CDCC
/
OLAS
Watch 3
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
16 Commits
14 Branches
Tree: a748f26801
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a748f26801'
${ noResults }
OLAS/app/filters.php

filters.php 5.4KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235 
  1. <?php

  2. 

  3. /*

  4. |--------------------------------------------------------------------------

  5. | Application & Route Filters

  6. |--------------------------------------------------------------------------

  7. |

  8. | Below you will find the "before" and "after" events for the application

  9. | which may be used to do any work before or after a request into your

  10. | application. Here you may also register your custom route filters.

  11. |

  12. */

  13. 

  14. App::before(function($request)

  15. {

  16. 	Log::debug('START '.Request::getClientIp().': '.Request::method().' '.Request::path());

  17. 

  18. 	if( ! Request::secure())

  19.     {

  20.         return Redirect::secure(Request::path());

  21.     }

  22. });

  23. 

  24. 

  25. App::after(function($request, $response)

  26. {

  27. 	//

  28. });

  29. 

  30. /*

  31. |--------------------------------------------------------------------------

  32. | Authentication Filters

  33. |--------------------------------------------------------------------------

  34. |

  35. | The following filters are used to verify that the user of the current

  36. | session is logged into this application. The "basic" filter easily

  37. | integrates HTTP Basic authentication for quick, simple checking.

  38. |

  39. */

  40. 

  41. Route::filter('auth', function()

  42. {

  43. 	if (Auth::guest())

  44. 	{

  45. 		if (Request::ajax())

  46. 		{

  47. 			return Response::make('Unauthorized', 401);

  48. 		}

  49. 		else

  50. 		{

  51. 			return Redirect::guest('/');

  52. 		}

  53. 	}

  54. });

  55. 

  56. 

  57. Route::filter('auth.basic', function()

  58. {

  59. 	return Auth::basic();

  60. });

  61. 

  62. Route::filter('has_access', function()

  63. {

  64. 	if(!Auth::user()->has_access)

  65. 	{

  66. 		Session::flash('status', 'info');

  67. 		Session::flash('message', 'At this time, access to OLAS is limited to some users. Check back later or contact an administrator.');

  68. 		Auth::logout();

  69. 		return Redirect::action('AuthController@showLogin');

  70. 	}

  71. 

  72. });

  73. /*

  74. |--------------------------------------------------------------------------

  75. | Guest Filter

  76. |--------------------------------------------------------------------------

  77. |

  78. | The "guest" filter is the counterpart of the authentication filters as

  79. | it simply checks that the current user is not logged in. A redirect

  80. | response will be issued if they are, which you may freely change.

  81. |

  82. */

  83. 

  84. Route::filter('guest', function()

  85. {

  86. 	if (Auth::check())

  87. 	{

  88. 		switch (Auth::user()->role) {

  89. 			case 1:

  90. 				return Redirect::to('administrator');

  91. 				break;

  92. 

  93. 			case 2:

  94. 				return Redirect::to('school-coordinator');

  95. 				break;

  96. 

  97. 			case 3:

  98. 				return Redirect::to('program-coordinator');

  99. 				break;

  100. 

  101. 			case 4:

  102. 				return Redirect::to('professor');

  103. 				break;

  104. 		}

  105. 	}

  106. });

  107. 

  108. /*

  109. |--------------------------------------------------------------------------

  110. | Administrator Filter

  111. |--------------------------------------------------------------------------

  112. |

  113. | This filter redirects logged in users except administrators to their

  114. | default page if they try to access a forbidden page.

  115. |

  116. */

  117. 

  118. Route::filter('admin', function()

  119. {

  120. 	if (Auth::user()->role !=1)

  121. 	{

  122. 		switch (Auth::user()->role) {

  123. 			case 2:

  124. 				return Redirect::to('school-coordinator');

  125. 				break;

  126. 

  127. 			case 3:

  128. 				return Redirect::to('program-coordinator');

  129. 				break;

  130. 

  131. 			case 4:

  132. 				return Redirect::to('professor');

  133. 				break;

  134. 		}

  135. 	}

  136. });

  137. 

  138. /*

  139. |--------------------------------------------------------------------------

  140. | School Coordinator Filter

  141. |--------------------------------------------------------------------------

  142. |

  143. | This filter redirects logged in users below school coordinators to their

  144. | default page if they try to access a forbidden page.

  145. |

  146. */

  147. 

  148. Route::filter('scoord', function()

  149. {

  150. 

  151. 	if (!(Auth::user()->role ==2 || Auth::user()->role ==1))

  152. 	{

  153. 		switch (Auth::user()->role)

  154. 		{

  155. 

  156. 			case 3:

  157. 				return Redirect::to('program-coordinator');

  158. 				break;

  159. 

  160. 			case 4:

  161. 				return Redirect::to('professor');

  162. 				break;

  163. 		}

  164. 	}

  165. });

  166. 

  167. /*

  168. |--------------------------------------------------------------------------

  169. | Program Coordinator Filter

  170. |--------------------------------------------------------------------------

  171. |

  172. | This filter redirects logged in users below program coordinators to their

  173. | default page if they try to access a forbidden page.

  174. |

  175. */

  176. 

  177. Route::filter('pcoord', function()

  178. {

  179. 	if (!(Auth::user()->role ==3 || Auth::user()->role ==2 || Auth::user()->role ==1))

  180. 	{

  181. 		return Redirect::to('professor');

  182. 	}

  183. });

  184. 

  185. /*

  186. |--------------------------------------------------------------------------

  187. | Professor Filter

  188. |--------------------------------------------------------------------------

  189. |

  190. | This filter redirects logged in users except profesors to their

  191. | default page if they try to access a forbidden page.

  192. |

  193. */

  194. 

  195. Route::filter('prof', function()

  196. {

  197. 	// If user has no courses then s/he is not a professor

  198. 	// and must be redirected to her/his overview page

  199. 	if (!count(Auth::user()->courses))

  200. 	{

  201. 		switch (Auth::user()->role) {

  202. 			case 1:

  203. 				return Redirect::to('administrator');

  204. 				break;

  205. 

  206. 			case 2:

  207. 				return Redirect::to('school-coordinator');

  208. 				break;

  209. 

  210. 			case 3:

  211. 				return Redirect::to('program-coordinator');

  212. 				break;

  213. 		}

  214. 	}

  215. });

  216. 

  217. /*

  218. |--------------------------------------------------------------------------

  219. | CSRF Protection Filter

  220. |--------------------------------------------------------------------------

  221. |

  222. | The CSRF filter is responsible for protecting your application against

  223. | cross-site request forgery attacks. If this special token in a user

  224. | session does not match the one given in this request, we'll bail.

  225. |

  226. */

  227. 

  228. Route::filter('csrf', function()

  229. {

  230. 	$token = Request::ajax() ? Request::header('X-CSRF-Token') : Input::get('_token');

  231. 	if (Session::token() !== $token)

  232. 	{

  233. 	  throw new Illuminate\Session\TokenMismatchException;

  234. 	}

  235. });