liquid_feedback_frontend
annotate app/main/_filter/21_auth.lua @ 1115:b9364e1b7994
merge
author | bsw |
---|---|
date | Mon Nov 10 19:02:21 2014 +0100 (2014-11-10) |
parents | 498d655dbc18 5b77825ecfa6 |
children | 2d038d3ae153 |
rev | line source |
---|---|
bsw@725 | 1 local module = request.get_module() |
bsw@725 | 2 local view = request.get_view() |
bsw@725 | 3 local action = request.get_action() |
bsw@725 | 4 |
bsw/jbe@0 | 5 local auth_needed = not ( |
bsw@725 | 6 module == 'index' |
bsw/jbe@0 | 7 and ( |
bsw@1045 | 8 view == "login" |
bsw@725 | 9 or action == "login" |
bsw@725 | 10 or view == "register" |
bsw@725 | 11 or action == "register" |
bsw@1071 | 12 or action == "cancel_register" |
bsw@725 | 13 or view == "about" |
bsw@725 | 14 or view == "reset_password" |
bsw@725 | 15 or action == "reset_password" |
bsw@989 | 16 or view == "send_login" |
bsw@989 | 17 or action == "send_login" |
bsw@725 | 18 or view == "confirm_notify_email" |
bsw@725 | 19 or action == "confirm_notify_email" |
bsw@725 | 20 or view == "menu" |
bsw@725 | 21 or action == "set_lang" |
bsw@929 | 22 or view == "404" |
bsw/jbe@0 | 23 ) |
bsw/jbe@0 | 24 ) |
bsw/jbe@0 | 25 |
bsw@813 | 26 if app.session:has_access("anonymous") then |
bsw@51 | 27 |
bsw@51 | 28 if |
bsw@1045 | 29 module == "index" and view == "index" |
bsw@1045 | 30 or module == "area" and view == "show" |
bsw@725 | 31 or module == "unit" and view == "show" |
bsw@725 | 32 or module == "policy" and view == "show" |
bsw@725 | 33 or module == "policy" and view == "list" |
bsw@725 | 34 or module == "issue" and view == "show" |
bsw@1086 | 35 or module == "issue" and view == "history" |
bsw@725 | 36 or module == "initiative" and view == "show" |
bsw@1045 | 37 or module == "initiative" and view == "history" |
bsw@725 | 38 or module == "suggestion" and view == "show" |
bsw@725 | 39 or module == "draft" and view == "diff" |
bsw@725 | 40 or module == "draft" and view == "show" |
bsw@725 | 41 or module == "index" and view == "search" |
bsw@767 | 42 or module == "index" and view == "usage_terms" |
bsw@51 | 43 then |
bsw@51 | 44 auth_needed = false |
bsw@51 | 45 end |
bsw@51 | 46 |
bsw@51 | 47 end |
bsw@51 | 48 |
bsw@1111 | 49 if app.session:has_access("authors_pseudonymous") then |
bsw@1111 | 50 if module == "member_image" and view == "show" and param.get("image_type") == "avatar" then |
bsw@1111 | 51 auth_needed = false |
bsw@1111 | 52 end |
bsw@1111 | 53 end |
bsw@1111 | 54 |
bsw@1111 | 55 if app.session:has_access("everything") then |
bsw@1111 | 56 if module == "member_image" and view == "show" then |
bsw@1111 | 57 auth_needed = false |
bsw@1111 | 58 end |
bsw@1111 | 59 end |
bsw@1111 | 60 |
bsw@813 | 61 if app.session:has_access("all_pseudonymous") then |
bsw@1111 | 62 if module == "vote" and view == "show_incoming" |
bsw@1045 | 63 or module == "member" and view == "list" |
bsw@725 | 64 or module == "interest" and view == "show_incoming" |
bsw@884 | 65 or module == "vote" and view == "list" then |
bsw@527 | 66 auth_needed = false |
bsw@527 | 67 end |
bsw@527 | 68 end |
bsw@527 | 69 |
bsw@813 | 70 if app.session:has_access("everything") then |
bsw@884 | 71 if module == "member" and (view == "show" or view == "history") then |
bsw@813 | 72 auth_needed = false |
bsw@813 | 73 end |
bsw@813 | 74 end |
bsw@813 | 75 |
bsw@725 | 76 if module == "sitemap" then |
bsw@75 | 77 auth_needed = false |
bsw@75 | 78 end |
bsw@75 | 79 |
bsw@813 | 80 if app.session:has_access("anonymous") and not app.session.member_id and auth_needed and module == "index" and view == "index" then |
bsw@308 | 81 if config.single_unit_id then |
bsw@308 | 82 request.redirect{ module = "unit", view = "show", id = config.single_unit_id } |
bsw@308 | 83 else |
bsw@272 | 84 request.redirect{ module = "unit", view = "list" } |
bsw@272 | 85 end |
bsw@51 | 86 return |
bsw@51 | 87 end |
bsw@51 | 88 |
bsw/jbe@0 | 89 -- if not app.session.user_id then |
bsw/jbe@0 | 90 -- trace.debug("DEBUG: AUTHENTICATION BYPASS ENABLED") |
bsw/jbe@0 | 91 -- app.session.user_id = 1 |
bsw/jbe@0 | 92 -- end |
bsw/jbe@0 | 93 |
bsw/jbe@0 | 94 if auth_needed and app.session.member == nil then |
bsw/jbe@0 | 95 trace.debug("Not authenticated yet.") |
bsw@411 | 96 request.redirect{ |
bsw@411 | 97 module = 'index', view = 'login', params = { |
bsw@725 | 98 redirect_module = module, |
bsw@725 | 99 redirect_view = view, |
bsw@411 | 100 redirect_id = param.get_id() |
bsw@411 | 101 } |
bsw@411 | 102 } |
bsw/jbe@0 | 103 elseif auth_needed and app.session.member.locked then |
bsw/jbe@0 | 104 trace.debug("Member locked.") |
bsw/jbe@0 | 105 request.redirect{ module = 'index', view = 'login' } |
bsw/jbe@0 | 106 else |
bsw@988 | 107 if config.check_delegations_interval_hard and app.session.member_id and app.session.needs_delegation_check |
bsw@988 | 108 and not (module == "admin" or (module == "index" and ( |
bsw@988 | 109 view == "check_delegations" |
bsw@988 | 110 or action == "check_delegations" |
bsw@988 | 111 or action == "logout" |
bsw@988 | 112 or view == "about" |
bsw@988 | 113 or view == "usage_terms" |
bsw@988 | 114 or action == "set_lang") |
bsw@988 | 115 )) |
bsw@988 | 116 and not (module == "member_image" and view == "show") then |
bsw@988 | 117 request.redirect{ module = 'index', view = 'check_delegations' } |
bsw@988 | 118 return |
bsw@988 | 119 end |
bsw/jbe@0 | 120 if auth_needed then |
bsw/jbe@0 | 121 trace.debug("Authentication accepted.") |
bsw/jbe@0 | 122 else |
bsw/jbe@0 | 123 trace.debug("No authentication needed.") |
bsw/jbe@0 | 124 end |
bsw/jbe@0 | 125 |
bsw/jbe@0 | 126 --db:query("SELECT check_everything()") |
bsw/jbe@0 | 127 |
bsw/jbe@0 | 128 execute.inner() |
bsw/jbe@0 | 129 trace.debug("End of authentication filter.") |
bsw/jbe@0 | 130 end |
bsw/jbe@0 | 131 |