public function testRedirectLocation()
{
$app = $this->getApp();
$request = Request::create("/");
$app->handle($request);
$app['request'] = $request;
$response = Library::redirect('login');
$this->assertNotEmpty($app['session']->get('retreat'));
$retreat = $app['session']->get('retreat');
$this->assertEquals('homepage', $retreat['route']);
}
public function testRedirectLocation()
{
$app = $this->getApp();
$request = Request::create('/');
$app->handle($request);
$app['request'] = $request;
$response = Library::redirect('login');
$this->assertInstanceOf('\\Symfony\\Component\\HttpFoundation\\RedirectResponse', $response);
$this->assertRegExp('|Redirecting to /bolt/login|', $response->getContent());
$this->assertTrue($response->isRedirect(), "Response isn't a valid redirect condition.");
}
/**
* Middleware function to check whether a user is logged on.
*
* @param Request $request
* @param \Silex\Application $app
*
* @return null|\Symfony\Component\HttpFoundation\RedirectResponse
*/
public function before(Request $request, Silex\Application $app)
{
// This disallows extensions from adding any extra snippets to the output
if ($request->get("_route") !== 'extend') {
$app['htmlsnippets'] = false;
}
// Start the 'stopwatch' for the profiler.
$app['stopwatch']->start('bolt.backend.before');
// Most of the 'check if user is allowed' happens here: match the current route to the 'allowed' settings.
if (!$app['users']->isAllowed('extensions')) {
$app['session']->getFlashBag()->add('error', Trans::__('You do not have the right privileges to view that page.'));
return Lib::redirect('dashboard');
}
// Stop the 'stopwatch' for the profiler.
$app['stopwatch']->stop('bolt.backend.before');
return null;
}
/**
* The default before filter for the controllers in this file.
*
* Refer to the routing.yml config file for overridding.
*
* @param Request $request The Symfony Request
* @param Application $app The application/container
*
* @return null|Response|RedirectResponse
*/
public function before(Request $request, Application $app)
{
// Start the 'stopwatch' for the profiler.
$app['stopwatch']->start('bolt.frontend.before');
// If there are no users in the users table, or the table doesn't exist. Repair
// the DB, and let's add a new user.
if (!$app['users']->getUsers()) {
$app['session']->getFlashBag()->add('info', Trans::__('There are no users in the database. Please create the first user.'));
return Lib::redirect('useredit', array('id' => ''));
}
$app['debugbar'] = true;
$app['htmlsnippets'] = true;
// If we are in maintenance mode and current user is not logged in, show maintenance notice.
if ($app['config']->get('general/maintenance_mode')) {
if (!$app['users']->isAllowed('maintenance-mode')) {
$template = $app['templatechooser']->maintenance();
$body = $app['render']->render($template)->getContent();
return new Response($body, Response::HTTP_SERVICE_UNAVAILABLE);
}
}
// Stop the 'stopwatch' for the profiler.
$app['stopwatch']->stop('bolt.frontend.before');
return null;
}
/**
* Middleware function to check whether a user is logged on.
*
* @return null|\Symfony\Component\HttpFoundation\RedirectResponse
*/
public function before(Request $request, Application $app)
{
// Start the 'stopwatch' for the profiler.
$app['stopwatch']->start('bolt.backend.before');
// If there's no active session, don't do anything.
if (!$app['users']->isValidSession()) {
$app->abort(Response::HTTP_NOT_FOUND, 'You must be logged in to use this.');
}
if (!$app['users']->isAllowed("files:uploads")) {
$app['session']->getFlashBag()->add('error', Trans::__('You do not have the right privileges to upload.'));
return Lib::redirect('dashboard');
}
// Stop the 'stopwatch' for the profiler.
$app['stopwatch']->stop('bolt.backend.before');
return null;
}
public function labelsSavePost(Request $request)
{
$columns = array_map('strtolower', json_decode($request->get('columns')));
$labels = json_decode($request->get('labels'));
// remove the label.
array_shift($columns);
$arr = [];
foreach ($labels as $labelrow) {
$key = strtolower(trim(array_shift($labelrow)));
$values = array_combine($columns, $labelrow);
$arr[$key] = $values;
}
$jsonarr = json_encode($arr);
if (strlen($jsonarr) < 50) {
$this->app['session']->getFlashBag()->set('error', 'There was an issue encoding the file. Changes were NOT saved.');
return Lib::redirect('labels');
}
if (!is_writable(__DIR__ . "/files/labels.json")) {
$this->app['session']->getFlashBag()->set('error', 'The output file is not writable. Changes were NOT saved.');
return Lib::redirect('labels');
}
if (!file_put_contents(__DIR__ . "/files/labels.json", $jsonarr)) {
$this->app['session']->getFlashBag()->set('error', 'There was an issue saving the file. Changes were NOT saved.');
return Lib::redirect('labels');
}
$this->app['session']->getFlashBag()->set('success', 'Changes to the labels have been saved.');
return Lib::redirect('labels');
}
/**
* Reset the password. This controller is normally only reached when the user
* clicks a "password reset" link in the email.
*
* @param \Silex\Application $app The application/container
* @param Request $request The Symfony Request
*
* @return \Symfony\Component\HttpFoundation\RedirectResponse
*/
public function resetPassword(Silex\Application $app, Request $request)
{
$app['users']->resetPasswordConfirm($request->get('token'));
return Lib::redirect('login');
}
/**
* Middleware function to check whether a user is logged on.
*
* @param Request $request The Symfony Request
* @param Application $app The application/container
*
* @return null|\Symfony\Component\HttpFoundation\RedirectResponse
*/
public static function before(Request $request, Application $app)
{
// Start the 'stopwatch' for the profiler.
$app['stopwatch']->start('bolt.backend.before');
$route = $request->get('_route');
$app['debugbar'] = true;
// Sanity checks for doubles in in contenttypes.
// unfortunately this has to be done here, because the 'translator' classes need to be initialised.
$app['config']->checkConfig();
// If we had to reload the config earlier on because we detected a version change, display a notice.
if ($app['config']->notify_update) {
$notice = Trans::__("Detected Bolt version change to <b>%VERSION%</b>, and the cache has been cleared. Please <a href=\"%URI%\">check the database</a>, if you haven't done so already.", array('%VERSION%' => $app->getVersion(), '%URI%' => $app['resources']->getUrl('bolt') . 'dbcheck'));
$app['logger.system']->notice(strip_tags($notice), array('event' => 'config'));
$app['session']->getFlashBag()->add('info', $notice);
}
// Check the database users table exists
$tableExists = $app['integritychecker']->checkUserTableIntegrity();
// Test if we have a valid users in our table
$hasUsers = false;
if ($tableExists) {
$hasUsers = $app['users']->hasUsers();
}
// If the users table is present, but there are no users, and we're on /bolt/userfirst,
// we let the user stay, because they need to set up the first user.
if ($tableExists && !$hasUsers && $route == 'userfirst') {
return null;
}
// If there are no users in the users table, or the table doesn't exist. Repair
// the DB, and let's add a new user.
if (!$tableExists || !$hasUsers) {
$app['integritychecker']->repairTables();
$app['session']->getFlashBag()->add('info', Trans::__('There are no users in the database. Please create the first user.'));
return Lib::redirect('userfirst');
}
// Confirm the user is enabled or bounce them
if ($app['users']->getCurrentUser() && !$app['users']->isEnabled() && $route !== 'userfirst' && $route !== 'login' && $route !== 'postLogin' && $route !== 'logout') {
$app['session']->getFlashBag()->add('error', Trans::__('Your account is disabled. Sorry about that.'));
return Lib::redirect('logout');
}
// Check if there's at least one 'root' user, and otherwise promote the current user.
$app['users']->checkForRoot();
// Most of the 'check if user is allowed' happens here: match the current route to the 'allowed' settings.
if (!$app['users']->isValidSession() && !$app['users']->isAllowed($route)) {
$app['session']->getFlashBag()->add('info', Trans::__('Please log on.'));
return Lib::redirect('login');
} elseif (!$app['users']->isAllowed($route)) {
$app['session']->getFlashBag()->add('error', Trans::__('You do not have the right privileges to view that page.'));
return Lib::redirect('dashboard');
}
// Stop the 'stopwatch' for the profiler.
$app['stopwatch']->stop('bolt.backend.before');
return null;
}
public function labelsSavePost(Request $request)
{
$columns = array_map('strtolower', json_decode($request->get('columns')));
$labels = json_decode($request->get('labels'));
// remove the label.
array_shift($columns);
$arr = array();
foreach ($labels as $labelrow) {
$key = strtolower(trim(array_shift($labelrow)));
$values = array_combine($columns, $labelrow);
if (!empty($key)) {
$arr[$key] = $values;
}
}
$jsonarr = json_encode($arr, 128);
// '128' == 'JSON_PRETTY_PRINT'
if (strlen($jsonarr) < 50) {
$this->app['session']->getFlashBag()->set('error', 'There was an issue encoding the file. Changes were NOT saved.');
return Lib::redirect('labels');
}
$fs = new Filesystem();
try {
$fs->dumpFile($this->jsonFile, $jsonarr);
$this->app['session']->getFlashBag()->set('success', 'Changes to the labels have been saved.');
} catch (IOException $e) {
$this->app['session']->getFlashBag()->set('error', 'The labels file at <tt>../app/config/extensions/labels.json</tt> is not writable. Changes were NOT saved.');
}
return Lib::redirect('labels');
}
