/**
* Before advice for all methods annotated with "@Flow\Session(autoStart=true)".
* Those methods will trigger a session initialization if a session does not exist
* yet.
*
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current join point
* @return void
* @fixme The pointcut expression below does not consider the options of the session annotation – needs adjustments in the AOP framework
* @Flow\Before("methodAnnotatedWith(TYPO3\Flow\Annotations\Session)")
*/
public function initializeSession(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
if ($this->session->isStarted() === TRUE) {
return;
}
$objectName = $this->objectManager->getObjectNameByClassName(get_class($joinPoint->getProxy()));
$methodName = $joinPoint->getMethodName();
$this->systemLogger->log(sprintf('Session initialization triggered by %s->%s.', $objectName, $methodName), LOG_DEBUG);
$this->session->start();
}
/**
* Hooks into the editable viewhelper to render those attributes needed for the package's inline editing
*
* @Flow\Around("method(TYPO3\Neos\Service\ContentElementEditableService->wrapContentProperty())")
* @param JoinPointInterface $joinPoint the join point
* @return mixed
*/
public function editableElementAugmentation(JoinPointInterface $joinPoint)
{
if (!$this->session->isStarted() || !$this->session->getData('__neosEnabled__')) {
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
$property = $joinPoint->getMethodArgument('property');
$node = $joinPoint->getMethodArgument('node');
$content = $joinPoint->getAdviceChain()->proceed($joinPoint);
$attributes = ['data-__neos-property' => $property];
if ($node !== null) {
$attributes += ['data-__neos-editable-node-contextpath' => $node->getContextPath()];
}
return $this->htmlAugmenter->addAttributes($content, $attributes, 'span');
}
/**
* Returns the specified session. If no session with the given identifier exists,
* NULL is returned.
*
* @param string $sessionIdentifier The session identifier
* @return \TYPO3\Flow\Session\Session
* @api
*/
public function getSession($sessionIdentifier)
{
if ($this->currentSession !== NULL && $this->currentSession->isStarted() && $this->currentSession->getId() === $sessionIdentifier) {
return $this->currentSession;
}
if (isset($this->remoteSessions[$sessionIdentifier])) {
return $this->remoteSessions[$sessionIdentifier];
}
if ($this->metaDataCache->has($sessionIdentifier)) {
$sessionInfo = $this->metaDataCache->get($sessionIdentifier);
$this->remoteSessions[$sessionIdentifier] = new Session($sessionIdentifier, $sessionInfo['storageIdentifier'], $sessionInfo['lastActivityTimestamp'], $sessionInfo['tags']);
return $this->remoteSessions[$sessionIdentifier];
}
}
/**
* Shows the specified node and takes visibility and access restrictions into
* account.
*
* @param NodeInterface $node
* @return string View output for the specified node
* @Flow\SkipCsrfProtection We need to skip CSRF protection here because this action could be called with unsafe requests from widgets or plugins that are rendered on the node - For those the CSRF token is validated on the sub-request, so it is safe to be skipped here
* @Flow\IgnoreValidation("node")
* @throws NodeNotFoundException
*/
public function showAction(NodeInterface $node = NULL)
{
if ($node === NULL) {
throw new NodeNotFoundException('The requested node does not exist or isn\'t accessible to the current user', 1430218623);
}
if (!$node->getContext()->isLive() && !$this->privilegeManager->isPrivilegeTargetGranted('TYPO3.Neos:Backend.GeneralAccess')) {
$this->redirect('index', 'Login', NULL, array('unauthorized' => TRUE));
}
$inBackend = $node->getContext()->isInBackend();
if ($node->getNodeType()->isOfType('TYPO3.Neos:Shortcut') && !$inBackend) {
$this->handleShortcutNode($node);
}
$this->view->assign('value', $node);
if ($inBackend) {
$this->overrideViewVariablesFromInternalArguments();
/** @var UserInterfaceMode $renderingMode */
$renderingMode = $node->getContext()->getCurrentRenderingMode();
$this->response->setHeader('Cache-Control', 'no-cache');
if ($renderingMode !== NULL) {
// Deprecated TypoScript context variable from version 2.0.
$this->view->assign('editPreviewMode', $renderingMode->getTypoScriptPath());
}
if (!$this->view->canRenderWithNodeAndPath()) {
$this->view->setTypoScriptPath('rawContent');
}
}
if ($this->session->isStarted() && $inBackend) {
$this->session->putData('lastVisitedNode', $node->getContextPath());
}
}
/**
* @param \Peytz\Vote\Domain\Model\Vote $newVote
* @return void
*/
public function registerAction(Vote $newVote)
{
if (!$this->session->isStarted()) {
$this->session->start();
}
/** @var \Peytz\Vote\Domain\Model\Vote $vote */
if ($vote = $this->voteRepository->findOneBySession($this->session->getId())) {
$vote->setDate(new \DateTime());
$vote->setValue($newVote->getValue());
$this->voteRepository->update($vote);
} else {
$newVote->setDate(new \DateTime());
$newVote->setSession($this->session->getId());
$this->voteRepository->add($newVote);
}
$this->session->putData('hasVoted', true);
$this->addFlashMessage('Vote registered.');
$this->redirect('index');
}
/**
*
* @param string $workspaceName
* @return NodeInterface
*/
protected function getLastVisitedNode($workspaceName)
{
if (!$this->session->isStarted() || !$this->session->hasKey('lastVisitedNode')) {
return null;
}
try {
$lastVisitedNode = $this->propertyMapper->convert($this->session->getData('lastVisitedNode'), NodeInterface::class);
$q = new FlowQuery([$lastVisitedNode]);
$lastVisitedNodeUserWorkspace = $q->context(['workspaceName' => $workspaceName])->get(0);
return $lastVisitedNodeUserWorkspace;
} catch (\Exception $exception) {
return null;
}
}
/**
* Logout all active authentication tokens
*
* @return void
*/
public function logout()
{
if ($this->isAuthenticated() !== TRUE) {
return;
}
$this->isAuthenticated = NULL;
/** @var $token TokenInterface */
foreach ($this->securityContext->getAuthenticationTokens() as $token) {
$token->setAuthenticationStatus(TokenInterface::NO_CREDENTIALS_GIVEN);
}
$this->emitLoggedOut();
if ($this->session->isStarted()) {
$this->session->destroy('Logout through AuthenticationProviderManager');
}
}
/**
* Validate the Captcha in the current request by asking the recaptcha server.
* For this to work, the form of the current request has to contain the <x:recaptcha /> template
* function.
* @param string $challenge The challenge that was given by recaptcha
* @param string $response The response the user put in
* @param boolean $remember Optional. If true, the correctly solved captcha is remembered and the
* user does not have to fill it out again. Remember to use invalidate() in this case!
* @return mixed Boolean true on success, the localized error string on failure (check with ===).
*/
public function validate($challenge, $response, $remember = false)
{
if (!$this->session->isStarted()) {
$this->session->start();
}
if ($remember && $this->isRemembered()) {
return true;
}
if (empty($response)) {
return "Please type in the confirmation code!";
}
// Check via recaptcha lib
require_once "resource://TYPO3.Recaptcha/PHP/recaptchalib.php";
$remoteAddress = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : NULL;
$resp = Ext\recaptcha_check_answer($this->settings["security"]["privateKey"], $remoteAddress, $challenge, $response);
if (!$resp->is_valid) {
return $this->decodeError($resp->error);
}
// remember if we want to remember
if ($remember) {
$this->session->putData("recaptcha_timestamp", time());
}
return true;
}
public function enableNewBackend()
{
return $this->session->isStarted() && $this->session->getData('__cheEnabled__');
}
