protected function _logRequest($controllerResponse, $controllerName, $action) { // skip logging for successful /batch request if ($controllerResponse instanceof XenForo_ControllerResponse_View) { return false; } return parent::_logRequest($controllerResponse, $controllerName, $action); }
public function bdApi_actionGetResults(array $poll, $canVote, bdApi_ControllerApi_Abstract $controller) { $poll = $this->preparePoll($poll, $canVote); $pollData = $this->prepareApiDataForPoll($poll, $canVote); $results = array(); foreach ($pollData['responses'] as $responseData) { $response = $poll['responses'][$responseData['response_id']]; $resultData = $responseData; $resultData['response_vote_count'] = $response['response_vote_count']; if (!empty($poll['public_votes'])) { $resultData['voters'] = array(); if (!empty($response['voters'])) { $resultData['voters'] = array_values($response['voters']); } } $results[] = $resultData; } $data = array('results' => $controller->_filterDataMany($results)); if (!$controller->_isFieldExcluded('poll')) { $data['poll'] = $controller->_filterDataSingle($pollData, array('poll')); } return $controller->responseData('bdApi_ViewApi_Helper_Poll_Results', $data); }
protected function _preDispatch($action) { $this->_assertRegistrationRequired(); $this->_assertRequiredScope(bdApi_Model_OAuth2::SCOPE_PARTICIPATE_IN_CONVERSATIONS); parent::_preDispatch($action); }
protected function _getScopeForAction($action) { if ($action === 'PostIndex') { /* @var $session bdApi_Session */ $session = XenForo_Application::getSession(); $clientId = $session->getOAuthClientId(); if (empty($clientId)) { return false; } } return parent::_getScopeForAction($action); }
/** * @return XenForo_Model_Attachment */ protected function _getAttachmentModel() { return $this->_controller->getModelFromCache('XenForo_Model_Attachment'); }
protected function _prepareSessionActivityForApi(&$controllerName, &$action, array &$params) { switch ($action) { case 'GetIndex': $forumId = $this->_request->getParam('forum_id'); if (!empty($forumId) && is_numeric($forumId)) { $params['node_id'] = $forumId; } $controllerName = 'XenForo_ControllerPublic_Forum'; break; case 'Single': $controllerName = 'XenForo_ControllerPublic_Thread'; break; case 'GetNew': case 'GetRecent': $controllerName = 'XenForo_ControllerPublic_FindNew'; break; default: parent::_prepareSessionActivityForApi($controllerName, $action, $params); } }
protected function _checkUserCredentials_runTfaValidation($userId) { if ($userId < 1 || XenForo_Application::$versionId < 1050000) { return true; } if ($this->_controller === null) { // since XenForo 1.5+, $_controller must be set to check for two factor authentication // otherwise, deny access immediately return false; } /** @var XenForo_ControllerHelper_Login $loginHelper */ $loginHelper = $this->_controller->getHelper('Login'); $user = $this->_model->getUserModel()->getFullUserById($userId); if (!$loginHelper->userTfaConfirmationRequired($user)) { return true; } /** @var XenForo_Model_Tfa $tfaModel */ $tfaModel = $this->_model->getModelFromCache('XenForo_Model_Tfa'); $providers = $tfaModel->getTfaConfigurationForUser($user['user_id'], $userData); if (empty($providers)) { return true; } $this->_server->actionOauthToken_setTfaProviders($providers); $tfaProvider = $this->_controller->getInput()->filterSingle('tfa_provider', XenForo_Input::STRING); if (strlen($tfaProvider) === 0) { return false; } $tfaTrigger = $this->_controller->getInput()->filterSingle('tfa_trigger', XenForo_Input::BOOLEAN); if ($tfaTrigger) { $loginHelper->triggerTfaCheck($user, $tfaProvider, $providers, $userData); throw $this->_controller->responseException($this->_controller->responseMessage(new XenForo_Phrase('changes_saved'))); } $loginHelper->assertNotTfaAttemptLimited($user['user_id']); if ($loginHelper->runTfaValidation($user, $tfaProvider, $providers, $userData) === true) { return true; } throw $this->_controller->responseException($this->_controller->responseError(new XenForo_Phrase('two_step_verification_value_could_not_be_confirmed'))); }
public function responseNoPermission() { if ($this->_redirectAsNoPermission) { // this "hack" is required because other pre dispatch jobs may throw no permission response around // and we want to redirect them all, not just from our actions $redirectUri = $this->_input->filterSingle('redirect_uri', XenForo_Input::STRING); if (!empty($redirectUri)) { return $this->responseRedirect(XenForo_ControllerResponse_Redirect::RESOURCE_CANONICAL_PERMANENT, $redirectUri); } } return parent::responseNoPermission(); }