/** * Creates an entity as an array that you can submit as if you used a form * * @param string $argumentName the name * @param Object $persistedEntity the Entity that you'd like to create this argument from * @param array $customProperties the properties to set if wished * @param array $additionalTrustedProperties more properties to be trusted * @return array the argument you can then submit */ public function getSubmitArgumentsForPersistedEntity($argumentName, $persistedEntity, $customProperties = array(), $additionalTrustedProperties = array()) { $arguments = array($argumentName => $this->getIdentityArgumentFromPersistedEntity($persistedEntity)); $propertyNamesForMappingService = array($argumentName . '[__identity]') + $additionalTrustedProperties; // set the properties foreach ($customProperties as $propertyName => $propertyValue) { $arguments[$argumentName][$propertyName] = $propertyValue; $propertyNamesForMappingService[] = $argumentName . '[' . $propertyName . ']'; } $propertyNamesForMappingService[] = ''; // add __trustedProperties $arguments['__trustedProperties'] = $this->mvcPropertyMappingConfigurationService->generateTrustedPropertiesToken($propertyNamesForMappingService, ''); // add __csrfToken $arguments['__csrfToken'] = $this->securityContext->getCsrfProtectionToken(); return $arguments; }
/** * Handles a request. The result output is returned by altering the given response. * * @param \TYPO3\Flow\Mvc\RequestInterface $request The request object * @param \TYPO3\Flow\Mvc\ResponseInterface $response The response, modified by this handler * @return void * @throws \TYPO3\Flow\Mvc\Exception\UnsupportedRequestTypeException * @api */ public function processRequest(\TYPO3\Flow\Mvc\RequestInterface $request, \TYPO3\Flow\Mvc\ResponseInterface $response) { $this->initializeController($request, $response); $this->actionMethodName = $this->resolveActionMethodName(); $this->initializeActionMethodArguments(); $this->initializeActionMethodValidators(); $this->mvcPropertyMappingConfigurationService->initializePropertyMappingConfigurationFromRequest($this->request, $this->arguments); $this->initializeAction(); $actionInitializationMethodName = 'initialize' . ucfirst($this->actionMethodName); if (method_exists($this, $actionInitializationMethodName)) { call_user_func(array($this, $actionInitializationMethodName)); } $this->mapRequestArgumentsToControllerArguments(); if ($this->view === NULL) { $this->view = $this->resolveView(); } if ($this->view !== NULL) { $this->view->assign('settings', $this->settings); $this->view->setControllerContext($this->controllerContext); $this->initializeView($this->view); } $this->callActionMethod(); }
/** * Render the request hash field * * @return string the hmac field */ protected function renderTrustedPropertiesField() { $formFieldNames = $this->viewHelperVariableContainer->get('TYPO3\\Fluid\\ViewHelpers\\FormViewHelper', 'formFieldNames'); $requestHash = $this->mvcPropertyMappingConfigurationService->generateTrustedPropertiesToken($formFieldNames, $this->getFieldNamePrefix()); return '<input type="hidden" name="' . $this->prefixFieldName('__trustedProperties') . '" value="' . htmlspecialchars($requestHash) . '" />' . chr(10); }