Exemplo n.º 1
0
/**
 * Return the Minimum Access for the section
 * @return string
 */
function zbase_auth_minimum()
{
    if (zbase_is_back()) {
        if (zbase_route_username()) {
            return zbase_route_username_minimum_access();
        }
        return zbase_config_get('auth.access.minimum.back', 'admin');
    }
    return zbase_config_get('auth.access.minimum.front', 'guest');
}
Exemplo n.º 2
0
/**
 * Create a route
 * @param string $name The Route Name
 * @param array $route The Route configuration
 * @return Response
 */
function zbase_route_response($name, $route)
{
    if (!empty(zbase_is_maintenance())) {
        return zbase_response(view(zbase_view_file('maintenance')));
    }
    $redirect = zbase_value_get($route, 'redirect', false);
    if (!empty($redirect)) {
        return redirect()->to($redirect);
    }
    $response = zbase_value_get($route, 'response', false);
    if (!empty($response)) {
        return $response;
    }
    /**
     * If we are using username in routes,
     * 	we have to check if the username exists in DB.
     * 	This is checked in zbase_route_username_get()
     * 	if the zbase_route_username_get() returns false, means
     * 	that the route is not a username or username didn't exists.
     * 	Here we check against all other Routes  if the prefix is in our
     * 	list of routes, if not found, throw NotFoundHttpException
     */
    $useUsernameRoute = zbase_route_username();
    $usernameRoute = zbase_route_username_get();
    $usernameRouteCheck = zbase_data_get($route, 'usernameRouteCheck', true);
    if (empty($usernameRouteCheck)) {
        /**
         * Will not check for username route
         */
        $useUsernameRoute = false;
    }
    //if($usernameRoute === false && !empty($useUsernameRoute))
    if ($name == 'index' && zbase_auth_has() && !empty($useUsernameRoute)) {
        return redirect()->to('/' . zbase_auth_real()->username);
    }
    if ($usernameRoute === false && !empty($useUsernameRoute)) {
        $uri = zbase_url_uri();
        $adminKey = zbase_admin_key();
        if (!empty($uri)) {
            $uriEx = explode('/', $uri);
            if (!empty($uriEx)) {
                foreach ($uriEx as $uriV) {
                    if (!empty($uriV)) {
                        /**
                         * If it isn't an admin key, check it against given Routes
                         */
                        if ($uriV !== $adminKey) {
                            $routes = zbase_config_get('routes', []);
                            if (!empty($routes)) {
                                foreach ($routes as $rName => $r) {
                                    if (!empty($r['enable']) && !empty($r['url'])) {
                                        $urlEx = explode('/', $r['url']);
                                        if (!empty($urlEx)) {
                                            foreach ($urlEx as $urlExV) {
                                                if (!empty($urlExV)) {
                                                    if ($uriV == $urlExV) {
                                                        /**
                                                         * Found it, valid URL
                                                         */
                                                        $validUrlPrefix = true;
                                                    }
                                                    /**
                                                     * Will deal only with the first not empty value so break it.
                                                     */
                                                    break;
                                                }
                                            }
                                        }
                                    }
                                    if (!empty($validUrlPrefix)) {
                                        /**
                                         * Found it, break it
                                         */
                                        $name = $rName;
                                        $route = $r;
                                        break;
                                    }
                                }
                            }
                        } else {
                            return redirect(zbase_url_from_route('home'));
                        }
                        /**
                         * Will deal only with the first not empty value so break it.
                         */
                        break;
                    }
                }
                if (empty($validUrlPrefix)) {
                    /**
                     * Only if routeName is not the index
                     */
                    if ($name != 'index') {
                        // $response = new \Zbase\Exceptions\NotFoundHttpException();
                        // return $response->render(zbase_request(), $response);
                    }
                }
            }
        }
    }
    $usernameRoutePrefix = zbase_route_username_prefix();
    $originalRouteName = str_replace($usernameRoutePrefix, '', $name);
    zbase()->setCurrentRouteName($name);
    $guest = true;
    $authed = false;
    $guestOnly = false;
    $middleware = !empty($route['middleware']) ? $route['middleware'] : false;
    $backend = !empty($route['backend']) ? $route['backend'] : false;
    if ($name == 'password-reset' && zbase_auth_has()) {
        \Auth::guard()->logout();
        return redirect(zbase_url_from_current());
    }
    if (!empty($backend)) {
        //		zbase_in_back();
    }
    if (preg_match('/\\?usernameroute/', zbase_url_uri()) > 0 && !empty($useUsernameRoute) && zbase_auth_has()) {
        return redirect()->to('/' . zbase_auth_user()->username() . '/home');
    }
    if (!empty($useUsernameRoute) && zbase_auth_has() && $usernameRoute != zbase_auth_user()->username()) {
        return redirect(zbase_url_from_route($originalRouteName, [$usernameRoutePrefix => zbase_auth_user()->username()]));
    }
    if (!empty($middleware)) {
        if (is_array($middleware)) {
            $access = isset($middleware['access']) ? $middleware['access'] : false;
            if (!empty($access) && is_array($access)) {
                if (!zbase_auth_has()) {
                    zbase_session_set('__loginRedirect', zbase_url_from_current());
                    return redirect(zbase_url_from_route('login'));
                }
                if (zbase_auth_has() && !zbase_auth_is($access)) {
                    return zbase_abort(401, ucfirst($access) . ' is needed to access the page.');
                }
            } else {
                $guest = isset($middleware['guest']) ? $middleware['guest'] : false;
                $authed = isset($middleware['auth']) ? $middleware['auth'] : false;
                $adminAuthed = isset($middleware['admin']) ? $middleware['admin'] : false;
                if ($adminAuthed) {
                    $authed = true;
                }
                $guestOnly = isset($middleware['guestOnly']) ? $middleware['guestOnly'] : false;
            }
        }
    }
    if (empty($access)) {
        if (!empty($backend)) {
            if (!empty($usernameRoute)) {
                /**
                 * If user is loggedIn and this is admin side and this is not logIn page,
                 * redirect to users dashboard.
                 * User can only access his own dashboard via /{usernameroute?}/admin
                 */
                if (zbase_auth_has() && zbase_auth_is(zbase_route_username_minimum_access()) && zbase_is_back() && $usernameRoute != zbase_auth_user()->username()) {
                    return redirect(zbase_url_from_route('admin', [$usernameRoutePrefix => zbase_auth_user()->username]));
                }
                if ((empty(zbase_auth_has()) || !zbase_auth_is('user')) && $name != $usernameRoutePrefix . 'admin.login') {
                    zbase_session_set('__loginRedirect', zbase_url_from_current());
                    return redirect(zbase_url_from_route('admin.login'));
                }
            } else {
                if ((empty(zbase_auth_has()) || !zbase_auth_is('admin')) && $name != 'admin.login') {
                    zbase_session_set('__loginRedirect', zbase_url_from_current());
                    return redirect(zbase_url_from_route('admin.login'));
                }
            }
        } else {
            if (!empty($guestOnly) && zbase_auth_has()) {
                return redirect(zbase_url_from_route('home'));
            }
            if (!empty($usernameRoute)) {
                if (!empty($authed) && !zbase_auth_has() && $name != $usernameRoutePrefix . 'login') {
                    zbase_session_set('__loginRedirect', zbase_url_from_current());
                    return redirect(zbase_url_from_route('login'));
                }
            } else {
                if (!empty($authed) && !zbase_auth_has() && $name != 'login') {
                    zbase_session_set('__loginRedirect', zbase_url_from_current());
                    return redirect(zbase_url_from_route('login'));
                }
            }
        }
    }
    $params = zbase_route_inputs();
    $requestMethod = zbase_request_method();
    $controller = !empty($route['controller']) ? $route['controller'] : null;
    $command = !empty($route['command']) ? $route['command'] : false;
    if (!empty($command) && $command instanceof \Closure) {
        $command();
        exit;
    }
    if (!empty($controller) && !empty($controller['name']) && !empty($route['controller']['enable'])) {
        $controllerName = !empty($route['controller']['name']) ? $route['controller']['name'] : null;
        $controllerMethod = !empty($route['controller']['method'][$requestMethod]) ? $route['controller']['method'][$requestMethod] : (!empty($route['controller']['method']) ? $route['controller']['method'] : 'index');
        if (!empty($controllerName)) {
            $controllerConfig = zbase_config_get('controller.class.' . $controllerName, null);
            if (!empty($controllerConfig) && !empty($controllerConfig['enable'])) {
                $controllerClass = zbase_controller_create_name(zbase_config_get('controller.class.' . $controllerName . '.name', Zbase\Http\Controllers\__FRAMEWORK__\PageController::class));
                $controllerObject = zbase_object_factory($controllerClass, !empty($route['controller']['params']) ? $route['controller']['params'] : []);
                zbase()->setController($controllerObject->setName($controllerName)->setActionName($controllerMethod)->setRouteParameters($params));
                zbase_view_page_details($route);
                return zbase_response($controllerObject->{$controllerMethod}());
            }
        }
    }
    $view = !empty($route['view']) ? $route['view'] : null;
    if (!empty($view) && !empty($view['name']) && !empty($route['view']['enable'])) {
        zbase_view_page_details($route);
        if (!empty($route['view']['content'])) {
            $params['content'] = zbase_data_get($route['view']['content'], null);
        }
        if ($view['name'] == 'type.js') {
            zbase_response_format_set('javascript');
        }
        return zbase_response(zbase_view_render(zbase_view_file($view['name']), $params));
    }
}