/**
* Handle an incoming request.
*
* @param Request $request
* @param \Closure $next
* @return Response
*/
public function handle(Request $request, Closure $next) : Response
{
$result = $this->_sentinel->authenticateFromRequest($request);
if ($result instanceof User) {
$this->_setUser($result);
}
if (!$this->_isAllowed($request->param('action'))) {
if (!$this->isAuthenticated()) {
Session::getInstance()->set("Auth/redirect", $request->url);
if ($request->is('ajax')) {
$response = new Response();
$response->statusCode(401);
return $response;
} else {
return Response::redirect(Configuration::getInstance()->get("Auth/loginUrl", "/"));
}
}
if (!$this->_sentinel->isAuthorized($result, $request)) {
if ($request->is('ajax')) {
$response = new Response();
$response->statusCode(403);
return $response;
} else {
return Response::redirect($request->referer());
}
}
}
return $next($request);
}
/**
* Create a response thats redirects to given $url.
*
* @param string $url A string or array-based URL pointing to another location within the app,
* or an absolute URL
* @param int $statusCode HTTP status code (eg: 301)
* @return Response
*/
public static function redirect(string $url, int $statusCode = 302)
{
$response = new Response();
$response->statusCode($statusCode);
if (strpos($url, '#') !== false) {
$url = Router::getInstance()->url(substr($url, 1));
}
if (!$response->location()) {
$response->location($url);
}
return $response;
}
public function processError($request, $exception)
{
$response = new Response();
$viewVars = ["exception" => $exception];
$code = 500;
$errorCode = $exception->getCode();
if ($errorCode >= 400 && $errorCode < 506) {
$code = $errorCode;
}
$response->statusCode($code);
$viewVars["code"] = $code;
if (method_exists($exception, 'responseHeader')) {
$response->header($exception->responseHeader());
}
if ($request) {
$viewVars["url"] = $request->url();
}
$isDebug = Configuration::getInstance()->get("debug");
if ($isDebug) {
$viewVars['trace'] = Debugger::formatTrace($exception->getTrace(), ['format' => 'array', 'args' => false]);
}
$message = $exception->getMessage();
$isHttpException = $exception instanceof HttpException;
if (!$isDebug && !$isHttpException) {
if ($code < 500) {
$message = \CoreTyson\tr('cake', 'Not Found');
} else {
$message = \CoreTyson\tr('cake', 'An Internal Error Has Occurred.');
}
}
$viewVars["message"] = $message;
$template = "error" . $code;
if (!$isDebug && !$isHttpException) {
$template = 'error500';
if ($code < 500) {
$template = 'error400';
}
}
if ($isHttpException) {
$template = 'error500';
if ($code < 500) {
$template = 'error400';
}
}
if ($exception instanceof PDOException) {
$template = 'pdo_error';
}
try {
$view = new View();
$response->body($view->render("Error/" . $template));
} catch (MissingTemplateException $e) {
return $this->_outputMessageSafe('error500');
} catch (MissingPluginException $e) {
$attributes = $e->getAttributes();
if (isset($attributes['plugin']) && $attributes['plugin'] === $this->controller->plugin) {
$this->controller->plugin = null;
}
return $this->_outputMessageSafe('error500');
} catch (Exception $e) {
return $this->_outputMessageSafe('error500');
}
}