CDCC
/
OLAS
Watch 3
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
No Description
13 Commits
14 Branches
Tree: fc142f4fe2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fc142f4fe2'
${ noResults }
OLAS/app/filters.php

filters.php 5.4KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210 
  1. <?php

  2. 

  3. /*

  4. |--------------------------------------------------------------------------

  5. | Application & Route Filters

  6. |--------------------------------------------------------------------------

  7. |

  8. | Below you will find the "before" and "after" events for the application

  9. | which may be used to do any work before or after a request into your

  10. | application. Here you may also register your custom route filters.

  11. |

  12. */

  13. 

  14. App::before(function ($request) {

  15. 	Log::debug('START ' . Request::getClientIp() . ': ' . Request::method() . ' ' . Request::path());

  16. 

  17. 	//if (!Request::secure()) {

  18. 	//	return Redirect::secure(Request::path());

  19. 	//}

  20. });

  21. 

  22. 

  23. App::after(function ($request, $response) {

  24. 	//

  25. });

  26. 

  27. /*

  28. |--------------------------------------------------------------------------

  29. | Authentication Filters

  30. |--------------------------------------------------------------------------

  31. |

  32. | The following filters are used to verify that the user of the current

  33. | session is logged into this application. The "basic" filter easily

  34. | integrates HTTP Basic authentication for quick, simple checking.

  35. |

  36. */

  37. 

  38. Route::filter('auth', function () {

  39. 	if (Auth::guest()) {

  40. 		if (Request::ajax()) {

  41. 			return Response::make('Unauthorized', 401);

  42. 		} else {

  43. 			return Redirect::guest('/');

  44. 		}

  45. 	}

  46. });

  47. 

  48. 

  49. Route::filter('auth.basic', function () {

  50. 	return Auth::basic();

  51. });

  52. 

  53. Route::filter('has_access', function () {

  54. 	if (!Auth::user()->has_access) {

  55. 		Session::flash('status', 'info');

  56. 		Session::flash('message', 'At this time, access to OLAS is limited to some users. Check back later or contact an administrator.');

  57. 		Auth::logout();

  58. 		return Redirect::action('AuthController@showLogin');

  59. 	}

  60. });

  61. /*

  62. |--------------------------------------------------------------------------

  63. | Guest Filter

  64. |--------------------------------------------------------------------------

  65. |

  66. | The "guest" filter is the counterpart of the authentication filters as

  67. | it simply checks that the current user is not logged in. A redirect

  68. | response will be issued if they are, which you may freely change.

  69. |

  70. */

  71. 

  72. Route::filter('guest', function () {

  73. 	if (Auth::check()) {

  74. 		switch (Auth::user()->role) {

  75. 			case 1:

  76. 				return Redirect::to('administrator');

  77. 				break;

  78. 

  79. 			case 2:

  80. 				return Redirect::to('school-coordinator');

  81. 				break;

  82. 

  83. 			case 3:

  84. 				return Redirect::to('program-coordinator');

  85. 				break;

  86. 

  87. 			case 4:

  88. 				return Redirect::to('professor');

  89. 				break;

  90. 		}

  91. 	}

  92. });

  93. 

  94. /*

  95. |--------------------------------------------------------------------------

  96. | Administrator Filter

  97. |--------------------------------------------------------------------------

  98. |

  99. | This filter redirects logged in users except administrators to their

  100. | default page if they try to access a forbidden page.

  101. |

  102. */

  103. 

  104. Route::filter('admin', function () {

  105. 	if (Auth::user()->role != 1) {

  106. 		switch (Auth::user()->role) {

  107. 			case 2:

  108. 				return Redirect::to('school-coordinator');

  109. 				break;

  110. 

  111. 			case 3:

  112. 				return Redirect::to('program-coordinator');

  113. 				break;

  114. 

  115. 			case 4:

  116. 				return Redirect::to('professor');

  117. 				break;

  118. 		}

  119. 	}

  120. });

  121. 

  122. /*

  123. |--------------------------------------------------------------------------

  124. | School Coordinator Filter

  125. |--------------------------------------------------------------------------

  126. |

  127. | This filter redirects logged in users below school coordinators to their

  128. | default page if they try to access a forbidden page.

  129. |

  130. */

  131. 

  132. Route::filter('scoord', function () {

  133. 

  134. 	if (!(Auth::user()->role == 2 || Auth::user()->role == 1)) {

  135. 		switch (Auth::user()->role) {

  136. 

  137. 			case 3:

  138. 				return Redirect::to('program-coordinator');

  139. 				break;

  140. 

  141. 			case 4:

  142. 				return Redirect::to('professor');

  143. 				break;

  144. 		}

  145. 	}

  146. });

  147. 

  148. /*

  149. |--------------------------------------------------------------------------

  150. | Program Coordinator Filter

  151. |--------------------------------------------------------------------------

  152. |

  153. | This filter redirects logged in users below program coordinators to their

  154. | default page if they try to access a forbidden page.

  155. |

  156. */

  157. 

  158. Route::filter('pcoord', function () {

  159. 	if (!(Auth::user()->role == 3 || Auth::user()->role == 2 || Auth::user()->role == 1)) {

  160. 		return Redirect::to('professor');

  161. 	}

  162. });

  163. 

  164. /*

  165. |--------------------------------------------------------------------------

  166. | Professor Filter

  167. |--------------------------------------------------------------------------

  168. |

  169. | This filter redirects logged in users except profesors to their

  170. | default page if they try to access a forbidden page.

  171. |

  172. */

  173. 

  174. Route::filter('prof', function () {

  175. 	// If user has no courses then s/he is not a professor

  176. 	// and must be redirected to her/his overview page

  177. 	if (!count(Auth::user()->courses)) {

  178. 		switch (Auth::user()->role) {

  179. 			case 1:

  180. 				return Redirect::to('administrator');

  181. 				break;

  182. 

  183. 			case 2:

  184. 				return Redirect::to('school-coordinator');

  185. 				break;

  186. 

  187. 			case 3:

  188. 				return Redirect::to('program-coordinator');

  189. 				break;

  190. 		}

  191. 	}

  192. });

  193. 

  194. /*

  195. |--------------------------------------------------------------------------

  196. | CSRF Protection Filter

  197. |--------------------------------------------------------------------------

  198. |

  199. | The CSRF filter is responsible for protecting your application against

  200. | cross-site request forgery attacks. If this special token in a user

  201. | session does not match the one given in this request, we'll bail.

  202. |

  203. */

  204. 

  205. Route::filter('csrf', function () {

  206. 	$token = Request::ajax() ? Request::header('X-CSRF-Token') : Input::get('_token');

  207. 	if (Session::token() !== $token) {

  208. 		throw new Illuminate\Session\TokenMismatchException;

  209. 	}

  210. });