/**
* Before advice for all methods annotated with "@FLOW3\Session(autoStart=true)".
* Those methods will trigger a session initialization if a session does not exist
* yet.
*
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current join point
* @return void
* @fixme The pointcut expression below does not consider the options of the session annotation – needs adjustments in the AOP framework
* @FLOW3\Before("methodAnnotatedWith(TYPO3\FLOW3\Annotations\Session)")
*/
public function initializeSession(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
if ($this->session->isStarted() === TRUE) {
return;
}
$objectName = $this->objectManager->getObjectNameByClassName(get_class($joinPoint->getProxy()));
$methodName = $joinPoint->getMethodName();
$this->systemLogger->log(sprintf('Session initialization triggered by %s->%s.', $objectName, $methodName), LOG_DEBUG);
$this->session->start();
}
/**
* Checks if there exists a user session and if at least one token is authenticated
*
* @return boolean
*/
public function isAuthenticated()
{
if (!$this->session->isStarted() && !$this->session->canBeResumed()) {
return FALSE;
}
$atLeastOneTokenIsAuthenticated = FALSE;
foreach ($this->securityContext->getAuthenticationTokens() as $token) {
if ($token->isAuthenticated()) {
$atLeastOneTokenIsAuthenticated = TRUE;
break;
}
}
return $atLeastOneTokenIsAuthenticated;
}
/**
* @test
*/
public function logoutSetsTheAuthenticationStatusOfAllActiveAuthenticationTokensToNoCredentialsGiven()
{
$this->mockSession->expects($this->once())->method('canBeResumed')->will($this->returnValue(TRUE));
$token1 = $this->getMock('TYPO3\\FLOW3\\Security\\Authentication\\TokenInterface', array(), array(), '', FALSE);
$token1->expects($this->once())->method('isAuthenticated')->will($this->returnValue(TRUE));
$token1->expects($this->once())->method('setAuthenticationStatus')->with(\TYPO3\FLOW3\Security\Authentication\TokenInterface::NO_CREDENTIALS_GIVEN);
$token2 = $this->getMock('TYPO3\\FLOW3\\Security\\Authentication\\TokenInterface', array(), array(), '', FALSE);
$token2->expects($this->once())->method('setAuthenticationStatus')->with(\TYPO3\FLOW3\Security\Authentication\TokenInterface::NO_CREDENTIALS_GIVEN);
$authenticationTokens = array($token1, $token2);
$mockContext = $this->getMock('TYPO3\\FLOW3\\Security\\Context', array(), array(), '', FALSE);
$mockContext->expects($this->atLeastOnce())->method('getAuthenticationTokens')->will($this->returnValue($authenticationTokens));
$this->authenticationProviderManager->setSecurityContext($mockContext);
$this->authenticationProviderManager->logout();
}
/**
* Returns the publish path and filename to be used to publish the specified persistent resource
*
* @FLOW3\Around("method(TYPO3\FLOW3\Resource\Publishing\FileSystemPublishingTarget->buildPersistentResourcePublishPathAndFilename()) && setting(TYPO3.FLOW3.security.enable)")
* @param \TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint The current join point
* @return mixed Result of the target method
*/
public function rewritePersistentResourcePublishPathAndFilenameForPrivateResources(\TYPO3\FLOW3\Aop\JoinPointInterface $joinPoint)
{
$resource = $joinPoint->getMethodArgument('resource');
$configuration = $resource->getPublishingConfiguration();
$returnFilename = $joinPoint->getMethodArgument('returnFilename');
if ($configuration === NULL || $configuration instanceof \TYPO3\FLOW3\Security\Authorization\Resource\SecurityPublishingConfiguration === FALSE) {
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
$publishingPath = FALSE;
$allowedRoles = $configuration->getAllowedRoles();
if (count(array_intersect($allowedRoles, $this->securityContext->getRoles())) > 0) {
$publishingPath = \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($joinPoint->getProxy()->getResourcesPublishingPath(), 'Persistent/', $this->session->getID())) . '/';
$filename = $resource->getResourcePointer()->getHash() . '.' . $resource->getFileExtension();
\TYPO3\FLOW3\Utility\Files::createDirectoryRecursively($publishingPath);
$this->accessRestrictionPublisher->publishAccessRestrictionsForPath($publishingPath);
if ($this->settings['resource']['publishing']['fileSystem']['mirrorMode'] === 'link') {
foreach ($allowedRoles as $role) {
$roleDirectory = \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($this->environment->getPathToTemporaryDirectory(), 'PrivateResourcePublishing/', $role));
\TYPO3\FLOW3\Utility\Files::createDirectoryRecursively($roleDirectory);
if (file_exists($publishingPath . $role)) {
if (\TYPO3\FLOW3\Utility\Files::is_link(\TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $role))) && realpath(\TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $role))) === $roleDirectory) {
continue;
}
unlink($publishingPath . $role);
symlink($roleDirectory, \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $role)));
} else {
symlink($roleDirectory, \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $role)));
}
}
$publishingPath = \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $allowedRoles[0])) . '/';
}
if ($returnFilename === TRUE) {
$publishingPath = \TYPO3\FLOW3\Utility\Files::concatenatePaths(array($publishingPath, $filename));
}
}
return $publishingPath;
}
