diff --git a/modules/statistics/lib/AccessCheck.php b/modules/statistics/lib/AccessCheck.php
index 1a73ddf00f5b82538fea132fef63790ed4cb7350..867927436d2699c028cf48ccedc368e2cd810d99 100644
--- a/modules/statistics/lib/AccessCheck.php
+++ b/modules/statistics/lib/AccessCheck.php
@@ -26,61 +26,61 @@ class sspmod_statistics_AccessCheck {
throw new SimpleSAML_Error_Exception('Invalid value for \'acl\'-option. Should be an array or a string.');
}
- if ($protected) {
-
- if (SimpleSAML_Utilities::isAdmin()) {
- // User logged in as admin. OK.
- SimpleSAML_Logger::debug('Statistics auth - logged in as admin, access granted');
-
- } elseif(isset($authsource) && $session->isValid($authsource) ) {
-
- // User logged in with auth source.
- SimpleSAML_Logger::debug('Statistics auth - valid login with auth source [' . $authsource . ']');
-
- // Retrieving attributes
- $attributes = $session->getAttributes();
-
- $allow = FALSE;
- if (!empty($allowedusers)) {
- // Check if userid exists
- if (!isset($attributes[$useridattr][0]))
- throw new Exception('User ID is missing');
-
- // Check if userid is allowed access..
- if (!in_array($attributes[$useridattr][0], $allowedusers)) {
- SimpleSAML_Logger::debug('Statistics auth - User denied access by user ID [' . $attributes[$useridattr][0] . ']');
- } else {
- SimpleSAML_Logger::debug('Statistics auth - User granted access by user ID [' . $attributes[$useridattr][0] . ']');
- $allow = TRUE;
- }
- } else {
- SimpleSAML_Logger::debug('Statistics auth - no allowedUsers list.');
- }
+ if (!$protected) {
+ return;
+ }
- if (!$allow && !is_null($acl)) {
- $acl = new sspmod_core_ACL($acl);
- if (!$acl->allows($attributes)) {
- SimpleSAML_Logger::debug('Statistics auth - denied access by ACL.');
- } else {
- SimpleSAML_Logger::debug('Statistics auth - allowed access by ACL.');
- $allow = TRUE;
- }
- } else {
- SimpleSAML_Logger::debug('Statistics auth - no ACL configured.');
- }
+ if (SimpleSAML_Utilities::isAdmin()) {
+ // User logged in as admin. OK.
+ SimpleSAML_Logger::debug('Statistics auth - logged in as admin, access granted');
+ return;
+ }
+
+ if (isset($authsource) && $session->isValid($authsource) ) {
+
+ // User logged in with auth source.
+ SimpleSAML_Logger::debug('Statistics auth - valid login with auth source [' . $authsource . ']');
+
+ // Retrieving attributes
+ $attributes = $session->getAttributes();
+
+ if (!empty($allowedusers)) {
+ // Check if userid exists
+ if (!isset($attributes[$useridattr][0]))
+ throw new Exception('User ID is missing');
- if (!$allow) {
- throw new SimpleSAML_Error_Exception('Access denied to the current user.');
+ // Check if userid is allowed access..
+ if (in_array($attributes[$useridattr][0], $allowedusers)) {
+ SimpleSAML_Logger::debug('Statistics auth - User granted access by user ID [' . $attributes[$useridattr][0] . ']');
+ return;
}
+ SimpleSAML_Logger::debug('Statistics auth - User denied access by user ID [' . $attributes[$useridattr][0] . ']');
- } elseif(isset($authsource)) {
- // If user is not logged in init login with authrouce if authsousrce is defined.
- SimpleSAML_Auth_Default::initLogin($authsource, SimpleSAML_Utilities::selfURL());
+ } else {
+ SimpleSAML_Logger::debug('Statistics auth - no allowedUsers list.');
+ }
+ if (!is_null($acl)) {
+ $acl = new sspmod_core_ACL($acl);
+ if ($acl->allows($attributes)) {
+ SimpleSAML_Logger::debug('Statistics auth - allowed access by ACL.');
+ return;
+ }
+ SimpleSAML_Logger::debug('Statistics auth - denied access by ACL.');
} else {
- // If authsource is not defined, init admin login.
- SimpleSAML_Utilities::requireAdmin();
+ SimpleSAML_Logger::debug('Statistics auth - no ACL configured.');
}
+
+ throw new SimpleSAML_Error_Exception('Access denied to the current user.');
+
+ }
+
+ if(isset($authsource)) {
+ // If user is not logged in init login with authrouce if authsousrce is defined.
+ SimpleSAML_Auth_Default::initLogin($authsource, SimpleSAML_Utilities::selfURL());
+ } else {
+ // If authsource is not defined, init admin login.
+ SimpleSAML_Utilities::requireAdmin();
}
}