public function __invoke(MvcEvent $event) { if ($event->getRouteMatch()->getMatchedRouteName() === 'oauth/authorize' || $event->getRouteMatch()->getMatchedRouteName() === 'oauth/code') { $auth = $this->authentication; if (!$auth->hasIdentity()) { //redirect to login form before granting permissions - exception would be client_credentials grant type $url = $event->getRouter()->assemble([], array('name' => 'dotuser/login')); $host = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'on' ? 'https://' : 'http://'; $host .= $_SERVER['HTTP_HOST']; $url = $host . $url . '?redirect=' . urlencode($event->getRequest()->getUriString()); $response = $event->getResponse(); $response->getHeaders()->addHeaderLine('Location', $url); $response->setStatusCode(302); $response->sendHeaders(); exit; } else { $identity = $auth->getIdentity(); $request = $event->getRequest(); $client_id = $request->getQuery('client_id'); //check to see if user already ganted permissions and is not revoked to skip the step and redirecting directly if ($event->getRouteMatch()->getMatchedRouteName() === 'oauth/authorize') { if ($this->userRevokeStorage->isAuthorized($client_id, $identity->getUsername())) { $newRequest = new \ZF\ContentNegotiation\Request(); $newRequest->setMethod(\Zend\Http\Request::METHOD_POST); $newRequest->getPost()->set('authorized', 'yes'); $event->setRequest($newRequest); } } } } }
public function onBootstrap(MvcEvent $e) { $eventManager = $e->getApplication()->getEventManager(); $moduleRouteListener = new ModuleRouteListener(); $moduleRouteListener->attach($eventManager); UriFactory::registerScheme('chrome-extension', 'Zend\\Uri\\Uri'); if (method_exists($e->getRequest(), 'getHeaders')) { $headers = $e->getRequest()->getHeaders(); if ($headers->has('Origin') && $headers->has('X-Requested-With') && $headers->addHeaderLine('Access-Control-Allow-Methods: PUT, GET, POST, PATCH, DELETE, OPTIONS') && $headers->get('X-Requested-With')->getFieldValue() === 'com.ionicframework.notifycar') { //convert to array because get method throw an exception $headersArray = $headers->toArray(); $origin = $headersArray['Origin']; if ($origin === 'file://') { unset($headersArray['Origin']); $headers->clearHeaders(); $headers->addHeaders($headersArray); //$headers->addHeaderLine('Access-Control-Allow-Methods: PUT, GET, POST, PATCH, DELETE, OPTIONS'); //this is a valid uri $headers->addHeaderLine('Origin', 'file://mobile'); } else { if ($origin === 'chrome-extension') { unset($headersArray['Origin']); $headers->clearHeaders(); $headers->addHeaders($headersArray); //$headers->addHeaderLine('Access-Control-Allow-Methods: PUT, GET, POST, PATCH, DELETE, OPTIONS'); //this is a valid uri $headers->addHeaderLine('Origin', 'chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop'); //$headers->addHeaderLine('Origin', 'chrome-extension://aicmkgpgakddgnaphhhpliifpcfhicfo'); } } } } }
/** * @param $controllerName * @param $action * @param array $params * @return string|\Zend\Stdlib\ResponseInterface * @throws \Exception */ public function runControllerAction($controllerName, $action, $params = array()) { $this->event->getRouteMatch()->setParam('controller', $controllerName)->setParam('action', $action); foreach ($params as $key => $value) { $this->event->getRouteMatch()->setParam($key, $value); } $serviceManager = $this->event->getApplication()->getServiceManager(); $controllerManager = $serviceManager->get('ControllerLoader'); /** @var AbstractActionController $controller */ $controller = $controllerManager->get($controllerName); $controller->setEvent($this->event); $result = $controller->dispatch($this->event->getRequest()); if ($result instanceof Response) { return $result; } /** @var ViewManager $viewManager */ $viewManager = $serviceManager->get('ViewManager'); $renderingStrategy = $viewManager->getMvcRenderingStrategy(); $this->event->setViewModel($result); /** @var ViewModel $result */ if (!$result->terminate()) { $layout = new ViewModel(); $layoutTemplate = $renderingStrategy->getLayoutTemplate(); $layout->setTemplate($layoutTemplate); $layout->addChild($result); $this->event->setViewModel($layout); } $response = $renderingStrategy->render($this->event); return $response; }
public function __invoke(MvcEvent $e) { $response = $e->getResponse(); $this->rateLimitService->consume($e->getRouteMatch(), $e->getRequest()); //var_dump($this->rateLimitService->getTopMeters('daily_limits'));exit; $status = $this->rateLimitService->getLimitStatus($e->getRouteMatch(), $e->getRequest(), 'daily_limits'); if (!empty($status)) { //add info headers $headers = $response->getHeaders(); $headers->addHeaderLine('X-RateLimit-Limit', $status['limit']); $headers->addHeaderLine('X-RateLimit-Remaining', $status['remaining']); $headers->addHeaderLine('X-RateLimit-Reset', $status['reset']); $response->setHeaders($headers); } if ($this->rateLimitService->isLimitExceeded()) { //trigger the ratelimit exceeded event $mvcLimitEvent = $this->mvcLimitEvent; $response = $this->eventManager->trigger(MvcLimitEvent::EVENT_RATELIMIT_EXCEEDED, $mvcLimitEvent, function ($r) { return $r instanceof Response; }); $response = $response->last(); return $response; } elseif ($this->rateLimitService->isLimitWarning()) { //trigger the ratelimit warning event $mvcLimitEvent = $this->mvcLimitEvent; $response = $this->eventManager->trigger(MvcLimitEvent::EVENT_RATELIMIT_WARN, $mvcLimitEvent, function ($r) { return $r instanceof Response; }); $response = $response->last(); $e->setResponse($response); } }
protected function onInvokation(MvcEvent $e, $error = false) { $viewModel = $e->getResult(); $isJsonModel = $viewModel instanceof JsonModel; $routeMatch = $e->getRouteMatch(); if ($routeMatch && $routeMatch->getParam('forceJson', false) || $isJsonModel || "json" == $e->getRequest()->getQuery('format') || "json" == $e->getRequest()->getPost('format')) { if (!$isJsonModel) { $model = new JsonModel(); if ($error) { $model->status = 'error'; $model->message = $viewModel->message; if ($viewModel->display_exceptions) { if (isset($viewModel->exception)) { $model->exception = $viewModel->exception->getMessage(); } } } else { $model->setVariables($viewModel->getVariables()); } $viewModel = $model; $e->setResult($model); $e->setViewModel($model); } $viewModel->setTerminal(true); $strategy = new \Zend\View\Strategy\JsonStrategy(new \Zend\View\Renderer\JsonRenderer()); $view = $e->getApplication()->getServiceManager()->get('ViewManager')->getView(); $view->addRenderingStrategy(array($strategy, 'selectRenderer'), 10); $view->addResponseStrategy(array($strategy, 'injectResponse'), 10); } }
public function onBootstrap(MvcEvent $e) { $serviceLocator = $e->getApplication()->getServiceManager(); $e->getApplication()->getEventManager()->attach(\Zend\Mvc\MvcEvent::EVENT_DISPATCH, function (MvcEvent $e) use($serviceLocator) { if (!$e->getRequest() instanceof Request) { return; } $request = $e->getRequest(); $config = $serviceLocator->get('Config'); $serviceName = isset($config['hermes']['service_name']) ? $config['hermes']['service_name'] : ''; $data = ['direction' => 'in', 'status' => 'success', 'destination' => ['service' => $serviceName, 'server' => $request->getUri()->getHost(), 'uri' => $request->getUriString()], 'source' => ['server' => $_SERVER['REMOTE_ADDR'], 'service' => $request->getHeader('X-Request-Name') ? $request->getHeader('X-Request-Name')->getFieldValue() : '', 'uri' => '']]; if (!$e->getRequest()->isGet()) { $post = json_decode($e->getRequest()->getContent(), true, 100); unset($post['password']); $data['data'] = $post; } \LosLog\Log\RequestLogger::save($e->getRequest(), $data); }, 100); $hermes = $serviceLocator->get('hermes'); $em = $hermes->getEventManager(); $em->attach('request.post', function (Event $e) use($serviceLocator) { /* @var \Hermes\Api\Client $hermes */ $hermes = $e->getTarget(); $request = $hermes->getZendClient()->getRequest(); $config = $serviceLocator->get('Config'); $serviceName = isset($config['hermes']['service_name']) ? $config['hermes']['service_name'] : ''; $data = ['direction' => 'out', 'status' => 'success', 'source' => ['service' => $serviceName, 'server' => $_SERVER['SERVER_ADDR'], 'uri' => $_SERVER['REQUEST_URI']], 'destination' => ['service' => $hermes->getServiceName(), 'server' => $request->getUri()->getHost(), 'uri' => $request->getUriString()], 'http_code' => $hermes->getZendClient()->getResponse()->getStatusCode()]; if (!$request->isGet()) { $post = json_decode($request->getContent(), true, 100); unset($post['password']); $data['data'] = $post; } \LosLog\Log\RequestLogger::save($request, $data); }, 100); $em->attach('request.fail', function (Event $e) use($serviceLocator) { /* @var \Hermes\Api\Client $hermes */ $hermes = $e->getTarget(); $request = $hermes->getZendClient()->getRequest(); $config = $serviceLocator->get('Config'); $serviceName = isset($config['hermes']['service_name']) ? $config['hermes']['service_name'] : ''; $data = ['direction' => 'out', 'status' => 'failed', 'source' => ['service' => $serviceName, 'server' => $_SERVER['SERVER_ADDR'], 'uri' => $_SERVER['REQUEST_URI']], 'destination' => ['service' => $hermes->getServiceName(), 'server' => $request->getUri()->getHost(), 'uri' => $request->getUriString()]]; if (!$request->isGet()) { $post = json_decode($request->getContent(), true, 100); unset($post['password']); $data['data'] = $post; } $exception = $e->getParams(); $data['http_code'] = $exception->getCode(); $data['error'] = $exception->getMessage(); \LosLog\Log\RequestLogger::save($request, $data); }, 100); }
/** * Called after routing * * @param MvcEvent $event */ public function onRoute(MvcEvent $event) { $serviceManager = $event->getApplication()->getServiceManager(); /* @var RouteMatch $routeMatch */ $routeMatch = $event->getRouteMatch(); $language = ''; // check if the language is set by routing (parameter, domain name, etc) if ($routeMatch->getParam('language') == '') { // get route $route = explode('/', $routeMatch->getMatchedRouteName()); // $module = $route[0]; /** @var \Msingi\Cms\Settings $settings */ $settings = $event->getApplication()->getServiceManager()->get('Settings'); // get defaults from settings $multilanguage = (bool) $settings->get($module . ':languages:multilanguage'); $language_default = $settings->get($module . ':languages:default'); $languages_enabled = $settings->get($module . ':languages:enabled'); if ($multilanguage && is_array($languages_enabled)) { /** @var \Zend\Http\Request $request */ $request = $event->getRequest(); // try to get language from cookie if ($request->getCookie('language') != '') { $language = $event->getRequest()->getCookie('language'); } // try to get language from browser if ($language == '' && isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $language = \Locale::getPrimaryLanguage(\Locale::acceptFromHttp($_SERVER['HTTP_ACCEPT_LANGUAGE'])); } // fallback to default language if given one is not supported if (!in_array($language, $languages_enabled)) { $language = $language_default; } } else { // not multilanguage module, use default language $language = $language_default; } $routeMatch->setParam('language', $language); } else { $language = $routeMatch->getParam('language'); $language_default = $language; } // translator $translator = $serviceManager->get('Translator'); $translator->setLocale($language)->setFallbackLocale($language_default); // cache $cache = $serviceManager->get('Application\\Cache'); if ($cache) { $translator->setCache($cache); } }
/** * Redirect old assets on sites that we do not control to new AWS urls */ public function routeEvent(MvcEvent $event) { $host = $event->getRequest()->getUri()->getHost(); if (!isset($this->domainRedirects[$host])) { return null; } $event->getResponse()->setStatusCode(301); /** * @var $headers \Zend\Http\Headers */ $headers = $event->getResponse()->getHeaders(); $headers->addHeaderLine('location', $this->domainRedirects[$host] . $event->getRequest()->getUri()->getPath()); return $event->getResponse(); }
public function onDispatch(MvcEvent $e) { if (!$e->getRequest() instanceof ConsoleRequest) { throw new RuntimeException('You can only use this action from a console!'); } $migrations = $this->versionResolver->getAll($e->getRequest()->getParam('all')); $list = []; foreach ($migrations as $m) { $list[] = sprintf("%s %s - %s", $m['applied'] ? '-' : '+', $m['version'], $m['description']); } $response = (empty($list) ? 'No migrations available.' : implode("\n", $list)) . "\n"; $e->setResult($response); return $response; }
/** * {@inheritdoc} */ public function collect(MvcEvent $mvcEvent) { if (PHP_VERSION_ID >= 50400) { $start = $mvcEvent->getRequest()->getServer()->get('REQUEST_TIME_FLOAT'); } elseif (defined('REQUEST_MICROTIME')) { $start = REQUEST_MICROTIME; } else { $start = $mvcEvent->getRequest()->getServer()->get('REQUEST_TIME'); } if (!isset($this->data)) { $this->data = array(); } $this->data['start'] = $start; $this->data['end'] = microtime(true); }
public function outputFatalError(ErrorException $exception, MvcEvent $e) { // Clean the buffer from previously badly rendered views if (ob_get_level() >= 1) { ob_end_clean(); } $sm = $e->getApplication()->getServiceManager(); $request = $e->getRequest(); $manager = $sm->get('viewManager'); $renderer = $manager->getRenderer(); $config = $sm->get('Config'); $display = isset($config['view_manager']['display_exceptions']) ? $config['view_manager']['display_exceptions'] : null; $layout = $manager->getLayoutTemplate(); $template = isset($config['view_manager']['exception_template']) ? $config['view_manager']['exception_template'] : null; $viewType = get_class($manager->getViewModel()); // Console if ($request instanceof ConsoleRequest || (bool) $display !== true) { return; } // Get layout $model = new $viewType(); $model->setTemplate($layout); // Error page if (null !== $template) { $content = new $viewType(array('exception' => $exception, 'display_exceptions' => $display)); $content->setTemplate($template); $result = $renderer->render($content); $model->setVariables(['content' => $result, 'exception' => $exception]); } $this->triggerErrorEvent($exception, $e); echo $renderer->render($model); exit; }
public function dispatch(MvcEvent $event) { $request = $event->getRequest(); if ($request instanceof ConsoleRequest) { return true; } $auth = new AuthenticationService(); //ALREADY LOGGED IN // user has auth, if ($auth->hasIdentity()) { return true; //NOT LOGGED IN // } else { /** @var $request \Zend\Http\PhpEnvironment\Request */ $cookies = $request->getCookie(); /** @var $cookies \Zend\Http\Header\Cookie */ $userService = $this->getServiceLocator()->get('Stjornvisi\\Service\\User'); /** @var $user \Stjornvisi\Service\User */ if ($cookies && $cookies->offsetExists('backpfeifengesicht')) { if (($user = $userService->getByHash($cookies->offsetGet('backpfeifengesicht'))) != false) { $authAdapter = $this->getServiceLocator()->get('Stjornvisi\\Auth\\Adapter'); $authAdapter->setIdentifier($user->id); $result = $auth->authenticate($authAdapter); $result->isValid(); } } } }
public function onPostLogin(MvcEvent $e) { if (!$e->getRouteMatch()) { return; } /** @var string $matchedRouteName */ $matchedRouteName = $e->getRouteMatch()->getMatchedRouteName(); if ($matchedRouteName !== 'login') { return; } if (!$e->getRequest()->isPost()) { return; } /** @var ZourceAuthenticationService $authenticationService */ $authenticationService = $e->getApplication()->getServiceManager()->get(AuthenticationService::class); /** @var ManagerInterface $sessionManager */ $sessionManager = $e->getApplication()->getServiceManager()->get(ManagerInterface::class); /** @var EntityManager $entityManager */ $entityManager = $e->getApplication()->getServiceManager()->get('doctrine.entitymanager.orm_default'); /** @var SessionEntity $respository */ $respository = $entityManager->getRepository(SessionEntity::class); /** @var SessionEntity $session */ $session = $respository->find($sessionManager->getId()); $session->setAccount($authenticationService->getAccountEntity()); $entityManager->persist($session); $entityManager->flush($session); }
public function afterDispatch(MvcEvent $e) { $controllerName = $e->getRouteMatch()->getMatchedRouteName(); if ($controllerName != 'login' && ($controllerName != 'application' && $controllerName != 'home')) { $containerSession = new \Zend\Session\Container('cbol'); $e->getTarget()->layout()->repo = $containerSession->reportesVias; $e->getTarget()->layout()->acceso = $containerSession->permisosUser; $e->getTarget()->layout()->suge = $containerSession->sugerencias; $auth = new \Zend\Authentication\AuthenticationService(); $response = $e->getResponse(); if (!$auth->hasIdentity()) { $url = $e->getRequest()->getBaseUrl() . '/login'; $response->getHeaders()->addHeaderLine('Location', $url); $response->setStatusCode(302); $response->sendHeaders(); return $response; } else { $localAcl = new \Login\Model\permisos(); if (!$localAcl->isAllowed($auth->getIdentity()->perfil_id, $controllerName)) { $this->onDispatchError($e, $controllerName); } elseif (is_null($containerSession->idSession)) { $url = $e->getRequest()->getBaseUrl() . '/login/logout'; $response->getHeaders()->addHeaderLine('Location', $url); $response->setStatusCode(302); $response->sendHeaders(); return $response; } elseif ($e->getResponse()->getStatusCode() == 403) { $this->onDispatchError($e, $controllerName); } } } }
public function onBootstrap(MvcEvent $e) { $eventManager = $e->getApplication()->getEventManager(); $moduleRouteListener = new ModuleRouteListener(); $moduleRouteListener->attach($eventManager); $sharedEvents = $eventManager->getSharedManager(); $application = $e->getApplication(); $sm = $application->getServiceManager(); /*SETANDO BASE URL */ $e->getRequest()->setBaseUrl('/'); $basePathHelper = $sm->get('viewRenderer')->plugin('basePath'); /* @var $basePathHelper \Zend\View\Helper\BasePath */ $basePathHelper->setBasePath('/'); $sharedEvents->attach('Zend\\Mvc\\Controller\\AbstractActionController', 'dispatch', function ($ev) use($sm) { $auth = $ev->getApplication()->getServiceManager()->get('Zend\\Authentication\\AuthenticationService'); if ($auth->hasIdentity()) { return; } if ($ev->getRouteMatch()->getParam('action') == 'login') { return; } $target = $ev->getTarget(); $flash = $sm->get('ControllerPluginManager')->get('FlashMessenger')->addErrorMessage('Efetue login no sistema para acessar este recurso!'); return $target->redirect()->toUrl('/security/autenticacao/login'); //return; }, 3); $eventManager->attach('route', array($this, 'loadConfiguration'), 2); }
/** * Listens to the route event. * * Detects the language to use and sets translator locale. * The language is detected either via query parameter "lang" or * browser setting (ACCEPT-LANGUAGE header) * * @param MvcEvent $e */ public function onRoute(MvcEvent $e) { /* @var $request \Zend\Http\PhpEnvironment\Request */ $request = $e->getRequest(); /* Detect language */ $lang = $request->getQuery('lang'); if (!$lang) { $headers = $request->getHeaders(); if ($headers->has('Accept-Language')) { /* @var $acceptLangs \Zend\Http\Header\AcceptLanguage */ $acceptLangs = $headers->get('Accept-Language'); $locales = $acceptLangs->getPrioritized(); $locale = $locales[0]; $lang = $locale->type; } else { $lang = 'en'; } } /* Set locale */ $translator = $e->getApplication()->getServiceManager()->get('mvctranslator'); $locale = $lang . '_' . strtoupper($lang); setlocale(LC_ALL, array($locale . ".utf8", $locale . ".iso88591", $locale, substr($locale, 0, 2), 'de_DE.utf8', 'de_DE', 'de')); \Locale::setDefault($locale); $translator->setLocale($locale); $routeMatch = $e->getRouteMatch(); if ($routeMatch && $routeMatch->getParam('lang') === null) { $routeMatch->setParam('lang', $lang); } /* @var $router \Zend\Mvc\Router\SimpleRouteStack */ $router = $e->getRouter(); $router->setDefaultParam('lang', $lang); }
public function onDispatch(MvcEvent $e) { if (!$e->getRequest() instanceof ConsoleRequest) { throw new RuntimeException('Only requests form console are allowed.'); } $this->cronService->run(); }
/** * Determine if versioning is in the route matches, and update the controller accordingly * * @param MvcEvent $e */ public function onRoute(MvcEvent $e) { $request = $e->getRequest(); if ($request instanceof HttpRequest && $request->isOptions()) { return; } $routeMatches = $e->getRouteMatch(); if (!$routeMatches instanceof RouteMatch) { return; } $version = $this->getVersionFromRouteMatch($routeMatches); if (!$version) { // No version found in matches; done return; } $controller = $routeMatches->getParam('controller', false); if (!$controller) { // no controller; we have bigger problems! return; } $pattern = '#' . preg_quote('\\V') . '(\\d+)' . preg_quote('\\') . '#'; if (!preg_match($pattern, $controller, $matches)) { // controller does not have a version subnamespace return; } $replacement = preg_replace($pattern, '\\V' . $version . '\\', $controller); if ($controller === $replacement) { return; } $routeMatches->setParam('controller', $replacement); return $routeMatches; }
public function onDispatch(MvcEvent $e) { if (!$e->getRequest() instanceof ConsoleRequest) { throw new RuntimeException('You can only use this action from a console!'); } $table = new Ddl\CreateTable('queue_messages'); $table->addColumn(new Ddl\Column\Integer('id', false, null, ['autoincrement' => true])); $table->addColumn(new Ddl\Column\Varchar('queue_name', 100)); $table->addColumn(new Ddl\Column\Integer('status', false)); $table->addColumn(new Ddl\Column\Varchar('options', 250)); $table->addColumn(new Ddl\Column\Text('message', null, true)); $table->addColumn(new Ddl\Column\Text('output', null, true)); $table->addColumn(new Ddl\Column\Datetime('started_dt', true)); $table->addColumn(new Ddl\Column\Datetime('finished_dt', true)); $table->addColumn(new Ddl\Column\Datetime('created_dt', false)); $table->addColumn(new Ddl\Column\Datetime('updated_dt', true)); $table->addConstraint(new Ddl\Constraint\PrimaryKey('id')); $sql = new Sql($this->dbAdapter); try { $this->dbAdapter->query($sql->buildSqlString($table), DbAdapter::QUERY_MODE_EXECUTE); } catch (\Exception $e) { // currently there are no db-independent way to check if table exists // so we assume that table exists when we catch exception } }
/** * Test if the accept content-type received is allowable. * * @param MvcEvent $e * @return null|ApiProblemResponse */ public function onRoute(MvcEvent $e) { if (empty($this->config)) { return; } $controllerName = $e->getRouteMatch()->getParam('controller'); if (!isset($this->config[$controllerName])) { return; } $request = $e->getRequest(); if (!method_exists($request, 'getHeaders')) { // Not an HTTP request; nothing to do return; } $headers = $request->getHeaders(); $matched = false; if (is_string($this->config[$controllerName])) { $matched = $this->validateMediaType($this->config[$controllerName], $headers); } elseif (is_array($this->config[$controllerName])) { foreach ($this->config[$controllerName] as $whitelistType) { $matched = $this->validateMediaType($whitelistType, $headers); if ($matched) { break; } } } if (!$matched) { return new ApiProblemResponse(new ApiProblem(406, 'Cannot honor Accept type specified')); } }
/** * Test if the content-type received is allowable. * * @param MvcEvent $e * @return null|ApiProblemResponse */ public function onRoute(MvcEvent $e) { if (empty($this->config)) { return; } $controllerName = $e->getRouteMatch()->getParam('controller'); if (!isset($this->config[$controllerName])) { return; } // Only worry about content types on HTTP methods that submit content // via the request body. $request = $e->getRequest(); if (!method_exists($request, 'getHeaders')) { // Not an HTTP request; nothing to do return; } $requestBody = (string) $request->getContent(); if (empty($requestBody)) { return; } $headers = $request->getHeaders(); if (!$headers->has('content-type')) { return new ApiProblemResponse(new ApiProblem(415, 'Invalid content-type specified')); } $contentTypeHeader = $headers->get('content-type'); $matched = $contentTypeHeader->match($this->config[$controllerName]); if (false === $matched) { return new ApiProblemResponse(new ApiProblem(415, 'Invalid content-type specified')); } }
/** * Return all query parameters or a single query parameter. * * @param string $param Parameter name to retrieve, or null to get all. * @param mixed $default Default value to use when the parameter is missing. * @return mixed */ public function fromQuery($param = null, $default = null) { if ($param === null) { return $this->event->getRequest()->getQuery($param, $default)->toArray(); } return $this->event->getRequest()->getQuery($param, $default); }
/** * Render the view * * @param MvcEvent $e * @return Response */ public function render(MvcEvent $e) { $result = $e->getResult(); if ($result instanceof Response) { return $result; } // Martial arguments $request = $e->getRequest(); $response = $e->getResponse(); $viewModel = $e->getViewModel(); if (!$viewModel instanceof ViewModel) { return; } $view = $this->view; $view->setRequest($request); $view->setResponse($response); try { $view->render($viewModel); } catch (\Exception $ex) { if ($e->getName() === MvcEvent::EVENT_RENDER_ERROR) { throw $ex; } $application = $e->getApplication(); $events = $application->getEventManager(); $e->setError(Application::ERROR_EXCEPTION)->setParam('exception', $ex); $events->trigger(MvcEvent::EVENT_RENDER_ERROR, $e); } return $response; }
public function checkAcl(MvcEvent $e) { if (!$e->getRequest() instanceof \Zend\Http\Request) { return; } $route = $e->getRouteMatch()->getMatchedRouteName(); /* @var $aclEnforcer \FzyAuth\Service\AclEnforcerInterface */ $aclEnforcer = $this->getServiceLocator()->get('FzyAuth\\AclEnforcerFactory'); $aclEnforcer->init($e); $aclEnforcer->attachToView($e->getViewModel()); $controller = $e->getRouteMatch()->getParam('controller'); $action = $e->getRouteMatch()->getParam('action'); $missing = true; if ($aclEnforcer->hasControllerResource($controller)) { $missing = false; if ($aclEnforcer->isAllowed(AclEnforcerInterface::RESOURCE_CONTROLLER_PREFIX . $controller, $action)) { return $aclEnforcer->handleAllowed($e); } } if ($aclEnforcer->hasRouteResource($route)) { $missing = false; if ($aclEnforcer->isAllowed(AclEnforcerInterface::RESOURCE_ROUTE_PREFIX . $route, $action)) { return $aclEnforcer->handleAllowed($e); } } return $missing ? $aclEnforcer->handleRouteMissing($e) : $aclEnforcer->handleNotAllowed($e); }
/** * Bootstrap session * * @param MvcEvent $event */ private function bootstrapSession(MvcEvent $event) { $session = $event->getApplication()->getServiceManager()->get('Zend\\Session\\SessionManager'); $session->start(); $container = new Container('initialized'); if (!isset($container->init)) { $serviceManager = $event->getApplication()->getServiceManager(); $request = $event->getRequest(); $session->regenerateId(); $container->init = 1; $container->remoteAddr = $request->getServer()->get('REMOTE_ADDR'); $container->httpUserAgent = $request->getServer()->get('HTTP_USER_AGENT'); $config = $serviceManager->get('Config'); if (!isset($config['session'])) { return; } $sessionConfig = $config['session']; if (isset($sessionConfig['validators'])) { $chain = $session->getValidatorChain(); foreach ($sessionConfig['validators'] as $validator) { switch ($validator) { case 'Zend\\Session\\Validator\\HttpUserAgent': $validator = new $validator($container->httpUserAgent); break; case 'Zend\\Session\\Validator\\RemoteAddr': $validator = new $validator($container->remoteAddr); break; default: $validator = new $validator(); } $chain->attach('session.validate', array($validator, 'isValid')); } } } }
/** * Take parameters from RouteMatch and inject them into the request. * * @param MvcEvent $e * @return void */ public function injectParams(MvcEvent $e) { $routeMatchParams = $e->getRouteMatch()->getParams(); $request = $e->getRequest(); /** @var $params \Zend\Stdlib\Parameters */ if ($request instanceof ConsoleRequest) { $params = $request->params(); } elseif ($request instanceof HttpRequest) { $params = $request->get(); } else { // unsupported request type return; } if ($this->overwrite) { foreach ($routeMatchParams as $key => $val) { $params->{$key} = $val; } } else { foreach ($routeMatchParams as $key => $val) { if (!$params->offsetExists($key)) { $params->{$key} = $val; } } } }
public function dispatchError(MvcEvent $e) { $sharedManager = $e->getApplication()->getEventManager()->getSharedManager(); $sharedManager->attach('Zend\\Mvc\\Application', 'dispatch.error', function ($e) { if ($e->getParam('exception')) { ob_clean(); //Limpar a tela de erros do php header('HTTP/1.1 400 Bad Request'); $exception = $e->getParam('exception'); $sm = $e->getApplication()->getServiceManager(); $config = $sm->get('Config'); $e->getApplication()->getServiceManager()->get('Controller\\Plugin\\Manager')->get('jsLog')->log($exception, 2); $viewModel = new \Zend\View\Model\ViewModel(['exception' => $exception]); if ($e->getRequest()->isXmlHttpRequest()) { $viewModel->setTemplate($config['js_library']['error_ajax_exception']); $e->getApplication()->getServiceManager()->get('ViewRenderer')->render($viewModel); } else { $viewModel->setTemplate($config['js_library']['error_exception']); echo $e->getApplication()->getServiceManager()->get('ViewRenderer')->render($viewModel); } /* * Com erros handler o codigo continua a ser executado, * entao o exit para e so mostra os erros */ exit; } }); }
/** * Handles redirects in case of dispatch errors caused by unauthorized access * * @param MvcEvent $event * @return void */ public function onError(MvcEvent $event) { if (!$event->getRequest() instanceof HttpRequest || !($routeMatch = $event->getRouteMatch())) { return; } if (null === $this->redirectUri) { if (null === $this->redirectRoute) { if ($this->authenticationService->hasIdentity()) { $this->setRedirectRoute($this->options->getAuthenticatedIdentityRedirectRoute()); } else { $this->setRedirectRoute($this->options->getUnauthenticatedIdentityRedirectRoute()); } } if (!($this->redirectRoute && $this->redirectRoute !== $routeMatch->getMatchedRouteName())) { return parent::onError($event); } $params = ['name' => $this->redirectRoute]; if ($this->options->getUseRedirectParameter()) { $redirectKey = $this->options->getRedirectKey(); $params['query'][$redirectKey] = $event->getRequest()->getUriString(); } $this->setRedirectUri($event->getRouter()->assemble([], $params)); } $response = $event->getResponse() ?: new HttpResponse(); $response->getHeaders()->addHeaderLine('Location', $this->redirectUri); $response->setStatusCode(302); $event->setResponse($response); }
/** * Create an exception view model, and set the HTTP status code * * @todo dispatch.error does not halt dispatch unless a response is * returned. As such, we likely need to trigger rendering as a low * priority dispatch.error event (or goto a render event) to ensure * rendering occurs, and that munging of view models occurs when * expected. * @param MvcEvent $e * @return void */ public function prepareExceptionViewModel(MvcEvent $e) { // Do nothing if no error in the event $error = $e->getError(); if (empty($error)) { return; } // Do nothing if the result is a response object $result = $e->getResult(); if ($result instanceof Response) { return; } // Do nothing if there is no exception or the exception is not // an UnauthorizedAccessException $exception = $e->getParam('exception'); if (!$exception instanceof UnauthorizedAccessException) { return; } $response = $e->getResponse(); if (!$response) { $response = new Response(); $e->setResponse($response); } /* * Return an image, if an image was requested. */ if ($exception instanceof UnauthorizedImageAccessException) { $image = __DIR__ . '/../../../../../public/images/unauthorized-access.png'; $response->setStatusCode(403)->setContent(file_get_contents($image))->getHeaders()->addHeaderLine('Content-Type', 'image/png'); $e->stopPropagation(); $response->sendHeaders(); //echo file_get_contents($image); //$response->stopped = true; return $response; } $auth = $e->getApplication()->getServiceManager()->get('AuthenticationService'); if (!$auth->hasIdentity()) { $response->setStatusCode(Response::STATUS_CODE_403); $routeMatch = $e->getRouteMatch(); $routeMatch->setParam('controller', 'Auth\\Controller\\Index'); $routeMatch->setParam('action', 'index'); $query = $e->getRequest()->getQuery(); $ref = $e->getRequest()->getRequestUri(); $ref = preg_replace('~^' . preg_quote($e->getRouter()->getBaseUrl()) . '~', '', $ref); $query->set('ref', $ref); $query->set('req', 1); $result = $e->getApplication()->getEventManager()->trigger('dispatch', $e); $e->stopPropagation(); return $result; } $message = $exception->getMessage(); $model = new ViewModel(array('message' => empty($message) ? 'You are not permitted to access this resource.' : $message, 'exception' => $e->getParam('exception'), 'display_exceptions' => $this->displayExceptions())); $model->setTemplate($this->getExceptionTemplate()); $e->setResult($model); // $statusCode = $response->getStatusCode(); // if ($statusCode === 200) { $response->setStatusCode(403); // } }
public function onDispatchError(MvcEvent $e) { $result = $e->getResult(); $response = $e->getResponse(); if ($result instanceof Response || $response && !$response instanceof HttpResponse) { return; } $viewVariables = array('error' => $e->getParam('error'), 'identity' => $e->getParam('identity')); switch ($e->getError()) { case Controller::ERROR: $viewVariables['controller'] = $e->getParam('controller'); $viewVariables['action'] = $e->getParam('action'); $router = $e->getRouter(); if ($e->getParam('exception') instanceof UnAuthorizedException && !$e->getApplication()->getServiceManager()->get('Zend\\Authentication\\AuthenticationService')->hasIdentity()) { $session = new Container('location'); $session->location = $e->getRequest()->getUri(); // get url to the login route $options['name'] = 'login'; $url = $router->assemble(array(), $options); if (!$response) { $response = new HttpResponse(); $e->setResponse($response); } if ($e->getRequest()->isXmlHttpRequest()) { $response->setStatusCode(204); $response->getHeaders()->addHeaderLine('Fury-Redirect', $url); } else { $response->setStatusCode(302); $response->getHeaders()->addHeaderLine('Location', $url); } return; } break; case Route::ERROR: $viewVariables['route'] = $e->getParam('route'); break; case Application::ERROR_EXCEPTION: if (!$e->getParam('exception') instanceof UnAuthorizedException) { return; } $viewVariables['reason'] = $e->getParam('exception')->getMessage(); $viewVariables['error'] = 'error-unauthorized'; break; default: /* * do nothing if there is no error in the event or the error * does not match one of our predefined errors (we don't want * our 403 template to handle other types of errors) */ return; } $model = new ViewModel($viewVariables); $response = $response ?: new HttpResponse(); $model->setTemplate($this->getTemplate()); $e->getViewModel()->addChild($model); $response->setStatusCode(403); $e->setResponse($response); }