public function init()
{
parent::init();
// set language
if (\Zend_Registry::isRegistered("Zend_Locale")) {
$locale = (string) \Zend_Registry::get("Zend_Locale");
$this->setLanguage($locale);
} else {
if ($this->getParam("language")) {
$this->setLanguage($this->getParam("language"));
} else {
$config = Config::getSystemConfig();
$this->setLanguage($config->general->language);
// try to set browser-language (validation if installed is in $this->setLanguage() )
$this->setLanguage(new \Zend_Locale());
}
}
if (self::$adminInitialized) {
// this will be executed on every call to this init() method
try {
$this->setUser(\Zend_Registry::get("pimcore_admin_user"));
} catch (\Exception $e) {
Logger::emerg("adminInitialized was set to true although there was no user set in the registry -> to be save the process was killed");
exit;
}
} else {
// the following code is only called once, even when there are some subcalls (eg. with $this->action, ... )
\Pimcore::getEventManager()->trigger("admin.controller.preInit", $this);
$this->disableBrowserCache();
// general definitions
Model\Document::setHideUnpublished(false);
Model\Object\AbstractObject::setHideUnpublished(false);
Model\Object\AbstractObject::setGetInheritedValues(false);
Model\Object\Localizedfield::setGetFallbackValues(false);
\Pimcore::setAdminMode();
// init translations
self::initTranslations($this);
// init zend action helpers, we need to leave the prefixed class name here as the plugin loader isn't able to handle namespaces
\Zend_Controller_Action_HelperBroker::addPrefix('Pimcore_Controller_Action_Helper');
// this is to make it possible to use the session id as a part of the route (ZF default route) used for external editors, etc.
if ($this->getParam("pimcore_admin_sid")) {
$_REQUEST["pimcore_admin_sid"] = $this->getParam("pimcore_admin_sid");
}
// authenticate user, first try to authenticate with session information
$user = Authentication::authenticateSession();
if ($user instanceof Model\User) {
$this->setUser($user);
if ($this->getUser()->getLanguage()) {
$this->setLanguage($this->getUser()->getLanguage());
}
} else {
// try to authenticate with http basic auth, but this is only allowed for WebDAV
if ($this->getParam("module") == "admin" && $this->getParam("controller") == "asset" && $this->getParam("action") == "webdav") {
$user = Authentication::authenticateHttpBasic();
if ($user instanceof Model\User) {
$this->setUser($user);
\Zend_Registry::set("pimcore_admin_user", $this->getUser());
self::$adminInitialized = true;
return;
}
}
}
// redirect to the login-page if the user isn't authenticated
if (!$this->getUser() instanceof Model\User && !($this->getParam("module") == "admin" && $this->getParam("controller") == "login")) {
// put a detailed message into the debug.log
Logger::error("Prevented access to " . $_SERVER["REQUEST_URI"] . " because there is no user in the session!", ["server" => $_SERVER, "get" => $_GET, "post" => $_POST, "session" => $_SESSION, "cookie" => $_COOKIE]);
// send a auth header for the client (is covered by the ajax object in javascript)
$this->getResponse()->setHeader("X-Pimcore-Auth", "required");
// redirect to login page
$this->redirect("/admin/login");
// exit the execution -> just to be sure
exit;
}
// we're now authenticated so we can remove the default error handler so that we get just the normal PHP errors
if ($this->getParam("controller") != "login") {
$front = \Zend_Controller_Front::getInstance();
$front->unregisterPlugin("Pimcore\\Controller\\Plugin\\ErrorHandler");
$front->throwExceptions(true);
@ini_set("display_errors", "On");
@ini_set("display_startup_errors", "On");
}
\Zend_Registry::set("pimcore_admin_user", $this->getUser());
self::$adminInitialized = true;
// usage statistics
$this->logUsageStatistics();
\Pimcore::getEventManager()->trigger("admin.controller.postInit", $this);
}
}
