/**
* Inicialización de la petición
* ****************************************
* Aqui debe ir la autenticación de la API
* ****************************************
*/
protected final function initialize()
{
$router = Router::get();
// Habilitando CORS para hacer funcional el RESTful
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Credentials: true');
// Habilitar todos los headers que recibe (Authorization sobre todo para manejar JWT)
$requestHeaders = $this->getHeaders();
$request = array_keys($requestHeaders);
header("Access-Control-Allow-Headers: " . implode(',', $request) . ',Authorization');
// Verificar los accesos y validez de token
// TODO: Implementar un limit a la consultas de getAll() por seguridad cuando la vista sea pública
if (!($this->publicView && ($router['method'] == 'GET' || $router['method'] == 'OPTIONS'))) {
// Precendia del Token
if (!empty($requestHeaders['Authorization'])) {
$token = $requestHeaders['Authorization'];
$this->me = JWT::decode(str_replace('Bearer ', '', $token), TOKEN);
$now = time();
// Verificamos que este activo
if ($now >= $this->me->exp) {
$this->setCode(403);
die('Error 403 - Acceso Denegado');
}
} else {
$this->setCode(403);
die('Error 403 - Acceso Denegado');
}
}
}
/**
* @covers Route::get
* @todo Implement testGet().
*/
public function testGet()
{
$except = false;
$this->object->add(new \PHPixie\Route('a', 'b', array()));
try {
$this->object->get('c');
} catch (\Exception $e) {
$except = true;
}
$this->assertEquals(true, $except);
}
public function testMatchingCheckesHost()
{
$this->setExpectedException('Vexillum\\Http\\PageNotFoundException');
$route = Router::get('/apath', function () {
}, array('host' => 'localyacht.dev'));
Router::run('GET', 'localboat.dev', '/apath');
}
protected function download($arguments)
{
$bundleidentifier = $arguments[self::PARAM_2_IDENTIFIER];
$format = $arguments[self::PARAM_2_FORMAT];
$files = $this->getApplicationVersions($bundleidentifier, self::PLATFORM_ANDROID);
if (count($files) == 0) {
Logger::log("no versions found: {$bundleidentifier} {$type}");
return Helper::sendJSONAndExit(self::E_NO_VERSIONS_FOUND);
}
$dir = array_shift(array_keys($files[self::VERSIONS_SPECIFIC_DATA]));
$current = $files[self::VERSIONS_SPECIFIC_DATA][$dir];
if ($format == self::PARAM_2_FORMAT_VALUE_APK) {
$file = isset($current[self::FILE_ANDROID_APK]) ? $current[self::FILE_ANDROID_APK] : null;
if (!$file) {
return Router::get()->serve404();
}
@ob_end_clean();
return Helper::sendFile($file, self::CONTENT_TYPE_APK);
// if ($dir == 0) $dir = ""; else $dir .= '/';
// @ob_end_clean();
// header('Location: ' . Router::get()->baseURL.$bundleidentifier.'/'.$dir.basename($file));
exit;
}
return Router::get()->serve404();
}
/**
* Hacer el router de la petición y envia los parametros correspondientes
* a la acción, adema captura formatos de entrada y salida
*/
protected function initREST()
{
/* formato de entrada */
$this->_fInput = isset($_SERVER["CONTENT_TYPE"]) ? $_SERVER["CONTENT_TYPE"] : '';
/* busco un posible formato de salida */
$accept = self::accept();
$keys = array_keys($this->_outputType);
foreach ($accept as $key => $a) {
if (in_array($key, $keys)) {
$this->_fOutput = $this->_outputType[$key];
break;
}
}
/* por defecto uso json
* ¿o debería mandar un 415?
*/
$this->_fOutput = empty($this->_fOutput) ? 'json' : $this->_fOutput;
View::select(null, $this->_fOutput);
/**
* reescribimos la acción a ejecutar, ahora tendra será el metodo de
* la peticion: get(:id), getAll , put, post, delete, etc.
*/
$action = $this->action_name;
$method = strtolower(Router::get('method'));
$rewrite = "{$method}_{$action}";
if ($this->actionExist($rewrite)) {
$this->action_name = $rewrite;
} elseif ($action == 'index' && $method != 'post') {
$this->action_name = 'getAll';
} else {
$this->action_name = $method;
$this->parameters = $action == 'index' ? $this->parameters : array($action) + $this->parameters;
}
}
/**
* Maneja las excepciones no capturadas
*
* @param Exception $e
* */
public static function handle_exception($e)
{
if (isset($e->_view) && ($e->_view == 'no_controller' || $e->_view == 'no_action')) {
header('HTTP/1.1 404 Not Found');
} else {
header('HTTP/1.1 500 Internal Server Error');
}
extract(Router::get(), EXTR_OVERWRITE);
$Controller = Util::camelcase($controller);
ob_start();
if (PRODUCTION) {
include APP_PATH . 'views/_shared/errors/404.phtml';
return;
} else {
$Template = 'views/templates/exception.phtml';
if (isset($e->_view)) {
include CORE_PATH . "views/errors/{$e->_view}.phtml";
} else {
include CORE_PATH . "views/errors/exception.phtml";
}
}
$content = ob_get_clean();
// termina los buffers abiertos
while (ob_get_level()) {
ob_end_clean();
}
// verifica si esta cargado el View
if (class_exists('View')) {
if (View::get('template') === NULL) {
echo $content;
exit;
}
}
include CORE_PATH . $Template;
}
/**
* Crea un enlace a una accion con mensaje de confirmacion respetando
* las convenciones de Kumbia
*
* @param string $action accion
* @param string $text texto a mostrar
* @param string $confirm mensaje de confirmacion
* @param string $class clases adicionales para el link
* @param string|array $attrs atributos adicionales
* @return string
*/
public static function linkAction($action, $text, $confirm = '¿Está Seguro?', $class = NULL, $attrs = NULL)
{
if (is_array($attrs)) {
$attrs = Tag::getAttrs($attrs);
}
return '<a href="' . PUBLIC_PATH . Router::get('controller_path') . "/{$action}\" data-msg=\"{$confirm}\" class=\"js-confirm {$class}\" {$attrs}>{$text}</a>";
}
/**
* Provides the url() functionality. Generates a full url (including
* domain and index.php).
*
* @param string URI to make a full URL for (or name of a named route)
* @param array Array of named params for named routes
* @return string
*/
public function url($uri = '', $named_params = array())
{
if ($named_uri = \Router::get($uri, $named_params)) {
$uri = $named_uri;
}
return \Uri::create($uri);
}
/**
* Crea un enlace a una acción del mismo controller que estemos
*
* @example Html::linkAction
* echo Html::linkAction('accion/','Enlace a la acción del mismo controller')
*
* @param string $action
* @param string $text Texto a mostrar
* @param string|array $attrs Atributos adicionales
* @return string
*/
public static function linkAction($action, $text, $attrs = NULL)
{
if (is_array($attrs)) {
$attrs = Tag::getAttrs($attrs);
}
return '<a href="' . PUBLIC_PATH . Router::get('controller_path') . "/{$action}\" {$attrs} >{$text}</a>";
}
protected final function initialize()
{
$controller = Router::get("controller");
$action = Router::get("action");
$ruta = $controller . "/" . $action;
$tipousuario = Auth::get("tipousuario");
if (Auth::is_valid()) {
if ($tipousuario == "alumno") {
if ($ruta != "perfil/index" and $ruta != "perfil/logout" and $ruta != "asistencia/alumno") {
Flash::warning("Acceso Denegado");
Router::redirect("perfil/");
}
}
if ($tipousuario == "docente") {
$permisos = array("perfil/actualizar", "perfil/cambiarpass", "perfil/index", "perfil/programarevaluaciones", "calificar/grupo", "perfil/logout", "asistencia/index", "asistencia/agregar_asistencia");
if (!in_array($ruta, $permisos)) {
Flash::warning("Acceso Denegado");
Router::redirect("perfil/");
}
}
} else {
if ($ruta != 'index/index' and $ruta != 'perfil/logout') {
Flash::warning("Acceso Denegado");
Router::redirect("index/index");
}
}
}
public static function search($string = null)
{
if ($string != null) {
$string = array($string);
} else {
$string = array();
$language_file = APP_PATH . DS . 'languages' . DS . Router::get('language') . '.php';
if (is_null(self::$_) && file_exists($language_file)) {
include_once $language_file;
self::$_ = $_;
}
foreach (self::$_ as $k => $v) {
$string[] = $k;
}
}
foreach ($string as $s) {
$directories = array('templates' . DS . TEMPLATE, 'views', 'controllers', 'models');
foreach ($directories as $directory) {
$_directory = APP_PATH . DS . $directory;
$ln = 1;
foreach (glob("{$_directory}" . DS . "*") as $file) {
if (!is_dir($file)) {
foreach (file($file) as $line) {
if (stripos($line, $s) !== false && stripos(str_replace('"', '\'', $line), 'search(\'' . $s . '\')') === false) {
echo '[' . $directory . DS . basename($file) . ':' . $ln . '][`' . $s . '`]: "' . trim(strip_tags($line)) . '"<hr />';
}
$ln++;
}
}
}
}
}
}
/**
* Método para verificar si tiene acceso al recurso
* @return boolean
*/
public function check($perfil)
{
$modulo = Router::get('module');
$controlador = Router::get('controller');
$accion = Router::get('action');
if (isset($this->_templates["{$perfil}"]) && !Input::isAjax()) {
View::template("backend/{$this->_templates["{$perfil}"]}");
}
if ($modulo) {
$recurso1 = "{$modulo}/{$controlador}/{$accion}";
//Por si tiene acceso a una única acción
$recurso2 = "{$modulo}/{$controlador}/*";
//por si tiene acceso a todas las acciones
$recurso3 = "{$modulo}/*/*";
//por si tiene acceso a todos los controladores
$recurso4 = "*";
//por si tiene acceso a todo el sistema
} else {
$recurso1 = "{$controlador}/{$accion}";
//Por si tiene acceso a una única acción
$recurso2 = "{$controlador}/*";
//por si tiene acceso a todas las acciones
$recurso3 = "{$modulo}/*/*";
//por si tiene acceso a todos los controladores
$recurso4 = "*";
//por si tiene acceso a todo el sistema
}
//Flash::info("Perfil: $perfil <br /> Recurso 1: $recurso1 <br /> Recurso 2: $recurso2 <br /> Recurso 3: $recurso3 <br /> Recurso 4: $recurso4");
return self::$_acl->check($recurso1, $perfil) || self::$_acl->check($recurso2, $perfil) || self::$_acl->check($recurso3, $perfil) || self::$_acl->check($recurso4, $perfil);
}
/**
* Maneja las excepciones no capturadas
*
* @param Exception $e
* */
public static function handleException($e)
{
self::setHeader($e);
//TODO quitar el extract, que el view pida los que necesite
extract(Router::get(), EXTR_OVERWRITE);
// Registra la autocarga de helpers
spl_autoload_register('kumbia_autoload_helper', true, true);
$Controller = Util::camelcase($controller);
ob_start();
if (PRODUCTION) {
//TODO: añadir error 500.phtml
include APP_PATH . 'views/_shared/errors/404.phtml';
return;
}
if ($e instanceof KumbiaException) {
$view = $e->view;
$tpl = $e->template;
} else {
$view = 'exception';
$tpl = 'views/templates/exception.phtml';
}
//Fix problem with action name in REST
$action = $e->getMessage() ? $e->getMessage() : $action;
include CORE_PATH . "views/errors/{$view}.phtml";
$content = ob_get_clean();
// termina los buffers abiertos
while (ob_get_level()) {
ob_end_clean();
}
include CORE_PATH . $tpl;
}
/**
* Muestra un warning de ActiveRecord
*
* @param string $title
* @param string $message
* @param string $source
*/
static function display_warning($title, $message, $source)
{
$controller_name = Router::get('controller');
$action = Router::get('action');
Flash::warning("\n\t\t<span style='font-size:16px;color:black'>KumbiaWarning: {$title}</span><br/>\n\t\t<div>{$message}<br>\n\t\t<span style='font-size:12px;color:black'>En el modelo <i>{$source}</i> al ejecutar <i>{$controller_name}/{$action}</i></span></div>", true);
print "<pre style='border:1px solid #969696;background:#FFFFE8;color:black'>";
print debug_print_backtrace() . "\n";
print "</pre>";
}
public function __construct($obj, $displayRows = 10, $pageNum = 1)
{
$this->setRs($obj);
$this->setPageSize($displayRows);
$this->assignPageNumber($pageNum);
$this->setRowNumber(0);
$this->setOffSet(($this->getPageNumber() - 1) * $this->getPageSize());
$this->setUrl(Router::get('route'));
}
protected final function initialize()
{
if (Router::get('controller') == 'usuarios' || Router::get('controller') == 'reportes') {
if (!Auth::is_valid()) {
Flash::error('Necesita ser un administrador e iniciar sesión para acceder a esta zona.');
Redirect::to('index');
}
}
}
/**
* Inicializa el Logger
*/
public static function initialize($name = '')
{
if (empty($name)) {
self::$_logName = 'audit' . date('Y-m-d') . '.txt';
}
self::$_login = Session::get('login');
self::$_ip = Session::get('ip') ? Session::get('ip') : DwUtils::getIp();
self::$_route = Router::get('route');
}
public function action_delete($id = null)
{
$category = Model_Category::find($id);
if ($category->delete()) {
// Delete cache
\Cache::delete('sidebar');
\Messages::success(__('backend.category.deleted'));
} else {
\Messages::error(__('error'));
}
\Response::redirect_back(\Router::get('admin_category'));
}
public function action_delete($id = null)
{
$post = \Model_Post::find($id);
if ($post->delete()) {
// Delete cache
\Cache::delete('sidebar');
\Messages::success(__('backend.post.deleted'));
} else {
\Messages::error(__('error'));
}
\Response::redirect_back(\Router::get('admin_post'));
}
protected final function initialize()
{
$controlador = Router::get("controller");
$action = Router::get("action");
$url = $controlador . "/" . $action;
$this->title = 'Sistema de Intercambio de Perfiles';
$rutas_libres = array("index/index");
if (!in_array($url, $rutas_libres) and !Auth::is_valid()) {
Flash::error("Permiso denegado");
Router::redirect("index/index");
}
}
public function before()
{
parent::before();
// Check if the current user is an administrator
if (!\Auth::member(6)) {
\Messages::warnig(__('user.login.permission-denied'));
\Response::redirect(\Router::get('backend'));
}
$this->template->title = "RN | ADMIN";
// Set global
$this->template->title = \Config::get('application.seo.backend.title');
}
public function testMethods()
{
$router = new Router();
$this->assertFalse($router->has("home"));
$this->assertNull($router->get("home"));
$this->assertSame(0, $router->count());
// add one
$this->assertInstanceOf("SugiPHP\\Routing\\Router", $router->add("home", new Route("/")));
$this->assertSame(1, $router->count());
$this->assertTrue($router->has("home"));
$this->assertInstanceOf("SugiPHP\\Routing\\Route", $router->get("home"));
// change it
$this->assertInstanceOf("SugiPHP\\Routing\\Router", $router->set("home", new Route("/foo")));
$this->assertSame(1, $router->count());
$this->assertTrue($router->has("home"));
$this->assertInstanceOf("SugiPHP\\Routing\\Route", $router->get("home"));
// remove it
$this->assertInstanceOf("SugiPHP\\Routing\\Router", $router->delete("home"));
$this->assertFalse($router->has("home"));
$this->assertNull($router->get("home"));
$this->assertSame(0, $router->count());
}
/**
* Redirecciona a un método del mismo controlador
*
* @param string $action Nombre del método dentro del controlador
* @param string $params Parámetros a pasar por la url
* @example DwRouter::toAction('listar', 'pag/2');
*/
public static function toAction($action, $params = null)
{
$action = trim($action, '/');
$params = trim($params, '/');
if (Input::isAjax() && APP_AJAX) {
$url = empty($params) ? Router::get('controller_path') . "/{$action}/" : Router::get('controller_path') . "/{$action}/{$params}/";
echo DwJs::setUrl($url);
//Aplico el hash a la url para saber la ruta actual
empty($params) ? Redirect::route_to("action: {$action}") : Redirect::route_to("action: {$action}", "parameters: {$params}");
} else {
empty($params) ? Redirect::toAction("{$action}/") : Redirect::toAction("{$action}/{$params}/");
}
}
/**
* Realiza el dispatch de una ruta
*
* @return Object
*/
public static function execute($route)
{
extract($route, EXTR_OVERWRITE);
if (!(include_once APP_PATH . "controllers/{$controller_path}" . '_controller.php')) {
throw new KumbiaException(NULL, 'no_controller');
}
//Asigna el controlador activo
$app_controller = Util::camelcase($controller) . 'Controller';
$cont = self::$_controller = new $app_controller($module, $controller, $action, $parameters);
View::select($action);
View::setPath($controller_path);
// Se ejecutan los filtros before
if ($cont->k_callback('initialize') === FALSE) {
return $cont;
}
if ($cont->k_callback('before_filter') === FALSE) {
return $cont;
}
//Se ejecuta el metodo con el nombre de la accion
//en la clase de acuerdo al convenio
if (!method_exists($cont, $action)) {
throw new KumbiaException(NULL, 'no_action');
}
//Obteniendo el metodo
$reflectionMethod = new ReflectionMethod($cont, $action);
//k_callback y __constructor metodo reservado
if ($reflectionMethod->name == 'k_callback' || $reflectionMethod->isConstructor()) {
throw new KumbiaException('Esta intentando ejecutar un método reservado de KumbiaPHP');
}
//se verifica que el metodo sea public
if (!$reflectionMethod->isPublic()) {
throw new KumbiaException(NULL, 'no_action');
}
//se verifica que los parametros que recibe
//la action sea la cantidad correcta
$num_params = count($parameters);
if ($cont->limit_params && ($num_params < $reflectionMethod->getNumberOfRequiredParameters() || $num_params > $reflectionMethod->getNumberOfParameters())) {
throw new KumbiaException("Número de parámetros erroneo para ejecutar la acción \"{$action}\" en el controlador \"{$controller}\"");
}
$reflectionMethod->invokeArgs($cont, $parameters);
//Corre los filtros after
$cont->k_callback('after_filter');
$cont->k_callback('finalize');
//Si esta routed volver a ejecutar
if (Router::getRouted()) {
Router::setRouted(FALSE);
return Dispatcher::execute(Router::get());
// Vuelve a ejecutar el dispatcher
}
return $cont;
}
public function initialize()
{
View::template('theme');
if (Router::get('module') == 'admin') {
Load::lib('SdAuth');
if (SdAuth::isLogged()) {
View::template('admin');
} else {
$this->error_msj = SdAuth::getError();
View::template('login');
return FALSE;
}
}
}
/**
* Get all categorys from author
* @param string $author username
*/
public function action_show_by_author($author = false)
{
$author = $this->data['author'] = \Model_User::query()->where('username', $author)->get_one();
if (!$author) {
\Messages::error(__('frontend.author.not-found'));
\Response::redirect_back(\Router::get('homepage'));
} else {
// Pagination
$config = array('pagination_url' => \Uri::current(), 'total_items' => count($author->posts), 'per_page' => \Config::get('application.pagination.per_page'), 'uri_segment' => 'page');
$this->data['pagination'] = $pagination = \Pagination::forge('category_pagination', $config);
// Get categorys
$this->data['categories'] = Model_Category::query()->where('user_id', $author->id)->order_by('created_at', 'DESC')->offset($pagination->offset)->limit($pagination->per_page)->get();
return \Response::forge(\View::forge('frontend/category/author')->set($this->data, null, false));
}
}
protected final function initialize()
{
$this->kumbia_title = "Cristal";
/*--------------------------------------------------*/
$controlador_actual = Router::get("controller");
$accion_actual = Router::get("action");
$ruta_actual = $controlador_actual . "/" . $accion_actual;
$rutas = array("default" => "index/login");
/*aqui se configurar los controladores y las vistas que ven los usuarios*/
$roles_permisos = array("C" => array("index" => array("", "logout", "login", "flot"), "test" => array()), "U" => array("index" => array("index", "login", "logout")), "A" => array("*"));
/*--------------------------------------------------------------------*/
if (Auth::is_valid()) {
$role = Auth::get("rol");
if (isset($roles_permisos[$role])) {
$controladores = $roles_permisos[$role];
if (isset($controladores[$controlador_actual]) or $role == "A") {
$acciones = isset($controladores[$controlador_actual]) ? $controladores[$controlador_actual] : array();
if (in_array($accion_actual, $acciones) or $role == "A") {
/*aqui pasa con permiso*/
} else {
Flash::error("Permiso Denegado!...");
Router::redirect($rutas['default']);
}
} else {
Flash::error("Permiso Denegado!....");
Router::redirect($rutas['default']);
}
} else {
Flash::warning("Permiso denegado, el rol no se encuentra registrado");
Router::redirect($rutas['default']);
}
} else {
$vistas = $roles_permisos["C"];
if (isset($vistas[$controlador_actual])) {
$acciones = $vistas[$controlador_actual];
if (in_array($accion_actual, $acciones)) {
/*aqui pasa con permiso*/
} else {
Flash::error("Permiso Denegado!.");
Router::redirect($rutas['default']);
}
} else {
Flash::error("Permiso Denegado!..");
Router::redirect($rutas['default']);
}
}
/*----------------------------------------------------*/
}
/**
* @covers Zepto\Router::routes()
*/
public function testRoutes()
{
$this->router->get('/get', function () {
return 'This is a get route';
});
$this->router->post('/post', function () {
return 'This is a post route';
});
$routes = $this->router->routes();
$this->assertArrayHasKey('GET', $routes);
$this->assertArrayHasKey('#^/get/$#', $routes['GET']);
$this->assertInstanceOf('Zepto\\Route', $routes['GET']['#^/get/$#']);
$this->assertArrayHasKey('POST', $routes);
$this->assertArrayHasKey('#^/post/$#', $routes['POST']);
$this->assertInstanceOf('Zepto\\Route', $routes['POST']['#^/post/$#']);
}
public function before()
{
parent::before();
// Get action, module and controller name
$this->actionName = \Request::active()->action;
$this->moduleName = \Request::active()->module;
$this->controllerName = strtolower(str_replace('Controller_', '', \Request::active()->controller));
$this->controllerName = str_replace($this->moduleName . '\\', '', $this->controllerName);
// Check Auth Access
if (!\Auth::check()) {
\Messages::info(__('user.login.not-logged'));
\Response::redirect(\Router::get('login'));
}
// Set global
$this->dataGlobal['title'] = \Config::get('application.seo.backend.title');
}
/**
* Reescribe la acción
*/
protected function rewriteActionName()
{
/**
* reescribimos la acción a ejecutar, ahora tendra será el metodo de
* la peticion: get(:id), getAll , put, post, delete, etc.
*/
$action = $this->action_name;
$method = strtolower(Router::get('method'));
$rewrite = "{$method}_{$action}";
if ($this->actionExist($rewrite)) {
$this->action_name = $rewrite;
} elseif ($action == 'index' && $method != 'post') {
$this->action_name = 'getAll';
} else {
$this->action_name = $method;
$this->parameters = $action == 'index' ? $this->parameters : array($action) + $this->parameters;
}
}
