/**
* Sends the given HTTP request
*
* @param \TYPO3\FLOW3\Http\Request $request
* @return \TYPO3\FLOW3\Http\Response
* @throws \TYPO3\FLOW3\Http\Exception
* @api
*/
public function sendRequest(Request $request)
{
$requestHandler = $this->bootstrap->getActiveRequestHandler();
if (!$requestHandler instanceof \TYPO3\FLOW3\Tests\FunctionalTestRequestHandler) {
throw new \TYPO3\FLOW3\Http\Exception('The browser\'s internal request engine has only been designed for use within functional tests.', 1335523749);
}
$response = new Response();
$requestHandler->setHttpRequest($request);
$requestHandler->setHttpResponse($response);
try {
$actionRequest = $this->router->route($request);
$this->securityContext->clearContext();
$this->securityContext->injectRequest($actionRequest);
$this->dispatcher->dispatch($actionRequest, $response);
} catch (\Exception $exception) {
$pathPosition = strpos($exception->getFile(), 'Packages/');
$filePathAndName = $pathPosition !== FALSE ? substr($exception->getFile(), $pathPosition) : $exception->getFile();
$exceptionCodeNumber = $exception->getCode() > 0 ? '#' . $exception->getCode() . ': ' : '';
$content = PHP_EOL . 'Uncaught Exception in FLOW3 ' . $exceptionCodeNumber . $exception->getMessage() . PHP_EOL;
$content .= 'thrown in file ' . $filePathAndName . PHP_EOL;
$content .= 'in line ' . $exception->getLine() . PHP_EOL . PHP_EOL;
$content .= \TYPO3\FLOW3\Error\Debugger::getBacktraceCode($exception->getTrace(), FALSE, TRUE) . PHP_EOL;
$response->setStatus(500);
$response->setContent($content);
$response->setHeader('X-FLOW3-ExceptionCode', $exceptionCodeNumber);
$response->setHeader('X-FLOW3-ExceptionMessage', $exception->getMessage());
}
return $response;
}
/**
* This is the default Policy voter, it votes for the access privilege for the given resource
*
* @param \TYPO3\FLOW3\Security\Context $securityContext The current securit context
* @param string $resource The resource to vote for
* @return integer One of: VOTE_GRANT, VOTE_ABSTAIN, VOTE_DENY
*/
public function voteForResource(\TYPO3\FLOW3\Security\Context $securityContext, $resource)
{
$accessGrants = 0;
$accessDenies = 0;
foreach ($securityContext->getRoles() as $role) {
try {
$privilege = $this->policyService->getPrivilegeForResource($role, $resource);
} catch (\TYPO3\FLOW3\Security\Exception\NoEntryInPolicyException $e) {
return self::VOTE_ABSTAIN;
}
if ($privilege === NULL) {
continue;
}
if ($privilege === \TYPO3\FLOW3\Security\Policy\PolicyService::PRIVILEGE_GRANT) {
$accessGrants++;
} elseif ($privilege === \TYPO3\FLOW3\Security\Policy\PolicyService::PRIVILEGE_DENY) {
$accessDenies++;
}
}
if ($accessDenies > 0) {
return self::VOTE_DENY;
}
if ($accessGrants > 0) {
return self::VOTE_GRANT;
}
return self::VOTE_ABSTAIN;
}
/**
* Returns the specified node
*
* @param string $term
* @param integer $requestIndex
* @return void
* @ExtDirect
* @todo Improve this WIP search implementation
*/
public function searchAction($term, $requestIndex)
{
$contentContext = new \TYPO3\TYPO3\Domain\Service\ContentContext($this->securityContext->getParty()->getPreferences()->get('context.workspace'));
$this->nodeRepository->setContext($contentContext);
$searchContentGroups = array();
$searchContentTypes = array();
foreach (array('TYPO3.Phoenix.ContentTypes:Page', 'TYPO3.Phoenix.ContentTypes:ContentObject') as $contentType) {
$searchContentGroups[$contentType] = $this->contentTypeManager->getContentType($contentType)->getConfiguration();
array_push($searchContentTypes, $contentType);
$subContentTypes = $this->contentTypeManager->getSubContentTypes($contentType);
if (count($subContentTypes) > 0) {
$searchContentGroups[$contentType]['subContentTypes'] = $subContentTypes;
$searchContentTypes = array_merge($searchContentTypes, array_keys($subContentTypes));
}
}
$staticWebBaseUri = $this->resourcePublisher->getStaticResourcesWebBaseUri() . 'Packages/TYPO3.TYPO3/';
$groups = array();
foreach ($this->nodeSearchService->findByProperties($term, $searchContentTypes) as $result) {
$contentType = $result->getContentType();
if (array_key_exists($contentType->getName(), $searchContentGroups)) {
$type = $contentType->getName();
} else {
foreach ($searchContentGroups as $searchContentGroup => $searchContentGroupConfiguration) {
if (isset($searchContentGroupConfiguration['subContentTypes']) && array_key_exists($contentType->getName(), $searchContentGroupConfiguration['subContentTypes'])) {
$type = $searchContentGroup;
break;
}
}
}
if (!array_key_exists($type, $groups)) {
$groups[$type] = array('type' => $contentType->getName(), 'label' => $searchContentGroups[$type]['search'], 'items' => array());
}
foreach ($contentType->getProperties() as $property => $configuration) {
if ($property[0] !== '_') {
$labelProperty = $property;
break;
}
}
$this->uriBuilder->reset();
if ($result->getContentType()->isOfType('TYPO3.Phoenix.ContentTypes:Page')) {
$pageNode = $result;
} else {
$pageNode = $this->findNextParentFolderNode($result);
$this->uriBuilder->setSection('c' . $result->getIdentifier());
}
$searchResult = array('type' => $contentType->getName(), 'label' => substr(trim(strip_tags($result->getProperty($labelProperty))), 0, 50), 'action' => $this->uriBuilder->uriFor('show', array('node' => $pageNode), 'Frontend\\Node', 'TYPO3.TYPO3'), 'path' => $result->getPath());
$contentTypeConfiguration = $contentType->getConfiguration();
if (isset($contentTypeConfiguration['darkIcon'])) {
$searchResult['icon'] = $staticWebBaseUri . $contentTypeConfiguration['darkIcon'];
}
array_push($groups[$type]['items'], $searchResult);
}
$data = array('requestIndex' => $requestIndex, 'actions' => array(array('label' => 'Clear all cache', 'command' => 'clear:cache:all'), array('label' => 'Clear page cache', 'command' => 'clear:cache:pages')), 'results' => array_values($groups));
$this->view->assign('value', array('data' => $data, 'success' => TRUE));
}
/**
* @param string $workspaceName
* @return void
* @todo Pagination
* @todo Tree filtering + level limit
* @todo Search field
* @todo Difference mechanism
*/
public function indexAction($workspaceName = NULL)
{
if (is_null($workspaceName)) {
$workspaceName = $this->securityContext->getParty()->getPreferences()->get('context.workspace');
}
$contentContext = new \TYPO3\TYPO3\Domain\Service\ContentContext($workspaceName);
$contentContext->setInvisibleContentShown(TRUE);
$contentContext->setRemovedContentShown(TRUE);
$contentContext->setInaccessibleContentShown(TRUE);
$this->nodeRepository->setContext($contentContext);
$sites = array();
foreach ($this->workspacesService->getUnpublishedNodes($workspaceName) as $node) {
if (!$node->getContentType()->isOfType('TYPO3.Phoenix.ContentTypes:Section')) {
$pathParts = explode('/', $node->getPath());
if (count($pathParts) > 2) {
$siteNodeName = $pathParts[2];
$folder = $this->findFolderNode($node);
$folderPath = implode('/', array_slice(explode('/', $folder->getPath()), 3));
$relativePath = str_replace(sprintf('/sites/%s/%s', $siteNodeName, $folderPath), '', $node->getPath());
if (!isset($sites[$siteNodeName]['siteNode'])) {
$sites[$siteNodeName]['siteNode'] = $this->siteRepository->findOneByNodeName($siteNodeName);
}
$sites[$siteNodeName]['folders'][$folderPath]['folderNode'] = $folder;
$change = array('node' => $node);
if ($node->getContentType()->isOfType('TYPO3.Phoenix.ContentTypes:AbstractNode')) {
$change['configuration'] = $node->getContentType()->getConfiguration();
}
$sites[$siteNodeName]['folders'][$folderPath]['changes'][$relativePath] = $change;
}
}
}
$liveWorkspace = $this->workspacesService->getWorkspace('live');
ksort($sites);
foreach ($sites as $siteKey => $site) {
foreach ($site['folders'] as $folderKey => $folder) {
foreach ($folder['changes'] as $changeKey => $change) {
$liveNode = $this->nodeRepository->findOneByIdentifier($change['node']->getIdentifier(), $liveWorkspace);
$sites[$siteKey]['folders'][$folderKey]['changes'][$changeKey]['isNew'] = is_null($liveNode);
$sites[$siteKey]['folders'][$folderKey]['changes'][$changeKey]['isMoved'] = $liveNode && $change['node']->getPath() !== $liveNode->getPath();
}
}
ksort($sites[$siteKey]['folders']);
}
$workspaces = array();
foreach ($this->workspacesService->getWorkspaces() as $workspace) {
array_push($workspaces, array('workspaceNode' => $workspace, 'unpublishedNodesCount' => $this->workspacesService->getUnpublishedNodesCount($workspace->getName())));
}
$this->view->assignMultiple(array('workspaceName' => $workspaceName, 'workspaces' => $workspaces, 'sites' => $sites));
}
public function redirectToLogin()
{
$entryPointFound = FALSE;
foreach ($this->securityContext->getAuthenticationTokens() as $token) {
if (!is_object($token)) {
continue;
}
$entryPoint = $token->getAuthenticationEntryPoint();
if ($entryPoint !== NULL && $entryPoint->canForward($this->request)) {
$entryPointFound = TRUE;
if ($entryPoint instanceof \TYPO3\FLOW3\Security\Authentication\EntryPoint\WebRedirect) {
$options = $entryPoint->getOptions();
$options['uri'] = $options['uri'] . "?_redirect=" . urlencode($this->request->getRequestUri());
$entryPoint->setOptions($options);
$this->securityLogger->log('Redirecting to authentication entry point with URI ' . (isset($options['uri']) ? $options['uri'] : '- undefined -'), LOG_INFO);
} else {
$this->securityLogger->log('Starting authentication with entry point of type ' . get_class($entryPoint), LOG_INFO);
}
$rootRequest = $this->request;
if ($this->request instanceof \TYPO3\FLOW3\MVC\Web\SubRequest) {
$rootRequest = $this->request->getRootRequest();
}
$this->securityContext->setInterceptedRequest($rootRequest);
$entryPoint->startAuthentication($rootRequest, $this->response);
throw new \TYPO3\FLOW3\MVC\Exception\StopActionException();
}
}
if ($entryPointFound === FALSE) {
$this->securityLogger->log('No authentication entry point found for active tokens, therefore cannot authenticate or redirect to authentication automatically.', LOG_NOTICE);
throw new \TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException('No authentication entry point found for active tokens, therefore cannot authenticate or redirect to authentication automatically.', 1317309673);
}
}
/**
* Logout all active authentication tokens
*
* @return void
*/
public function logout()
{
if ($this->isAuthenticated() !== TRUE) {
return;
}
foreach ($this->securityContext->getAuthenticationTokens() as $token) {
$token->setAuthenticationStatus(\TYPO3\FLOW3\Security\Authentication\TokenInterface::NO_CREDENTIALS_GIVEN);
}
$this->emitLoggedOut();
}
/**
* @param \TYPO3\FLOW3\Security\Account $account
* @return void
* @todo Security
*/
public function deleteAction(\TYPO3\FLOW3\Security\Account $account)
{
if ($this->securityContext->getAccount() === $account) {
$this->addFlashMessage('You can not remove current logged in user');
$this->redirect('index');
}
$this->accountRepository->remove($account);
$this->addFlashMessage('The user has been deleted.');
$this->redirect('index');
}
/**
* Default action of the backend controller.
*
* @return void
* @FLOW3\SkipCsrfProtection
*/
public function indexAction()
{
$workspaceName = $this->securityContext->getParty()->getPreferences()->get('context.workspace');
// Hack: Create the workspace if it does not exist yet.
$contentContext = new \TYPO3\TYPO3\Domain\Service\ContentContext($workspaceName);
$contentContext->getWorkspace();
if (isset($_COOKIE['TYPO3_lastVisitedUri'])) {
$redirectUri = $_COOKIE['TYPO3_lastVisitedUri'];
$appendHtml = !strpos($redirectUri, '.html') ? FALSE : TRUE;
if (!strpos($redirectUri, '@')) {
$redirectUri = str_replace('.html', '', $redirectUri);
} else {
$redirectUri = substr($redirectUri, 0, strpos($redirectUri, '@'));
}
$redirectUri .= '@' . $workspaceName . ($appendHtml === TRUE ? '.html' : '');
$this->redirectToUri($redirectUri);
} else {
$this->redirectToUri('/@' . $workspaceName . '.html');
}
}
/**
* Adds a CSRF token as argument in the URI builder
*
* @FLOW3\Before("setting(TYPO3.FLOW3.security.enable) && method(TYPO3\FLOW3\Mvc\Routing\UriBuilder->build())")
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current join point
* @return void
*/
public function addCsrfTokenToUri(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$uriBuilder = $joinPoint->getProxy();
$arguments = $joinPoint->getMethodArgument('arguments');
$packageKey = isset($arguments['@package']) ? $arguments['@package'] : '';
$subpackageKey = isset($arguments['@subpackage']) ? $arguments['@subpackage'] : '';
$controllerName = isset($arguments['@controller']) ? $arguments['@controller'] : 'Standard';
$actionName = (isset($arguments['@action']) ? $arguments['@action'] : 'index') . 'Action';
$possibleObjectName = '@package\\@subpackage\\Controller\\@controllerController';
$possibleObjectName = str_replace('@package', str_replace('.', '\\', $packageKey), $possibleObjectName);
$possibleObjectName = str_replace('@subpackage', $subpackageKey, $possibleObjectName);
$possibleObjectName = str_replace('@controller', $controllerName, $possibleObjectName);
$possibleObjectName = str_replace('\\\\', '\\', $possibleObjectName);
$lowercaseObjectName = strtolower($possibleObjectName);
$className = $this->objectManager->getClassNameByObjectName($this->objectManager->getCaseSensitiveObjectName($lowercaseObjectName));
if ($this->policyService->hasPolicyEntryForMethod($className, $actionName) && !$this->reflectionService->isMethodAnnotatedWith($className, $actionName, 'TYPO3\\FLOW3\\Annotations\\SkipCsrfProtection')) {
$internalArguments = $uriBuilder->getArguments();
$internalArguments['__csrfToken'] = $this->securityContext->getCsrfProtectionToken();
$uriBuilder->setArguments($internalArguments);
}
}
/**
* Default action of this controller.
*
* @return void
*/
public function indexAction()
{
if ($this->exception !== NULL) {
$this->view->assign('errorMessage', $this->exception->getMessage());
}
$httpRequest = $this->request->getHttpRequest();
$uriPath = $httpRequest->getUri()->getPath();
$uriPathWithoutFormat = substr($uriPath, 0, strrpos($uriPath, '.'));
preg_match(\TYPO3\TYPO3CR\Domain\Model\NodeInterface::MATCH_PATTERN_CONTEXTPATH, $uriPathWithoutFormat, $matches);
if (isset($matches['WorkspaceName'])) {
$uri = $httpRequest->getBaseUri() . '@' . $matches['WorkspaceName'];
} elseif ($this->securityContext->getParty() instanceof \TYPO3\TYPO3\Domain\Model\User) {
$uri = $httpRequest->getBaseUri() . '@' . $this->securityContext->getParty()->getPreferences()->get('context.workspace');
} else {
$uri = $httpRequest->getBaseUri();
}
$this->view->assign('pageTitle', '404 Not Found');
$this->view->assign('errorTitle', 'Page Not Found');
$this->view->assign('errorDescription', 'Sorry, we could not find any page at this URL.<br />Please visit the <a href="' . $uri . '">homepage</a> to get back on the path.');
$this->response->setStatus(404);
}
/**
* Matches a \TYPO3\FLOW3\Mvc\RequestInterface against the configured CSRF pattern rules and searches for invalid
* csrf tokens.
*
* @param \TYPO3\FLOW3\Mvc\RequestInterface $request The request that should be matched
* @return boolean TRUE if the pattern matched, FALSE otherwise
* @throws \TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException
*/
public function matchRequest(\TYPO3\FLOW3\Mvc\RequestInterface $request)
{
if ($this->authenticationManager->isAuthenticated() === FALSE) {
return FALSE;
}
$controllerClassName = $this->objectManager->getClassNameByObjectName($request->getControllerObjectName());
$actionName = $request->getControllerActionName() . 'Action';
if ($this->policyService->hasPolicyEntryForMethod($controllerClassName, $actionName) && !$this->reflectionService->isMethodTaggedWith($controllerClassName, $actionName, 'skipcsrfprotection')) {
$internalArguments = $request->getInternalArguments();
if (!isset($internalArguments['__csrfToken'])) {
return TRUE;
}
$csrfToken = $internalArguments['__csrfToken'];
if (!$this->securityContext->hasCsrfProtectionTokens()) {
throw new \TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException('No tokens in security context, possible session timeout', 1317309673);
}
if ($this->securityContext->isCsrfProtectionTokenValid($csrfToken) === FALSE) {
return TRUE;
}
}
return FALSE;
}
/**
* Decide if wireframe mode should be enabled.
*
* @param \TYPO3\TYPO3CR\Domain\Model\NodeInterface $node
* @return boolean
*/
protected function isWireframeModeEnabled(\TYPO3\TYPO3CR\Domain\Model\NodeInterface $node)
{
if ($this->securityContext->getParty() !== NULL) {
try {
$this->accessDecisionManager->decideOnResource('TYPO3_TYPO3_Backend_BackendController');
if (!$this->view->canRenderWithNodeAndPath($node, $this->view->getTypoScriptPath())) {
return TRUE;
}
return $this->securityContext->getParty()->getPreferences()->get('contentEditing.wireframeMode') ? TRUE : FALSE;
} catch (\Exception $e) {
}
}
return FALSE;
}
/**
* Calls the authentication manager to authenticate all active tokens
* and redirects to the original intercepted request on success if there
* is one stored in the security context. If no intercepted request is
* found, the function simply returns.
*
* If authentication fails, the result of calling the defined
* $errorMethodName is returned.
*
* @return string
*/
public function authenticateAction()
{
$authenticated = FALSE;
try {
$this->authenticationManager->authenticate();
$authenticated = TRUE;
} catch (\TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException $exception) {
}
if ($authenticated) {
$storedRequest = $this->securityContext->getInterceptedRequest();
if ($storedRequest !== NULL) {
$mainRequest = $storedRequest->getMainRequest();
$packageKey = $mainRequest->getControllerPackageKey();
$subpackageKey = $mainRequest->getControllerSubpackageKey();
if ($subpackageKey !== NULL) {
$packageKey .= '\\' . $subpackageKey;
}
$this->redirect($mainRequest->getControllerActionName(), $mainRequest->getControllerName(), $packageKey, $mainRequest->getArguments());
}
} else {
return call_user_func(array($this, $this->errorMethodName));
}
}
/**
* Advices the dispatch method so that illegal action requests are blocked before
* invoking any controller.
*
* The "request" referred to within this method is an ActionRequest or some other
* dispatchable request implementing RequestInterface. Note that we don't deal
* with HTTP requests here.
*
* @FLOW3\Around("setting(TYPO3.FLOW3.security.enable) && method(TYPO3\FLOW3\Mvc\Dispatcher->dispatch())")
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current joinpoint
* @return mixed Result of the advice chain
* @throws \TYPO3\FLOW3\Security\Exception\AccessDeniedException
* @throws \TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException
*/
public function blockIllegalRequestsAndForwardToAuthenticationEntryPoints(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$request = $joinPoint->getMethodArgument('request');
if (!$request instanceof ActionRequest) {
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
try {
$this->firewall->blockIllegalRequests($request);
return $joinPoint->getAdviceChain()->proceed($joinPoint);
} catch (\TYPO3\FLOW3\Security\Exception\AuthenticationRequiredException $exception) {
$response = $joinPoint->getMethodArgument('response');
$entryPointFound = FALSE;
foreach ($this->securityContext->getAuthenticationTokens() as $token) {
$entryPoint = $token->getAuthenticationEntryPoint();
if ($entryPoint !== NULL) {
$entryPointFound = TRUE;
if ($entryPoint instanceof \TYPO3\FLOW3\Security\Authentication\EntryPoint\WebRedirect) {
$options = $entryPoint->getOptions();
$this->securityLogger->log('Redirecting to authentication entry point with URI ' . (isset($options['uri']) ? $options['uri'] : '- undefined -'), LOG_INFO);
} else {
$this->securityLogger->log('Starting authentication with entry point of type ' . get_class($entryPoint), LOG_INFO);
}
$this->securityContext->setInterceptedRequest($request->getMainRequest());
$entryPoint->startAuthentication($request->getHttpRequest(), $response);
}
}
if ($entryPointFound === FALSE) {
$this->securityLogger->log('No authentication entry point found for active tokens, therefore cannot authenticate or redirect to authentication automatically.', LOG_NOTICE);
throw $exception;
}
} catch (\TYPO3\FLOW3\Security\Exception\AccessDeniedException $exception) {
$this->securityLogger->log('Access denied', LOG_WARNING);
$response = $joinPoint->getMethodArgument('response');
$response->setStatus(403);
$response->setContent('<h1>403 Forbidden</h1><p>' . $exception->getMessage());
}
}
/**
* Handles a HTTP request
*
* @return void
*/
public function handleRequest()
{
// Create the request very early so the Resource Management has a chance to grab it:
$this->request = Request::createFromEnvironment();
$this->response = new Response();
$this->boot();
$this->resolveDependencies();
$this->request->injectSettings($this->settings);
$this->router->setRoutesConfiguration($this->routesConfiguration);
$actionRequest = $this->router->route($this->request);
$this->securityContext->injectRequest($actionRequest);
$this->dispatcher->dispatch($actionRequest, $this->response);
$this->response->makeStandardsCompliant($this->request);
$this->response->send();
$this->bootstrap->shutdown('Runtime');
$this->exit->__invoke();
}
/**
* Checks, if the current policy allows the retrieval of the object fetched by getObjectDataByIdentifier()
*
* @FLOW3\Around("within(TYPO3\FLOW3\Persistence\PersistenceManagerInterface) && method(.*->getObjectByIdentifier()) && setting(TYPO3.FLOW3.security.enable)")
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current joinpoint
* @return array The object data of the original object, or NULL if access is not permitted
*/
public function checkAccessAfterFetchingAnObjectByIdentifier(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$result = $joinPoint->getAdviceChain()->proceed($joinPoint);
if ($this->securityContext->isInitialized() === FALSE) {
return $result;
}
$authenticatedRoles = $this->securityContext->getRoles();
if ($result instanceof \Doctrine\ORM\Proxy\Proxy) {
$entityType = get_parent_class($result);
} else {
$entityType = get_class($result);
}
if ($this->policyService->hasPolicyEntryForEntityType($entityType, $authenticatedRoles)) {
if ($this->policyService->isGeneralAccessForEntityTypeGranted($entityType, $authenticatedRoles) === FALSE) {
return NULL;
}
$policyConstraintsDefinition = $this->policyService->getResourcesConstraintsForEntityTypeAndRoles($entityType, $authenticatedRoles);
if ($this->checkConstraintDefinitionsOnResultObject($policyConstraintsDefinition, $result) === FALSE) {
return NULL;
}
}
return $result;
}
/**
* Returns the publish path and filename to be used to publish the specified persistent resource
*
* @FLOW3\Around("method(TYPO3\FLOW3\Resource\Publishing\FileSystemPublishingTarget->buildPersistentResourcePublishPathAndFilename()) && setting(TYPO3.FLOW3.security.enable)")
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current join point
* @return mixed Result of the target method
*/
public function rewritePersistentResourcePublishPathAndFilenameForPrivateResources(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$resource = $joinPoint->getMethodArgument('resource');
$configuration = $resource->getPublishingConfiguration();
$returnFilename = $joinPoint->getMethodArgument('returnFilename');
if ($configuration === NULL || $configuration instanceof \TYPO3\FLOW3\Security\Authorization\Resource\SecurityPublishingConfiguration === FALSE) {
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
$publishingPath = FALSE;
$allowedRoles = $configuration->getAllowedRoles();
if (count(array_intersect($allowedRoles, $this->securityContext->getRoles())) > 0) {
$publishingPath = \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($joinPoint->getProxy()->getResourcesPublishingPath(), 'Persistent/', $this->session->getID())) . '/';
$filename = $resource->getResourcePointer()->getHash() . '.' . $resource->getFileExtension();
\TYPO3\FLOW3\Utility\Files::createDirectoryRecursively($publishingPath);
$this->accessRestrictionPublisher->publishAccessRestrictionsForPath($publishingPath);
if ($this->settings['resource']['publishing']['fileSystem']['mirrorMode'] === 'link') {
foreach ($allowedRoles as $role) {
$roleDirectory = \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($this->environment->getPathToTemporaryDirectory(), 'PrivateResourcePublishing/', $role));
\TYPO3\FLOW3\Utility\Files::createDirectoryRecursively($roleDirectory);
if (file_exists($publishingPath . $role)) {
if (\TYPO3\FLOW3\Utility\Files::is_link(\TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $role))) && realpath(\TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $role))) === $roleDirectory) {
continue;
}
unlink($publishingPath . $role);
symlink($roleDirectory, \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $role)));
} else {
symlink($roleDirectory, \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $role)));
}
}
$publishingPath = \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $allowedRoles[0])) . '/';
}
if ($returnFilename === TRUE) {
$publishingPath = \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $filename));
}
}
return $publishingPath;
}
/**
* Prepares the environment for and conducts an account authentication
*
* @param \TYPO3\FLOW3\Security\Account $account
* @return void
* @api
*/
protected function authenticateAccount(\TYPO3\FLOW3\Security\Account $account)
{
$this->testingProvider->setAuthenticationStatus(\TYPO3\FLOW3\Security\Authentication\TokenInterface::AUTHENTICATION_SUCCESSFUL);
$this->testingProvider->setAccount($account);
$this->securityContext->clearContext();
$requestHandler = self::$bootstrap->getActiveRequestHandler();
$request = $requestHandler->getHttpRequest();
$actionRequest = $request->createActionRequest();
$this->securityContext->injectRequest($actionRequest);
$this->authenticationManager->authenticate();
}
/**
* Get a user preference.
*
* @param string $preferencePath The preference key / path
* @return void
* @ExtDirect
*/
public function getPreferenceAction($preferencePath)
{
$value = $this->securityContext->getParty()->getPreferences()->get($preferencePath);
$this->view->setConfiguration(array('value' => array('data' => array('_descendAll' => array()))));
$this->view->assign('value', array('data' => $value, 'success' => TRUE));
}
/**
*
* @param \TYPO3\FLOW3\Mvc\View\ViewInterface $view
* @return void
*/
protected function initializeView(\TYPO3\FLOW3\Mvc\View\ViewInterface $view)
{
parent::initializeView($view);
$account = $this->securityContext->getAccount();
$view->assign('account', $account);
}
/**
* @return void
*/
public function indexAction()
{
$this->view->assign('account', $this->securityContext->getAccount());
}