Home/ Questions/Q 302487
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-12T07:06:07+00:00

I just created a plugin to go with my site to make sure a

  • 0

I just created a plugin to go with my site to make sure a user is authenticated before performing an action. This is the plugin:

class Booze_Plugin_AclPlugin extends Zend_Controller_Plugin_Abstract{

public function preDispatch(Zend_Controller_Request_Abstract $request)
{
    $auth = Booze_Permissions_Auth::getInstance();
    $acl = Zend_Registry::get('acl');

    if(!$auth->hasIdentity())
    {
        $role = Booze_Permissions_Roles::GUEST;
    }
    else
    {
        $role = $auth->getUser()->role;
    }

    $resource = $request->getControllerName();
    $privilege = $request->getActionName();

    if(!$acl->isAllowed($role, $resource, $privilege))
    {
        Booze_Log::log("ACLPlugin: Sent to login");

        $request->setControllerName('login');
        $request->setActionName('index');
        $request->setDispatched(false);
    }
}

}

It seems to work for pages that aren’t async. However, I have a controller who’s job is to perform async functions. This is that controller (relevant parts):

class AsyncController extends Zend_Controller_Action{

public function init()
{

    if(!$this->getRequest()->isXMLHttpRequest())
    {
        $this->_forward('index', 'index');
    }

    $this->_helper->viewRenderer->setNoRender();
    $this->_helper->getHelper('layout')->disableLayout();
 }

 public function addcommentAction()
 {
    $params = $this->getDecoded('comment', true);
    $params_array = (array)$params;

    $auth = Booze_Permissions_Auth::getInstance();
    if(!$auth->hasIdentity())
    {
        $this->getResponse()->setBody("Guest");
    }

    $params_array['user_id'] = $auth->getUser('user_id');
    $params_array['store_id'] = Booze_Storage::get('store_id');

    if($this->comments->insertComment($params_array))
    {
        $this->getResponse()->setBody("success");
    }
    else
    {
        $this->getResponse()->setBody("CommentFail");
    }
 }

When I call the async function addcommentAction, even when signed in as a guest, it does not take me to the login controller. I have, however, found out from firebug, that it IS sending the html for the login controller, but just isn’t showing up in my browser. In my mind this must have something to do with the fact that the async controller has, in the init, turned off view rendering and the layout. I’ve tried messing with it, and can’t figure out a reliable way to make sure the redirect in the plugin always renders, and shows itself. Any help would be outstanding.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I would add in the !isAllowed() part of plugin this:

    if(!$acl->isAllowed($role, $resource, $privilege))
{
    if(!$this->getRequest()->isXMLHttpRequest())
    {
        //@todo getResponse
        $response->setBody(Zend_Json::encode(array('result'=>'fail', 'reason'=>'Need login');
        $response->sendResponse();
        exit;
    }

    Booze_Log::log("ACLPlugin: Sent to login");

    $request->setControllerName('login');
    $request->setActionName('index');
    $request->setDispatched(false);
}

    Than on your async page handle incloming JSON when result is ‘fail’.

    • 0