protected function getRequest()
{
$request = new Request();
$request->setUri('http://localhost/base-path/asset-path');
$request->setBasePath('/base-path');
return $request;
}
/**
* Attempt to authenticate the current user. Throws exception if login fails.
*
* @param \Zend\Http\PhpEnvironment\Request $request Request object containing
* account credentials.
*
* @throws AuthException
* @return \VuFind\Db\Row\User Object representing logged-in user.
*/
public function authenticate($request)
{
$target = trim($request->getPost()->get('target'));
$username = trim($request->getPost()->get('username'));
$password = trim($request->getPost()->get('password'));
if ($username == '' || $password == '') {
throw new AuthException('authentication_error_blank');
}
// We should have target either separately or already embedded into username
if ($target) {
$username = "******";
}
// Connect to catalog:
try {
$patron = $this->getCatalog()->patronLogin($username, $password);
} catch (AuthException $e) {
// Pass Auth exceptions through
throw $e;
} catch (\Exception $e) {
throw new AuthException('authentication_error_technical');
}
// Did the patron successfully log in?
if ($patron) {
return $this->processILSUser($patron);
}
// If we got this far, we have a problem:
throw new AuthException('authentication_error_invalid');
}
/**
* @param Request $request
* @return array|\Zend\Http\Response
* @throws \Exception
*/
public function helpAction($request)
{
$this->layout('layout/single-column');
$this->getNavService()->setActive('setting');
$helpForm = $this->autoFilledForm(HelpForm::class);
$helpForm->populateValues($this->user()->getArrayCopy());
if ($request->isPost()) {
if ($formValid = $helpForm->isValid()) {
$config = $this->service('Config');
if (is_array($config) && isset($config['slack']['webhook']['help-support'])) {
$formData = $helpForm->getData();
$data = ['fields' => [['name' => 'Name', 'value' => $formData['name'], 'short' => true], ['name' => 'Email', 'value' => $formData['email'], 'short' => true], ['name' => 'Contact No.', 'value' => $formData['contact_no'], 'short' => true], ['name' => 'Type', 'value' => $formData['type'], 'short' => true], ['name' => 'Severity', 'value' => $formData['severity'], 'short' => true], ['name' => 'Need Reply?', 'value' => $formData['need_reply'], 'short' => true], ['name' => 'Message', 'value' => $formData['message'], 'short' => false]]];
$json = sprintf('payload=%s', json_encode($data));
$ch = curl_init($config['slack']['webhook']['help-support']['url']);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_exec($ch);
curl_close($ch);
$this->flashMessenger()->addSuccessMessage('Terimakasih, pesan Anda telah terkirim.');
return $this->redirect()->toRoute(...$this->routeSpec('web.index.help'));
}
$this->flashMessenger()->addErrorMessage('Maaf, tidak dapat mengirim pesan Anda saat ini, mohon hubungi admin.');
return $this->redirect()->toRoute(...$this->routeSpec('web.index.help'));
}
}
return compact('helpForm', 'formValid');
}
/**
* Attempt to authenticate the current user. Throws exception if login fails.
*
* @param \Zend\Http\PhpEnvironment\Request $request Request object containing
* account credentials.
*
* @throws AuthException
* @return \VuFind\Db\Row\User Object representing logged-in user.
*/
public function authenticate($request)
{
// Check if username is set.
$shib = $this->getConfig()->Shibboleth;
$username = $request->getServer()->get($shib->username);
if (empty($username)) {
throw new AuthException('authentication_error_admin');
}
// Check if required attributes match up:
foreach ($this->getRequiredAttributes() as $key => $value) {
if (!preg_match('/' . $value . '/', $request->getServer()->get($key))) {
throw new AuthException('authentication_error_denied');
}
}
// If we made it this far, we should log in the user!
$user = $this->getUserTable()->getByUsername($username);
// Has the user configured attributes to use for populating the user table?
$attribsToCheck = array("cat_username", "email", "lastname", "firstname", "college", "major", "home_library");
foreach ($attribsToCheck as $attribute) {
if (isset($shib->{$attribute})) {
$user->{$attribute} = $request->getServer()->get($shib->{$attribute});
}
}
// Save and return the user object:
$user->save();
return $user;
}
/**
* @param Request $request
*/
public function setRequest(Request $request)
{
$header = $request->getHeader($this->headerName);
if ($header) {
$this->requestHeaderValue = $header->getFieldValue();
}
}
/**
* @dataProvider baseUrlandPathProvider
* @param array $server
* @param string $baseUrl
* @param string $basePath
*/
public function testBasePathDetection(array $server, $baseUrl, $basePath)
{
$_SERVER = $server;
$request = new Request();
$this->assertEquals($baseUrl, $request->getBaseUrl());
$this->assertEquals($basePath, $request->getBasePath());
}
public function uploadImageAction()
{
$this->checkAuth();
$request = $this->getRequest();
if ($request->isPost()) {
// File upload input
$file = new FileInput('avatar');
// Special File Input type
$file->getValidatorChain()->attach(new Validator\File\UploadFile());
$file->getFilterChain()->attach(new Filter\File\RenameUpload(array('target' => './public/files/users/avatar/origin/', 'use_upload_name' => true, 'randomize' => true)));
// Merge $_POST and $_FILES data together
$request = new Request();
$postData = array_merge_recursive($request->getPost()->toArray(), $request->getFiles()->toArray());
$inputFilter = new InputFilter();
$inputFilter->add($file)->setData($postData);
if ($inputFilter->isValid()) {
// FileInput validators are run, but not the filters...
$data = $inputFilter->getValues();
// This is when the FileInput filters are run.
$avatar = basename($data['avatar']['tmp_name']);
$this->databaseService->updateAvatar($this->user->id, $avatar);
$this->user->avatar = $avatar;
} else {
// error
}
}
return $this->redirect()->toRoute('profile');
}
/**
* @param array $search
* @param array $orderBy
* @param array $parameters
*
* @return \Zend\Paginator\Paginator
*/
public function getList($search = [], $orderBy = [], $parameters = [])
{
$query = $this->mainRepository->getAdminPage($search, $orderBy, $parameters);
$paginator = $this->paginatorFactory->getQueryPaginator($query);
$paginator->setCurrentPageNumber($this->request->getQuery(self::PAGE, 0));
$paginator->setItemCountPerPage(5);
return $paginator;
}
/**
* Clear authorization Cookie
*
* @param string $authDomain
*/
private function clearCookie(Request $request, Response $response, $authDomain)
{
if ($request->getCookie()->offsetExists($authDomain)) {
$cookie = new SetCookie($authDomain, '', strtotime('-1 Year', time()), '/');
$response->getHeaders()->addHeader($cookie);
$response->send();
}
}
/**
* Return an array of roles which may be granted the permission based on
* the options.
*
* @param mixed $options Options provided from configuration.
*
* @return array
*/
public function getPermissions($options)
{
if ($this->request->getServer()->get('Shib-Identity-Provider') === false) {
$this->logWarning('getPermissions: Shibboleth server params missing');
return [];
}
return parent::getPermissions($options);
}
/**
* @param string $content
* @param array $expected
* @param bool $result
* @dataProvider hasUninstallActionDataProvider
*/
public function testHasUninstallAction($content, $expected, $result)
{
$this->request->expects($this->any())->method('getContent')->willReturn($content);
$this->controller->setEvent($this->mvcEvent);
$this->controller->dispatch($this->request, $this->response);
$this->uninstallCollector->expects($this->once())->method('collectUninstall')->with(["some_module"])->willReturn($expected);
$this->assertSame($result, $this->controller->hasUninstallAction()->getVariable("hasUninstall"));
}
/**
* @param Request $request
* @param Di $di
*/
public function __construct(Request $request, Di $di)
{
$inputFilter = $this->getFactory()->createInputFilter(['width' => ['name' => 'width', 'required' => false, 'validators' => [['name' => 'digits'], ['name' => 'between', 'options' => ['min' => 150, 'max' => 19200]]]], 'height' => ['name' => 'height', 'required' => false, 'validators' => [['name' => 'digits'], ['name' => 'between', 'options' => ['min' => 150, 'max' => 19200]]]], 'username' => ['name' => 'username', 'required' => false, 'validators' => [['name' => 'not_empty'], ['name' => 'regex', 'options' => ['pattern' => '/^[a-zA-Z0-9._]+$/']]]], 'limit' => ['name' => 'limit', 'required' => false, 'validators' => [['name' => 'digits'], ['name' => 'between', 'options' => ['min' => 5, 'max' => 100]]]], 'hex' => ['name' => 'hex', 'required' => false, 'validators' => [['name' => 'hex']], 'filters' => [['name' => 'callback', 'options' => ['callback' => function ($value) {
return ltrim($value, '#');
}]]]], 'source' => ['name' => 'source', 'required' => true, 'validators' => [['name' => 'inarray', 'options' => ['haystack' => [SourceNameInterface::SOURCE_USER, SourceNameInterface::SOURCE_FEED]]]]], 'quality' => ['name' => 'quality', 'required' => false, 'validators' => [['name' => 'inarray', 'options' => ['haystack' => [QualityInterface::QUALITY_THUMBNAIL, QualityInterface::QUALITY_LOW_RES, QualityInterface::QUALITY_STANDARD_RES]]]]]]);
$this->merge($inputFilter);
$this->setData($this->initDefaults($request->getQuery()));
}
/**
* @dataProvider serverHeaderProvider
* @param array $server
* @param string $name
* @param string $value
*/
public function testHeadersWithMinus(array $server, $name, $value)
{
$_SERVER = $server;
$request = new Request();
$header = $request->headers()->get($name);
$this->assertNotEquals($header, false);
$this->assertEquals($name, $header->getFieldName($value));
$this->assertEquals($value, $header->getFieldValue($value));
}
/**
* Return an array of roles which may be granted the permission based on
* the options.
*
* @param mixed $options Options provided from configuration.
*
* @return array
*/
public function getPermissions($options)
{
$this->debug('getPermissions: idpServerParam = ' . $this->idpServerParam);
if ($this->request->getServer()->get($this->idpServerParam) === null) {
$this->logWarning('getPermissions: Shibboleth server params missing');
return [];
}
return parent::getPermissions($options);
}
public static function getRequest()
{
if (!isset(self::$serverParams)) {
self::$serverParams = ['HTTP_X_FORWARDED_FOR' => '192.168.1.1', 'HTTP_CLIENT_IP' => '192.168.1.1', 'REMOTE_ADDR' => '192.168.1.1'];
}
$httpRequest = new HttpRequest();
$httpRequest->setServer(new Parameters(self::$serverParams));
return $httpRequest;
}
public function testUpdateActionSuccess()
{
$content = '{"packages":[{"name":"vendor\\/package","version":"1.0"}],"type":"update",' . '"headerTitle": "Update package 1" }';
$this->request->expects($this->any())->method('getContent')->willReturn($content);
$this->payloadValidator->expects($this->once())->method('validatePayload')->willReturn('');
$this->updaterTaskCreator->expects($this->once())->method('createUpdaterTasks')->willReturn('');
$this->controller->setEvent($this->mvcEvent);
$this->controller->dispatch($this->request, $this->response);
$this->controller->updateAction();
}
public function getRemoteAddress()
{
$request = new Request();
$serverParams = $request->getServer();
$remoteAddress = $serverParams->get('REMOTE_ADDR');
if ($remoteAddress == '') {
$remoteAddress = '127.0.0.1';
}
return $remoteAddress;
}
/**
* Return an array of roles which may be granted the permission based on
* the options.
*
* @param mixed $options Options provided from configuration.
*
* @return array
*/
public function getPermissions($options)
{
// Check if any regex matches....
$ip = $this->request->getServer()->get('REMOTE_ADDR');
if ($this->ipAddressUtils->isInRange($ip, (array) $options)) {
// Match? Grant to all users (guest or logged in).
return ['guest', 'loggedin'];
}
// No match? No permissions.
return [];
}
/**
* @dataProvider getListActionProvider
*/
public function testListAction($page, $limit)
{
$query = $this->request->getQuery();
$query->set('page', $page);
$query->set('limit', $limit);
$this->docs->expects($this->once())->method('getList')->with($page, $limit);
$this->routeMatch->setParam('action', 'list');
$result = $this->object->dispatch($this->request, $this->response);
$this->assertInternalType('array', $result);
$this->assertArrayHasKey('dataSet', $result);
}
/**
* @param \Zend\Http\PhpEnvironment\Request $request
* @return string|null
*/
protected function getSessionIdFromRequest($request)
{
$ssid = $request->getPost(static::SESSION_ID_ALIAS);
if (!$ssid) {
$ssid = $request->getQuery(static::SESSION_ID_ALIAS);
}
if (!$ssid) {
return null;
}
return $ssid;
}
/**
* Attempt to authenticate the current user. Throws exception if login fails.
*
* @param \Zend\Http\PhpEnvironment\Request $request Request object containing
* account credentials.
*
* @throws AuthException
* @return \VuFind\Db\Row\User Object representing logged-in user.
*/
public function authenticate($request)
{
// Check if username is set.
$shib = $this->getConfig()->Shibboleth;
$username = $request->getServer()->get($shib->username);
if (empty($username)) {
throw new AuthException('authentication_error_admin');
}
// Check if required attributes match up:
foreach ($this->getRequiredAttributes() as $key => $value) {
if (!preg_match('/' . $value . '/', $request->getServer()->get($key))) {
throw new AuthException('authentication_error_denied');
}
}
// If we made it this far, we should log in the user!
$user = $this->getUserTable()->getByUsername($username);
// Variable to hold catalog password (handled separately from other
// attributes since we need to use saveCredentials method to store it):
$catPassword = null;
// Has the user configured attributes to use for populating the user table?
$attribsToCheck = ['cat_username', 'cat_password', 'email', 'lastname', 'firstname', 'college', 'major', 'home_library'];
foreach ($attribsToCheck as $attribute) {
if (isset($shib->{$attribute})) {
$value = $request->getServer()->get($shib->{$attribute});
if ($attribute != 'cat_password') {
// Special case: don't override existing email address:
if ($field == 'email') {
if (isset($user->email) && trim($user->email) != '') {
continue;
}
}
$user->{$attribute} = $value;
} else {
$catPassword = $value;
}
}
}
// Save credentials if applicable:
if (!empty($catPassword) && !empty($user->cat_username)) {
$user->saveCredentials($user->cat_username, $catPassword);
}
// Store logout URL in session:
$config = $this->getConfig()->Shibboleth;
if (isset($config->logout_attribute)) {
$url = $request->getServer()->get($config->logout_attribute);
if ($url) {
$sessionContainer = new SessionContainer('Shibboleth');
$sessionContainer['logoutUrl'] = $url;
}
}
// Save and return the user object:
$user->save();
return $user;
}
public function __construct(Request $request)
{
$uri = substr($request->getRequestUri(), strlen($request->getBaseUrl()));
if ($pos = strpos($uri, '?')) {
$uri = substr($uri, 0, $pos);
}
$this->path = array_filter(explode('/', trim($uri, '/')));
$this->config = (new Routes())->routesMap;
$this->module = $this->getModule();
$this->dir = $this->config[$this->module];
}
public function testSetBaseUrlFromFirstMatch()
{
$stack = new TreeRouteStack();
$request = new PhpRequest();
$request->setBaseUrl('/foo');
$stack->match($request);
$this->assertEquals('/foo', $stack->getBaseUrl());
$request = new PhpRequest();
$request->setBaseUrl('/bar');
$stack->match($request);
$this->assertEquals('/foo', $stack->getBaseUrl());
}
/**
* Metodo padrão de execução do log
*
* @return Log
*/
public function executar()
{
$this->logArquivo->parse();
$this->logArquivo->getLog()->setInicio(new \Datetime());
$this->logArquivo->getLog()->setFim(new \Datetime());
$this->logArquivo->getLog()->setIp($this->request->getServer('REMOTE_ADDR'));
$this->logArquivo->getLog()->setMensagem('Log arquivo de ' . $this->logArquivo->getTipo() . ': ' . $this->logArquivo->getNome());
$this->logArquivo->getLog()->setTipo(LogArquivo::TIPO);
$this->logArquivo->getLog()->setUsuario($this->usuario);
$this->logArquivo->getLog()->setRoute($this->request->getRequestUri());
return $this->logArquivo->getLog();
}
/**
* Create controller
*
* @param ControllerManager $serviceLocator
* @return Contentinum\Controller\ApplicationController
*/
public function createService(ServiceLocatorInterface $controllerManager)
{
$sl = $controllerManager->getServiceLocator();
/**
*
* @var Contentinum\Options\PageOptions $pageOptions Contentinum\Options\PageOptions
*/
$pageOptions = $sl->get('User\\PageOptions');
$request = new HttpRequest();
$pageOptions->setHost($request->getUri()->getHost());
$pageOptions->setQuery($request->getUri()->getPath());
$preferences = $sl->get('Contentinum\\Preference');
$pageOptions->addPageOptions($preferences);
$pageOptions->addPageOptions($preferences, $pageOptions->getHost());
$pages = $sl->get('Contentinum\\PublicPages');
$pages = is_array($pages) ? $pages : $pages->toArray();
$pages = isset($pages[$pageOptions->getStdParams()]) ? $pages[$pageOptions->getStdParams()] : array();
$attribute = $sl->get('Contentinum\\AttributePages');
$attribute = is_array($attribute) ? $attribute : $attribute->toArray();
$url = $pageOptions->split($pageOptions->getQuery(), 3);
if (strlen($url) == 0) {
$url = 'index';
}
if (isset($pages[$url])) {
$pageOptions->addPageOptions($pages, $url);
$page = $pages[$url];
} else {
$defaultPages = $sl->get('User\\Pages');
$defaultPages = is_array($defaultPages) ? $defaultPages : $defaultPages->toArray();
if (isset($defaultPages[$url])) {
$pageOptions->addPageOptions($defaultPages, $url);
$page = $defaultPages[$url];
$page['parentPage'] = 0;
$page['id'] = 0;
} else {
$ctrl = new \Contentinum\Controller\ErrorController();
$ctrl->setMessage('The desired page is not available!');
return $ctrl;
}
}
isset($attribute[$page['parentPage']]) ? $pageOptions->addPageOptions($attribute, $page['parentPage']) : false;
isset($attribute[$page['id']]) ? $pageOptions->addPageOptions($attribute, $page['id']) : false;
$em = $sl->get($pageOptions->getAppOption('entitymanager'));
$workerName = $pageOptions->getAppOption('worker');
$worker = new $workerName($em);
$worker->setSl($sl);
$entityName = $pageOptions->getAppOption('entity');
$worker->setEntity(new $entityName());
$controller = new McuserController($pageOptions, $page);
$controller->setWorker($worker);
return $controller;
}
/**
* Metodo padrão de execução do log
*
* @return Log
*/
public function executar()
{
$this->logCadastro->setOperacao($this->operacao);
$this->logCadastro->parse();
$this->logCadastro->getLog()->setInicio(new \Datetime());
$this->logCadastro->getLog()->setFim(new \Datetime());
$this->logCadastro->getLog()->setIp($this->request->getServer('REMOTE_ADDR'));
$this->logCadastro->getLog()->setMensagem($this->operacao . ' - ' . get_class($this->logCadastro->getEntity()));
$this->logCadastro->getLog()->setTipo(LogCadastro::TIPO);
$this->logCadastro->getLog()->setUsuario($this->usuario);
$this->logCadastro->getLog()->setRoute($this->request->getRequestUri());
return $this->logCadastro->getLog();
}
/**
* Generates an url with the given path.
*
* @param string $path Path
*
* @return string Url
*/
public function __invoke($path)
{
if ($this->basePath === null) {
$scheme = $this->request->getUri()->getScheme();
if ($this->config->getValue('force_frontend_ssl') or $scheme === 'https') {
$basePath = $this->config->getValue('secure_cdn_base_path');
} else {
$basePath = $this->config->getValue('unsecure_cdn_base_path');
}
$this->basePath = rtrim($basePath, '/');
}
return $this->basePath . '/' . ltrim($path, '/');
}
/**
* Return an array of roles which may be granted the permission based on
* the options.
*
* @param mixed $options Options provided from configuration.
*
* @return array
*/
public function getPermissions($options)
{
// Check if any regex matches....
$ip = $this->request->getServer()->get('REMOTE_ADDR');
foreach ((array) $options as $current) {
if (preg_match($current, $ip)) {
// Match? Grant to all users (guest or logged in).
return ['guest', 'loggedin'];
}
}
// No match? No permissions.
return [];
}
public function TreatRequest()
{
$request = new Request();
if ($request->isGet()) {
$this->DoGet();
} else {
if ($request->isPost()) {
$this->DoPost();
} else {
return new \Exception();
}
}
}
/**
* Attempt to authenticate the current user. Throws exception if login fails.
*
* @param \Zend\Http\PhpEnvironment\Request $request Request object containing
* account credentials.
*
* @throws AuthException
* @return \VuFind\Db\Row\User Object representing logged-in user.
*/
public function authenticate($request)
{
$username = trim($request->getPost()->get('username', ''));
$password = trim($request->getPost()->get('password', ''));
if ($username == '' || $password == '') {
throw new AuthException('authentication_error_blank');
}
// Attempt SIP2 Authentication
$mysip = new \sip2();
$config = $this->getConfig();
if (isset($config->SIP2)) {
$mysip->hostname = $config->SIP2->host;
$mysip->port = $config->SIP2->port;
}
if (!$mysip->connect()) {
throw new AuthException('authentication_error_technical');
}
//send selfcheck status message
$in = $mysip->msgSCStatus();
$msg_result = $mysip->get_message($in);
// Make sure the response is 98 as expected
if (!preg_match("/^98/", $msg_result)) {
$mysip->disconnect();
throw new AuthException('authentication_error_technical');
}
$result = $mysip->parseACSStatusResponse($msg_result);
// Use result to populate SIP2 setings
$mysip->AO = $result['variable']['AO'][0];
$mysip->AN = $result['variable']['AN'][0];
$mysip->patron = $username;
$mysip->patronpwd = $password;
$in = $mysip->msgPatronStatusRequest();
$msg_result = $mysip->get_message($in);
// Make sure the response is 24 as expected
if (!preg_match("/^24/", $msg_result)) {
$mysip->disconnect();
throw new AuthException('authentication_error_technical');
}
$result = $mysip->parsePatronStatusResponse($msg_result);
$mysip->disconnect();
if ($result['variable']['BL'][0] == 'Y' and $result['variable']['CQ'][0] == 'Y') {
// Success!!!
$user = $this->processSIP2User($result, $username, $password);
// Set login cookie for 1 hour
$user->password = $password;
// Need this for Metalib
} else {
throw new AuthException('authentication_error_invalid');
}
return $user;
}
