/**
* Advices the dispatch method so that illegal requests are blocked before invoking
* any controller.
*
* @FLOW3\Around("method(TYPO3\FLOW3\MVC\Dispatcher->dispatch())")
* @param \TYPO3\FLOW3\AOP\JoinPointInterface $joinPoint The current joinpoint
* @return mixed Result of the advice chain
*/
public function checkAccess(\TYPO3\FLOW3\AOP\JoinPointInterface $joinPoint)
{
$this->securityManager->setRequest($joinPoint->getMethodArgument('request'));
$this->securityManager->setResponse($joinPoint->getMethodArgument('response'));
$request = $joinPoint->getMethodArgument('request');
if (is_a($request, "\\TYPO3\\FLOW3\\MVC\\Web\\Request")) {
$className = $request->getControllerObjectName();
$methodName = $request->getControllerActionName() . 'Action';
try {
if (!empty($className) && $this->reflectionService->isMethodAnnotatedWith($className, $methodName, "Admin\\Annotations\\Access")) {
$annotation = $this->reflectionService->getMethodAnnotation($className, $methodName, "Admin\\Annotations\\Access");
if (!is_object($user = $this->securityManager->getUser())) {
return $this->securityManager->redirectToLogin($joinPoint);
}
if ($annotation->admin && !$user->isAdmin()) {
return $this->securityManager->redirectToLogin($joinPoint);
}
if ($annotation->role !== null) {
$hasRole = false;
foreach ($user->getRoles() as $role) {
if ($role->getName() == $annotation->role) {
$hasRole = true;
}
}
if (!$hasRole) {
$message = new \TYPO3\FLOW3\Error\Error("You don't have access to this page!");
$this->flashMessageContainer->addMessage($message);
return $this->securityManager->redirectToLogin($joinPoint);
}
}
}
} catch (\Exception $e) {
}
}
if (is_object($adviceChain = $joinPoint->getAdviceChain())) {
$result = $adviceChain->proceed($joinPoint);
return $result;
}
}
/**
* This function tries to find yet unmatched dependencies which need to be injected via "inject*" setter methods.
*
* @param array &$objectConfigurations
* @return void
* @throws \TYPO3\FLOW3\Object\Exception if an injected property is private
*/
protected function autowireProperties(array &$objectConfigurations)
{
foreach ($objectConfigurations as $objectConfiguration) {
$className = $objectConfiguration->getClassName();
$properties = $objectConfiguration->getProperties();
foreach (get_class_methods($className) as $methodName) {
if (substr($methodName, 0, 6) === 'inject') {
$propertyName = strtolower(substr($methodName, 6, 1)) . substr($methodName, 7);
$autowiringAnnotation = $this->reflectionService->getMethodAnnotation($className, $methodName, 'TYPO3\\FLOW3\\Annotations\\Autowiring');
if ($autowiringAnnotation !== NULL && $autowiringAnnotation->enabled === FALSE) {
continue;
}
if ($methodName === 'injectSettings') {
$packageKey = $objectConfiguration->getPackageKey();
if ($packageKey !== NULL) {
$properties[$propertyName] = new ConfigurationProperty($propertyName, $packageKey, ConfigurationProperty::PROPERTY_TYPES_SETTING);
}
} else {
if (array_key_exists($propertyName, $properties)) {
continue;
}
$methodParameters = $this->reflectionService->getMethodParameters($className, $methodName);
if (count($methodParameters) !== 1) {
$this->systemLogger->log(sprintf('Could not autowire property %s because %s() expects %s instead of exactly 1 parameter.', "{$className}::{$propertyName}", $methodName, count($methodParameters) ?: 'none'), LOG_DEBUG);
continue;
}
$methodParameter = array_pop($methodParameters);
if ($methodParameter['class'] === NULL) {
$this->systemLogger->log(sprintf('Could not autowire property %s because the method parameter in %s() contained no class type hint.', "{$className}::{$propertyName}", $methodName), LOG_DEBUG);
continue;
}
$properties[$propertyName] = new ConfigurationProperty($propertyName, $methodParameter['class'], ConfigurationProperty::PROPERTY_TYPES_OBJECT);
}
}
}
foreach ($this->reflectionService->getPropertyNamesByAnnotation($className, 'TYPO3\\FLOW3\\Annotations\\Inject') as $propertyName) {
if ($this->reflectionService->isPropertyPrivate($className, $propertyName)) {
$exceptionMessage = 'The property "' . $propertyName . '" in class "' . $className . '" must not be private when annotated for injection.';
throw new \TYPO3\FLOW3\Object\Exception($exceptionMessage, 1328109641);
}
if (!array_key_exists($propertyName, $properties)) {
$objectName = trim(implode('', $this->reflectionService->getPropertyTagValues($className, $propertyName, 'var')), ' \\');
$properties[$propertyName] = new ConfigurationProperty($propertyName, $objectName, ConfigurationProperty::PROPERTY_TYPES_OBJECT);
}
}
$objectConfiguration->setProperties($properties);
}
}
/**
* Adds the needed valiators to the Arguments:
*
* - Validators checking the data type from the @param annotation
* - Custom validators specified with validate annotations.
* - Model-based validators (validate annotations in the model)
* - Custom model validator classes
*
* @return void
*/
protected function initializeActionMethodValidators()
{
$validationGroups = array('Default', 'Controller');
$validationGroupsAnnotation = $this->reflectionService->getMethodAnnotation(get_class($this), $this->actionMethodName, 'TYPO3\\FLOW3\\Annotations\\ValidationGroups');
if ($validationGroupsAnnotation !== NULL) {
$validationGroups = $validationGroupsAnnotation->validationGroups;
}
$parameterValidators = $this->validatorResolver->buildMethodArgumentsValidatorConjunctions(get_class($this), $this->actionMethodName);
foreach ($this->arguments as $argument) {
$validator = $parameterValidators[$argument->getName()];
$baseValidatorConjunction = $this->validatorResolver->getBaseValidatorConjunction($argument->getDataType(), $validationGroups);
if (count($baseValidatorConjunction) > 0) {
$validator->addValidator($baseValidatorConjunction);
}
$argument->setValidator($validator);
}
}
