/**
* @covers ::onDispatchError
*/
public function testOnDispatchErrorStoreAndStreamImage()
{
$id = 'someId';
$resource = 'someResource';
$this->event->setError(Application::ERROR_ROUTER_NO_MATCH);
$image = $this->getMockBuilder(ImageEntity::class)->setMethods(['getLength', 'getResource'])->getMock();
$image->setId($id);
$image->setType('image/jpeg');
$image->setName('image.jpg');
$image->method('getLength')->willReturn(1024);
$image->method('getResource')->willReturn($resource);
$this->manager->expects($this->once())->method('matchUri')->willReturn($id);
$this->repository->expects($this->once())->method('find')->with($this->equalTo($id))->willReturn($image);
$this->manager->expects($this->once())->method('store')->with($this->identicalTo($image));
$this->listener->onDispatchError($this->event);
$response = $this->event->getResponse();
$this->assertInstanceOf(Stream::class, $response);
$this->assertEquals(Response::STATUS_CODE_200, $response->getStatusCode());
$this->assertEquals($image->getName(), $response->getStreamName());
$this->assertEquals($image->getResource(), $response->getStream());
$headers = $response->getHeaders();
$this->assertInstanceOf(Headers::class, $headers);
$this->assertTrue($headers->has('Content-Type'));
$this->assertEquals($image->getType(), $headers->get('Content-Type')->getFieldValue());
$this->assertTrue($headers->has('Content-Length'));
$this->assertEquals($image->getLength(), $headers->get('Content-Length')->getFieldValue());
}
public function testOnRenderErrorCreatesAnApiProblemResponse()
{
$response = new Response();
$request = new Request();
$request->getHeaders()->addHeaderLine('Accept', 'application/json');
$event = new MvcEvent();
$event->setError(Application::ERROR_EXCEPTION);
$event->setRequest($request);
$event->setResponse($response);
$this->listener->onRenderError($event);
$this->assertTrue($event->propagationIsStopped());
$this->assertSame($response, $event->getResponse());
$this->assertEquals(406, $response->getStatusCode());
$headers = $response->getHeaders();
$this->assertTrue($headers->has('Content-Type'));
$this->assertEquals('application/problem+json', $headers->get('content-type')->getFieldValue());
$content = json_decode($response->getContent(), true);
$this->assertArrayHasKey('status', $content);
$this->assertArrayHasKey('title', $content);
$this->assertArrayHasKey('describedBy', $content);
$this->assertArrayHasKey('detail', $content);
$this->assertEquals(406, $content['status']);
$this->assertEquals('Not Acceptable', $content['title']);
$this->assertContains('www.w3.org', $content['describedBy']);
$this->assertContains('accept', $content['detail']);
}
/**
* @param MvcEvent $e
*/
public static function onRoute(MvcEvent $e)
{
if (!$e->getRequest() instanceof HttpRequest) {
return;
}
$app = $e->getTarget();
$rbacService = $app->getServiceManager()->get('ZfcRbac\\Service\\Rbac');
$match = $app->getMvcEvent()->getRouteMatch();
$controller = $match->getParam('controller');
$action = $match->getParam('action');
$resource = sprintf('%s:%s', $controller, $action);
try {
if ($rbacService->getFirewall('controller')->isGranted($resource)) {
return;
}
} catch (InvalidArgumentException $ex) {
//if Exception, default to unauthorized
}
try {
$e->setError($rbacService::ERROR_CONTROLLER_UNAUTHORIZED)->setParam('identity', $rbacService->getIdentity())->setParam('controller', $controller)->setParam('action', $action);
$app->getEventManager()->trigger('dispatch.error', $e);
} catch (InvalidArgumentException $ex) {
return;
}
}
public function checkPermission(MvcEvent $e)
{
$params = $e->getRouteMatch()->getParams();
if (!isset($params['backend']) || !$params['backend']) {
return;
}
$serviceLocator = $e->getApplication()->getServiceManager();
$config = $serviceLocator->get('config');
if (Authentication::getInstance()->hasIdentity()) {
// Check if user has permission to access the current page
$user = Authentication::getInstance()->getIdentity();
/** @var \Acl\Service\Acl $acl */
$acl = $serviceLocator->get('Acl\\Service\\Acl');
if (!$acl->isAllowed($user->role, $params['controller'], $params['action'])) {
$e->setError(self::ERROR_FORBIDDEN);
$e->getApplication()->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $e);
}
} else {
$request = $e->getRequest();
/** @var \Zend\Http\Response $response */
$response = $e->getResponse();
$router = $e->getRouter();
$url = $router->assemble([], ['name' => $config['acl']['signin_route']]) . '?continue=' . $request->getUri()->toString();
$response->getHeaders()->addHeaderLine('Location', $url);
$response->setStatusCode(302);
return $response;
}
}
public function testOnBootstrapListenersWithHttpRequest()
{
$module = new Module();
$application = $this->createApplication();
$sm = $application->getServiceManager();
$sm->setService('FilterManager', new FilterPluginManager());
foreach ($module->getServiceConfig()['invokables'] as $key => $value) {
$sm->setInvokableClass($key, $value);
}
foreach ($module->getServiceConfig()['factories'] as $key => $value) {
$sm->setFactory($key, $value);
}
$sm->get('ViewHelperManager')->setService('bodyClass', $this->getMock(BodyClass::class));
$event = new MvcEvent();
$event->setApplication($application);
$em = $application->getEventManager();
$em->getSharedManager()->clearListeners(LayoutUpdater::class);
$module->onBootstrap($event);
$layoutUpdater = $sm->get(LayoutUpdaterInterface::class);
$this->assertEquals(['default'], $layoutUpdater->getHandles());
$mvcEvent = new MvcEvent();
$mvcEvent->setApplication($application);
$mvcEvent->setName(MvcEvent::EVENT_DISPATCH_ERROR);
$mvcEvent->setError('test-error');
$em->triggerEvent($mvcEvent);
$this->assertEquals(['default', 'test-error'], $layoutUpdater->getHandles());
}
protected function terminateEvent(MvcEvent $event, $error, \Exception $exception)
{
$eventManager = $event->getApplication()->getEventManager();
$event->setError($error);
$event->setParam('exception', $exception);
$event->stopPropagation(true);
$eventManager->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $event);
}
public function testOnError_WithApiException()
{
$event = new MvcEvent();
$event->setError("The resource doesn't support the specified HTTP verb.");
$event->setParam('exception', new MethodNotAllowedException());
$event->setResponse(new Response());
$result = $this->testedObject->onError($event);
$this->assertInstanceOf(JsonModel::class, $result);
}
public static function onRoute(MvcEvent $e)
{
$app = $e->getTarget();
$route = $e->getRouteMatch()->getMatchedRouteName();
$security = $app->getServiceManager()->get('SpiffySecurity\\Service\\Security');
if (!$security->getFirewall('route')->isGranted($route)) {
$e->setError($security::ERROR_ROUTE_UNAUTHORIZED)->setParam('identity', $security->getIdentity())->setParam('route', $route);
$app->getEventManager()->trigger('dispatch.error', $e);
}
}
public function onDispatchError(MvcEvent $e)
{
if ($e->getError() !== Zf2Application::ERROR_ROUTER_NO_MATCH) {
return;
}
$routeMatch = new RouteMatch(array());
$routeMatch->setParam('controller', 'Zf1Module\\DispatchController');
$e->setError(null);
$e->setRouteMatch($routeMatch);
return $routeMatch;
}
/**
* Capture Error converted to exception, then trigger a dispatch error
* @param MvcEvent $e
*/
public function onEvent(MvcEvent $event)
{
$exception = ErrorHandler::stop();
if ($exception instanceof \Exception) {
$event->setError(Application::ERROR_EXCEPTION);
$event->setParam('exception', $exception);
$this->getEventManager()->trigger($event::EVENT_DISPATCH_ERROR, $event);
} elseif (!$event->getError() && $event->getResponse()->getStatusCode() == 404) {
$event->setError(Application::ERROR_CONTROLLER_CANNOT_DISPATCH);
$this->getEventManager()->trigger($event::EVENT_DISPATCH_ERROR, $event);
}
}
public static function onRoute(MvcEvent $e)
{
$app = $e->getTarget();
$service = $app->getServiceManager()->get('BjyAuthorize\\Service\\Authorize');
$match = $app->getMvcEvent()->getRouteMatch();
$routeName = $match->getMatchedRouteName();
$allowed = $service->isAllowed('route/' . $routeName);
if (!$allowed) {
$e->setError('error-unauthorized-route')->setParam('route', $routeName)->setParam('identity', $service->getIdentity());
$app->getEventManager()->trigger('dispatch.error', $e);
}
}
/**
* @param MvcEvent $e
*/
public static function onRoute(MvcEvent $e)
{
if (!$e->getRequest() instanceof HttpRequest) {
return;
}
$app = $e->getTarget();
$route = $e->getRouteMatch()->getMatchedRouteName();
$rbacService = $app->getServiceManager()->get('ZfcRbac\\Service\\Rbac');
if (!$rbacService->getFirewall('route')->isGranted($route)) {
$e->setError($rbacService::ERROR_ROUTE_UNAUTHORIZED)->setParam('identity', $rbacService->getIdentity())->setParam('route', $route);
$app->getEventManager()->trigger('dispatch.error', $e);
}
}
public static function onRoute(MvcEvent $e)
{
$app = $e->getTarget();
$service = $app->getServiceManager()->get('BjyAuthorize\\Service\\Authorize');
$match = $app->getMvcEvent()->getRouteMatch();
$controller = $match->getParam('controller');
$action = $match->getParam('action');
$controllerResource = sprintf('controller/%s', $controller);
$actionResource = sprintf('controller/%s:%s', $controller, $action);
$allowed = $service->isAllowed($controllerResource) || $service->isAllowed($actionResource);
if (!$allowed) {
$e->setError('error-unauthorized-controller')->setParam('identity', $service->getIdentity())->setParam('controller', $controller)->setParam('action', $action);
$app->getEventManager()->trigger('dispatch.error', $e);
}
}
/**
*
* @param MvcEvent $event
*/
protected function triggerForbiddenEvent(MvcEvent $event)
{
$event->setError('route-forbidden');
$event->setParam('exception', new UnauthorizedException('You are forbidden!', 403));
$event->stopPropagation(true);
if ($this->hasErrorViewModel()) {
$event->setViewModel($this->errorView);
}
$response = $event->getResponse();
$response->setStatusCode(403);
$event->setResponse($response);
$application = $event->getApplication();
$eventManager = $application->getEventManager();
$eventManager->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $event);
}
public function onRoute(MvcEvent $mvcEvent)
{
$request = $mvcEvent->getRequest();
$response = $mvcEvent->getResponse();
/**
* If it's a CLI request - return.
*/
if ($request instanceof \Zend\Console\Request) {
return;
}
$app = $mvcEvent->getApplication();
$match = $app->getMvcEvent()->getRouteMatch();
$routeName = $match->getMatchedRouteName();
$method = strtolower($request->getMethod());
if (!$this->acl->hasResource($routeName)) {
return;
}
$role = null;
/**
* Infer that if :
* 1. the request is protected under 2 legged oauth,
* then it is a 2 legged oauth request
* 2. the request is protected under 3 legged oauth,
* then it is a 3 legged oauth request
* 3. otherwise it is not protected
*/
if ($this->acl->isAllowed(BgOauthProviderAcl::TWO_LEGGED, $routeName, $method)) {
$role = BgOauthProviderAcl::TWO_LEGGED;
$this->oauthProvider->is2LeggedEndpoint();
} elseif ($this->acl->isAllowed(BgOauthProviderAcl::THREE_LEGGED, $routeName, $method)) {
$role = BgOauthProviderAcl::THREE_LEGGED;
} else {
return;
}
try {
$this->oauthProvider->checkOAuthRequest();
} catch (\OAuthException $e) {
$error = \OAuthProvider::reportProblem($e, false);
$response->setStatusCode(Response::STATUS_CODE_401);
$response->setContent($error);
$response->getHeaders()->addHeaders(array('WWW-Authenticate' => $error));
$mvcEvent->setError(self::ERROR);
$mvcEvent->getApplication()->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $mvcEvent);
return $response;
}
//Success!
}
/**
* Listen to the "route" event and attempt to route the request
*
* If no matches are returned, triggers "dispatch.error" in order to
* create a 404 response.
*
* Seeds the event with the route match on completion.
*
* @param MvcEvent $e
* @return null|Router\RouteMatch
*/
public function onRoute($e)
{
$target = $e->getTarget();
$request = $e->getRequest();
$router = $e->getRouter();
$routeMatch = $router->match($request);
if (!$routeMatch instanceof Router\RouteMatch) {
$e->setError(Application::ERROR_ROUTER_NO_MATCH);
$results = $target->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $e);
if (count($results)) {
return $results->last();
}
return $e->getParams();
}
$e->setRouteMatch($routeMatch);
return $routeMatch;
}
public static function onRoute(MvcEvent $e)
{
$app = $e->getTarget();
$security = $app->getServiceManager()->get('SpiffySecurity\\Service\\Security');
$match = $app->getMvcEvent()->getRouteMatch();
$controller = $match->getParam('controller');
$action = $match->getParam('action');
$resource = sprintf('%s:%s', $controller, $action);
try {
if (!$security->getFirewall('controller')->isGranted($resource)) {
$e->setError($security::ERROR_CONTROLLER_UNAUTHORIZED)->setParam('identity', $security->getIdentity())->setParam('controller', $controller)->setParam('action', $action);
$app->getEventManager()->trigger('dispatch.error', $e);
}
} catch (\InvalidArgumentException $e) {
return;
}
}
/**
* @param MvcEvent $event
*/
public function checkDeactivatedUser(MvcEvent $event)
{
$routeName = $event->getRouteMatch()->getMatchedRouteName();
$allowedRoutes = ['auth-logout'];
// do nothing for allowed routes
if (in_array($routeName, $allowedRoutes)) {
return;
}
$auth = $event->getApplication()->getServiceManager()->get('AuthenticationService');
// check for inactive user
if ($auth->hasIdentity() && !$auth->getUser()->isActive()) {
// set event error & throw dispach error
$event->setError('User inactive');
$event->setParam('exception', new UserDeactivatedException());
return $event->getTarget()->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $event)->last();
}
}
/**
* Event callback to be triggered on dispatch, causes application error triggering
* in case of failed authorization check
*
* @param MvcEvent $event
*
* @return void
*/
public function onRoute(MvcEvent $event)
{
/* @var $service \BjyAuthorize\Service\Authorize */
$service = $this->serviceLocator->get('BjyAuthorize\\Service\\Authorize');
$match = $event->getRouteMatch();
$routeName = $match->getMatchedRouteName();
if ($service->isAllowed('route/' . $routeName)) {
return;
}
$event->setError(static::ERROR);
$event->setParam('route', $routeName);
$event->setParam('identity', $service->getIdentity());
$event->setParam('exception', new UnauthorizedException('You are not authorized to access ' . $routeName));
/* @var $app \Zend\Mvc\Application */
$app = $event->getTarget();
$app->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $event);
}
/**
* @param MvcEvent $e
*
* @return mixed
*/
public function handleNotAllowed(MvcEvent $e)
{
// is this user authenticated?
if (!$this->getCurrentUser()->isNull()) {
// not allowed to this route by the ACL
$app = $e->getTarget();
$route = $e->getRouteMatch();
$e->setError(self::ACL_ACCESS_DENIED)->setParam('route', $route->getMatchedRouteName());
$app->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $e);
return;
}
// redirect to login
if ($e->getRouteMatch()->getMatchedRouteName() == UserController::ROUTE_LOGIN) {
// prevent infinite loop
return $this->triggerStatus($e, Response::STATUS_CODE_403);
}
return $this->redirectTo($e, UserController::ROUTE_LOGIN);
}
public function testOnDispatchErrorReturnsAnApiProblemResponseBasedOnCurrentEventException()
{
$request = new Request();
$request->getHeaders()->addHeaderLine('Accept', 'application/json');
$event = new MvcEvent();
$event->setError(Application::ERROR_EXCEPTION);
$event->setParam('exception', new DomainException('triggering exception', 400));
$event->setRequest($request);
$return = $this->listener->onDispatchError($event);
$this->assertTrue($event->propagationIsStopped());
$this->assertInstanceOf('ZF\\ApiProblem\\ApiProblemResponse', $return);
$response = $event->getResponse();
$this->assertSame($return, $response);
$problem = $response->getApiProblem();
$this->assertInstanceOf('ZF\\ApiProblem\\ApiProblem', $problem);
$this->assertEquals(400, $problem->status);
$this->assertSame($event->getParam('exception'), $problem->detail);
}
/**
* @param \Zend\Mvc\MvcEvent $event The MvcEvent instance
*/
public function onRoute(MvcEvent $event)
{
$app = $event->getApplication();
$serviceManager = $app->getServiceManager();
$matches = $event->getRouteMatch();
if ($this->isAdminRoute($matches->getMatchedRouteName())) {
/** @var AuthenticationServiceInterface $authenticationService */
$authenticationService = $serviceManager->get('Zend\\Authentication\\AuthenticationService');
if (!$authenticationService->hasIdentity()) {
$url = $event->getRouter()->assemble(array(), array('name' => 'admin/login', 'query' => array('destination' => $event->getRequest()->getRequestUri())));
/** @var ResponseInterface $response */
$response = $event->getResponse();
$response->getHeaders()->addHeaderLine('Location', $event->getRequest()->getBaseUrl() . $url);
$response->setStatusCode(302);
$response->sendHeaders();
$event->setError('Login required');
}
}
}
/**
* Create an exception json view model, and set the HTTP status code
*
* @todo dispatch.error does not halt dispatch unless a response is
* returned. As such, we likely need to trigger rendering as a low
* priority dispatch.error event (or goto a render event) to ensure
* rendering occurs, and that munging of view models occurs when
* expected.
* @param MvcEvent $e
* @return void
*/
public function prepareExceptionViewModel(MvcEvent $e)
{
// Do nothing if no error in the event
if (!($error = $e->getError())) {
return;
}
// Do nothing if the result is a response object
$result = $e->getResult();
if ($result instanceof Response) {
return;
}
if ($error != Application::ERROR_EXCEPTION) {
return;
}
if (!$e->getRequest() instanceof Request) {
return;
}
$accept = $e->getRequest()->getHeaders()->get('Accept');
if (!($accept && $accept->match('application/json'))) {
return;
}
if (!($exception = $e->getParam('exception'))) {
return;
}
$modelData = $this->serializeException($exception);
$e->setResult(new JsonModel($modelData));
$e->setError(false);
$response = $e->getResponse();
if (!$response) {
$response = new HttpResponse();
$e->setResponse($response);
}
$status = $response->getStatusCode();
if (isset($modelData['statusCode']) && !empty($modelData['statusCode'])) {
$response->setStatusCode($modelData['statusCode']);
} else {
if (empty($status) || strval($status)[0] == '2') {
$response->setStatusCode(500);
}
}
$response->getHeaders()->addHeaders([$accept, ContentType::fromString('Content-type: application/api-problem+json')]);
}
public function onRoute(MvcEvent $event)
{
$err = RouteGuard::ERROR;
$service = $this->serviceLocator->get('BjyAuthorize\\Service\\Authorize');
/* @var $match \Zend\Mvc\Router\RouteMatch */
$match = $event->getRouteMatch();
$routeName = $match->getMatchedRouteName();
$privilege = $match->getParam('xelax_admin_privilege');
$privilegeParts = explode('/', $privilege);
if (empty($privilege) || array_pop($privilegeParts) == 'subroute' || $service->isAllowed('xelax-route/' . $routeName, $privilege)) {
return;
}
$event->setError($err);
$event->setParam('route', $routeName);
$event->setParam('identity', $service->getIdentity());
$event->setParam('exception', new UnAuthorizedException('You are not authorized to access ' . $routeName));
/* @var $app \Zend\Mvc\Application */
$app = $event->getTarget();
$app->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $event);
}
public function onRoute(\Zend\Mvc\MvcEvent $e)
{
$request = $e->getRequest();
if ($request instanceof \Zend\Console\Request) {
// Do not check ACL for console user
return;
}
$resource = $e->getRouteMatch()->getParam('resource', null);
$privilege = $e->getRouteMatch()->getParam('privilege', null);
if (!$this->acl->hasResource($resource)) {
// Do something if current resource doesn't exist (not registered)
}
if ($this->acl->isAllowed($this->getRole(), $resource, $privilege)) {
return;
}
// setForbiddenAccess
$e->setError('Forbidden Access');
$e->getResponse()->setStatusCode(403);
$e->getTarget()->getEventManager()->trigger('dispatch.error', $e);
}
/**
* Listen to the "route" event and attempt to route the request
*
* If no matches are returned, triggers "dispatch.error" in order to
* create a 404 response.
*
* Seeds the event with the route match on completion.
*
* @param MvcEvent $e
* @return null|Router\RouteMatch
*/
public function onRoute($e)
{
$target = $e->getTarget();
$request = $e->getRequest();
$router = $e->getRouter();
$routeMatch = $router->match($request);
if (!$routeMatch instanceof Router\RouteMatch) {
$e->setError($target::ERROR_ROUTER_NO_MATCH);
$results = $target->events()->trigger('dispatch.error', $e);
if (count($results)) {
$return = $results->last();
} else {
$return = $e->getParams();
}
return $return;
}
$e->setRouteMatch($routeMatch);
return $routeMatch;
}
/**
* @param MvcEvent $e
*/
public function onBootstrap(MvcEvent $e)
{
ini_set('display_errors', 'off');
$errorCallback = function () use($e) {
// Fetching the error's information
$error = error_get_last() ?: func_get_args();
$error = array_values($error);
if (!$error) {
return;
}
// Create exception ans associated event
$exception = new ErrorException($error[1], 0, $error[0], $error[2], $error[3], isset($error[4]) && $error[4] instanceof \Exception ? $error[4] : null);
$e->setParam('exception', $exception);
$e->setError(Application::ERROR_EXCEPTION);
$e->setName(MvcEvent::EVENT_RENDER_ERROR);
/** @var Application $application */
$application = $e->getApplication();
$application->getEventManager()->triggerEvent($e);
};
// Set error handlers
set_error_handler($errorCallback, \E_ALL);
register_shutdown_function($errorCallback);
}
/**
* Event callback to be triggered on dispatch, causes application error triggering
* in case of failed authorization check
*
* @param MvcEvent $event
*
* @return void
*/
public function onDispatch(MvcEvent $event)
{
/* @var $service \BjyAuthorize\Service\Authorize */
$service = $this->serviceLocator->get('BjyAuthorize\\Service\\Authorize');
$match = $event->getRouteMatch();
$controller = $match->getParam('controller');
$action = $match->getParam('action');
$request = $event->getRequest();
$method = $request instanceof HttpRequest ? strtolower($request->getMethod()) : null;
$authorized = $service->isAllowed($this->getResourceName($controller)) || $service->isAllowed($this->getResourceName($controller, $action)) || $method && $service->isAllowed($this->getResourceName($controller, $method));
if ($authorized) {
return;
}
$event->setError(static::ERROR);
$event->setParam('identity', $service->getIdentity());
$event->setParam('controller', $controller);
$event->setParam('action', $action);
$errorMessage = sprintf("You are not authorized to access %s:%s", $controller, $action);
$event->setParam('exception', new UnAuthorizedException($errorMessage));
/* @var $app \Zend\Mvc\ApplicationInterface */
$app = $event->getTarget();
$app->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $event);
}
public function onDispatch(MvcEvent $event)
{
$app = $event->getTarget();
$aclService = $this->serviceLocator->get('CivAccess\\AclService');
$authService = $this->serviceLocator->get('CivAccess\\AuthService');
$match = $event->getRouteMatch();
$resource = $match->getParam('controller');
$privilege = $match->getParam('action');
// Check access.
$role = $authService->hasIdentity() ? (string) $authService->getIdentity()->getId() : 'guest';
$authorized = $aclService->isAllowed($role, $resource, $privilege);
// If authorized, no action is required.
if ($authorized) {
return;
}
// If not authorized, setup an exception and trigger a dispatch error.
$errorMessage = sprintf("You are not authorized to access %s:%s", $resource, $privilege);
$event->setError(static::ERROR);
$event->setParam('role', $role);
$event->setParam('resource', $resource);
$event->setParam('privilege', $privilege);
$event->setParam('exception', new UnAuthorizedException($errorMessage));
$app->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $event);
}
public function handleError(MvcEvent $e)
{
if ($e->getError() == Application::ERROR_ROUTER_NO_MATCH) {
return;
}
if ($e->getError() == Application::ERROR_EXCEPTION) {
$translator = $e->getApplication()->getServiceManager()->get('translator');
$exception = $e->getParam('exception');
if ($exception instanceof BusinessException) {
// translate
$status = intval($exception->getCode());
$messsage = $translator->translate($exception->getMessage());
} else {
$status = 999;
if (isset($_SERVER['APPLICATION_ENV']) && $_SERVER['APPLICATION_ENV'] == 'development') {
$messsage = $exception->getMessage();
} else {
$messsage = '对不起, 系统出错了...';
}
}
/* @var $request \Zend\Http\Request */
$request = $e->getRequest();
$response = $e->getResponse();
if ($request->isXmlHttpRequest()) {
// change status code from 500 to 200
$response->setStatusCode(200);
$response->getHeaders()->addHeaders(array('Content-type' => 'application/json; charset=utf8'));
$json = new JsonModel();
$json->setVariables(array('status' => $status, 'message' => $messsage, 'content' => array()));
$json->setTerminal(false);
$e->setViewModel($json);
// mute other default exception handler
$e->setError(false);
}
}
}
