Beispiel #1
0
 public function Render(Response $response, array $data)
 {
     $response->AddHeader('Content-type', 'text/plain');
     $response->Body .= "*** The page's data set: ***\n\n";
     $response->Body .= $this->renderData($data);
     $response->Body .= "\n****************************\n";
     $response->Send();
 }
Beispiel #2
0
 public function Render(Response $response, array $data)
 {
     $jsonString = $this->jsonEncode($data);
     if ($this->callback) {
         $response->AddHeader('Content-type', 'text/javascript;charset=utf-8');
         $response->Body = $this->callback . '(' . $jsonString . ');';
     } else {
         $response->AddHeader('Content-type', 'application/json;charset=utf-8');
         $response->Body = $jsonString;
     }
     $response->Send();
 }
Beispiel #3
0
 public function Render(Response $response, array $data)
 {
     if (strlen($this->layout)) {
         $data['pageTemplate'] = $this->template;
         $template = $this->layout;
     } else {
         $template = $this->template;
     }
     $output = $this->twig->render($template, $data);
     $response->Body = $output;
     $response->Send();
 }
Beispiel #4
0
 public function Render(Response $response, array $data)
 {
     $this->smarty->assign($data);
     if (strlen($this->layout)) {
         $this->smarty->assign('templateFile', $this->templatePath . $this->template);
         $template = $this->templatePath . $this->layout;
     } else {
         $template = $this->templatePath . $this->template;
     }
     $output = $this->smarty->fetch($template);
     $response->Body = $output;
     $response->Send();
 }
Beispiel #5
0
 public function Authorize($method)
 {
     $allowedMethods = array_map('strtoupper', $this->allowedMethods);
     // always allow OPTIONS requests
     if (!in_array('OPTIONS', $allowedMethods)) {
         array_push($allowedMethods, 'OPTIONS');
     }
     // set CORS headers if configured
     if ($this->crossOriginEnabled) {
         $headers = $this->request->Headers;
         if (isset($headers['Origin'])) {
             $allowedHeaders = isset($headers['Access-Control-Request-Headers']) ? $headers['Access-Control-Request-Headers'] : '';
             $origin = $headers['Origin'];
             if (in_array($origin, $this->crossOriginDomainsAllowed)) {
                 $this->response->AddHeader('Access-Control-Allow-Origin', $origin);
                 $this->response->AddHeader('Access-Control-Allow-Credentials', 'true');
                 $this->response->AddHeader('Access-Control-Allow-Methods', implode(',', $allowedMethods));
                 $this->response->AddHeader('Access-Control-Allow-Headers', $allowedHeaders);
             } else {
                 throw new CrossOriginException(sprintf('The origin "%s" is not permitted.', $origin));
             }
         }
     }
     if (!in_array($this->request->Method, $allowedMethods)) {
         throw new MethodNotAllowedException(sprintf('The %s method is not permitted here (118).', $this->request->Method));
     }
     /*
      * Issue #30: Authorize any OPTIONS request.
      */
     if (strtoupper($this->request->Method) === 'OPTIONS') {
         return true;
     }
     $authorized = true;
     if (isset($this->auth)) {
         if (!(in_array($method, $this->skipAuthentication) || in_array('*', $this->skipAuthentication))) {
             $requireAuth = false;
             // If requireAuthentication is empty, prevent access by default.
             if (empty($this->requireAuthentication)) {
                 $requireAuth = true;
             } else {
                 if (in_array($method, $this->requireAuthentication) || in_array('*', $this->requireAuthentication)) {
                     $requireAuth = true;
                 }
             }
             if ($requireAuth) {
                 /** @var \Fluxoft\Rebar\Auth\Reply $authReply */
                 $authReply = $this->auth->GetAuthenticatedUser($this->request);
                 if (!$authReply->Auth) {
                     // method is limited and user is not authenticated
                     throw new AccessDeniedException(sprintf('Access denied for %s', $method));
                 }
             }
         }
     }
     return $authorized;
 }
Beispiel #6
0
 /**
  * Route to the appropriate controller/method combination for a Request.
  *
  * If no custom routes were added, or a matching route is not found, the default routing behavior
  * is to split the path, then try to find a valid controller by successively concatenating the
  * parts of the path together to form namespaced classes by appending the path parts to the
  * ControllerNamespace until a valid Controller class is found.
  *
  * For instance, a Request for the path "/bundle/controller/action/param1/param2" would first try
  * to find a class called \ControllerNamespace\Bundle and failing that, would then try to find
  * \ControllerNamespace\Bundle\Controller and finding that is a valid class, would then call its
  * Action method, passing in the "param1" and "param2" as method parameters (after any MethodArgs
  * that might have been configured).
  *
  * @param Request $request
  * @param Response $response
  * @throws RouterException
  * @throws AuthenticationException
  */
 public function Route(Request $request, Response $response)
 {
     $path = $request->PathInfo;
     $auth = null;
     foreach ($this->authTypes as $route => $authInterface) {
         if (strpos($path, $route) === 0) {
             $auth = $authInterface;
             if (!$auth instanceof AuthInterface) {
                 throw new RouterException(sprintf("The authentication type specified for %s must implement AuthInterface", $request->PathInfo));
             }
             break;
         }
     }
     $route = $this->getRoute($path);
     /** @var $controller \Fluxoft\Rebar\Controller */
     $controller = new $route['controller']($request, $response, $auth);
     if (!is_callable([$controller, $route['action']])) {
         throw new RouterException(sprintf('Could not find a method called %s in %s.', $route['action'], $route['controller']));
     }
     if (method_exists($controller, 'Setup')) {
         $this->callControllerMethodWithParams($controller, 'Setup', $this->SetupArgs);
     }
     try {
         $controller->Authorize($route['action']);
     } catch (AccessDeniedException $e) {
         $response->Halt(403, $e->getMessage());
     } catch (MethodNotAllowedException $e) {
         $response->Halt(405, $e->getMessage());
     } catch (CrossOriginException $e) {
         $response->Halt(403, $e->getMessage());
     }
     // If this is an options request, and no exceptions were thrown for Authorize,
     // immediately return a 200 OK and do not even run the controller method.
     if (strtoupper($request->Method) === 'OPTIONS') {
         $response->Halt(200, 'OK');
     }
     /*
      * Add any configured MethodArgs to the array that will be used to call the controller
      * method, and then any URL params that were returned.
      */
     $actionParams = [];
     foreach ($this->MethodArgs as $arg) {
         $actionParams[] = $arg;
     }
     foreach ($route['url'] as $urlParam) {
         $actionParams[] = $urlParam;
     }
     $this->callControllerMethodWithParams($controller, $route['action'], $actionParams);
     $controller->Display();
     if (method_exists($controller, 'Cleanup')) {
         $this->callControllerMethodWithParams($controller, 'Cleanup', $this->CleanupArgs);
     }
 }