/**
* Adds a backend routes
* @param $appInstance
* @return void
*/
public static function addRouteDefinitions(Slim $appInstance)
{
$appInstance->group('/admin', function () use($appInstance) {
$appInstance->get('/', function () {
print '<h1>A Simple Backend</h1>';
});
$appInstance->map("/chpass", function () use($appInstance) {
if (EMA_ADMIN_CHPASS) {
AdminPasswordChange_controller::process();
} else {
$appInstance->pass();
}
})->via('GET', 'POST');
$appInstance->map("/update", function () use($appInstance) {
ClassAndMethodsDispatcher::updateGPMethods();
})->via('GET', 'POST');
$appInstance->post("/login", function () use($appInstance) {
$appInstance->response->headers->set('Cache-Control', 'no-store');
if (isset($_POST['username']) && is_string($_POST['username']) && (isset($_POST['password']) && is_string($_POST['password']))) {
try {
try {
$user = new UserAuth();
} catch (SessionExpired $e) {
$user = new UserAuth();
}
$user->userLogin($_POST['username'], $_POST['password']);
if (!$user->isAdmin()) {
$user->logout();
throw new LoginIncorrect('You are not allowed to login here');
}
$appInstance->response->headers->set('Content-Type', 'application/json');
print json_encode($user->getSessionAuthData());
} catch (LoginIncorrect $e) {
$appInstance->response->headers->set('Content-Type', 'text/plain');
$appInstance->response->setStatus(400);
print $e->getMessage();
}
} else {
$appInstance->response->headers->set('Content-Type', 'text/plain');
$appInstance->response->setStatus(400);
print 'Bad request';
}
});
$appInstance->map('/logout', function () use($appInstance) {
try {
$user = new UserAuth();
if ($user->isUserLoggedInSimple()) {
$user->logout();
}
} catch (SessionExpired $e) {
}
})->via('GET', 'POST');
});
}
public function logout()
{
if ($this->isUserLoggedInSimple()) {
$this->removeUniqueIp($this->sessionAuthData['memberid']);
}
return parent::logout();
}
public function __construct()
{
try {
parent::__construct();
} catch (\Exception $e) {
// Skipping any errors
}
}
private static function otherCalls()
{
switch ($_POST['action']) {
case "getXMLModel":
if (isset($_POST['class']) === true && is_string($_POST['class'])) {
self::getXMLModel($_POST['class']);
}
return self::APP_XML_TYPE;
break;
case 'getAjaxMethods':
self::getAjaxMethods($_POST['class']);
return self::APP_JSON_TYPE;
break;
case 'getViewModelData':
if (!is_array($_POST['class'])) {
throw new RuntimeException("Invalid Argument");
}
self::getViewModels($_POST['class']);
return self::APP_JSON_TYPE;
break;
case 'sessionCheck':
try {
if ($_POST['class'] === 'member') {
$user = new MembersAuth();
} else {
$user = new UserAuth();
}
$result = false;
if ($user->isUserLoggedInSimple()) {
$result = $user->getSessionAuthData();
}
} catch (SessionExpired $e) {
$result = false;
}
print json_encode($result);
return self::APP_JSON_TYPE;
break;
default:
throw new Exception("Action not defined");
}
}
public static function rpcCheckAndRun(RpcCall $rpc, Slim $slim)
{
$localization = $slim->request->headers->get('Ema-Localization');
if ($localization) {
$rpc->setLocalization($localization);
}
$user = new UserAuth();
$isValidCsrfToken = $user->checkCsrfToken($slim->request->headers->get('X-Ema-Csrftoken'));
if (!$isValidCsrfToken) {
throw new InputError('CSRF token not valid');
}
$result = $rpc->run();
if (self::$isAddition) {
self::$additionRouteBase .= $result;
}
if (self::$isGettingItem && empty($result)) {
throw new NotFound('Item not found');
}
return $result;
}
/**
* @param $policyPattern
* @param bool $isExternalCall
* @return bool
*/
protected static function isAccessible($policyPattern, $isExternalCall = false)
{
if (empty($policyPattern)) {
return false;
}
$isExternalCall = (bool) $isExternalCall;
$policy = self::parseGpPolicy($policyPattern);
if (count($policy) === 0) {
return false;
}
$checkAccessModifier = function ($accessModifier) use($isExternalCall) {
if ($accessModifier === 'a') {
return true;
} else {
if ($isExternalCall === true && $accessModifier === 'e') {
return true;
} elseif ($isExternalCall === false && $accessModifier === 'i') {
return true;
} else {
return false;
}
}
};
$allowedForAll = false;
if (array_key_exists('ALL', $policy)) {
$allowedForAll = $checkAccessModifier($policy['ALL']);
}
$user = new UserAuth();
if ($user->isUserLoggedInSimple()) {
$gpId = $user->getGroup();
if ($user->isAdmin()) {
return true;
}
$allowedForUser = false;
if (array_key_exists($gpId, $policy)) {
$allowedForUser = $checkAccessModifier($policy[$gpId]);
}
return $allowedForUser || $allowedForAll;
} else {
return $allowedForAll;
}
}