.get_module() == "unit" and request.get_view() == "show"
25 or request.get_module() == "policy" and request.get_view() == "show"
26 or request.get_module() == "policy" and request.get_view() == "list"
27 or request.get_module() == "issue" and request.get_view() == "show"
28 or request.get_module() == "initiative" and request.get_view() == "show"
29 or request.get_module() == "suggestion" and request.get_view() == "show"
30 or request.get_module() == "draft" and request.get_view() == "diff"
31 then
32 auth_needed = false
33 end
34
35 end
36
37 if config.public_access == "full" then
38 if request.get_module() == "member_image" and request.get_view() == "show"
39 or request.get_module() == "vote" and request.get_view() == "show_incoming"
40 or request.get_module() == "interest" and request.get_view() == "show_incoming"
41 or request.get_module() == "supporter" and request.get_view() == "show_incoming" then
42 auth_needed = false
43 end
44 end
45
46 if request.get_module() == "sitemap" then
47 auth_needed = false
48 end
49
50 if config.public_access and not app.session.member_id and auth_needed and request.get_module() == "index" and request.get_view() == "index" then
51 if config.single_unit_id then
52 request.redirect{ module = "unit", view = "show", id = config.single_unit_id }
53 else
54 request.redirect{ module = "unit", view = "list" }
55 end
56 return
57 end
58
59 -- if not app.session.user_id then
60 -- trace.debug("DEBUG: AUTHENTICATION BYPASS ENABLED")
61 -- app.session.user_id = 1
62 -- end
63
64 if auth_needed and app.session.member == nil then
65 trace.debug("Not authenticated yet.")
66 request.redirect{
67 module = 'index', view = 'login', params = {
68 redirect_module = request.get_module(),
69 redirect_view = request.get_view(),
70 redirect_id = param.get_id()
71 }
72 }
73 elseif auth_needed and app.session.member.locked then
74 trace.debug("Member locked.")
75 request.redirect{ module = 'index', view = 'login' }
76 else
77 if auth_needed then
78 trace.debug("Authentication accepted.")
79 else
80 trace.debug("No authentication needed.")
81 end
82
83 --db:query("SELECT check_everything()")
84
85 execute.inner()
86 trace.debug("End of authentication filter.")
87 end
88

Impressum / About Us