liquid_feedback_frontend
annotate app/main/_filter/21_auth.lua @ 988:81bde33c2256
Added support for regular delegation check, fixed css for pagination
author | bsw |
---|---|
date | Sat Apr 20 18:40:34 2013 +0200 (2013-04-20) |
parents | 403e8c211592 |
children | 5a712ec1a7f1 |
rev | line source |
---|---|
bsw@725 | 1 local module = request.get_module() |
bsw@725 | 2 local view = request.get_view() |
bsw@725 | 3 local action = request.get_action() |
bsw@725 | 4 |
bsw/jbe@0 | 5 local auth_needed = not ( |
bsw@725 | 6 module == 'index' |
bsw/jbe@0 | 7 and ( |
bsw@725 | 8 view == "index" |
bsw@725 | 9 or view == "login" |
bsw@725 | 10 or action == "login" |
bsw@725 | 11 or view == "register" |
bsw@725 | 12 or action == "register" |
bsw@725 | 13 or view == "about" |
bsw@725 | 14 or view == "reset_password" |
bsw@725 | 15 or action == "reset_password" |
bsw@725 | 16 or view == "confirm_notify_email" |
bsw@725 | 17 or action == "confirm_notify_email" |
bsw@725 | 18 or view == "menu" |
bsw@725 | 19 or action == "set_lang" |
bsw@929 | 20 or view == "404" |
bsw/jbe@0 | 21 ) |
bsw/jbe@0 | 22 ) |
bsw/jbe@0 | 23 |
bsw@813 | 24 if app.session:has_access("anonymous") then |
bsw@51 | 25 |
bsw@51 | 26 if |
bsw@725 | 27 module == "area" and view == "show" |
bsw@725 | 28 or module == "unit" and view == "show" |
bsw@725 | 29 or module == "policy" and view == "show" |
bsw@725 | 30 or module == "policy" and view == "list" |
bsw@725 | 31 or module == "issue" and view == "show" |
bsw@725 | 32 or module == "initiative" and view == "show" |
bsw@725 | 33 or module == "suggestion" and view == "show" |
bsw@725 | 34 or module == "draft" and view == "diff" |
bsw@725 | 35 or module == "draft" and view == "show" |
bsw@725 | 36 or module == "draft" and view == "list" |
bsw@725 | 37 or module == "index" and view == "search" |
bsw@767 | 38 or module == "index" and view == "usage_terms" |
bsw@51 | 39 then |
bsw@51 | 40 auth_needed = false |
bsw@51 | 41 end |
bsw@51 | 42 |
bsw@51 | 43 end |
bsw@51 | 44 |
bsw@813 | 45 if app.session:has_access("all_pseudonymous") then |
bsw@725 | 46 if module == "member_image" and view == "show" |
bsw@725 | 47 or module == "vote" and view == "show_incoming" |
bsw@725 | 48 or module == "interest" and view == "show_incoming" |
bsw@884 | 49 or module == "supporter" and view == "show_incoming" |
bsw@884 | 50 or module == "vote" and view == "list" then |
bsw@527 | 51 auth_needed = false |
bsw@527 | 52 end |
bsw@527 | 53 end |
bsw@527 | 54 |
bsw@813 | 55 if app.session:has_access("everything") then |
bsw@884 | 56 if module == "member" and (view == "show" or view == "history") then |
bsw@813 | 57 auth_needed = false |
bsw@813 | 58 end |
bsw@813 | 59 end |
bsw@813 | 60 |
bsw@725 | 61 if module == "sitemap" then |
bsw@75 | 62 auth_needed = false |
bsw@75 | 63 end |
bsw@75 | 64 |
bsw@813 | 65 if app.session:has_access("anonymous") and not app.session.member_id and auth_needed and module == "index" and view == "index" then |
bsw@308 | 66 if config.single_unit_id then |
bsw@308 | 67 request.redirect{ module = "unit", view = "show", id = config.single_unit_id } |
bsw@308 | 68 else |
bsw@272 | 69 request.redirect{ module = "unit", view = "list" } |
bsw@272 | 70 end |
bsw@51 | 71 return |
bsw@51 | 72 end |
bsw@51 | 73 |
bsw/jbe@0 | 74 -- if not app.session.user_id then |
bsw/jbe@0 | 75 -- trace.debug("DEBUG: AUTHENTICATION BYPASS ENABLED") |
bsw/jbe@0 | 76 -- app.session.user_id = 1 |
bsw/jbe@0 | 77 -- end |
bsw/jbe@0 | 78 |
bsw/jbe@0 | 79 if auth_needed and app.session.member == nil then |
bsw/jbe@0 | 80 trace.debug("Not authenticated yet.") |
bsw@411 | 81 request.redirect{ |
bsw@411 | 82 module = 'index', view = 'login', params = { |
bsw@725 | 83 redirect_module = module, |
bsw@725 | 84 redirect_view = view, |
bsw@411 | 85 redirect_id = param.get_id() |
bsw@411 | 86 } |
bsw@411 | 87 } |
bsw/jbe@0 | 88 elseif auth_needed and app.session.member.locked then |
bsw/jbe@0 | 89 trace.debug("Member locked.") |
bsw/jbe@0 | 90 request.redirect{ module = 'index', view = 'login' } |
bsw/jbe@0 | 91 else |
bsw@988 | 92 if config.check_delegations_interval_hard and app.session.member_id and app.session.needs_delegation_check |
bsw@988 | 93 and not (module == "admin" or (module == "index" and ( |
bsw@988 | 94 view == "check_delegations" |
bsw@988 | 95 or action == "check_delegations" |
bsw@988 | 96 or action == "logout" |
bsw@988 | 97 or view == "about" |
bsw@988 | 98 or view == "usage_terms" |
bsw@988 | 99 or action == "set_lang") |
bsw@988 | 100 )) |
bsw@988 | 101 and not (module == "member_image" and view == "show") then |
bsw@988 | 102 request.redirect{ module = 'index', view = 'check_delegations' } |
bsw@988 | 103 return |
bsw@988 | 104 end |
bsw/jbe@0 | 105 if auth_needed then |
bsw/jbe@0 | 106 trace.debug("Authentication accepted.") |
bsw/jbe@0 | 107 else |
bsw/jbe@0 | 108 trace.debug("No authentication needed.") |
bsw/jbe@0 | 109 end |
bsw/jbe@0 | 110 |
bsw/jbe@0 | 111 --db:query("SELECT check_everything()") |
bsw/jbe@0 | 112 |
bsw/jbe@0 | 113 execute.inner() |
bsw/jbe@0 | 114 trace.debug("End of authentication filter.") |
bsw/jbe@0 | 115 end |
bsw/jbe@0 | 116 |