Esempio n. 1
1
 /**
  * Convert Request and Exception to array
  * @param Request $request
  * @param $e
  */
 public function convert(Request $request, $e)
 {
     $this->_data['stacktrace'] = ['line' => $e->getLine(), 'file' => $e->getFile(), 'message' => $e->getMessage(), 'code' => $this->getCode($e->getFile(), $e->getLine(), 10)];
     $this->_data['headers'] = $request->headers->all();
     $this->_data['cookies'] = $request->cookies->all();
     $this->_data['method'] = $request->getMethod();
     $this->_data['uri'] = $request->getRequestUri();
     $this->_data['params'] = $request->all();
 }
Esempio n. 2
1
 protected function makeResponse(Request $request)
 {
     $message = $this->translator->get('c::auth.login-required');
     if ($request->ajax() || $request->isJson() || $request->wantsJson()) {
         return Response::json(['error' => $message], 403);
     } else {
         $url = $this->url->action('anlutro\\Core\\Web\\AuthController@login');
         $intended = $request->getMethod() == 'GET' ? $request->fullUrl() : ($request->header('referer') ?: '/');
         $this->session->put('url.intended', $intended);
         return $this->redirect->to($url)->with('error', $message);
     }
 }
 protected function checkRequestMethod()
 {
     if (!isset($this->config['methods'])) {
         return true;
     }
     return in_array($this->request->getMethod(), $this->config['methods']);
 }
 /**
  * @param \Illuminate\Http\Request $request
  *
  * @return static
  */
 public static function createFromRequest(Request $request)
 {
     $instance = new static();
     if (in_array($request->getMethod(), ['POST', 'PATCH', 'PUT'])) {
         $instance->input = $request->json();
     } else {
         $instance->input = $request->query;
     }
     if ($request->query->has('per_page')) {
         $instance->perPage = intval($request->query->get('per_page'));
     }
     if ($request->query->has('page')) {
         $instance->page = intval($request->query->get('page'));
     }
     $instance->query = $request->query;
     $instance->apiClass = explode('@', $request->route()[1]['uses'])[0];
     $instance->method = $request->getMethod();
     $instance->headers = $request->headers;
     $instance->token = static::getToken($request);
     $instance->callback = $request->query->get('callback');
     $params = $request->route()[2];
     if (isset($params['id'])) {
         $id = intval($params['id']);
         $instance->resourceId = $id > 0 ? $id : null;
     }
     return $instance;
 }
 /**
  * Handle an incoming request.
  *
  * @param  LaravelRequest $request
  * @param  Closure $next
  *
  * @return mixed
  */
 public function handle(LaravelRequest $request, Closure $next)
 {
     $message = new Request($request->getMethod(), new Uri($request->getUri()), $request->headers->all(), $request->getContent());
     $result = $this->extractor->getRequest($message);
     $event = $this->logger->begin($result['request'], $request->getUri(), $request->getMethod(), '');
     $response = null;
     try {
         /** @var LaravelResponse $response */
         $response = $next($request);
     } catch (Exception $e) {
         $response = LaravelResponse::create($e->getMessage(), 500);
     } finally {
         $this->logResponse($response, $event);
     }
     return $response;
 }
Esempio n. 6
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($request->header('origin') !== 'https://sandbox.pagseguro.uol.com.br' && $request->getMethod() !== 'POST') {
         return response('Unauthorized.', 401);
     }
     return $next($request)->header('Access-Control-Allow-Origin', 'https://sandbox.pagseguro.uol.com.br')->header('Access-Control-Allow-Methods', 'POST');
 }
Esempio n. 7
0
 /**
  * @param Request $request
  */
 public function run(Request $request)
 {
     $isPost = $request->getMethod() === 'POST';
     $src = $request->all();
     $cmd = isset($src['cmd']) ? $src['cmd'] : '';
     $args = [];
     if (!function_exists('json_encode')) {
         $error = $this->elFinder->error(elFinder::ERROR_CONF, elFinder::ERROR_CONF_NO_JSON);
         $this->output(['error' => '{"error":["' . implode('","', $error) . '"]}', 'raw' => TRUE]);
     }
     if (!$this->elFinder->loaded()) {
         $this->output(['error' => $this->elFinder->error(elFinder::ERROR_CONF, elFinder::ERROR_CONF_NO_VOL), 'debug' => $this->elFinder->mountErrors]);
     }
     // telepat_mode: on
     if (!$cmd && $isPost) {
         $this->output(['error' => $this->elFinder->error(elFinder::ERROR_UPLOAD, elFinder::ERROR_UPLOAD_TOTAL_SIZE), 'header' => 'Content-Type: text/html']);
     }
     // telepat_mode: off
     if (!$this->elFinder->commandExists($cmd)) {
         $this->output(['error' => $this->elFinder->error(elFinder::ERROR_UNKNOWN_CMD)]);
     }
     // collect required arguments to exec command
     foreach ($this->elFinder->commandArgsList($cmd) as $name => $req) {
         $arg = $name == 'FILES' ? $_FILES : (isset($src[$name]) ? $src[$name] : '');
         if (!is_array($arg)) {
             $arg = trim($arg);
         }
         if ($req && (!isset($arg) || $arg === '')) {
             $this->output(['error' => $this->elFinder->error(elFinder::ERROR_INV_PARAMS, $cmd)]);
         }
         $args[$name] = $arg;
     }
     $args['debug'] = isset($src['debug']) ? !!$src['debug'] : FALSE;
     $this->output($this->elFinder->exec($cmd, $this->input_filter($args)));
 }
Esempio n. 8
0
 /**
  * Create the validator instance. 
  *
  * @param Illuminate\Http\Request 		$request
  * @param Illuminate\Validation\Factory $validation
  */
 public function __construct(Request $request, ValidationFactory $validation)
 {
     $this->request = $request;
     $this->validation = $validation;
     $this->setUpdating(in_array(strtolower($request->getMethod()), array('put', 'patch')));
     $this->defineInput();
 }
 public function saveAction(Request $request)
 {
     $params = $request->all();
     unset($params['_token'], $params['q']);
     if (strlen($params['password'])) {
         $params['password'] = Crypt::encrypt($params['password']);
     }
     if ($request->getMethod() == 'POST') {
         // saving data!
         $isValid = $this->repository->validateRequest($request);
         if (!is_bool($isValid)) {
             $request->session()->flash('message', "Invalid data, please check the following errors: ");
             $request->session()->flash('validationErrros', $isValid);
             return redirect()->route('configuration')->withInput();
         }
         $configuration = $this->repository->findById($params['id']);
         if (!$configuration) {
             $request->session()->flash('message', "Configuration not found");
             return redirect('configuration');
         }
         $this->repository->update($params, $params['id']);
         $request->session()->flash('message', "Configuration updated successfully!");
         $request->session()->flash('success', true);
         return redirect('configuration');
     }
     $request->session()->flash('message', "Method not allowed");
     return redirect('configuration');
 }
Esempio n. 10
0
 /**
  * Handle an incoming request.
  *
  * @param \Illuminate\Http\Request $request
  * @param \Closure                 $next
  *
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($request->getMethod() != 'GET' && $this->isReadOnlyModeEnabled()) {
         throw new HttpException(503);
     }
     return $next($request);
 }
Esempio n. 11
0
 /**
  * Handle an incoming request.
  *
  * @param \Illuminate\Http\Request $request
  * @param \Closure $next
  *
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (in_array($request->getMethod(), self::PARSED_METHODS)) {
         $request->merge(json_decode($request->getContent()));
     }
     return $next($request);
 }
Esempio n. 12
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($request->getMethod() == "OPTIONS") {
         $headers = array('Access-Control-Allow-Methods' => 'POST, GET, OPTIONS, PUT, DELETE', 'Access-Control-Allow-Headers' => 'X-Requested-With, content-type');
         return Response::make('', 200, $headers);
     }
     return $next($request);
 }
Esempio n. 13
0
 /**
  * Log all api requests
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  *
  * @return mixed
  */
 public function handle(Request $request, \Closure $next)
 {
     try {
         $this->debug($request->getMethod() . ' ' . $request->getPathInfo());
     } catch (\Exception $_ex) {
         //  Ignored.
     }
     return parent::handle($request, $next);
 }
Esempio n. 14
0
 /**
  * @param HttpRequest $request
  *
  * @return array
  */
 public function rules(HttpRequest $request) : array
 {
     if ($request->getMethod() === HttpRequest::METHOD_POST) {
         return self::RULES;
     }
     $rules = self::RULES;
     $rules['colour'][2] .= ",{$request->get('id')}";
     return $rules;
 }
 public function handle(Request $request, \Closure $next)
 {
     if ($request->getMethod() === "POST") {
         if ($this->validSignature($request) || $this->validShopId($request)) {
             return $next($request);
         }
     }
     $this->logger->hooksError($request->getContent(), $request);
     return new Response("", Response::HTTP_FORBIDDEN);
 }
 /**
  * Handle a Braintree webook request.
  *
  * @param  Request $request
  * @return void
  */
 public function handle(Request $request)
 {
     if ($request->getMethod() === 'GET') {
         $this->verify($request);
     }
     $response = $this->parse($request);
     if (Config::get('banker.webhooks.debug')) {
         Log::info($response);
     }
     $this->handleEvent($response);
 }
 public function __construct(Request $request)
 {
     $this->resource = $this->model();
     if (!Route::current()) {
         return;
     }
     // enable artisan route:list
     $userId = $this->getUserIdFromParams($request->getMethod(), $request->all());
     $this->middleware("canRead:{$userId}", ['only' => ['index', 'show']]);
     $this->middleware("canWrite:{$userId}", ['only' => ['store', 'update', 'destroy']]);
 }
Esempio n. 18
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     // TODO:    don't automatically log the user out some time after
     //          issue #29 is fixed or when disabled_at starts being used for
     //          something other than merged accounts.
     if ($this->auth->check() && $this->auth->user()->disabled_at !== null && !($request->getMethod() === 'POST' && $request->getRequestUri() == '/auth/logout')) {
         $this->auth->logout();
         //            return Response::view('home.account-disabled', ['username' => $this->auth->user()->username], 403);
     }
     return $next($request);
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  * @return mixed
  * @throws \App\Exceptions\Unauthorized
  */
 public function handle($request, Closure $next)
 {
     if ($request->is('api/user/login') || $request->is('/') || $request->is('api/user') && $request->getMethod() == "POST") {
         return $next($request);
     }
     $token = $request->header('X-Auth-Token');
     if (!(User::$logged = User::where('api_token', $token)->first())) {
         throw new \App\Exceptions\Unauthorized();
     }
     User::$edited = User::find($request->get('user_id'));
     return $next($request);
 }
Esempio n. 20
0
 /**
  * Shall be throttle limit enabled for given request?
  *
  * @param \Illuminate\Http\Request $request
  *
  * @return bool
  */
 protected function isEnabledFor($request)
 {
     // Limit only POST requests
     if ($request->getMethod() != 'POST') {
         return false;
     }
     // Disable throttle limit for voting
     if (starts_with($request->getPathInfo(), '/ajax/vote/')) {
         return false;
     }
     return true;
 }
Esempio n. 21
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $headers = ['Access-Control-Allow-Origin' => ' *', 'Access-Control-Allow-Methods' => ' POST, GET, OPTIONS, PUT, DELETE', 'Access-Control-Allow-Headers' => ' Content-Type, Accept, Authorization, X-Requested-With'];
     if ($request->getMethod() == "OPTIONS") {
         return \Response::make('OK', 200, $headers);
     }
     $response = $next($request);
     foreach ($headers as $key => $value) {
         $response->header($key, $value);
     }
     return $response;
 }
Esempio n. 22
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($request->getMethod() == "OPTIONS") {
         $headers = array('Access-Control-Allow-Origin' => '*', 'Access-Control-Allow-Methods' => 'GET, POST, PUT, DELETE', 'Access-Control-Max-Age' => '1000', 'Access-Control-Allow-Headers' => 'Content-Type, Authorization, X-Requested-With');
         return new JsonResponse('', 200, $headers);
     }
     header("Access-Control-Allow-Origin: *");
     header("Access-Control-Allow-Methods: 'GET, POST, PUT, DELETE, OPTIONS'");
     header("Access-Control-Max-Age': '1000'");
     header("Access-Control-Allow-Headers': 'Content-Type, Authorization, X-Requested-With'");
     return $next($request);
 }
Esempio n. 23
0
 /**
  * @param Request $request
  * @return bool
  * @throws \InvalidArgumentException
  */
 public static function isAuthorised(Request $request)
 {
     /** @var Route $route */
     $route = $request->route();
     $routeInfo = $route->getAction();
     if (!empty($routeInfo[self::HTTP_METHOD_OVERRIDE_KEY])) {
         $httpMethod = $routeInfo[self::HTTP_METHOD_OVERRIDE_KEY];
     } else {
         $httpMethod = $request->getMethod();
     }
     return static::isRoleHasAccessToRoute(static::getUserRole(), $route, $httpMethod);
 }
Esempio n. 24
0
 /**
  * Render an exception into an HTTP response.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Exception $e
  * @return \Illuminate\Http\Response
  */
 public function render($request, Exception $e)
 {
     if ($e instanceof TokenMismatchException) {
         flash()->error('CSRF verification failed, try logging in again.')->important();
         Auth::logout();
         return redirect()->route('login');
     }
     if ($e instanceof MethodNotAllowedHttpException && $request->getMethod() == 'GET') {
         flash()->error('That URL is for POST requests only.');
         return redirect()->route('account');
     }
     return parent::render($request, $e);
 }
 public function __construct($apiName = null, Request $request)
 {
     if ($apiName == null || !class_exists(__NAMESPACE__ . '\\' . ucfirst($apiName) . 'API')) {
         throw new Exception(self::getErrorMsg(ApiControllerFactory::API_NOT_FOUND), ApiControllerFactory::API_NOT_FOUND);
     }
     $className = __NAMESPACE__ . '\\' . ucfirst($apiName) . 'API';
     $this->apiClassObject = new $className();
     if (get_class($this->apiClassObject) == 'BaseAPI' || $this->apiClassObject->isPublic == false) {
         throw new Exception(self::getErrorMsg(ApiControllerFactory::API_NOT_FOUND), ApiControllerFactory::API_NOT_FOUND);
     }
     $this->apiClassObject->setData($request->all());
     $this->httpMethod = $request->getMethod();
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     header('Access-Control-Allow-Origin: *');
     $headers = ['Access-Control-Allow-Methods' => 'POST, GET, OPTIONS, PUT, DELETE', 'Access-Control-Allow-Headers' => 'Content-Type, X-Token, Origin, Authorization'];
     if ($request->getMethod() == "OPTIONS") {
         return response('OK')->withHeaders($headers);
     }
     $response = $next($request);
     foreach ($headers as $key => $value) {
         $response->header($key, $value);
     }
     return $response;
 }
Esempio n. 27
0
 /**
  * @param Request $request
  * @return bool
  */
 public static function isAuthorised(Request $request)
 {
     /** @var Route $route */
     $route = $request->route();
     /** @var BaseAccessManager $instance */
     $instance = call_user_func([get_called_class(), 'getInstance']);
     $routeInfo = $route->getAction();
     if (!empty($routeInfo[self::HTTP_METHOD_OVERRIDE_KEY])) {
         $httpMethod = $routeInfo[self::HTTP_METHOD_OVERRIDE_KEY];
     } else {
         $httpMethod = $request->getMethod();
     }
     return $instance->_hasAccessToRoute($route, $httpMethod);
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure                 $next
  *
  * @return \Illuminate\Http\Response
  */
 public function handle($request, \Closure $next)
 {
     if ($request->getMethod() == 'OPTIONS') {
         $headers = array_merge(static::$corsHeaders, ['Access-Control-Allow-Origin' => $request->header('Origin', '*')]);
         return response('', Response::HTTP_NO_CONTENT, $headers);
     }
     /** @var \Illuminate\Http\Response $response */
     $response = $next($request);
     if ($response->getStatusCode() >= 400) {
         $response->header('Access-Control-Expose-Headers', static::$corsHeaders['Access-Control-Expose-Headers']);
     }
     $response->header('Access-Control-Allow-Origin', $request->header('Origin', '*'));
     return $response;
 }
Esempio n. 29
0
 /**
  * Checks to see if it is an admin user login call.
  *
  * @param  \Illuminate\Http\Request $request
  *
  * @return bool
  * @throws \DreamFactory\Core\Exceptions\NotImplementedException
  */
 protected static function isException($request)
 {
     /** @var Router $router */
     $router = app('router');
     $service = strtolower($router->input('service'));
     $resource = strtolower($router->input('resource'));
     $action = VerbsMask::toNumeric($request->getMethod());
     foreach (static::$exceptions as $exception) {
         if ($action & ArrayUtils::get($exception, 'verb_mask') && $service === ArrayUtils::get($exception, 'service') && $resource === ArrayUtils::get($exception, 'resource')) {
             return true;
         }
     }
     return false;
 }
Esempio n. 30
0
 /**
  * Determine if any routes match on another HTTP verb.
  *
  * @param  \Illuminate\Http\Request $request
  *
  * @return array
  */
 protected function checkForAlternateVerbs($request)
 {
     $methods = array_diff(Router::$verbs, array($request->getMethod()));
     // Here we will spin through all verbs except for the current request verb and
     // check to see if any routes respond to them. If they do, we will return a
     // proper error response with the correct headers on the response string.
     $others = array();
     foreach ($methods as $method) {
         if (!is_null($this->check($this->get($method), $request, false))) {
             $others[] = $method;
         }
     }
     return $others;
 }