CDCC
/
OLAS


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235
							<?php

/*
|--------------------------------------------------------------------------
| Application & Route Filters
|--------------------------------------------------------------------------
|
| Below you will find the "before" and "after" events for the application
| which may be used to do any work before or after a request into your
| application. Here you may also register your custom route filters.
|
*/

App::before(function($request)
{
	Log::debug('START '.Request::getClientIp().': '.Request::method().' '.Request::path());

	if( ! Request::secure())
    {
        return Redirect::secure(Request::path());
    }
});


App::after(function($request, $response)
{
	//
});

/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/

Route::filter('auth', function()
{
	if (Auth::guest())
	{
		if (Request::ajax())
		{
			return Response::make('Unauthorized', 401);
		}
		else
		{
			return Redirect::guest('/');
		}
	}
});


Route::filter('auth.basic', function()
{
	return Auth::basic();
});

Route::filter('has_access', function()
{
	if(!Auth::user()->has_access)
	{
		Session::flash('status', 'info');
		Session::flash('message', 'At this time, access to OLAS is limited to some users. Check back later or contact an administrator.');
		Auth::logout();
		return Redirect::action('AuthController@showLogin');
	}

});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/

Route::filter('guest', function()
{
	if (Auth::check())
	{
		switch (Auth::user()->role) {
			case 1:
				return Redirect::to('administrator');
				break;

			case 2:
				return Redirect::to('school-coordinator');
				break;

			case 3:
				return Redirect::to('program-coordinator');
				break;

			case 4:
				return Redirect::to('professor');
				break;
		}
	}
});

/*
|--------------------------------------------------------------------------
| Administrator Filter
|--------------------------------------------------------------------------
|
| This filter redirects logged in users except administrators to their
| default page if they try to access a forbidden page.
|
*/

Route::filter('admin', function()
{
	if (Auth::user()->role !=1)
	{
		switch (Auth::user()->role) {
			case 2:
				return Redirect::to('school-coordinator');
				break;

			case 3:
				return Redirect::to('program-coordinator');
				break;

			case 4:
				return Redirect::to('professor');
				break;
		}
	}
});

/*
|--------------------------------------------------------------------------
| School Coordinator Filter
|--------------------------------------------------------------------------
|
| This filter redirects logged in users below school coordinators to their
| default page if they try to access a forbidden page.
|
*/

Route::filter('scoord', function()
{

	if (!(Auth::user()->role ==2 || Auth::user()->role ==1))
	{
		switch (Auth::user()->role)
		{

			case 3:
				return Redirect::to('program-coordinator');
				break;

			case 4:
				return Redirect::to('professor');
				break;
		}
	}
});

/*
|--------------------------------------------------------------------------
| Program Coordinator Filter
|--------------------------------------------------------------------------
|
| This filter redirects logged in users below program coordinators to their
| default page if they try to access a forbidden page.
|
*/

Route::filter('pcoord', function()
{
	if (!(Auth::user()->role ==3 || Auth::user()->role ==2 || Auth::user()->role ==1))
	{
		return Redirect::to('professor');
	}
});

/*
|--------------------------------------------------------------------------
| Professor Filter
|--------------------------------------------------------------------------
|
| This filter redirects logged in users except profesors to their
| default page if they try to access a forbidden page.
|
*/

Route::filter('prof', function()
{
	// If user has no courses then s/he is not a professor
	// and must be redirected to her/his overview page
	if (!count(Auth::user()->courses))
	{
		switch (Auth::user()->role) {
			case 1:
				return Redirect::to('administrator');
				break;

			case 2:
				return Redirect::to('school-coordinator');
				break;

			case 3:
				return Redirect::to('program-coordinator');
				break;
		}
	}
});

/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/

Route::filter('csrf', function()
{
	$token = Request::ajax() ? Request::header('X-CSRF-Token') : Input::get('_token');
	if (Session::token() !== $token)
	{
	  throw new Illuminate\Session\TokenMismatchException;
	}
});