<?php
/*
|--------------------------------------------------------------------------
| Application & Route Filters
|--------------------------------------------------------------------------
|
| Below you will find the "before" and "after" events for the application
| which may be used to do any work before or after a request into your
| application. Here you may also register your custom route filters.
|
*/
App::before(function($request)
{
Log::debug('START '.Request::getClientIp().': '.Request::method().' '.Request::path());
if( ! Request::secure())
{
return Redirect::secure(Request::path());
}
});
App::after(function($request, $response)
{
//
});
/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/
Route::filter('auth', function()
{
if (Auth::guest())
{
if (Request::ajax())
{
return Response::make('Unauthorized', 401);
}
else
{
return Redirect::guest('/');
}
}
});
Route::filter('auth.basic', function()
{
return Auth::basic();
});
Route::filter('has_access', function()
{
if(!Auth::user()->has_access)
{
Session::flash('status', 'info');
Session::flash('message', 'At this time, access to OLAS is limited to some users. Check back later or contact an administrator.');
Auth::logout();
return Redirect::action('AuthController@showLogin');
}
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/
Route::filter('guest', function()
{
if (Auth::check())
{
switch (Auth::user()->role) {
case 1:
return Redirect::to('administrator');
break;
case 2:
return Redirect::to('school-coordinator');
break;
case 3:
return Redirect::to('program-coordinator');
break;
case 4:
return Redirect::to('professor');
break;
}
}
});
/*
|--------------------------------------------------------------------------
| Administrator Filter
|--------------------------------------------------------------------------
|
| This filter redirects logged in users except administrators to their
| default page if they try to access a forbidden page.
|
*/
Route::filter('admin', function()
{
if (Auth::user()->role !=1)
{
switch (Auth::user()->role) {
case 2:
return Redirect::to('school-coordinator');
break;
case 3:
return Redirect::to('program-coordinator');
break;
case 4:
return Redirect::to('professor');
break;
}
}
});
/*
|--------------------------------------------------------------------------
| School Coordinator Filter
|--------------------------------------------------------------------------
|
| This filter redirects logged in users below school coordinators to their
| default page if they try to access a forbidden page.
|
*/
Route::filter('scoord', function()
{
if (!(Auth::user()->role ==2 || Auth::user()->role ==1))
{
switch (Auth::user()->role)
{
case 3:
return Redirect::to('program-coordinator');
break;
case 4:
return Redirect::to('professor');
break;
}
}
});
/*
|--------------------------------------------------------------------------
| Program Coordinator Filter
|--------------------------------------------------------------------------
|
| This filter redirects logged in users below program coordinators to their
| default page if they try to access a forbidden page.
|
*/
Route::filter('pcoord', function()
{
if (!(Auth::user()->role ==3 || Auth::user()->role ==2 || Auth::user()->role ==1))
{
return Redirect::to('professor');
}
});
/*
|--------------------------------------------------------------------------
| Professor Filter
|--------------------------------------------------------------------------
|
| This filter redirects logged in users except profesors to their
| default page if they try to access a forbidden page.
|
*/
Route::filter('prof', function()
{
// If user has no courses then s/he is not a professor
// and must be redirected to her/his overview page
if (!count(Auth::user()->courses))
{
switch (Auth::user()->role) {
case 1:
return Redirect::to('administrator');
break;
case 2:
return Redirect::to('school-coordinator');
break;
case 3:
return Redirect::to('program-coordinator');
break;
}
}
});
/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function()
{
$token = Request::ajax() ? Request::header('X-CSRF-Token') : Input::get('_token');
if (Session::token() !== $token)
{
throw new Illuminate\Session\TokenMismatchException;
}
});