public function deploy() { set_time_limit(0); $statuses = array(); // application configs $configs = Input::get('config', array()); $configs['security'] = Input::get('security', array()); // Flush cache on deployment Cache\Cache::flush(); // Migrate and keep schema cache $collections_migrated = 0; foreach (Input::get('schema', array()) as $collection => $config) { if (Schema\Builder::getInstance()->migrate(Model\App::collection($collection)->getModel(), $config)) { $collections_migrated += 1; } } $statuses['schema'] = $collections_migrated; // do we have write permission on this server? if (is_writable(storage_dir())) { $statuses['config'] = Config::deploy($configs); $statuses['schedule'] = Model\ScheduledTask::deploy(Input::get('schedule', array())); // install composer packages $statuses['packages'] = Package\Manager::install(Input::get('packages', array())); } else { $error_message = array('error' => 'without write permissions'); $statuses['error'] = "Without write permissions. Ignoring 'config', 'schedule' and 'packages'."; } // modules $statuses['modules'] = Model\Module::deploy(Input::get('modules', array())); return $statuses; }
public function call() { // The Slim application $app = $this->app; self::decode_query_string(); $origin = $app->request->headers->get('ORIGIN', '*'); // Always keep connection open $app->response->headers->set('Connection', 'Keep-Alive'); // Allow Cross-Origin Resource Sharing $app->response->headers->set('Access-Control-Allow-Credentials', 'true'); $app->response->headers->set('Access-Control-Allow-Methods', 'GET, PUT, POST, DELETE'); $app->response->headers->set('Access-Control-Allow-Headers', 'x-app-id, x-app-key, x-auth-token, x-http-method-override, content-type, user-agent, accept'); if ($app->request->isOptions()) { // Always allow OPTIONS requests. $app->response->headers->set('Access-Control-Allow-Origin', $origin); } else { // Get application key $app_key = Context::validateKey($app->request->headers->get('X-App-Id') ?: $app->request->get('X-App-Id'), $app->request->headers->get('X-App-Key') ?: $app->request->get('X-App-Key')); if ($app_key) { // Check the application key allowed origins, and block if necessary. if ($app_key->isBrowser()) { $app->response->headers->set('Access-Control-Allow-Origin', $origin); $request_origin = preg_replace("/https?:\\/\\//", "", $origin); $allowed_origins = Config::get('security.allowed_origins', array($request_origin)); $is_origin_allowed = array_filter($allowed_origins, function ($allowed_origin) use(&$request_origin) { return fnmatch($allowed_origin, $request_origin); }); if (count($is_origin_allowed) == 0) { // throw new NotAllowedException("origin_not_allowed"); $app->response->setStatus(403); // forbidden $app->response->headers->set('Content-type', 'application/json'); $app->response->setBody(json_encode(array('error' => "origin_not_allowed"))); return; } } // Require custom app packages Package\Manager::autoload(); // // Register session handler // Session\Handler::register(Config::get('session.handler', 'database')); // Query and compile route module if found $route_module_name = strtolower($app->request->getMethod()) . '_' . substr($app->request->getPathInfo(), 1) . '.php'; $alternate_route_module_name = 'any_' . substr($app->request->getPathInfo(), 1) . '.php'; $custom_route = Module::where('type', Module::TYPE_ROUTE)->where('name', $route_module_name)->orWhere('name', $alternate_route_module_name)->first(); if ($custom_route) { // Flag request as "trusted". Context::setTrusted(true); // "Compile" the route to be available for the router $custom_route->compile(); } } else { if (!\Hook\Controllers\ApplicationController::isRootOperation()) { $app->response->setStatus(403); $app->response->setBody(json_encode(array('error' => "Your IP Address is not allowed to perform this operation."))); return; } } // // Parse incoming JSON data if ($app->request->isPost() || $app->request->isPut() || $app->request->isDelete()) { $input_data = $app->environment->offsetGet('slim.input'); $app->environment->offsetSet('slim.request.form_hash', json_decode($input_data, true)); } return $this->next->call(); } }