/** * @throws SecurityException */ public function run() { $route = Service::get('route'); $routes = $route->testUri(); if (!empty($routes['security'])) { //check authorization on security pages $session = Service::get('session'); $user = $session->get('user'); if (!empty($user)) { if ($user->role == 'ROLE_ADMIN') { } else { throw new SecurityException('You are not allowed posts adding', Service::get('route')->buildRoute('home')); } } else { throw new SecurityException('Authorization Required', Service::get('route')->buildRoute($this->config['security']['login_route'])); } } try { if (!empty($routes)) { if (class_exists($routes['controller'])) { $controller = $routes['controller']; $response = $this->generateResponseCtrl($controller, $routes['action'], $routes); if ($response instanceof ResponseInterface) { if ($response->type == 'html') { $content['content'] = $response->getContent(); $content['flush'] = Service::get('session')->getFlushMessage(); $renderer = new Renderer(); $response = new Response($renderer->render($this->config['main_layout'], $content)); } } else { throw new HttpNotFoundException('Bad response', 404); } } else { throw new HttpNotFoundException('Controller not found', 404); } } else { throw new HttpNotFoundException('Route not found', 404); } } catch (HttpNotFoundException $e) { $renderer = new Renderer(); $response = new Response($renderer->render($this->config['error_500'], array('message' => $e->getMessage(), 'code' => $e->getCode()))); $response = new Response($renderer->render($this->config['main_layout'], array('content' => $response->getContent(), 'flush' => Service::get('session')->getFlushMessage()))); } catch (DatabaseException $e) { $renderer = new Renderer(); $response = new Response($renderer->render($this->config['error_500'], array('message' => $e->getMessage(), 'code' => $e->getCode()))); } $response->send(); }
/** * Method initiates the application's work * * @throws AccessException */ public function run() { Service::get('security')->generateToken(); try { if (!Service::get('security')->checkToken()) { throw new AccessException('tokens aren\'t the same'); } //gets necessary information from Router $route = Service::get('router')->start(); // if there are restrictions of rights, will check user's rights if (!empty($route['security'])) { $user = Service::get('session')->get('user'); if (is_object($user)) { if (array_search($user->getRole(), $route['security']) === false) { throw new AccessException('access denied'); } } else { Service::get('session')->setReturnUrl(Service::get('router')->buildRoute($route['_name'])); $redirect = new ResponseRedirect(Service::get('router')->buildRoute($this->config['security']['login_route'])); $redirect->send(); } } $this->savePathToView($route['controller']); Service::get('session')->setReturnUrl(Service::get('request')->getRequestInfo('uri')); $vars = null; if (!empty($route['vars'])) { $vars = $route['vars']; } $response = $this->startController($route['controller'], $route['action'], $vars); } catch (AccessException $e) { echo $e->getMessage(); die; } catch (HttpNotFoundException $e) { $redirect = new ResponseRedirect(Service::get('router')->buildRoute('/')); $redirect->send(); } catch (ServerErrorException $e) { $renderer = new Renderer($e->layout, array('message' => $e->message, 'code' => $e->code)); $response = new Response($renderer->render()); $response->send(); die; } if ($response->getType() == 'html') { $flush = Service::get('session')->get('flush') ? Service::get('session')->get('flush') : array(); Service::get('session')->delFromSess('flush'); $content['content'] = $response->getContent(); $content['flush'] = $flush; $renderer = new Renderer($this->config['main_layout'], $content); $response = new Response($renderer->render()); } $response->send(); }
public function run() { ServiceContainer::get('security')->generateToken(); try { if (!ServiceContainer::get('security')->checkToken()) { die('Invalid token'); } $map = $this->config['routes']; ServiceContainer::set('route', new Router($map)); $match_route = ServiceContainer::get('route'); $route = $match_route->findRoute(); if (!empty($route['security'])) { $user = ServiceContainer::get('session')->get('authenticated'); if (!empty($user->user_role) != 'ROLE_USER') { $msg = 'Access denied, please login to your account!'; $fsg = ServiceContainer::get('session'); $fsg->setFlush('error', $msg); $redirect = new ResponseRedirect(ServiceContainer::get('route')->buildRoute('security_signin')); $redirect->send(); } } if (class_exists($route['controller'])) { $controller = $route['controller']; $action = $route['action']; $vars = NULL; if (!empty($route['vars'])) { $vars = $route['vars']; } $response = $this->startController($controller, $action, $vars); } else { throw new HttpNotFoundException(); } } catch (HttpNotFoundException $e) { $error_layout = $this->config['not_found']; $renderer = new Renderer($error_layout, array('message' => $e->getMessage(), 'code' => $e->getCode())); $response = new Response($renderer->render()); } $flush = ServiceContainer::get('session')->get('flush') ? ServiceContainer::get('session')->get('flush') : array(); ServiceContainer::get('session')->unsetSession('flush'); if ($response instanceof Response) { if ($response->getType() == 'html') { $view = $this->config['main_layout']; $renderer = new Renderer($view, array('content' => $response->getContent(), 'flush' => $flush)); $wrapped = $renderer->render(); $response = new Response($wrapped); $response->send(); } elseif ($response->getType() == 'json') { $response = new ResponseJson(); $response->send(); } } }
public function run() { Service::get('security')->generateToken(); if (!Service::get('security')->checkToken()) { die('Token not exist'); } $map = $this->config['routes']; Service::set('route', new Router($map)); $match_route = Service::get('route'); $route = $match_route->findRoute(); if (!empty($route['security'])) { $user = Service::get('session')->get('authenticated'); if (is_object($user)) { $user_role = get_object_vars($user); } if (!empty($user_role['role'] !== 'ROLE_ADMIN')) { $msg = 'Access Denied! Only the administrator can create new posts.'; $fsg = Service::get('session'); $fsg->setFlush('error', $msg); $redirect = new ResponseRedirect(Service::get('route')->buildRoute($this->config['security']['login_route'])); $redirect->send(); } } try { if (class_exists($route['controller'])) { $controller = new $route['controller'](); $action = $route['action'] . 'Action'; if (isset($route['vars'])) { $vars = $route['vars']; } $controller_reflection = new \ReflectionClass($route['controller']); if ($controller_reflection->hasMethod($action)) { $method = new \ReflectionMethod($controller, $action); $params = $method->getParameters(); if (empty($params)) { $response = $method->invoke(new $controller()); } else { $response = $method->invokeArgs(new $controller(), $vars); } } } else { throw new HttpNotFoundException('Oops, Not Found', 404); } } catch (HttpNotFoundException $e) { $error_layout = $this->config['error_500']; $renderer = new Renderer($error_layout, array('message' => $e->getMessage(), 'code' => $e->getCode())); $response = new Response($renderer->render()); } $flush = Service::get('session')->get('flush') ? Service::get('session')->get('flush') : array(); Service::get('session')->unsetSession('flush'); Service::get('session')->setReturnUrl(Service::get('request')->getRequestInfo('uri')); try { if ($response instanceof Response) { if ($response->type == 'html') { $view = $this->config['main_layout']; $renderer = new Renderer($view, array('content' => $response->getContent(), 'flush' => $flush)); $wrapped = $renderer->render(); $response = new Response($wrapped); } $response->send(); } else { throw new BadResponseException('Bad response', 500); } } catch (BadResponseException $e) { echo $e->getMessage(); } }