- Posts: 12
- Thank you received: 0
Welcome to the LimeSurvey Community Forum
Ask the community, share ideas, and connect with other LimeSurvey users!
How to check if given URL is frontend/backend in LS5?
- 2BITS_PL
- Topic Author
- Offline
- New Member
Less
More
1 year 2 months ago #239614
by 2BITS_PL
How to check if given URL is frontend/backend in LS5? was created by 2BITS_PL
In LS 3 it was enough to check $this->getEvent()->get('controller') == 'admin' for the beforeControllerAction event. And that was enough to know that someone was trying to get into the backend.
In LS 5, I am unable to determine if the user has accessed the backend. Because there are many different controllers than Admin that give access to manage the application. For example, when I go to the "homepageSettings" or "surveyAdministration" page, it is the backend.
I need such verification to use a plugin created for LS3, based on given criteria, to check whether someone should be granted access to the backend or not. I can't imagine defining a list of all controllers that play this role, it will be difficult to keep it, is there an easier way?
In LS 5, I am unable to determine if the user has accessed the backend. Because there are many different controllers than Admin that give access to manage the application. For example, when I go to the "homepageSettings" or "surveyAdministration" page, it is the backend.
I need such verification to use a plugin created for LS3, based on given criteria, to check whether someone should be granted access to the backend or not. I can't imagine defining a list of all controllers that play this role, it will be difficult to keep it, is there an easier way?
Please Log in to join the conversation.
- bismark
- Offline
- Senior Member
Less
More
- Posts: 70
- Thank you received: 15
1 year 2 months ago #239670
by bismark
Replied by bismark on topic How to check if given URL is frontend/backend in LS5?
if (Yii::app()->user->id) <- we have a LimeSurvey user here with access to the backend
Please Log in to join the conversation.
- 2BITS_PL
- Topic Author
- Offline
- New Member
Less
More
- Posts: 12
- Thank you received: 0
1 year 2 months ago #239714
by 2BITS_PL
I want people who open my site in a browser (unauthenticated) to have completely restricted access to the backend so that the backend pages return a 404 error.
I am considering 3 options:
- by configuration, exclusion for a specific domain - is it possible in some magical way? - I have not found.
- physical deletion of files or a piece of code that is responsible for it (problematic with updates)
- preparation of a plugin that would be able to define what fronted/backend is. Unfortunately, the routing table won't tell me that, nor will the physical location of the controllers. Do I really need to check all controllers and actions?
PS The beforeSurveyPage event - applies to the survey page only, not the home page and related activities. So it does not comprehensively define what a frontend is.
Replied by 2BITS_PL on topic How to check if given URL is frontend/backend in LS5?
After logging in yes. But before logging in, typing " example.test/userRole/index " in the browser will work, it's available. The fact will redirect to /admin/authentication because I don't have permissions, but in IIS and with account creation enabled it will behave differently.if (Yii::app()->user->id) <- we have a LimeSurvey user here with access to the backend
I want people who open my site in a browser (unauthenticated) to have completely restricted access to the backend so that the backend pages return a 404 error.
I am considering 3 options:
- by configuration, exclusion for a specific domain - is it possible in some magical way? - I have not found.
- physical deletion of files or a piece of code that is responsible for it (problematic with updates)
- preparation of a plugin that would be able to define what fronted/backend is. Unfortunately, the routing table won't tell me that, nor will the physical location of the controllers. Do I really need to check all controllers and actions?
PS The beforeSurveyPage event - applies to the survey page only, not the home page and related activities. So it does not comprehensively define what a frontend is.
Please Log in to join the conversation.