public function addSessionScripts()
{
$response = $this->pageStack->getPageResponse();
$session = array();
$session['userId'] = null;
$session['lang'] = 'en';
if ($this->pageStack->getSession() && $this->pageStack->getSession()->has('admin_language')) {
$session['lang'] = $this->pageStack->getSession()->get('admin_language');
}
$session['access'] = $this->acl->check(ACLRequest::create('jarves/entryPoint', ['path' => '/admin']));
if ($this->pageStack->isLoggedIn()) {
$user = $this->pageStack->getUser();
$session['userId'] = $user->getId();
$session['username'] = $user->getUsername();
$session['lastLogin'] = $user->getLastLogin();
$session['firstName'] = $user->getFirstName();
$session['lastName'] = $user->getLastName();
// $email = $user->getEmail();
// $session['emailMd5'] = $email ? md5(strtolower(trim($email))) : null;
$session['imagePath'] = $user->getImagePath();
}
$session['token'] = get_class($this->pageStack->getToken());
$css = 'window._session = ' . json_encode($session) . ';';
$response->addJs($css);
}
/**
* Returns file information as array.
*
* @param string|integer $path
* @return array|null
*/
protected function getFile($path)
{
$file = $this->webFilesystem->getFile($path);
$file = $file->toArray();
$aclRequest = ACLRequest::create('jarves/file', $file)->onlyListingMode();
if (!$file || !$this->acl->check($aclRequest)) {
return null;
}
$file['writeAccess'] = $this->acl->check($aclRequest->onlyUpdateMode());
$this->appendImageInformation($file);
return $file;
}
/**
* @ApiDoc(
* section="Backend",
* description="Returns all available menu/entryPoint items for the main navigation bar in the administration"
* )
*
* @Rest\View()
* @Rest\Get("/admin/backend/menus")
*
* @return array
*/
public function getMenusAction()
{
$entryPoints = array();
foreach ($this->jarves->getConfigs() as $bundleName => $bundleConfig) {
foreach ($bundleConfig->getAllEntryPoints() as $subEntryPoint) {
$path = $subEntryPoint->getFullPath();
if (substr_count($path, '/') <= 3) {
if ($subEntryPoint->isLink()) {
if ($this->acl->check(ACLRequest::create('jarves/entryPoint', ['path' => '/' . $path]))) {
$entryPoints[$path] = array('label' => $subEntryPoint->getLabel(), 'icon' => $subEntryPoint->getIcon(), 'fullPath' => $path, 'path' => $subEntryPoint->getPath(), 'type' => $subEntryPoint->getType(), 'system' => $subEntryPoint->getSystem(), 'templateUrl' => $subEntryPoint->getTemplateUrl(), 'level' => substr_count($path, '/'));
}
}
}
}
}
return $entryPoints;
}
/**
* @ApiDoc(
* section="Administration",
* description="Logs in a user to the current session"
* )
*
* Result on success:
* {
* token: "c7405b2be7da96b0db784f2dc8b2b974",
* userId: 1,
* username: "******",
* access: true, #administration access
* firstName: "Admini",
* lastName: "strator",
* emailMd5: <emailAsMd5>, //for gravatar
* imagePath: "/path/to/image.jpg"
*}
*
* @Rest\RequestParam(name="username", requirements=".+", strict=true)
* @Rest\RequestParam(name="password", requirements=".+", strict=true)
*
* @Rest\Post("/admin/login")
*
* @param ParamFetcher $paramFetcher
*
* @return array|bool Returns false on failure or a array if successful.
*/
public function loginUserAction(ParamFetcher $paramFetcher, Request $request)
{
$username = $paramFetcher->get('username');
$password = $paramFetcher->get('password');
$user = $this->userProvider->loadUserByUsername($username);
if (!$user) {
$this->logger->warning(sprintf('Login failed for "%s". User not found', $username));
sleep(1);
return false;
}
$encoder = $this->encoderFactory->getEncoder($user);
if (!$encoder->isPasswordValid($user->getPassword(), $password, null)) {
$this->logger->warning(sprintf('Login failed for "%s". Password missmatch ', $username));
sleep(1);
return false;
}
$token = new UsernamePasswordToken($user, null, "main", $user->getGroupRoles());
$this->tokenStorage->setToken($token);
//now dispatch the login event
$event = new InteractiveLoginEvent($request, $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
return array('userId' => $user->getId(), 'username' => $user->getUsername(), 'lastLogin' => $user->getLastLogin(), 'access' => $this->acl->check(ACLRequest::create('jarves/entryPoint', ['path' => '/admin'])), 'firstName' => $user->getFirstName(), 'lastName' => $user->getLastName(), 'imagePath' => $user->getImagePath());
}
/**
* Patches a object entry. This means, only defined fields will be saved. Fields which are not defined will
* not be overwritten.
*
* @param array $pk
*
* @param Request|array $requestOrData
* @return bool
*
* @throws AccessDeniedException
* @throws ObjectNotFoundException
* @throws \Exception
*/
public function patch($pk, $requestOrData)
{
$storageController = $this->objects->getStorageController($this->getObject());
$pk = $storageController->normalizePrimaryKey($pk);
$this->primaryKey = $pk;
$values = $this->collectData($requestOrData);
$args = ['pk' => $pk, 'values' => &$values, 'controller' => $this, 'mode' => 'update'];
$eventPre = new GenericEvent($this->getObject(), $args);
$this->eventDispatcher->dispatch('core/object/modify-pre', $eventPre);
$this->eventDispatcher->dispatch('core/object/patch-pre', $eventPre);
$item = $this->getItem($pk);
if ($this->getPermissionCheck()) {
if (!$item) {
return null;
}
if (!$this->acl->check(ACLRequest::create($this->getObject(), $pk)->onlyUpdateMode())) {
return null;
}
foreach ($values as $fieldName => $value) {
$aclRequest = ACLRequest::create($this->getObject(), $pk)->setField([$fieldName => $value])->onlyUpdateMode();
if (!$this->acl->check($aclRequest)) {
throw new AccessDeniedException(sprintf('Not allowed to change `%s`', $fieldName));
}
}
}
if (($condition = $this->getCondition()) && $condition->hasRules()) {
if (!$this->conditionOperator->satisfy($condition, $item, $this->getObject())) {
return null;
}
}
$incomingFields = $requestOrData instanceof Request ? array_keys($requestOrData->request->all()) : array_keys($requestOrData);
if (!$incomingFields) {
return false;
}
$changedData = $this->mapData($values, $incomingFields, $item);
if ($this->getWithNewsFeed()) {
$this->utils->newNewsFeed($this->objects, $this->getObject(), array_merge($values, $pk), 'updated');
}
$result = $storageController->patch($pk, $changedData);
$args['result'] = $result;
$event = new GenericEvent($this->getObject(), $args);
$this->eventDispatcher->dispatch('core/object/modify', $event);
$this->eventDispatcher->dispatch('core/object/patch', $event);
return $result;
}