/**
* Invoke middleware
*
* @param RequestInterface $request PSR7 request object
* @param ResponseInterface $response PSR7 response object
* @param callable $next Next middleware callable
*
* @return ResponseInterface PSR7 response object
*/
public function __invoke(RequestInterface $request, ResponseInterface $response, callable $next)
{
$isAllowed = false;
if ($this->acl->hasResource('route' . $request->getAttribute('route')->getPattern())) {
$isAllowed = $isAllowed || $this->acl->isAllowed($this->currentUserRole, 'route' . $request->getAttribute('route')->getPattern(), strtolower($request->getMethod()));
}
if ($this->acl->hasResource('callable/' . $request->getAttribute('route')->getCallable())) {
$isAllowed = $isAllowed || $this->acl->isAllowed($this->currentUserRole, 'callable/' . $request->getAttribute('route')->getCallable());
}
if (!$isAllowed) {
return $response->withStatus(403, $this->currentUserRole . ' is not allowed access to this location.');
}
return $next($request, $response);
}
/**
* @param RequestInterface $request
* @param string $name
* @return string
*/
public function getAttribute(RequestInterface $request, $name)
{
if (!$request instanceof ServerRequestInterface) {
throw new \InvalidArgumentException('Request is not of type ' . ServerRequestInterface::class);
}
return $request->getAttribute($name);
}
/**
* Action logic
*
* @param RequestInterface $request Request
* @param ResponseInterface $response Response
* @return ResponseInterface
*/
public function run(RequestInterface $request, ResponseInterface $response)
{
/** @var \Psr\Http\Message\ServerRequestInterface $request */
/** @var \Doctrine\ORM\EntityManager $entityManager */
$user = $this->getUser($request->getAttribute('id'));
$entityManager = $this->container->get('EntityManager');
// delete the user
$entityManager->remove($user);
$entityManager->flush();
return new JsonResponse(['status' => 'deleted'], 200);
}
/**
* Dispatches the route in request to the route handler.
*
* @param Request $request The request to dispatch
* @param Response $response The request response
* @param callable $next Next callable in the middleware stack
* @return Response The response from the route handler
*/
public function __invoke(Request $request, Response $response, callable $next) : Response
{
if (!$request instanceof ServerRequest) {
throw new \InvalidArgumentException('Dispatching supported only for server requests');
}
$route = $request->getAttribute('route');
if (!$route instanceof Route) {
throw new \UnexpectedValueException('Invalid route');
}
foreach ($route->getParams() as $name => $value) {
$request = $request->withAttribute($name, $value);
}
$stack = $this->getRouteHandlerStack($this->container, $route);
return $next($request, $stack->processStack($request, $response));
}
/**
* @param RequestInterface $request The PSR-7 HTTP request.
* @return boolean
*/
public function init(RequestInterface $request)
{
// Undocumented Slim3 feature: The route attributes are stored in routeInfo[2].
$routeInfo = $request->getAttribute('routeInfo');
if (isset($routeInfo[2]['token'])) {
$this->lostPasswordToken = $routeInfo[2]['token'];
} else {
$this->lostPasswordToken = $request->getParam('token');
}
if ($this->lostPasswordToken) {
if (!$this->validateToken($this->lostPasswordToken)) {
$this->lostPasswordToken = false;
$this->addFeedback('warning', 'Invalid or expired token.');
}
}
return true;
}
/**
* Action logic
*
* @param RequestInterface $request Request
* @param ResponseInterface $response Response
* @return ResponseInterface
*/
public function run(RequestInterface $request, ResponseInterface $response)
{
/** @var \Psr\Http\Message\ServerRequestInterface $request */
/** @var \Doctrine\ORM\EntityManager $entityManager */
// recovering the user data and validate
$user = $this->getUser($request->getAttribute('id'));
$validator = new UserValidator('modify', $request, $this->container);
if (!$validator->validate()) {
return new ValidationJsonResponse($validator->errors());
}
// update the user
$entityManager = $this->container->get('EntityManager');
$data = $request->getParsedBody();
foreach ($data as $field => $value) {
$user->{'set' . ucfirst($field)}($value);
}
$entityManager->flush();
return new JsonResponse(['status' => 'updated'], 200);
}
/**
* Action logic
*
* @param RequestInterface $request Request
* @param ResponseInterface $response Response
* @return ResponseInterface
* @throws HttpNotFoundException
*/
public function run(RequestInterface $request, ResponseInterface $response)
{
/** @var \Psr\Http\Message\ServerRequestInterface $request */
/** @var \Doctrine\ORM\EntityManager $entityManager */
/** @var \App\Service\UrlParameters $urlParameters */
/** @var \App\Module\Api\Domain\Entity\UserRepository $userRepository */
$idUser = $request->getAttribute('id');
$entityManager = $this->container->get('EntityManager');
$userRepository = $entityManager->getRepository('Api:User');
if ($idUser) {
$result = $userRepository->searchUser($idUser);
if (!$result) {
throw new HttpNotFoundException('The user requested does not exist');
}
} else {
$urlParams = $this->getContainer()->get('UrlParameters');
$filters = $urlParams->filter('Api:User', $request->getQueryParams());
$result = $userRepository->searchUsers($filters);
}
return new JsonResponse($result);
}
/**
* @param RequestInterface $request
* @param ResponseInterface $response
* @return ResponseInterface
*/
public function __invoke(RequestInterface $request, ResponseInterface $response)
{
$operation = $request->getAttribute('swagger')['operation']['operationId'];
if (!array_key_exists($operation, $this->controllerList)) {
throw new DomainException('Operation is not defined with a controller');
}
return call_user_func($this->controllerList[$operation], $request, $response);
}
/**
* Prepare the Whoops page handler with a table displaying request information
*
* @param Request $request
* @param PrettyPageHandler $handler
*/
private function prepareWhoopsHandler(Request $request, PrettyPageHandler $handler)
{
$uri = $request->getAttribute('originalUri', false) ?: $request->getUri();
$request = $request->getAttribute('originalRequest', false) ?: $request;
$handler->addDataTable('Expressive Application Request', ['HTTP Method' => $request->getMethod(), 'URI' => (string) $uri, 'Script' => $request->getServerParams()['SCRIPT_NAME'], 'Headers' => $request->getHeaders(), 'Cookies' => $request->getCookieParams(), 'Attributes' => $request->getAttributes(), 'Query String Arguments' => $request->getQueryParams(), 'Body Params' => $request->getParsedBody()]);
}
/**
* GetName
*
* @param Request $request request
*
* @return string
*
* @access protected
*/
protected function getName(Request $request)
{
if (!($path = $request->getAttribute('jnjxp/viewd:script'))) {
$path = parse_url($request->getRequestTarget(), PHP_URL_PATH);
$path = trim($path, '/');
}
$name = $this->prefix . DIRECTORY_SEPARATOR . ($path ? $path : 'index');
return $name;
}
/**
* Retrieve the URI from the request.
*
* If the request instance is a Stratigility decorator, pull the URI from
* the original request; otherwise, pull it directly.
*
* @param RequestInterface $request
* @return \Psr\Http\Message\UriInterface
*/
private function getUriFromRequest(RequestInterface $request)
{
if (false !== ($original = $request->getAttribute('originalRequest', false))) {
return $original->getUri();
}
return $request->getUri();
}
