/**
* Add the Annotated Method to the Navigation
*
* @param \TYPO3\FLOW3\AOP\JoinPointInterface $joinPoint
* @FLOW3\Before("method(protected TYPO3\Fluid\View\TemplateView->getLayoutPathAndFilename(.*))")
* @return void
*/
public function addNavigationitem(\TYPO3\FLOW3\AOP\JoinPointInterface $joinPoint)
{
$layout = $joinPoint->getMethodArgument("layoutName");
if (stristr($layout, "resource://")) {
$joinPoint->getProxy()->setLayoutPathAndFilename($layout);
}
}
/**
* Before advice, making sure we initialize before use.
*
* This expects $proxy->FLOW3_Persistence_LazyLoadingObject_thawProperties
* to be a Closure that populates the object. That variable is unset after
* initializing the object!
*
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current join point
* @return void
* @FLOW3\Before("TYPO3\FLOW3\Persistence\Generic\Aspect\LazyLoadingObjectAspect->needsLazyLoadingObjectAspect && !method(.*->__construct())")
*/
public function initialize(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$proxy = $joinPoint->getProxy();
if (property_exists($proxy, 'FLOW3_Persistence_LazyLoadingObject_thawProperties') && $proxy->FLOW3_Persistence_LazyLoadingObject_thawProperties instanceof \Closure) {
$proxy->FLOW3_Persistence_LazyLoadingObject_thawProperties->__invoke($proxy);
unset($proxy->FLOW3_Persistence_LazyLoadingObject_thawProperties);
}
}
/**
* Logs calls of renewId()
*
* @FLOW3\Around("within(TYPO3\FLOW3\Session\SessionInterface) && method(.*->renewId())")
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current joinpoint
* @return mixed The result of the target method if it has not been intercepted
*/
public function logRenewId(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$session = $joinPoint->getProxy();
$newId = $joinPoint->getAdviceChain()->proceed($joinPoint);
if ($session->isStarted()) {
$oldId = $session->getId();
$this->systemLogger->log(sprintf('Changed session id from %s to %s', $oldId, $newId), LOG_DEBUG);
}
return $newId;
}
/**
* Around advice, wrapping every method of a scope session object. It redirects
* all method calls to the session object once there is one.
*
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current join point
* @return mixed
* @FLOW3\Around("filter(TYPO3\FLOW3\Session\Aspect\SessionObjectMethodsPointcutFilter)")
*/
public function callMethodOnOriginalSessionObject(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$objectName = $this->objectManager->getObjectNameByClassName(get_class($joinPoint->getProxy()));
$methodName = $joinPoint->getMethodName();
$proxy = $joinPoint->getProxy();
if (!isset($this->sessionOriginalInstances[$objectName])) {
$this->sessionOriginalInstances[$objectName] = $this->objectManager->get($objectName);
}
if ($this->sessionOriginalInstances[$objectName] === $proxy) {
return $joinPoint->getAdviceChain()->proceed($joinPoint);
} else {
return call_user_func_array(array($this->sessionOriginalInstances[$objectName], $methodName), $joinPoint->getMethodArguments());
}
}
/**
* Logs calls and results of the logout() method of the Authentication Manager
*
* @FLOW3\AfterReturning("within(TYPO3\FLOW3\Security\Authentication\AuthenticationManagerInterface) && method(.*->logout())")
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current joinpoint
* @return mixed The result of the target method if it has not been intercepted
*/
public function logManagerLogout(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$securityContext = $joinPoint->getProxy()->getSecurityContext();
if (!$securityContext->isInitialized()) {
return;
}
$accountIdentifiers = array();
foreach ($securityContext->getAuthenticationTokens() as $token) {
$account = $token->getAccount();
if ($account !== NULL) {
$accountIdentifiers[] = $account->getAccountIdentifier();
}
}
$this->securityLogger->log('Logged out ' . count($accountIdentifiers) . ' account(s). (' . implode(', ', $accountIdentifiers) . ')', LOG_INFO);
}
/**
* This is the default Policy voter, it votes for the access privilege for the given join point
*
* @param TYPO3\FLOW3\Security\Context $securityContext The current securit context
* @param TYPO3\FLOW3\AOP\JoinPointInterface $joinPoint The joinpoint to vote for
* @return integer One of: VOTE_GRANT, VOTE_ABSTAIN, VOTE_DENY
*/
public function voteForJoinPoint(\TYPO3\FLOW3\Security\Context $securityContext, \TYPO3\FLOW3\AOP\JoinPointInterface $joinPoint)
{
$proxy = $joinPoint->getProxy();
if ($proxy instanceof \Admin\Controller\StandardController) {
$arguments = $joinPoint->getMethodArguments();
if (isset($arguments["being"])) {
$arguments["action"] = $proxy->getAction();
if ($arguments["action"] == "list") {
$arguments["action"] = "view";
}
#\dump($arguments, __FILE__ . ":" . __LINE__);
$accessGrants = 0;
$accessDenies = 0;
foreach ($securityContext->getAuthenticationTokens() as $token) {
if (is_callable(array($token, "getUser"))) {
$user = $token->getUser();
if ($user->getAdmin()) {
return self::VOTE_GRANT;
}
foreach ($user->getRoles() as $role) {
foreach ($role->getGrant() as $policy) {
if ($this->comparePolicy($arguments, $policy)) {
$accessGrants++;
}
}
#foreach ($role->getDeny() as $policy) {
# if($this->comparePolicy($arguments, $policy)) $accessDenies++;
#}
}
}
}
if ($accessDenies > 0) {
return self::VOTE_DENY;
}
if ($accessGrants > 0) {
return self::VOTE_GRANT;
}
} else {
return self::VOTE_ABSTAIN;
}
}
return self::VOTE_ABSTAIN;
}
/**
* Adds a CSRF token as argument in the URI builder
*
* @FLOW3\Before("setting(TYPO3.FLOW3.security.enable) && method(TYPO3\FLOW3\Mvc\Routing\UriBuilder->build())")
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current join point
* @return void
*/
public function addCsrfTokenToUri(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$uriBuilder = $joinPoint->getProxy();
$arguments = $joinPoint->getMethodArgument('arguments');
$packageKey = isset($arguments['@package']) ? $arguments['@package'] : '';
$subpackageKey = isset($arguments['@subpackage']) ? $arguments['@subpackage'] : '';
$controllerName = isset($arguments['@controller']) ? $arguments['@controller'] : 'Standard';
$actionName = (isset($arguments['@action']) ? $arguments['@action'] : 'index') . 'Action';
$possibleObjectName = '@package\\@subpackage\\Controller\\@controllerController';
$possibleObjectName = str_replace('@package', str_replace('.', '\\', $packageKey), $possibleObjectName);
$possibleObjectName = str_replace('@subpackage', $subpackageKey, $possibleObjectName);
$possibleObjectName = str_replace('@controller', $controllerName, $possibleObjectName);
$possibleObjectName = str_replace('\\\\', '\\', $possibleObjectName);
$lowercaseObjectName = strtolower($possibleObjectName);
$className = $this->objectManager->getClassNameByObjectName($this->objectManager->getCaseSensitiveObjectName($lowercaseObjectName));
if ($this->policyService->hasPolicyEntryForMethod($className, $actionName) && !$this->reflectionService->isMethodAnnotatedWith($className, $actionName, 'TYPO3\\FLOW3\\Annotations\\SkipCsrfProtection')) {
$internalArguments = $uriBuilder->getArguments();
$internalArguments['__csrfToken'] = $this->securityContext->getCsrfProtectionToken();
$uriBuilder->setArguments($internalArguments);
}
}
/**
* Mark object as cloned after cloning.
*
* Note: this is not used by anything in the FLOW3 base distribution,
* but might be needed by custom backends (like TYPO3.CouchDB).
*
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint
* @return void
* @FLOW3\AfterReturning("TYPO3\FLOW3\Persistence\Aspect\PersistenceMagicAspect->isEntityOrValueObject && method(.*->__clone())")
*/
public function cloneObject(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$joinPoint->getProxy()->FLOW3_Persistence_clone = TRUE;
}
/**
* @FLOW3\AfterReturning("method(TYPO3\FLOW3\Tests\Functional\Aop\Fixtures\TargetClass02->publicTargetMethod())")
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint
* @return string
*/
public function anAfterReturningAdvice(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$joinPoint->getProxy()->afterReturningAdviceWasInvoked = TRUE;
}
