/**
* Execute this filter.
*
* @param AgaviFilterChain A FilterChain instance.
* @param AgaviExecutionContainer The current execution container.
*
* @author David Zülke <*****@*****.**>
* @author Sean Kerr <*****@*****.**>
* @since 0.9.0
*/
public function execute(AgaviFilterChain $filterChain, AgaviExecutionContainer $container)
{
// get the cool stuff
$context = $this->getContext();
$user = $context->getUser();
// get the current action instance
$actionInstance = $container->getActionInstance();
// get the credential required for this action
$credential = $actionInstance->getCredentials();
if (!$actionInstance->isSecure()) {
// the action instance does not require authentication, so we can continue in the chain and then bail out early
return $filterChain->execute($container);
}
// credentials can be anything you wish; a string, array, object, etc.
// as long as you add the same exact data to the user as a credential,
// it will use it and authorize the user as having the credential
//
// NOTE: the nice thing about the Action class is that getCredential()
// is vague enough to describe any level of security and can be
// used to retrieve such data and should never have to be altered
if ($user->isAuthenticated() && ($credential === null || $user->hasCredentials($credential))) {
// the user has access, continue
$filterChain->execute($container);
} else {
if ($user->isAuthenticated()) {
// the user doesn't have access
$container->setNext($container->createSystemActionForwardContainer('secure'));
} else {
// the user is not authenticated
$container->setNext($container->createSystemActionForwardContainer('login'));
}
}
}
public function afterExecute(AgaviExecutionContainer $container)
{
$start = $this->counters[$container->getActionName() . $container->getMicrotime()];
$duration = microtime(true) - $start;
array_unshift($this->log, array(str_repeat(' - ', $this->recursionLevel - 1) . $container->getModuleName() . '.' . $container->getActionName(), $duration));
$this->recursionLevel--;
}
public function onMatched(array &$parameters, AgaviExecutionContainer $container)
{
$validation = $container->getValidationManager();
$errors = array();
if (isset($parameters['authkey'])) {
$container->setAttribute('flag', true, 'org.icinga.api.auth');
try {
$this->user->doAuthKeyLogin($parameters['authkey']);
} catch (AgaviSecurityException $e) {
$errors[] = 'Log in failed by authkey';
}
}
if ($this->checkAuthorisation() == false) {
$errors[] = self::INSUFFICIENT_MSG;
}
if (count($errors)) {
$container->setAttributeByRef('errors', $errors, 'org.icinga.api.auth');
$container->setAttribute('success', false, 'org.icinga.api.auth');
return false;
}
$container->setAttribute('success', true, 'org.icinga.api.auth');
return true;
}
/**
* execute this containers view instance
*
* @return mixed the view's result
*
* @author David Zülke <*****@*****.**>
* @author Felix Gilcher <*****@*****.**>
* @since 1.0.0
*/
protected function executeView(AgaviExecutionContainer $container)
{
$outputType = $container->getOutputType()->getName();
$request = $this->context->getRequest();
$viewInstance = $container->getViewInstance();
// $lm->log('View is not cached, executing...');
// view initialization completed successfully
$executeMethod = 'execute' . $outputType;
if (!is_callable(array($viewInstance, $executeMethod))) {
$executeMethod = 'execute';
}
$key = $request->toggleLock();
try {
$viewResult = $viewInstance->{$executeMethod}($container->getRequestData());
} catch (Exception $e) {
// we caught an exception... unlock the request and rethrow!
$request->toggleLock($key);
throw $e;
}
$request->toggleLock($key);
return $viewResult;
}
/**
* Initialize this action.
*
* @param AgaviExecutionContainer This Action's execution container.
*
* @author David Zülke <*****@*****.**>
* @since 0.9.0
*/
public function initialize(AgaviExecutionContainer $container)
{
$this->container = $container;
$this->context = $container->getContext();
}
/**
* Execute this filter.
*
* The DispatchFilter executes the execution container.
*
* @param AgaviFilterChain The filter chain.
* @param AgaviExecutionContainer The current execution container.
*
* @throws <b>AgaviFilterException</b> If an error occurs during execution.
*
* @author David Zülke <*****@*****.**>
* @since 0.11.0
*/
public function execute(AgaviFilterChain $filterChain, AgaviExecutionContainer $container)
{
$container->setResponse($container->execute());
}
private function getValidationInfo(AgaviExecutionContainer $container)
{
$vm = $container->getValidationManager();
$result = array();
$result['has_errors'] = $vm->hasErrors();
$result['severities'] = array(100 => 'INFO', 200 => 'SILENT', 300 => 'NOTICE', 400 => 'ERROR', 500 => 'CRITICAL');
$result['incidents'] = $vm->getIncidents();
return $result;
}
/**
* Pretty-print this exception using a template.
*
* @param Exception The original exception.
* @param AgaviContext The context instance.
* @param AgaviResponse The response instance.
*
* @author David Zülke <*****@*****.**>
* @since 1.0.0
*/
public static function render(Exception $e, AgaviContext $context = null, AgaviExecutionContainer $container = null)
{
// exit code is 70, EX_SOFTWARE, according to /usr/include/sysexits.h: http://cvs.opensolaris.org/source/xref/on/usr/src/head/sysexits.h
// nice touch: an exception template can change this value :)
$exitCode = 70;
$exceptions = array();
if (version_compare(PHP_VERSION, '5.3', 'ge')) {
// reverse order of exceptions
$ce = $e;
while ($ce) {
array_unshift($exceptions, $ce);
$ce = $ce->getPrevious();
}
} else {
$exceptions[] = $e;
}
if ($container !== null && $container->getOutputType() !== null && $container->getOutputType()->getExceptionTemplate() !== null) {
// an exception template was defined for the container's output type
include $container->getOutputType()->getExceptionTemplate();
exit($exitCode);
}
if ($context !== null && $context->getController() !== null) {
try {
// check if an exception template was defined for the default output type
if ($context->getController()->getOutputType()->getExceptionTemplate() !== null) {
include $context->getController()->getOutputType()->getExceptionTemplate();
exit($exitCode);
}
} catch (Exception $e2) {
unset($e2);
}
}
if ($context !== null && AgaviConfig::get('exception.templates.' . $context->getName()) !== null) {
// a template was set for this context
include AgaviConfig::get('exception.templates.' . $context->getName());
exit($exitCode);
}
// include default exception template
include AgaviConfig::get('exception.default_template');
// bail out
exit($exitCode);
}
