Exemplo n.º 1
0
 /**
  * Advices the dispatch method so that illegal requests are blocked before invoking
  * any controller.
  *
  * @FLOW3\Around("method(TYPO3\FLOW3\MVC\Dispatcher->dispatch())")
  * @param \TYPO3\FLOW3\AOP\JoinPointInterface $joinPoint The current joinpoint
  * @return mixed Result of the advice chain
  */
 public function checkAccess(\TYPO3\FLOW3\AOP\JoinPointInterface $joinPoint)
 {
     $this->securityManager->setRequest($joinPoint->getMethodArgument('request'));
     $this->securityManager->setResponse($joinPoint->getMethodArgument('response'));
     $request = $joinPoint->getMethodArgument('request');
     if (is_a($request, "\\TYPO3\\FLOW3\\MVC\\Web\\Request")) {
         $className = $request->getControllerObjectName();
         $methodName = $request->getControllerActionName() . 'Action';
         try {
             if (!empty($className) && $this->reflectionService->isMethodAnnotatedWith($className, $methodName, "Admin\\Annotations\\Access")) {
                 $annotation = $this->reflectionService->getMethodAnnotation($className, $methodName, "Admin\\Annotations\\Access");
                 if (!is_object($user = $this->securityManager->getUser())) {
                     return $this->securityManager->redirectToLogin($joinPoint);
                 }
                 if ($annotation->admin && !$user->isAdmin()) {
                     return $this->securityManager->redirectToLogin($joinPoint);
                 }
                 if ($annotation->role !== null) {
                     $hasRole = false;
                     foreach ($user->getRoles() as $role) {
                         if ($role->getName() == $annotation->role) {
                             $hasRole = true;
                         }
                     }
                     if (!$hasRole) {
                         $message = new \TYPO3\FLOW3\Error\Error("You don't have access to this page!");
                         $this->flashMessageContainer->addMessage($message);
                         return $this->securityManager->redirectToLogin($joinPoint);
                     }
                 }
             }
         } catch (\Exception $e) {
         }
     }
     if (is_object($adviceChain = $joinPoint->getAdviceChain())) {
         $result = $adviceChain->proceed($joinPoint);
         return $result;
     }
 }
Exemplo n.º 2
0
 /**
  * This function tries to find yet unmatched dependencies which need to be injected via "inject*" setter methods.
  *
  * @param array &$objectConfigurations
  * @return void
  * @throws \TYPO3\FLOW3\Object\Exception if an injected property is private
  */
 protected function autowireProperties(array &$objectConfigurations)
 {
     foreach ($objectConfigurations as $objectConfiguration) {
         $className = $objectConfiguration->getClassName();
         $properties = $objectConfiguration->getProperties();
         foreach (get_class_methods($className) as $methodName) {
             if (substr($methodName, 0, 6) === 'inject') {
                 $propertyName = strtolower(substr($methodName, 6, 1)) . substr($methodName, 7);
                 $autowiringAnnotation = $this->reflectionService->getMethodAnnotation($className, $methodName, 'TYPO3\\FLOW3\\Annotations\\Autowiring');
                 if ($autowiringAnnotation !== NULL && $autowiringAnnotation->enabled === FALSE) {
                     continue;
                 }
                 if ($methodName === 'injectSettings') {
                     $packageKey = $objectConfiguration->getPackageKey();
                     if ($packageKey !== NULL) {
                         $properties[$propertyName] = new ConfigurationProperty($propertyName, $packageKey, ConfigurationProperty::PROPERTY_TYPES_SETTING);
                     }
                 } else {
                     if (array_key_exists($propertyName, $properties)) {
                         continue;
                     }
                     $methodParameters = $this->reflectionService->getMethodParameters($className, $methodName);
                     if (count($methodParameters) !== 1) {
                         $this->systemLogger->log(sprintf('Could not autowire property %s because %s() expects %s instead of exactly 1 parameter.', "{$className}::{$propertyName}", $methodName, count($methodParameters) ?: 'none'), LOG_DEBUG);
                         continue;
                     }
                     $methodParameter = array_pop($methodParameters);
                     if ($methodParameter['class'] === NULL) {
                         $this->systemLogger->log(sprintf('Could not autowire property %s because the method parameter in %s() contained no class type hint.', "{$className}::{$propertyName}", $methodName), LOG_DEBUG);
                         continue;
                     }
                     $properties[$propertyName] = new ConfigurationProperty($propertyName, $methodParameter['class'], ConfigurationProperty::PROPERTY_TYPES_OBJECT);
                 }
             }
         }
         foreach ($this->reflectionService->getPropertyNamesByAnnotation($className, 'TYPO3\\FLOW3\\Annotations\\Inject') as $propertyName) {
             if ($this->reflectionService->isPropertyPrivate($className, $propertyName)) {
                 $exceptionMessage = 'The property "' . $propertyName . '" in class "' . $className . '" must not be private when annotated for injection.';
                 throw new \TYPO3\FLOW3\Object\Exception($exceptionMessage, 1328109641);
             }
             if (!array_key_exists($propertyName, $properties)) {
                 $objectName = trim(implode('', $this->reflectionService->getPropertyTagValues($className, $propertyName, 'var')), ' \\');
                 $properties[$propertyName] = new ConfigurationProperty($propertyName, $objectName, ConfigurationProperty::PROPERTY_TYPES_OBJECT);
             }
         }
         $objectConfiguration->setProperties($properties);
     }
 }
Exemplo n.º 3
0
 /**
  * Adds the needed valiators to the Arguments:
  *
  * - Validators checking the data type from the @param annotation
  * - Custom validators specified with validate annotations.
  * - Model-based validators (validate annotations in the model)
  * - Custom model validator classes
  *
  * @return void
  */
 protected function initializeActionMethodValidators()
 {
     $validationGroups = array('Default', 'Controller');
     $validationGroupsAnnotation = $this->reflectionService->getMethodAnnotation(get_class($this), $this->actionMethodName, 'TYPO3\\FLOW3\\Annotations\\ValidationGroups');
     if ($validationGroupsAnnotation !== NULL) {
         $validationGroups = $validationGroupsAnnotation->validationGroups;
     }
     $parameterValidators = $this->validatorResolver->buildMethodArgumentsValidatorConjunctions(get_class($this), $this->actionMethodName);
     foreach ($this->arguments as $argument) {
         $validator = $parameterValidators[$argument->getName()];
         $baseValidatorConjunction = $this->validatorResolver->getBaseValidatorConjunction($argument->getDataType(), $validationGroups);
         if (count($baseValidatorConjunction) > 0) {
             $validator->addValidator($baseValidatorConjunction);
         }
         $argument->setValidator($validator);
     }
 }