From 11630230623db12b06ad5656504770a38bd9e0f8 Mon Sep 17 00:00:00 2001
From: Dmitriy Simushev <simushevds@ossg.ru>
Date: Fri, 30 May 2014 10:53:22 +0000
Subject: [PATCH] Rewrite Authentication Manager to keep the current operator
 within it

---
 .../AccessControl/Check/AbstractCheck.php     |  58 ++++
 .../AccessControl/Check/CheckResolver.php     |  32 +-
 .../AccessControl/Check/LoggedInCheck.php     |   4 +-
 .../AccessControl/Check/OperatorEditCheck.php |   2 +-
 .../AccessControl/Check/OperatorViewCheck.php |   2 +-
 .../AccessControl/Check/PermissionsCheck.php  |   2 +-
 src/mibew/libs/classes/Mibew/Application.php  |  21 +-
 .../Authentication/AuthenticationManager.php  | 319 +++++++++++-------
 .../AuthenticationManagerAwareInterface.php   |  39 +++
 .../AuthenticationManagerInterface.php        |  71 ++++
 .../Mibew/Controller/AbstractController.php   |  35 +-
 .../Mibew/Controller/BanController.php        |   6 +-
 .../Mibew/Controller/ButtonCodeController.php |   2 +-
 .../Controller/CannedMessageController.php    |   6 +-
 .../Mibew/Controller/ControllerResolver.php   |  16 +-
 .../Controller/Group/ManagementController.php |   2 +-
 .../Controller/Group/MembersController.php    |   2 +-
 .../Controller/Group/SettingsController.php   |   2 +-
 .../Mibew/Controller/HistoryController.php    |   6 +-
 .../Mibew/Controller/InvitationController.php |   2 +-
 .../Mibew/Controller/LoginController.php      |  21 +-
 .../Mibew/Controller/LogoutController.php     |  10 +-
 .../Controller/Operator/AvatarController.php  |  12 +-
 .../Controller/Operator/GroupsController.php  |   4 +-
 .../Operator/ManagementController.php         |   6 +-
 .../Operator/PermissionsController.php        |  10 +-
 .../Controller/Operator/ProfileController.php |  10 +-
 .../Controller/PasswordRecoveryController.php |   2 +-
 .../Controller/Settings/CommonController.php  |   2 +-
 .../Settings/FeaturesController.php           |   2 +-
 .../Settings/PerformanceController.php        |   2 +-
 .../Mibew/Controller/StatisticsController.php |   2 +-
 .../Controller/TranslationController.php      |   6 +-
 .../Mibew/Controller/UpdatesController.php    |   2 +-
 .../Mibew/Controller/UsersController.php      |   2 +-
 35 files changed, 507 insertions(+), 215 deletions(-)
 create mode 100644 src/mibew/libs/classes/Mibew/AccessControl/Check/AbstractCheck.php
 create mode 100644 src/mibew/libs/classes/Mibew/Authentication/AuthenticationManagerAwareInterface.php
 create mode 100644 src/mibew/libs/classes/Mibew/Authentication/AuthenticationManagerInterface.php

diff --git a/src/mibew/libs/classes/Mibew/AccessControl/Check/AbstractCheck.php b/src/mibew/libs/classes/Mibew/AccessControl/Check/AbstractCheck.php
new file mode 100644
index 00000000..1c0a7226
--- /dev/null
+++ b/src/mibew/libs/classes/Mibew/AccessControl/Check/AbstractCheck.php
@@ -0,0 +1,58 @@
+<?php
+/*
+ * Copyright 2005-2014 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Mibew\AccessControl\Check;
+
+use Mibew\Authentication\AuthenticationManagerAwareInterface;
+use Mibew\Authentication\AuthenticationManagerInterface;
+
+/**
+ * Abstract check that provide an ability to use Authentication manager.
+ */
+abstract class AbstractCheck implements AuthenticationManagerAwareInterface
+{
+    /**
+     * @var AuthenticationManagerInterface|null
+     */
+    protected $authenticationManager = null;
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getAuthenticationManager()
+    {
+        return $this->authenticationManager;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function setAuthenticationManager(AuthenticationManagerInterface $manager)
+    {
+        $this->authenticationManager = $manager;
+    }
+
+    /**
+     * Returns the current operator.
+     *
+     * @return array Operator's data
+     */
+    public function getOperator()
+    {
+        return $this->getAuthenticationManager()->getOperator();
+    }
+}
diff --git a/src/mibew/libs/classes/Mibew/AccessControl/Check/CheckResolver.php b/src/mibew/libs/classes/Mibew/AccessControl/Check/CheckResolver.php
index 3d0c6000..7573db78 100644
--- a/src/mibew/libs/classes/Mibew/AccessControl/Check/CheckResolver.php
+++ b/src/mibew/libs/classes/Mibew/AccessControl/Check/CheckResolver.php
@@ -17,10 +17,28 @@
 
 namespace Mibew\AccessControl\Check;
 
+use Mibew\Authentication\AuthenticationManagerAwareInterface;
+use Mibew\Authentication\AuthenticationManagerInterface;
 use Symfony\Component\HttpFoundation\Request;
 
 class CheckResolver
 {
+    /**
+     * @var AuthenticationManagerInterface|null
+     */
+    protected $authenticationManager = null;
+
+    /**
+     * Class contructor.
+     *
+     * @param AuthenticationManagerInterface $manager An instance of
+     * authentication manager.
+     */
+    public function __construct(AuthenticationManagerInterface $manager)
+    {
+        $this->authenticationManager = $manager;
+    }
+
     /**
      * Resolves access check callable by request.
      *
@@ -43,7 +61,12 @@ class CheckResolver
         // directly
         if (strpos($access_check, ':') === false) {
             if (method_exists($access_check, '__invoke')) {
-                return new $access_check();
+                $object = new $access_check();
+                if ($object instanceof AuthenticationManagerAwareInterface) {
+                    $object->setAuthenticationManager($this->authenticationManager);
+                }
+
+                return $object;
             } elseif (function_exists($access_check)) {
                 return $access_check;
             } else {
@@ -90,6 +113,11 @@ class CheckResolver
             throw new \InvalidArgumentException(sprintf('Class "%s" does not exist.', $class));
         }
 
-        return array(new $class(), $method);
+        $object = new $class();
+        if ($object instanceof AuthenticationManagerAwareInterface) {
+            $object->setAuthenticationManager($this->authenticationManager);
+        }
+
+        return array($object, $method);
     }
 }
diff --git a/src/mibew/libs/classes/Mibew/AccessControl/Check/LoggedInCheck.php b/src/mibew/libs/classes/Mibew/AccessControl/Check/LoggedInCheck.php
index 29a393cf..fba67574 100644
--- a/src/mibew/libs/classes/Mibew/AccessControl/Check/LoggedInCheck.php
+++ b/src/mibew/libs/classes/Mibew/AccessControl/Check/LoggedInCheck.php
@@ -22,10 +22,10 @@ use Symfony\Component\HttpFoundation\Request;
 /**
  * Checks if operator from the request is logged in.
  */
-class LoggedInCheck
+class LoggedInCheck extends AbstractCheck
 {
     public function __invoke(Request $request)
     {
-        return (bool)$request->attributes->get('_operator');
+        return (bool)$this->getOperator();
     }
 }
diff --git a/src/mibew/libs/classes/Mibew/AccessControl/Check/OperatorEditCheck.php b/src/mibew/libs/classes/Mibew/AccessControl/Check/OperatorEditCheck.php
index 416a0a8f..f04f3d67 100644
--- a/src/mibew/libs/classes/Mibew/AccessControl/Check/OperatorEditCheck.php
+++ b/src/mibew/libs/classes/Mibew/AccessControl/Check/OperatorEditCheck.php
@@ -39,7 +39,7 @@ class OperatorEditCheck extends LoggedInCheck
             return false;
         }
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $target_operator_id = $request->attributes->getInt('operator_id', false);
 
         return is_capable(CAN_ADMINISTRATE, $operator)
diff --git a/src/mibew/libs/classes/Mibew/AccessControl/Check/OperatorViewCheck.php b/src/mibew/libs/classes/Mibew/AccessControl/Check/OperatorViewCheck.php
index 7eb4e5c5..b0bfd1c2 100644
--- a/src/mibew/libs/classes/Mibew/AccessControl/Check/OperatorViewCheck.php
+++ b/src/mibew/libs/classes/Mibew/AccessControl/Check/OperatorViewCheck.php
@@ -39,7 +39,7 @@ class OperatorViewCheck extends LoggedInCheck
             return false;
         }
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $target_operator_id = $request->attributes->getInt('operator_id', false);
 
         return is_capable(CAN_ADMINISTRATE, $operator)
diff --git a/src/mibew/libs/classes/Mibew/AccessControl/Check/PermissionsCheck.php b/src/mibew/libs/classes/Mibew/AccessControl/Check/PermissionsCheck.php
index 9e53f658..92915889 100644
--- a/src/mibew/libs/classes/Mibew/AccessControl/Check/PermissionsCheck.php
+++ b/src/mibew/libs/classes/Mibew/AccessControl/Check/PermissionsCheck.php
@@ -51,7 +51,7 @@ class PermissionsCheck extends LoggedInCheck
             return false;
         }
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $permissions = $request->attributes->get('_access_permissions', array());
         foreach ($permissions as $permission) {
             if (!is_capable($this->resolvePermission($permission), $operator)) {
diff --git a/src/mibew/libs/classes/Mibew/Application.php b/src/mibew/libs/classes/Mibew/Application.php
index 143c119f..cbf2382f 100644
--- a/src/mibew/libs/classes/Mibew/Application.php
+++ b/src/mibew/libs/classes/Mibew/Application.php
@@ -74,9 +74,12 @@ class Application
     {
         $this->fileLocator = new FileLocator(array(MIBEW_FS_ROOT));
         $this->router = new Router(new RouteCollectionLoader($this->fileLocator));
-        $this->controllerResolver = new ControllerResolver($this->router);
-        $this->accessCheckResolver = new CheckResolver();
         $this->authenticationManager = new AuthenticationManager();
+        $this->controllerResolver = new ControllerResolver(
+            $this->router,
+            $this->authenticationManager
+        );
+        $this->accessCheckResolver = new CheckResolver($this->authenticationManager);
     }
 
     /**
@@ -95,6 +98,7 @@ class Application
         // Actualize cookie factory in the authentication manager.
         $cookie_factory = CookieFactory::fromRequest($request);
         $this->authenticationManager->setCookieFactory($cookie_factory);
+        $this->authenticationManager->setOperatorFromRequest($request);
 
         try {
             // Try to match a route, check if the client can access it and add
@@ -102,10 +106,6 @@ class Application
             try {
                 $parameters = $this->router->matchRequest($request);
                 $request->attributes->add($parameters);
-                $request->attributes->set(
-                    '_operator',
-                    $this->authenticationManager->extractOperator($request)
-                );
 
                 // Check if the user can access the page
                 $access_check = $this->accessCheckResolver->getCheck($request);
@@ -145,10 +145,9 @@ class Application
             $response = new Response((string)$response);
         }
 
-        // Get modified operator from the request and attach authentication info
-        // to the response to distinguish him in the next requests.
-        $operator = $request->attributes->get('_operator');
-        $this->authenticationManager->attachOperator($response, $operator);
+        // Attach operator's authentication info to the response to distinguish
+        // him in the next requests.
+        $this->authenticationManager->attachOperatorToResponse($response);
 
         return $response;
     }
@@ -182,7 +181,7 @@ class Application
             return $args['response'];
         }
 
-        if ($request->attributes->get('_operator')) {
+        if ($this->authenticationManager->getOperator()) {
             // If the operator already logged in, display 403 page.
             return new Response('Forbidden', 403);
         }
diff --git a/src/mibew/libs/classes/Mibew/Authentication/AuthenticationManager.php b/src/mibew/libs/classes/Mibew/Authentication/AuthenticationManager.php
index 31a714e2..1a631f38 100644
--- a/src/mibew/libs/classes/Mibew/Authentication/AuthenticationManager.php
+++ b/src/mibew/libs/classes/Mibew/Authentication/AuthenticationManager.php
@@ -25,136 +25,37 @@ use Symfony\Component\HttpFoundation\Response;
 /**
  * Controls operator's authentication.
  */
-class AuthenticationManager
+class AuthenticationManager implements AuthenticationManagerInterface
 {
+    /**
+     * Indicates if the operator is logged in.
+     * @var boolean
+     */
+    protected $loggedIn = false;
+
+    /**
+     * Indicates if the operator should be remembered after login.
+     * @var boolean
+     */
+    protected $remember = false;
+
+    /**
+     * Indicates if the current operator is logged out.
+     * @var boolean
+     */
+    protected $loggedOut = false;
+
+    /**
+     * The current operator.
+     * @var array|null
+     */
+    protected $operator = null;
+
     /**
      * @var CookieFactory|null
      */
     protected $cookieFactory = null;
 
-    /**
-     * Extracts operator's data from the passed in request object.
-     *
-     * Triggers 'operatorAuthenticate' event if operator is not authenticated by
-     * the system and pass to it an associative array with following items:
-     *  - 'operator': if a plugin has extracted operator from the request it
-     *    should set operator's data to this field.
-     *  - 'request': {@link Request}, incoming request. Can be used by a plugin
-     *    to extract an operator.
-     *
-     * @param Request $request A request to extract operator from.
-     * @return array|bool Associative array with operator's data or boolean
-     *   false if there is no operator related with the request.
-     */
-    public function extractOperator(Request $request)
-    {
-        // Try to get operator from session.
-        if (isset($_SESSION[SESSION_PREFIX . 'operator'])) {
-            return $_SESSION[SESSION_PREFIX . 'operator'];
-        }
-
-        // Check if operator had used "remember me" feature.
-        if ($request->cookies->has(REMEMBER_OPERATOR_COOKIE_NAME)) {
-            $cookie_value = $request->cookies->get(REMEMBER_OPERATOR_COOKIE_NAME);
-            list($login, $pwd) = preg_split('/\x0/', base64_decode($cookie_value), 2);
-            $op = operator_by_login($login);
-            $can_login = $op
-                && isset($pwd)
-                && isset($op['vcpassword'])
-                && calculate_password_hash($op['vclogin'], $op['vcpassword']) == $pwd
-                && !operator_is_disabled($op);
-            if ($can_login) {
-                $_SESSION[SESSION_PREFIX . 'operator'] = $op;
-
-                return $op;
-            }
-        }
-
-        // Provide an ability for plugins to authenticate operator
-        $args = array(
-            'operator' => false,
-            'request' => $request,
-        );
-        $dispatcher = EventDispatcher::getInstance();
-        $dispatcher->triggerEvent('operatorAuthenticate', $args);
-
-        if (!empty($args['operator'])) {
-            $_SESSION[SESSION_PREFIX . 'operator'] = $args['operator'];
-            return $args['operator'];
-        }
-
-        // Operator's data cannot be extracted from the request.
-        return false;
-    }
-
-    /**
-     * Attaches operator's token to the response, thus is can be used to extract
-     * operator in the next request.
-     *
-     * @param Response $response The response object which will be sent to the
-     * client.
-     * @param array $operator Operator's data.
-     * @return Response Updated response.
-     */
-    public function attachOperator(Response $response, $operator)
-    {
-        if ($operator) {
-            // Calculate password hashes for operator in the request and for the
-            // operator in session. If the hashes are different then operator's
-            // password or login was changed.
-            $password_hash = calculate_password_hash(
-                $operator['vclogin'],
-                $operator['vcpassword']
-            );
-
-            if (isset($_SESSION[SESSION_PREFIX . 'operator'])) {
-                $old_operator = $_SESSION[SESSION_PREFIX . 'operator'];
-                $old_password_hash = calculate_password_hash(
-                    $old_operator['vclogin'],
-                    $old_operator['vcpassword']
-                );
-                $credentials_changed = $password_hash != $old_password_hash;
-            } else {
-                $credentials_changed = false;
-            }
-
-            // Check if we need to remember the operator
-            if (isset($operator['remember_me'])) {
-                $remember = $operator['remember_me'];
-                unset($operator['remember_me']);
-            } else {
-                $remember = false;
-            }
-
-            // Update operator in the session
-            $_SESSION[SESSION_PREFIX . 'operator'] = $operator;
-
-            // Set or update remember me cookie if needed
-            if ($remember || $credentials_changed) {
-                $remember_cookie = $this->getCookieFactory()->createCookie(
-                    REMEMBER_OPERATOR_COOKIE_NAME,
-                    base64_encode($operator['vclogin'] . "\x0" . $password_hash),
-                    time() + 60 * 60 * 24 * 1000,
-                    true
-                );
-
-                $response->headers->setCookie($remember_cookie);
-            }
-        } else {
-            // Clean up session data
-            unset($_SESSION[SESSION_PREFIX . 'operator']);
-            unset($_SESSION['backpath']);
-
-            // Clear remember cookie
-            $cookie_factory = $this->getCookieFactory();
-            $response->headers->clearCookie(
-                REMEMBER_OPERATOR_COOKIE_NAME,
-                $cookie_factory->getPath(),
-                $cookie_factory->getDomain()
-            );
-        }
-    }
-
     /**
      * Updates instance of cookie factory related with the manager.
      *
@@ -178,4 +79,174 @@ class AuthenticationManager
 
         return $this->cookieFactory;
     }
+
+    /**
+     * {@inheritdoc}
+     *
+     * Triggers 'operatorAuthenticate' event if operator is not authenticated by
+     * the system and pass to it an associative array with following items:
+     *  - 'operator': if a plugin has extracted operator from the request it
+     *    should set operator's data to this field.
+     *  - 'request': {@link Request}, incoming request. Can be used by a plugin
+     *    to extract an operator.
+     */
+    public function setOperatorFromRequest(Request $request)
+    {
+        // Try to get operator from session.
+        if (isset($_SESSION[SESSION_PREFIX . 'operator'])) {
+            $this->operator = $_SESSION[SESSION_PREFIX . 'operator'];
+
+            return true;
+        }
+
+        // Check if operator had used "remember me" feature.
+        if ($request->cookies->has(REMEMBER_OPERATOR_COOKIE_NAME)) {
+            $cookie_value = $request->cookies->get(REMEMBER_OPERATOR_COOKIE_NAME);
+            list($login, $pwd) = preg_split('/\x0/', base64_decode($cookie_value), 2);
+            $op = operator_by_login($login);
+            $can_login = $op
+                && isset($pwd)
+                && isset($op['vcpassword'])
+                && calculate_password_hash($op['vclogin'], $op['vcpassword']) == $pwd
+                && !operator_is_disabled($op);
+            if ($can_login) {
+                // Cache operator in the session data
+                $_SESSION[SESSION_PREFIX . 'operator'] = $op;
+                $this->operator = $op;
+
+                return true;
+            }
+        }
+
+        // Provide an ability for plugins to authenticate operator
+        $args = array(
+            'operator' => false,
+            'request' => $request,
+        );
+        $dispatcher = EventDispatcher::getInstance();
+        $dispatcher->triggerEvent('operatorAuthenticate', $args);
+
+        if (!empty($args['operator'])) {
+            // Cache operator in the session
+            $_SESSION[SESSION_PREFIX . 'operator'] = $args['operator'];
+            $this->operator = $args['operator'];
+
+            return true;
+        }
+
+        // Operator's data cannot be extracted from the request.
+        return false;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function attachOperatorToResponse(Response $response)
+    {
+        if ($this->loggedOut) {
+            // An operator is logged out. Clean up session data.
+            unset($_SESSION[SESSION_PREFIX . 'operator']);
+            unset($_SESSION['backpath']);
+
+            // Clear remember cookie.
+            $cookie_factory = $this->getCookieFactory();
+            $response->headers->clearCookie(
+                REMEMBER_OPERATOR_COOKIE_NAME,
+                $cookie_factory->getPath(),
+                $cookie_factory->getDomain()
+            );
+        } elseif ($this->loggedIn) {
+            // An operator is logged in. Update operator in the session.
+            $_SESSION[SESSION_PREFIX . 'operator'] = $this->operator;
+
+            // Set remember me cookie if needed
+            if ($this->remember) {
+                $password_hash = calculate_password_hash(
+                    $this->operator['vclogin'],
+                    $this->operator['vcpassword']
+                );
+                $remember_cookie = $this->getCookieFactory()->createCookie(
+                    REMEMBER_OPERATOR_COOKIE_NAME,
+                    base64_encode($this->operator['vclogin'] . "\x0" . $password_hash),
+                    time() + 60 * 60 * 24 * 1000,
+                    true
+                );
+
+                $response->headers->setCookie($remember_cookie);
+            }
+        } elseif ($this->operator) {
+            // Update the current operator.
+            $_SESSION[SESSION_PREFIX . 'operator'] = $this->operator;
+        }
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getOperator()
+    {
+        return $this->operator;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function setOperator($operator)
+    {
+        $operator_updated = $operator
+            && $this->operator
+            && ($this->operator['operatorid'] == $operator['operatorid']);
+        if (!$operator_updated) {
+            // If the current operator is changed (not updated) we should
+            // reset all login/logout flags.
+            $this->loggedIn = false;
+            $this->loggedOut = false;
+            $this->remember = false;
+        }
+
+        // Update the current operator
+        $this->operator = $operator;
+    }
+
+    /**
+     * {@inheritdoc}
+     *
+     * Triggers 'operatorLogin' event after operator logged in and pass to it an
+     * associative array with following items:
+     *  - 'operator': array of the logged in operator info;
+     *  - 'remember': boolean, indicates if system should remember operator.
+     */
+    public function loginOperator($operator, $remember)
+    {
+        $this->loggedIn = true;
+        $this->remember = $remember;
+        $this->loggedOut = false;
+        $this->operator = $operator;
+
+        // Trigger login event
+        $args = array(
+            'operator' => $operator,
+            'remember' => $remember,
+        );
+        $dispatcher = EventDispatcher::getInstance();
+        $dispatcher->triggerEvent('operatorLogin', $args);
+    }
+
+    /**
+     * {@inheritdoc}
+     *
+     * Triggers 'operatorLogout' event after operator logged out.
+     */
+    public function logoutOperator()
+    {
+        $this->loggedOut = true;
+        $this->loggedIn = false;
+        $this->remember = false;
+
+        $this->operator = null;
+
+        // Trigger logout event
+        $dispatcher = EventDispatcher::getInstance();
+        $dispatcher->triggerEvent('operatorLogout');
+    }
 }
diff --git a/src/mibew/libs/classes/Mibew/Authentication/AuthenticationManagerAwareInterface.php b/src/mibew/libs/classes/Mibew/Authentication/AuthenticationManagerAwareInterface.php
new file mode 100644
index 00000000..1b4bd77d
--- /dev/null
+++ b/src/mibew/libs/classes/Mibew/Authentication/AuthenticationManagerAwareInterface.php
@@ -0,0 +1,39 @@
+<?php
+/*
+ * Copyright 2005-2014 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Mibew\Authentication;
+
+/**
+ * Interface for all classes that knows about authentication manager.
+ */
+interface AuthenticationManagerAwareInterface
+{
+    /**
+     * Sets internal instance of authentication manager.
+     *
+     * @param AuthenticationManagerInterface $manager An authentication manager
+     * instance.
+     */
+    public function setAuthenticationManager(AuthenticationManagerInterface $manager);
+
+    /**
+     * Gets authentication manager instance.
+     *
+     * @returns AuthenticationManagerInterface
+     */
+    public function getAuthenticationManager();
+}
diff --git a/src/mibew/libs/classes/Mibew/Authentication/AuthenticationManagerInterface.php b/src/mibew/libs/classes/Mibew/Authentication/AuthenticationManagerInterface.php
new file mode 100644
index 00000000..42849554
--- /dev/null
+++ b/src/mibew/libs/classes/Mibew/Authentication/AuthenticationManagerInterface.php
@@ -0,0 +1,71 @@
+<?php
+/*
+ * Copyright 2005-2014 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+namespace Mibew\Authentication;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+/**
+ * Base interface for all authentication managers.
+ */
+interface AuthenticationManagerInterface
+{
+    /**
+     * Set the current operator using request to extract him.
+     *
+     * @param Request $request Incoming request.
+     * @return boolean true if an operator was extracted from the request and
+     *   false otherwise.
+     */
+    public function setOperatorFromRequest(Request $request);
+
+    /**
+     * Attaches some data to the response that are needed to identify operator
+     * in the next requests.
+     *
+     * @param Response $response A response which will be returned to the client.
+     */
+    public function attachOperatorToResponse(Response $response);
+
+    /**
+     * Returns the current operator.
+     *
+     * @return array Operator's data
+     */
+    public function getOperator();
+
+    /**
+     * Sets the current operator.
+     *
+     * @param array $operator The current operator's data.
+     */
+    public function setOperator($operator);
+
+    /**
+     * Login specified operator into the system and use him as the current
+     * operator.
+     *
+     * @param array $operator An operator to login.
+     */
+    public function loginOperator($operator, $remember);
+
+    /**
+     * Logout the current operator from the system.
+     */
+    public function logoutOperator();
+}
diff --git a/src/mibew/libs/classes/Mibew/Controller/AbstractController.php b/src/mibew/libs/classes/Mibew/Controller/AbstractController.php
index 471e39df..2eaa19c8 100644
--- a/src/mibew/libs/classes/Mibew/Controller/AbstractController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/AbstractController.php
@@ -17,6 +17,8 @@
 
 namespace Mibew\Controller;
 
+use Mibew\Authentication\AuthenticationManagerAwareInterface;
+use Mibew\Authentication\AuthenticationManagerInterface;
 use Mibew\Routing\Router;
 use Mibew\Routing\RouterAwareInterface;
 use Mibew\Style\StyleInterface;
@@ -27,13 +29,18 @@ use Symfony\Component\HttpFoundation\RedirectResponse;
 /**
  * A base class for all controllers.
  */
-abstract class AbstractController implements RouterAwareInterface
+abstract class AbstractController implements RouterAwareInterface, AuthenticationManagerAwareInterface
 {
     /**
      * @var Router|null
      */
     protected $router = null;
 
+    /**
+     * @var AuthenticationManagerInterface|null
+     */
+    protected $authenticationManager = null;
+
     /**
      * @var StyleInterface|null
      */
@@ -55,6 +62,22 @@ abstract class AbstractController implements RouterAwareInterface
         return $this->router;
     }
 
+    /**
+     * {@inheritdoc}
+     */
+    public function setAuthenticationManager(AuthenticationManagerInterface $manager)
+    {
+        $this->authenticationManager = $manager;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getAuthenticationManager()
+    {
+        return $this->authenticationManager;
+    }
+
     /**
      * Generates a URL from the given parameters.
      *
@@ -121,4 +144,14 @@ abstract class AbstractController implements RouterAwareInterface
 
         return $this->style;
     }
+
+    /**
+     * Returns the current operator.
+     *
+     * @return array Operator's data
+     */
+    public function getOperator()
+    {
+        return $this->getAuthenticationManager()->getOperator();
+    }
 }
diff --git a/src/mibew/libs/classes/Mibew/Controller/BanController.php b/src/mibew/libs/classes/Mibew/Controller/BanController.php
index 55b5a759..2b8d0052 100644
--- a/src/mibew/libs/classes/Mibew/Controller/BanController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/BanController.php
@@ -39,7 +39,7 @@ class BanController extends AbstractController
         set_csrf_token();
         setlocale(LC_TIME, getstring('time.locale'));
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $page = array(
             'errors' => array(),
         );
@@ -101,7 +101,7 @@ class BanController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
 
         $page = array(
             'banId' => '',
@@ -178,7 +178,7 @@ class BanController extends AbstractController
     {
         csrf_check_token($request);
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $errors = array();
 
         $page = array(
diff --git a/src/mibew/libs/classes/Mibew/Controller/ButtonCodeController.php b/src/mibew/libs/classes/Mibew/Controller/ButtonCodeController.php
index 8650353a..7f530fc8 100644
--- a/src/mibew/libs/classes/Mibew/Controller/ButtonCodeController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/ButtonCodeController.php
@@ -38,7 +38,7 @@ class ButtonCodeController extends AbstractController
      */
     public function generateAction(Request $request)
     {
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
 
         $page = array(
             'errors' => array(),
diff --git a/src/mibew/libs/classes/Mibew/Controller/CannedMessageController.php b/src/mibew/libs/classes/Mibew/Controller/CannedMessageController.php
index c52957a8..8cca6af7 100644
--- a/src/mibew/libs/classes/Mibew/Controller/CannedMessageController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/CannedMessageController.php
@@ -35,7 +35,7 @@ class CannedMessageController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $page = array(
             'errors' => array(),
         );
@@ -144,7 +144,7 @@ class CannedMessageController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $message_id = $request->attributes->getInt('message_id');
         $page = array(
             // Use errors list stored in the request. We need to do so to have
@@ -204,7 +204,7 @@ class CannedMessageController extends AbstractController
     {
         csrf_check_token($request);
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $message_id = $request->attributes->getInt('message_id');
         $errors = array();
 
diff --git a/src/mibew/libs/classes/Mibew/Controller/ControllerResolver.php b/src/mibew/libs/classes/Mibew/Controller/ControllerResolver.php
index dfdd3f01..2a43c43a 100644
--- a/src/mibew/libs/classes/Mibew/Controller/ControllerResolver.php
+++ b/src/mibew/libs/classes/Mibew/Controller/ControllerResolver.php
@@ -17,6 +17,8 @@
 
 namespace Mibew\Controller;
 
+use Mibew\Authentication\AuthenticationManagerAwareInterface;
+use Mibew\Authentication\AuthenticationManagerInterface;
 use Mibew\Routing\RouterAwareInterface;
 use Symfony\Component\Routing\RouterInterface;
 use Symfony\Component\HttpFoundation\Request;
@@ -28,14 +30,22 @@ class ControllerResolver
      */
     protected $router = null;
 
+    /**
+     * @var AuthenticationManagerInterface|null
+     */
+    protected $authenticationManager = null;
+
     /**
      * Class constructor.
      *
      * @param RouterInterface $router Router instance.
+     * @param AuthenticationManagerInterface $manager Authentication manager
+     *   instance.
      */
-    public function __construct(RouterInterface $router)
+    public function __construct(RouterInterface $router, AuthenticationManagerInterface $manager)
     {
         $this->router = $router;
+        $this->authenticationManager = $manager;
     }
 
     /**
@@ -95,6 +105,10 @@ class ControllerResolver
             $object->setRouter($this->router);
         }
 
+        if ($object instanceof AuthenticationManagerAwareInterface) {
+            $object->setAuthenticationManager($this->authenticationManager);
+        }
+
         return array($object, $method);
     }
 }
diff --git a/src/mibew/libs/classes/Mibew/Controller/Group/ManagementController.php b/src/mibew/libs/classes/Mibew/Controller/Group/ManagementController.php
index 0c1cbd3e..3c3cb61d 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Group/ManagementController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Group/ManagementController.php
@@ -35,7 +35,7 @@ class ManagementController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $page = array(
             'errors' => array(),
         );
diff --git a/src/mibew/libs/classes/Mibew/Controller/Group/MembersController.php b/src/mibew/libs/classes/Mibew/Controller/Group/MembersController.php
index b2f0be51..ffa599f9 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Group/MembersController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Group/MembersController.php
@@ -37,7 +37,7 @@ class MembersController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $group_id = $request->attributes->getInt('group_id');
 
         $page = array(
diff --git a/src/mibew/libs/classes/Mibew/Controller/Group/SettingsController.php b/src/mibew/libs/classes/Mibew/Controller/Group/SettingsController.php
index 60e995f3..7a809920 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Group/SettingsController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Group/SettingsController.php
@@ -37,7 +37,7 @@ class SettingsController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $group_id = $request->attributes->getInt('group_id');
 
         $page = array(
diff --git a/src/mibew/libs/classes/Mibew/Controller/HistoryController.php b/src/mibew/libs/classes/Mibew/Controller/HistoryController.php
index 441f3759..4d8fcbd1 100644
--- a/src/mibew/libs/classes/Mibew/Controller/HistoryController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/HistoryController.php
@@ -39,7 +39,7 @@ class HistoryController extends AbstractController
         setlocale(LC_TIME, getstring("time.locale"));
 
         $page = array();
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $query = $request->query->get('q', false);
 
         $search_type = $request->query->get('type');
@@ -179,7 +179,7 @@ class HistoryController extends AbstractController
     {
         setlocale(LC_TIME, getstring("time.locale"));
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $page = array();
 
         // Load thread info
@@ -218,7 +218,7 @@ class HistoryController extends AbstractController
     {
         setlocale(LC_TIME, getstring("time.locale"));
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $user_id = $request->attributes->get('user_id', '');
         $page = array();
 
diff --git a/src/mibew/libs/classes/Mibew/Controller/InvitationController.php b/src/mibew/libs/classes/Mibew/Controller/InvitationController.php
index 88c90713..940fd829 100644
--- a/src/mibew/libs/classes/Mibew/Controller/InvitationController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/InvitationController.php
@@ -34,7 +34,7 @@ class InvitationController extends AbstractController
      */
     public function inviteAction(Request $request)
     {
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
 
         // Get visitor ID from the request and check it
         $visitor_id = $request->query->get('visitor');
diff --git a/src/mibew/libs/classes/Mibew/Controller/LoginController.php b/src/mibew/libs/classes/Mibew/Controller/LoginController.php
index 0c46fe42..ac9107ce 100644
--- a/src/mibew/libs/classes/Mibew/Controller/LoginController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/LoginController.php
@@ -17,7 +17,6 @@
 
 namespace Mibew\Controller;
 
-use Mibew\EventDispatcher;
 use Symfony\Component\HttpFoundation\Request;
 
 /**
@@ -34,7 +33,7 @@ class LoginController extends AbstractController
     public function showFormAction(Request $request)
     {
         // Check if the operator already logged in
-        if ($request->attributes->get('_operator')) {
+        if ($this->getOperator()) {
             // Redirect the operator to home page.
             // TODO: Use a route for URI generation.
             return $this->redirect($request->getUriForPath('/operator'));
@@ -93,28 +92,14 @@ class LoginController extends AbstractController
             && !operator_is_disabled($operator);
 
         if ($operator_can_login) {
-            if ($remember) {
-                $operator['remember_me'] = true;
-            }
-
-            // Update operator in the request. Doing so we tell the
-            // Authentication manager that operator should be associated with
-            // the session.
-            $request->attributes->set('_operator', $operator);
+            // Login the operator to the system
+            $this->getAuthenticationManager()->loginOperator($operator, $remember);
 
             // Redirect the current operator to the needed page.
             $target = isset($_SESSION['backpath'])
                 ? $_SESSION['backpath']
                 : $request->getUriForPath('/operator');
 
-            // Trigger login event
-            $args = array(
-                'operator' => $operator,
-                'remember' => $remember,
-            );
-            $dispatcher = EventDispatcher::getInstance();
-            $dispatcher->triggerEvent('operatorLogin', $args);
-
             return $this->redirect($target);
         } else {
             if (operator_is_disabled($operator)) {
diff --git a/src/mibew/libs/classes/Mibew/Controller/LogoutController.php b/src/mibew/libs/classes/Mibew/Controller/LogoutController.php
index 38cff10c..1e853e98 100644
--- a/src/mibew/libs/classes/Mibew/Controller/LogoutController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/LogoutController.php
@@ -17,7 +17,6 @@
 
 namespace Mibew\Controller;
 
-use Mibew\EventDispatcher;
 use Symfony\Component\HttpFoundation\Request;
 
 /**
@@ -35,13 +34,8 @@ class LogoutController extends AbstractController
      */
     public function logoutAction(Request $request)
     {
-        // Detach operator's object from the request. This should tells
-        // authentication manager that operator session should be closed.
-        $request->attributes->remove('_operator');
-
-        // Trigger logout event
-        $dispatcher = EventDispatcher::getInstance();
-        $dispatcher->triggerEvent('operatorLogout');
+        // Login the operator from the system
+        $this->getAuthenticationManager()->logoutOperator();
 
         // Redirect the current operator to the login page.
         return $this->redirect($this->generateUrl('login'));
diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/AvatarController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/AvatarController.php
index f002d4ad..d7b95396 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Operator/AvatarController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/AvatarController.php
@@ -38,7 +38,7 @@ class AvatarController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $op_id = $request->attributes->get('operator_id');
         $page = array(
             'opid' => $op_id,
@@ -84,7 +84,7 @@ class AvatarController extends AbstractController
     {
         csrf_check_token($request);
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $op_id = $request->attributes->getInt('operator_id');
         $errors = array();
 
@@ -140,11 +140,11 @@ class AvatarController extends AbstractController
         // Update path to avatar in the database
         update_operator_avatar($op['operatorid'], $avatar);
 
-        // Operator's data are cached in the request thus we need to update them
-        // manually.
+        // Operator's data are cached in the authentication manager thus we need
+        // to update them manually.
         if ($avatar && $operator['operatorid'] == $op_id) {
             $operator['vcavatar'] = $avatar;
-            $request->attributes->set('_operator', $operator);
+            $this->getAuthenticationManager()->setOperator($operator);
         }
 
         // Redirect the operator to the same page using GET method.
@@ -168,7 +168,7 @@ class AvatarController extends AbstractController
     {
         csrf_check_token($request);
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $op_id = $request->attributes->getInt('operator_id');
 
         // Try to load the target operator.
diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/GroupsController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/GroupsController.php
index 0ca7c6f2..e1e2d4f4 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Operator/GroupsController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/GroupsController.php
@@ -37,7 +37,7 @@ class GroupsController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $operator_in_isolation = in_isolation($operator);
         $op_id = $request->attributes->getInt('operator_id');
 
@@ -104,7 +104,7 @@ class GroupsController extends AbstractController
     {
         csrf_check_token($request);
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $operator_in_isolation = in_isolation($operator);
         $op_id = $request->attributes->getInt('operator_id');
 
diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/ManagementController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/ManagementController.php
index 3ff1c47b..69ab9223 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Operator/ManagementController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/ManagementController.php
@@ -37,7 +37,7 @@ class ManagementController extends AbstractController
         set_csrf_token();
         setlocale(LC_TIME, getstring('time.locale'));
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $page = array(
             // Use errors list stored in the request. We need to do so to have
             // an ability to pass the request from the "submitMembersForm" action.
@@ -104,7 +104,7 @@ class ManagementController extends AbstractController
     {
         csrf_check_token($request);
 
-        $current_operator = $request->attributes->get('_operator');
+        $current_operator = $this->getOperator();
         $operator_id = $request->attributes->getInt('operator_id');
         $errors = array();
 
@@ -145,7 +145,7 @@ class ManagementController extends AbstractController
     {
         csrf_check_token($request);
 
-        $current_operator = $request->attributes->get('_operator');
+        $current_operator = $this->getOperator();
         $operator_id = $request->attributes->getInt('operator_id');
         $errors = array();
 
diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/PermissionsController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/PermissionsController.php
index cff93ba6..e525bf7b 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Operator/PermissionsController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/PermissionsController.php
@@ -37,7 +37,7 @@ class PermissionsController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $op_id = $request->attributes->get('operator_id');
 
         $page = array(
@@ -94,7 +94,7 @@ class PermissionsController extends AbstractController
     {
         csrf_check_token($request);
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $op_id = $request->attributes->getInt('operator_id');
 
         // Check if the target operator exists
@@ -113,13 +113,13 @@ class PermissionsController extends AbstractController
             }
         }
 
-        // Update operator's permissions in the database and in cached request
-        // data if it is needed.
+        // Update operator's permissions in the database and in cached
+        // authentication manager data if it is needed.
         update_operator_permissions($op['operatorid'], $new_permissions);
 
         if ($operator['operatorid'] == $op_id) {
             $operator['iperm'] = $new_permissions;
-            $request->attributes->set('_operator', $operator);
+            $this->getAuthenticationManager()->setOperator($operator);
         }
 
         // Redirect the current operator to the same page using GET method.
diff --git a/src/mibew/libs/classes/Mibew/Controller/Operator/ProfileController.php b/src/mibew/libs/classes/Mibew/Controller/Operator/ProfileController.php
index 240df324..9e5e1308 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Operator/ProfileController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Operator/ProfileController.php
@@ -37,7 +37,7 @@ class ProfileController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $page = array(
             'opid' => false,
             // Use errors list stored in the request. We need to do so to have
@@ -116,7 +116,7 @@ class ProfileController extends AbstractController
         csrf_check_token($request);
 
         $errors = array();
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $op_id = $request->attributes->getInt('operator_id');
 
         if (is_capable(CAN_ADMINISTRATE, $operator)) {
@@ -206,15 +206,15 @@ class ProfileController extends AbstractController
         // Update existing operator
         update_operator($op_id, $login, $email, $password, $local_name, $common_name, $code);
 
-        // Operator data are cached in the request, thus we need to manually
-        // update them.
+        // Operator data are cached in the authentication manager, thus we need
+        // to manually update them.
         if (!empty($password) && $op_id == $operator['operatorid']) {
             // Check if the admin has set his password for the first time.
             $to_dashboard = check_password_hash($login, '', $operator['vcpassword']) && $password != '';
 
             // Update operator's password.
             $operator['vcpassword'] = calculate_password_hash($login, $password);
-            $request->attributes->set('_operator', $operator);
+            $this->getAuthenticationManager()->setOperator($operator);
 
             // Redirect the admin to the home page if needed.
             if ($to_dashboard) {
diff --git a/src/mibew/libs/classes/Mibew/Controller/PasswordRecoveryController.php b/src/mibew/libs/classes/Mibew/Controller/PasswordRecoveryController.php
index fd7c790d..6d93069b 100644
--- a/src/mibew/libs/classes/Mibew/Controller/PasswordRecoveryController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/PasswordRecoveryController.php
@@ -35,7 +35,7 @@ class PasswordRecoveryController extends AbstractController
      */
     public function indexAction(Request $request)
     {
-        if ($request->attributes->get('_operator')) {
+        if ($this->getOperator()) {
             // If the operator is logged in just redirect him to the home page.
             return $this->redirect($request->getUriForPath('/operator'));
         }
diff --git a/src/mibew/libs/classes/Mibew/Controller/Settings/CommonController.php b/src/mibew/libs/classes/Mibew/Controller/Settings/CommonController.php
index 8417eb53..e891d37b 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Settings/CommonController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Settings/CommonController.php
@@ -40,7 +40,7 @@ class CommonController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
 
         $page = array(
             'agentId' => '',
diff --git a/src/mibew/libs/classes/Mibew/Controller/Settings/FeaturesController.php b/src/mibew/libs/classes/Mibew/Controller/Settings/FeaturesController.php
index 7093bc97..a323e93a 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Settings/FeaturesController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Settings/FeaturesController.php
@@ -36,7 +36,7 @@ class FeaturesController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $page = array(
             'agentId' => '',
             'errors' => array(),
diff --git a/src/mibew/libs/classes/Mibew/Controller/Settings/PerformanceController.php b/src/mibew/libs/classes/Mibew/Controller/Settings/PerformanceController.php
index 6f7cc2bf..0cc7133d 100644
--- a/src/mibew/libs/classes/Mibew/Controller/Settings/PerformanceController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/Settings/PerformanceController.php
@@ -36,7 +36,7 @@ class PerformanceController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $page = array(
             'agentId' => '',
             // Use errors list stored in the request. We need to do so to have
diff --git a/src/mibew/libs/classes/Mibew/Controller/StatisticsController.php b/src/mibew/libs/classes/Mibew/Controller/StatisticsController.php
index 362db2a7..93326ce7 100644
--- a/src/mibew/libs/classes/Mibew/Controller/StatisticsController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/StatisticsController.php
@@ -38,7 +38,7 @@ class StatisticsController extends AbstractController
      */
     public function indexAction(Request $request)
     {
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $statistics_type = $request->attributes->get('type');
         setlocale(LC_TIME, getstring("time.locale"));
 
diff --git a/src/mibew/libs/classes/Mibew/Controller/TranslationController.php b/src/mibew/libs/classes/Mibew/Controller/TranslationController.php
index 8e81d946..d78c640d 100644
--- a/src/mibew/libs/classes/Mibew/Controller/TranslationController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/TranslationController.php
@@ -32,7 +32,7 @@ class TranslationController extends AbstractController
      */
     public function indexAction(Request $request)
     {
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
 
         $source = $request->query->get('source');
         if (!preg_match("/^[\w-]{2,5}$/", $source)) {
@@ -150,7 +150,7 @@ class TranslationController extends AbstractController
     {
         set_csrf_token();
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $string_id = $request->attributes->get('string_id');
 
         $source = $request->query->get('source');
@@ -209,7 +209,7 @@ class TranslationController extends AbstractController
     {
         csrf_check_token($request);
 
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $string_id = $request->attributes->get('string_id');
         $errors = array();
 
diff --git a/src/mibew/libs/classes/Mibew/Controller/UpdatesController.php b/src/mibew/libs/classes/Mibew/Controller/UpdatesController.php
index 34fc674e..e7f55410 100644
--- a/src/mibew/libs/classes/Mibew/Controller/UpdatesController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/UpdatesController.php
@@ -32,7 +32,7 @@ class UpdatesController extends AbstractController
      */
     public function indexAction(Request $request)
     {
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $default_extensions = array('mysql', 'gd', 'iconv');
 
         $page = array(
diff --git a/src/mibew/libs/classes/Mibew/Controller/UsersController.php b/src/mibew/libs/classes/Mibew/Controller/UsersController.php
index 22ce0f20..1c38e03a 100644
--- a/src/mibew/libs/classes/Mibew/Controller/UsersController.php
+++ b/src/mibew/libs/classes/Mibew/Controller/UsersController.php
@@ -35,7 +35,7 @@ class UsersController extends AbstractController
      */
     public function indexAction(Request $request)
     {
-        $operator = $request->attributes->get('_operator');
+        $operator = $this->getOperator();
         $status = $request->query->has('away') ? 1 : 0;
 
         notify_operator_alive($operator['operatorid'], $status);