2014-04-23 10:51:50 +08:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* Application level Controller
|
|
|
|
*
|
|
|
|
* This file is application-wide controller file. You can put all
|
|
|
|
* application-wide controller-related methods here.
|
|
|
|
*
|
|
|
|
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
|
|
|
|
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
|
|
|
*
|
|
|
|
* Licensed under The MIT License
|
|
|
|
* For full copyright and license information, please see the LICENSE.txt
|
|
|
|
* Redistributions of files must retain the above copyright notice.
|
|
|
|
*
|
|
|
|
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
|
|
|
|
* @link http://cakephp.org CakePHP(tm) Project
|
|
|
|
* @package app.Controller
|
|
|
|
* @since CakePHP(tm) v 0.2.9
|
|
|
|
* @license http://www.opensource.org/licenses/mit-license.php MIT License
|
|
|
|
*/
|
|
|
|
App::uses('Controller', 'Controller');
|
2015-06-11 10:58:58 +08:00
|
|
|
App::uses('CrudControllerTrait', 'Crud.Lib');
|
2014-04-23 10:51:50 +08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Application Controller
|
|
|
|
*
|
|
|
|
* Add your application-wide methods in the class below, your controllers
|
|
|
|
* will inherit them.
|
|
|
|
*
|
|
|
|
* @package app.Controller
|
|
|
|
* @link http://book.cakephp.org/2.0/en/controllers.html#the-app-controller
|
|
|
|
*/
|
|
|
|
class AppController extends Controller {
|
2015-06-11 10:58:58 +08:00
|
|
|
use CrudControllerTrait;
|
|
|
|
|
|
|
|
public $components = [
|
2015-12-20 07:36:38 +08:00
|
|
|
'Session', // We are going to use SessionHelper to check PHP session vars
|
2015-06-11 10:58:58 +08:00
|
|
|
'RequestHandler',
|
|
|
|
'Crud.Crud' => [
|
|
|
|
'actions' => [
|
|
|
|
'index' => 'Crud.Index',
|
|
|
|
'add' => 'Crud.Add',
|
|
|
|
'edit' => 'Crud.Edit',
|
|
|
|
'view' => 'Crud.View',
|
|
|
|
'keyvalue' => 'Crud.List',
|
|
|
|
'category' => 'Crud.Category'
|
|
|
|
],
|
|
|
|
'listeners' => ['Api', 'ApiTransformation']
|
2018-04-06 02:21:56 +08:00
|
|
|
#],
|
|
|
|
#'DebugKit.Toolbar' => [
|
|
|
|
# 'bootstrap' => true, 'routes' => true
|
|
|
|
]
|
2015-06-11 10:58:58 +08:00
|
|
|
];
|
2015-08-08 04:14:02 +08:00
|
|
|
|
2015-12-20 07:36:38 +08:00
|
|
|
// Global beforeFilter function
|
2015-08-08 04:14:02 +08:00
|
|
|
//Zoneminder sets the username session variable
|
|
|
|
// to the logged in user. If this variable is set
|
|
|
|
// then you are logged in
|
|
|
|
// its pretty simple to extend this to also check
|
|
|
|
// for role and deny API access in future
|
2015-08-12 02:47:49 +08:00
|
|
|
// Also checking to do this only if ZM_OPT_USE_AUTH is on
|
2015-08-08 04:14:02 +08:00
|
|
|
public function beforeFilter() {
|
2015-08-12 02:47:49 +08:00
|
|
|
$this->loadModel('Config');
|
2015-12-20 06:44:02 +08:00
|
|
|
|
2016-06-08 04:25:35 +08:00
|
|
|
$options = array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_OPT_USE_API'));
|
|
|
|
$config = $this->Config->find('first', $options);
|
|
|
|
$zmOptApi = $config['Config']['Value'];
|
2015-12-20 06:44:02 +08:00
|
|
|
|
2016-06-08 04:25:35 +08:00
|
|
|
if ($zmOptApi !='1') {
|
|
|
|
throw new UnauthorizedException(__('API Disabled'));
|
|
|
|
return;
|
2015-12-20 06:44:02 +08:00
|
|
|
}
|
|
|
|
|
2016-06-08 04:25:35 +08:00
|
|
|
$options = array('conditions' => array('Config.' . $this->Config->primaryKey => 'ZM_OPT_USE_AUTH'));
|
|
|
|
$config = $this->Config->find('first', $options);
|
|
|
|
$zmOptAuth = $config['Config']['Value'];
|
2015-12-20 06:44:02 +08:00
|
|
|
|
2018-04-06 02:21:56 +08:00
|
|
|
if ( $zmOptAuth == '1' ) {
|
2018-04-07 02:42:10 +08:00
|
|
|
require_once "../../../includes/auth.php";
|
|
|
|
|
2016-06-21 21:09:58 +08:00
|
|
|
$this->loadModel('User');
|
|
|
|
if ( isset($_REQUEST['user']) and isset($_REQUEST['pass']) ) {
|
2016-06-08 04:25:35 +08:00
|
|
|
$user = $this->User->find('first', array ('conditions' => array (
|
|
|
|
'User.Username' => $_REQUEST['user'],
|
|
|
|
'User.Password' => $_REQUEST['pass'],
|
|
|
|
)) );
|
|
|
|
if ( ! $user ) {
|
|
|
|
throw new UnauthorizedException(__('User not found'));
|
|
|
|
return;
|
|
|
|
} else {
|
|
|
|
$this->Session->Write( 'user.Username', $user['User']['Username'] );
|
|
|
|
$this->Session->Write( 'user.Enabled', $user['User']['Enabled'] );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-05-16 09:51:49 +08:00
|
|
|
if ( isset($_REQUEST['auth']) ) {
|
|
|
|
|
|
|
|
$user = getAuthUser($_REQUEST['auth']);
|
|
|
|
if ( ! $user ) {
|
|
|
|
throw new UnauthorizedException(__('User not found'));
|
|
|
|
return;
|
|
|
|
} else {
|
2018-04-06 02:21:56 +08:00
|
|
|
if ( ! $this->Session->Write('user.Username', $user['Username']) )
|
|
|
|
$this->log("Error writing session var user.Username");
|
|
|
|
if ( ! $this->Session->Write('user.Enabled', $user['Enabled']) )
|
|
|
|
$this->log("Error writing session var user.Enabled");
|
2017-05-16 09:51:49 +08:00
|
|
|
}
|
2018-04-06 02:21:56 +08:00
|
|
|
} # end if REQUEST['auth']
|
2017-05-16 09:51:49 +08:00
|
|
|
|
2018-04-06 02:21:56 +08:00
|
|
|
if ( ! $this->Session->read('user.Username') ) {
|
2016-06-08 04:25:35 +08:00
|
|
|
throw new UnauthorizedException(__('Not Authenticated'));
|
|
|
|
return;
|
2018-04-06 02:21:56 +08:00
|
|
|
} else if ( ! $this->Session->read('user.Enabled') ) {
|
2016-06-08 04:25:35 +08:00
|
|
|
throw new UnauthorizedException(__('User is not enabled'));
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2016-06-08 04:26:58 +08:00
|
|
|
$options = array ('conditions' => array ('User.Username' => $this->Session->Read('user.Username')));
|
2016-06-08 04:25:35 +08:00
|
|
|
$userMonitors = $this->User->find('first', $options);
|
|
|
|
$this->Session->Write('allowedMonitors',$userMonitors['User']['MonitorIds']);
|
|
|
|
$this->Session->Write('streamPermission',$userMonitors['User']['Stream']);
|
|
|
|
$this->Session->Write('eventPermission',$userMonitors['User']['Events']);
|
|
|
|
$this->Session->Write('controlPermission',$userMonitors['User']['Control']);
|
|
|
|
$this->Session->Write('systemPermission',$userMonitors['User']['System']);
|
|
|
|
$this->Session->Write('monitorPermission',$userMonitors['User']['Monitors']);
|
2018-04-07 02:42:10 +08:00
|
|
|
} else {
|
|
|
|
// if auth is not on, you can do everything
|
2016-06-08 04:25:35 +08:00
|
|
|
//$userMonitors = $this->User->find('first', $options);
|
|
|
|
$this->Session->Write('allowedMonitors','');
|
|
|
|
$this->Session->Write('streamPermission','View');
|
|
|
|
$this->Session->Write('eventPermission','Edit');
|
|
|
|
$this->Session->Write('controlPermission','Edit');
|
|
|
|
$this->Session->Write('systemPermission','Edit');
|
|
|
|
$this->Session->Write('monitorPermission','Edit');
|
|
|
|
}
|
2015-12-20 06:44:02 +08:00
|
|
|
|
2015-08-08 04:14:02 +08:00
|
|
|
|
2016-06-08 04:25:35 +08:00
|
|
|
} # end function beforeFilter()
|
2015-08-08 04:14:02 +08:00
|
|
|
|
2014-04-23 10:51:50 +08:00
|
|
|
}
|