liquid_feedback_frontend

view app/main/_filter/21_auth.lua @ 929:403e8c211592

find changesets by author, revision, files, or words in the commit message
Going to version 2.1.2
author bsw
date Sat Oct 20 17:21:04 2012 +0200 (2012-10-20)
parents a1c7858c15e9
children 81bde33c2256
line source
1 local module = request.get_module()
2 local view = request.get_view()
3 local action = request.get_action()
4
5 local auth_needed = not (
6 module == 'index'
7 and (
8 view == "index"
9 or view == "login"
10 or action == "login"
11 or view == "register"
12 or action == "register"
13 or view == "about"
14 or view == "reset_password"
15 or action == "reset_password"
16 or view == "confirm_notify_email"
17 or action == "confirm_notify_email"
18 or view == "menu"
19 or action == "set_lang"
20 or view == "404"
21 )
22 )
23
24 if app.session:has_access("anonymous") then
25
26 if
27 module == "area" and view == "show"
28 or module == "unit" and view == "show"
29 or module == "policy" and view == "show"
30 or module == "policy" and view == "list"
31 or module == "issue" and view == "show"
32 or module == "initiative" and view == "show"
33 or module == "suggestion" and view == "show"
34 or module == "draft" and view == "diff"
35 or module == "draft" and view == "show"
36 or module == "draft" and view == "list"
37 or module == "index" and view == "search"
38 or module == "index" and view == "usage_terms"
39 then
40 auth_needed = false
41 end
42
43 end
44
45 if app.session:has_access("all_pseudonymous") then
46 if module == "member_image" and view == "show"
47 or module == "vote" and view == "show_incoming"
48 or module == "interest" and view == "show_incoming"
49 or module == "supporter" and view == "show_incoming"
50 or module == "vote" and view == "list" then
51 auth_needed = false
52 end
53 end
54
55 if app.session:has_access("everything") then
56 if module == "member" and (view == "show" or view == "history") then
57 auth_needed = false
58 end
59 end
60
61 if module == "sitemap" then
62 auth_needed = false
63 end
64
65 if app.session:has_access("anonymous") and not app.session.member_id and auth_needed and module == "index" and view == "index" then
66 if config.single_unit_id then
67 request.redirect{ module = "unit", view = "show", id = config.single_unit_id }
68 else
69 request.redirect{ module = "unit", view = "list" }
70 end
71 return
72 end
73
74 -- if not app.session.user_id then
75 -- trace.debug("DEBUG: AUTHENTICATION BYPASS ENABLED")
76 -- app.session.user_id = 1
77 -- end
78
79 if auth_needed and app.session.member == nil then
80 trace.debug("Not authenticated yet.")
81 request.redirect{
82 module = 'index', view = 'login', params = {
83 redirect_module = module,
84 redirect_view = view,
85 redirect_id = param.get_id()
86 }
87 }
88 elseif auth_needed and app.session.member.locked then
89 trace.debug("Member locked.")
90 request.redirect{ module = 'index', view = 'login' }
91 else
92 if auth_needed then
93 trace.debug("Authentication accepted.")
94 else
95 trace.debug("No authentication needed.")
96 end
97
98 --db:query("SELECT check_everything()")
99
100 execute.inner()
101 trace.debug("End of authentication filter.")
102 end
103

Impressum / About Us