liquid_feedback_frontend
view app/main/_filter/21_auth.lua @ 1071:58f48a8a202a
Imported and merged LDAP patch
| author | bsw |
|---|---|
| date | Fri Jul 18 21:42:59 2014 +0200 (2014-07-18) |
| parents | 701a5cf6b067 |
| children | 2d69cc034132 |
line source
1 local module = request.get_module()
2 local view = request.get_view()
3 local action = request.get_action()
5 local auth_needed = not (
6 module == 'index'
7 and (
8 view == "login"
9 or action == "login"
10 or view == "register"
11 or action == "register"
12 or action == "cancel_register"
13 or view == "about"
14 or view == "reset_password"
15 or action == "reset_password"
16 or view == "send_login"
17 or action == "send_login"
18 or view == "confirm_notify_email"
19 or action == "confirm_notify_email"
20 or view == "menu"
21 or action == "set_lang"
22 or view == "404"
23 )
24 )
26 if app.session:has_access("anonymous") then
28 if
29 module == "index" and view == "index"
30 or module == "area" and view == "show"
31 or module == "unit" and view == "show"
32 or module == "policy" and view == "show"
33 or module == "policy" and view == "list"
34 or module == "issue" and view == "show"
35 or module == "initiative" and view == "show"
36 or module == "initiative" and view == "history"
37 or module == "suggestion" and view == "show"
38 or module == "draft" and view == "diff"
39 or module == "draft" and view == "show"
40 or module == "index" and view == "search"
41 or module == "index" and view == "usage_terms"
42 then
43 auth_needed = false
44 end
46 end
48 if app.session:has_access("authors_pseudonymous") then
49 if module == "member_image" and view == "show" then
50 auth_needed = false
51 end
52 end
54 if app.session:has_access("all_pseudonymous") then
55 if module == "vote" and view == "show_incoming"
56 or module == "member" and view == "list"
57 or module == "interest" and view == "show_incoming"
58 or module == "vote" and view == "list" then
59 auth_needed = false
60 end
61 end
63 if app.session:has_access("everything") then
64 if module == "member" and (view == "show" or view == "history") then
65 auth_needed = false
66 end
67 end
69 if module == "sitemap" then
70 auth_needed = false
71 end
73 if app.session:has_access("anonymous") and not app.session.member_id and auth_needed and module == "index" and view == "index" then
74 if config.single_unit_id then
75 request.redirect{ module = "unit", view = "show", id = config.single_unit_id }
76 else
77 request.redirect{ module = "unit", view = "list" }
78 end
79 return
80 end
82 -- if not app.session.user_id then
83 -- trace.debug("DEBUG: AUTHENTICATION BYPASS ENABLED")
84 -- app.session.user_id = 1
85 -- end
87 if auth_needed and app.session.member == nil then
88 trace.debug("Not authenticated yet.")
89 request.redirect{
90 module = 'index', view = 'login', params = {
91 redirect_module = module,
92 redirect_view = view,
93 redirect_id = param.get_id()
94 }
95 }
96 elseif auth_needed and app.session.member.locked then
97 trace.debug("Member locked.")
98 request.redirect{ module = 'index', view = 'login' }
99 else
100 if config.check_delegations_interval_hard and app.session.member_id and app.session.needs_delegation_check
101 and not (module == "admin" or (module == "index" and (
102 view == "check_delegations"
103 or action == "check_delegations"
104 or action == "logout"
105 or view == "about"
106 or view == "usage_terms"
107 or action == "set_lang")
108 ))
109 and not (module == "member_image" and view == "show") then
110 request.redirect{ module = 'index', view = 'check_delegations' }
111 return
112 end
113 if auth_needed then
114 trace.debug("Authentication accepted.")
115 else
116 trace.debug("No authentication needed.")
117 end
119 --db:query("SELECT check_everything()")
121 execute.inner()
122 trace.debug("End of authentication filter.")
123 end