/** * Handle GET requests. * * @param Alpha\Util\Http\Request $request * * @return Alpha\Util\Http\Response * * @since 1.0 */ public function doGET($request) { self::$logger->debug('>>doGET($request=[' . var_export($request, true) . '])'); $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); // if there is nobody logged in, we will send them off to the Login controller to do so before coming back here if ($session->get('currentUser') === false) { self::$logger->info('Nobody logged in, invoking Login controller...'); $controller = new LoginController(); $controller->setName('LoginController'); $controller->setRequest($request); $controller->setUnitOfWork(array('Alpha\\Controller\\LoginController', 'Alpha\\Controller\\InstallController')); self::$logger->debug('<<__construct'); return $controller->doGET($request); } $params = $request->getParams(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $body = View::displayPageHead($this); $body .= '<h1>Installing the ' . $config->get('app.title') . ' application</h1>'; try { $body .= $this->createApplicationDirs(); } catch (\Exception $e) { $body .= View::displayErrorMessage($e->getMessage()); $body .= View::displayErrorMessage('Aborting.'); return new Response(500, $body, array('Content-Type' => 'text/html')); } // start a new database transaction ActiveRecord::begin(); /* * Create DEnum tables */ $DEnum = new DEnum(); $DEnumItem = new DEnumItem(); try { $body .= '<p>Attempting to create the DEnum tables...'; if (!$DEnum->checkTableExists()) { $DEnum->makeTable(); } self::$logger->info('Created the [' . $DEnum->getTableName() . '] table successfully'); if (!$DEnumItem->checkTableExists()) { $DEnumItem->makeTable(); } self::$logger->info('Created the [' . $DEnumItem->getTableName() . '] table successfully'); // create a default article DEnum category $DEnum = new DEnum('Alpha\\Model\\Article::section'); $DEnumItem = new DEnumItem(); $DEnumItem->set('value', 'Main'); $DEnumItem->set('DEnumID', $DEnum->getID()); $DEnumItem->save(); $body .= View::displayUpdateMessage('DEnums set up successfully.'); } catch (\Exception $e) { $body .= View::displayErrorMessage($e->getMessage()); $body .= View::displayErrorMessage('Aborting.'); self::$logger->error($e->getMessage()); ActiveRecord::rollback(); return new Response(500, $body, array('Content-Type' => 'text/html')); } /* * Loop over each business object in the system, and create a table for it */ $classNames = ActiveRecord::getBOClassNames(); $loadedClasses = array(); foreach ($classNames as $classname) { array_push($loadedClasses, $classname); } foreach ($loadedClasses as $classname) { try { $body .= '<p>Attempting to create the table for the class [' . $classname . ']...'; try { $BO = new $classname(); if (!$BO->checkTableExists()) { $BO->makeTable(); } else { if ($BO->checkTableNeedsUpdate()) { $missingFields = $BO->findMissingFields(); $count = count($missingFields); for ($i = 0; $i < $count; ++$i) { $BO->addProperty($missingFields[$i]); } } } } catch (FailedIndexCreateException $eice) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($eice->getMessage()); } catch (FailedLookupCreateException $elce) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($elce->getMessage()); } self::$logger->info('Created the [' . $BO->getTableName() . '] table successfully'); $body .= View::displayUpdateMessage('Created the [' . $BO->getTableName() . '] table successfully'); } catch (\Exception $e) { $body .= View::displayErrorMessage($e->getMessage()); $body .= View::displayErrorMessage('Aborting.'); self::$logger->error($e->getMessage()); ActiveRecord::rollback(); return new Response(500, $body, array('Content-Type' => 'text/html')); } } $body .= View::displayUpdateMessage('All business object tables created successfully!'); /* * Create the Admin and Standard groups */ $adminGroup = new Rights(); $adminGroup->set('name', 'Admin'); $standardGroup = new Rights(); $standardGroup->set('name', 'Standard'); try { try { $body .= '<p>Attempting to create the Admin and Standard groups...'; $adminGroup->save(); $standardGroup->save(); self::$logger->info('Created the Admin and Standard rights groups successfully'); $body .= View::displayUpdateMessage('Created the Admin and Standard rights groups successfully'); } catch (FailedIndexCreateException $eice) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($eice->getMessage()); } catch (FailedLookupCreateException $elce) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($elce->getMessage()); } } catch (\Exception $e) { $body .= View::displayErrorMessage($e->getMessage()); $body .= View::displayErrorMessage('Aborting.'); self::$logger->error($e->getMessage()); ActiveRecord::rollback(); return new Response(500, $body, array('Content-Type' => 'text/html')); } /* * Save the admin user to the database in the right group */ try { try { $body .= '<p>Attempting to save the Admin account...'; $admin = new Person(); $admin->set('displayName', 'Admin'); $admin->set('email', $session->get('currentUser')->get('email')); $admin->set('password', $session->get('currentUser')->get('password')); $admin->save(); self::$logger->info('Created the admin user account [' . $session->get('currentUser')->get('email') . '] successfully'); $adminGroup->loadByAttribute('name', 'Admin'); $lookup = $adminGroup->getMembers()->getLookup(); $lookup->setValue(array($admin->getID(), $adminGroup->getID())); $lookup->save(); self::$logger->info('Added the admin account to the Admin group successfully'); $body .= View::displayUpdateMessage('Added the admin account to the Admin group successfully'); } catch (FailedIndexCreateException $eice) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($eice->getMessage()); } catch (FailedLookupCreateException $elce) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($elce->getMessage()); } } catch (\Exception $e) { $body .= View::displayErrorMessage($e->getMessage()); $body .= View::displayErrorMessage('Aborting.'); self::$logger->error($e->getMessage()); ActiveRecord::rollback(); return new Response(500, $body, array('Content-Type' => 'text/html')); } $body .= '<br><p align="center"><a href="' . FrontController::generateSecureURL('act=Alpha\\Controller\\ListActiveRecordsController') . '">Administration Home Page</a></p><br>'; $body .= View::displayPageFoot($this); // commit ActiveRecord::commit(); self::$logger->info('Finished installation!'); self::$logger->action('Installed the application'); self::$logger->debug('<<doGET'); return new Response(200, $body, array('Content-Type' => 'text/html')); }
/** * The constructor method. * * @throws Alpha\Exception\BadRequestException * * @since 1.0 */ public function __construct() { self::$logger = new Logger('FrontController'); self::$logger->debug('>>__construct()'); $config = ConfigProvider::getInstance(); mb_internal_encoding('UTF-8'); mb_http_output('UTF-8'); mb_http_input('UTF-8'); ini_set('default_charset', 'utf-8'); if (!mb_check_encoding()) { throw new BadRequestException('Request character encoding does not match expected UTF-8'); } $this->addRoute('/', function ($request) { $controller = new IndexController(); return $controller->process($request); }); $this->addRoute('/a/{title}/{view}', function ($request) { $controller = new ArticleController(); return $controller->process($request); })->value('title', null)->value('view', 'detailed'); $this->addRoute('/articles/{start}/{limit}', function ($request) { $controller = new ArticleController(); return $controller->process($request); })->value('start', 0)->value('limit', $config->get('app.list.page.amount')); $this->addRoute('/attach/{articleOID}/{filename}', function ($request) { $controller = new AttachmentController(); return $controller->process($request); }); $this->addRoute('/cache', function ($request) { $controller = new CacheController(); return $controller->process($request); }); $this->addRoute('/denum/{denumOID}', function ($request) { $controller = new DEnumController(); return $controller->process($request); })->value('denumOID', null); $this->addRoute('/excel/{ActiveRecordType}/{ActiveRecordOID}', function ($request) { $controller = new ExcelController(); return $controller->process($request); })->value('ActiveRecordOID', null); $this->addRoute('/feed/{ActiveRecordType}/{type}', function ($request) { $controller = new FeedController(); return $controller->process($request); })->value('type', 'Atom'); $this->addRoute('/gensecure', function ($request) { $controller = new GenSecureQueryStringController(); return $controller->process($request); }); $this->addRoute('/image/{source}/{width}/{height}/{type}/{quality}/{scale}/{secure}/{var1}/{var2}', function ($request) { $controller = new ImageController(); return $controller->process($request); })->value('var1', null)->value('var2', null); $this->addRoute('/listactiverecords', function ($request) { $controller = new ListActiveRecordsController(); return $controller->process($request); }); $this->addRoute('/log/{logPath}', function ($request) { $controller = new LogController(); return $controller->process($request); }); $this->addRoute('/login', function ($request) { $controller = new LoginController(); return $controller->process($request); }); $this->addRoute('/logout', function ($request) { $controller = new LogoutController(); return $controller->process($request); }); $this->addRoute('/metric', function ($request) { $controller = new MetricController(); return $controller->process($request); }); $this->addRoute('/recordselector/12m/{ActiveRecordOID}/{field}/{relatedClass}/{relatedClassField}/{relatedClassDisplayField}/{relationType}', function ($request) { $controller = new RecordSelectorController(); return $controller->process($request); })->value('relationType', 'ONE-TO-MANY'); $this->addRoute('/recordselector/m2m/{ActiveRecordOID}/{field}/{relatedClassLeft}/{relatedClassLeftDisplayField}/{relatedClassRight}/{relatedClassRightDisplayField}/{accessingClassName}/{lookupOIDs}/{relationType}', function ($request) { $controller = new RecordSelectorController(); return $controller->process($request); })->value('relationType', 'MANY-TO-MANY'); $this->addRoute('/search/{query}/{start}/{limit}', function ($request) { $controller = new SearchController(); return $controller->process($request); })->value('start', 0)->value('limit', $config->get('app.list.page.amount')); $this->addRoute('/sequence/{start}/{limit}', function ($request) { $controller = new SequenceController(); return $controller->process($request); })->value('start', 0)->value('limit', $config->get('app.list.page.amount')); $this->addRoute('/tag/{ActiveRecordType}/{ActiveRecordOID}', function ($request) { $controller = new TagController(); return $controller->process($request); }); $this->addRoute('/install', function ($request) { $controller = new InstallController(); return $controller->process($request); }); $this->addRoute('/record/{ActiveRecordType}/{ActiveRecordOID}/{view}', function ($request) { $controller = new ActiveRecordController(); return $controller->process($request); })->value('ActiveRecordOID', null)->value('view', 'detailed'); $this->addRoute('/records/{ActiveRecordType}/{start}/{limit}', function ($request) { $controller = new ActiveRecordController(); return $controller->process($request); })->value('start', 0)->value('limit', $config->get('app.list.page.amount')); $this->addRoute('/tk/{token}', function ($request) { $params = self::getDecodeQueryParams($request->getParam('token')); if (isset($params['act'])) { $className = $params['act']; if (class_exists($className)) { $controller = new $className(); if (isset($params['ActiveRecordType']) && $params['act'] == 'Alpha\\Controller\\ActiveRecordController') { $customController = $controller->getCustomControllerName($params['ActiveRecordType']); if ($customController != null) { $controller = new $customController(); } } $request->setParams(array_merge($params, $request->getParams())); return $controller->process($request); } } self::$logger->warn('Bad params [' . print_r($params, true) . '] provided on a /tk/ request'); return new Response(404, 'Resource not found'); }); $this->addRoute('/alpha/service', function ($request) { $controller = new LoginController(); $controller->setUnitOfWork(array('Alpha\\Controller\\LoginController', 'Alpha\\Controller\\ListActiveRecordsController')); return $controller->process($request); }); $this->addRoute('/phpinfo', function ($request) { $controller = new PhpinfoController(); return $controller->process($request); }); self::$logger->debug('<<__construct'); }
/** * Testing the doPOST method. */ public function testDoPOST() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $person = new Person(); $person->dropTable(); $front = new FrontController(); $controller = new LoginController(); $securityParams = $controller->generateSecurityFields(); $params = array('loginBut' => true, 'var1' => $securityParams[0], 'var2' => $securityParams[1], 'email' => $config->get('app.install.username'), 'password' => $config->get('app.install.password')); $request = new Request(array('method' => 'POST', 'URI' => '/login', 'params' => $params)); $response = $front->process($request); $this->assertEquals(301, $response->getStatus(), 'Testing the doPOST method during install'); $person->makeTable(); $person = $this->createPersonObject('logintest'); $person->save(); $params = array('loginBut' => true, 'var1' => $securityParams[0], 'var2' => $securityParams[1], 'email' => '*****@*****.**', 'password' => 'passwordTest'); $request = new Request(array('method' => 'POST', 'URI' => '/login', 'params' => $params)); $response = $front->process($request); $this->assertEquals(301, $response->getStatus(), 'Testing the doPOST with correct password'); $params['password'] = '******'; $request = new Request(array('method' => 'POST', 'URI' => '/login', 'params' => $params)); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doPOST with incorrect password'); $params = array('resetBut' => true, 'var1' => $securityParams[0], 'var2' => $securityParams[1], 'email' => '*****@*****.**'); $request = new Request(array('method' => 'POST', 'URI' => '/login', 'params' => $params)); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doPOST during password reset'); $person->reload(); $this->assertNotEquals($person->get('password'), password_hash('passwordTest', PASSWORD_DEFAULT, ['cost' => 12]), 'Checking that the password has changed in the database'); }