public function testRedirectLocation() { $app = $this->getApp(); $request = Request::create("/"); $app->handle($request); $app['request'] = $request; $response = Library::redirect('login'); $this->assertNotEmpty($app['session']->get('retreat')); $retreat = $app['session']->get('retreat'); $this->assertEquals('homepage', $retreat['route']); }
public function testRedirectLocation() { $app = $this->getApp(); $request = Request::create('/'); $app->handle($request); $app['request'] = $request; $response = Library::redirect('login'); $this->assertInstanceOf('\\Symfony\\Component\\HttpFoundation\\RedirectResponse', $response); $this->assertRegExp('|Redirecting to /bolt/login|', $response->getContent()); $this->assertTrue($response->isRedirect(), "Response isn't a valid redirect condition."); }
/** * Middleware function to check whether a user is logged on. * * @param Request $request * @param \Silex\Application $app * * @return null|\Symfony\Component\HttpFoundation\RedirectResponse */ public function before(Request $request, Silex\Application $app) { // This disallows extensions from adding any extra snippets to the output if ($request->get("_route") !== 'extend') { $app['htmlsnippets'] = false; } // Start the 'stopwatch' for the profiler. $app['stopwatch']->start('bolt.backend.before'); // Most of the 'check if user is allowed' happens here: match the current route to the 'allowed' settings. if (!$app['users']->isAllowed('extensions')) { $app['session']->getFlashBag()->add('error', Trans::__('You do not have the right privileges to view that page.')); return Lib::redirect('dashboard'); } // Stop the 'stopwatch' for the profiler. $app['stopwatch']->stop('bolt.backend.before'); return null; }
/** * The default before filter for the controllers in this file. * * Refer to the routing.yml config file for overridding. * * @param Request $request The Symfony Request * @param Application $app The application/container * * @return null|Response|RedirectResponse */ public function before(Request $request, Application $app) { // Start the 'stopwatch' for the profiler. $app['stopwatch']->start('bolt.frontend.before'); // If there are no users in the users table, or the table doesn't exist. Repair // the DB, and let's add a new user. if (!$app['users']->getUsers()) { $app['session']->getFlashBag()->add('info', Trans::__('There are no users in the database. Please create the first user.')); return Lib::redirect('useredit', array('id' => '')); } $app['debugbar'] = true; $app['htmlsnippets'] = true; // If we are in maintenance mode and current user is not logged in, show maintenance notice. if ($app['config']->get('general/maintenance_mode')) { if (!$app['users']->isAllowed('maintenance-mode')) { $template = $app['templatechooser']->maintenance(); $body = $app['render']->render($template)->getContent(); return new Response($body, Response::HTTP_SERVICE_UNAVAILABLE); } } // Stop the 'stopwatch' for the profiler. $app['stopwatch']->stop('bolt.frontend.before'); return null; }
/** * Middleware function to check whether a user is logged on. * * @return null|\Symfony\Component\HttpFoundation\RedirectResponse */ public function before(Request $request, Application $app) { // Start the 'stopwatch' for the profiler. $app['stopwatch']->start('bolt.backend.before'); // If there's no active session, don't do anything. if (!$app['users']->isValidSession()) { $app->abort(Response::HTTP_NOT_FOUND, 'You must be logged in to use this.'); } if (!$app['users']->isAllowed("files:uploads")) { $app['session']->getFlashBag()->add('error', Trans::__('You do not have the right privileges to upload.')); return Lib::redirect('dashboard'); } // Stop the 'stopwatch' for the profiler. $app['stopwatch']->stop('bolt.backend.before'); return null; }
public function labelsSavePost(Request $request) { $columns = array_map('strtolower', json_decode($request->get('columns'))); $labels = json_decode($request->get('labels')); // remove the label. array_shift($columns); $arr = []; foreach ($labels as $labelrow) { $key = strtolower(trim(array_shift($labelrow))); $values = array_combine($columns, $labelrow); $arr[$key] = $values; } $jsonarr = json_encode($arr); if (strlen($jsonarr) < 50) { $this->app['session']->getFlashBag()->set('error', 'There was an issue encoding the file. Changes were NOT saved.'); return Lib::redirect('labels'); } if (!is_writable(__DIR__ . "/files/labels.json")) { $this->app['session']->getFlashBag()->set('error', 'The output file is not writable. Changes were NOT saved.'); return Lib::redirect('labels'); } if (!file_put_contents(__DIR__ . "/files/labels.json", $jsonarr)) { $this->app['session']->getFlashBag()->set('error', 'There was an issue saving the file. Changes were NOT saved.'); return Lib::redirect('labels'); } $this->app['session']->getFlashBag()->set('success', 'Changes to the labels have been saved.'); return Lib::redirect('labels'); }
/** * Reset the password. This controller is normally only reached when the user * clicks a "password reset" link in the email. * * @param \Silex\Application $app The application/container * @param Request $request The Symfony Request * * @return \Symfony\Component\HttpFoundation\RedirectResponse */ public function resetPassword(Silex\Application $app, Request $request) { $app['users']->resetPasswordConfirm($request->get('token')); return Lib::redirect('login'); }
/** * Middleware function to check whether a user is logged on. * * @param Request $request The Symfony Request * @param Application $app The application/container * * @return null|\Symfony\Component\HttpFoundation\RedirectResponse */ public static function before(Request $request, Application $app) { // Start the 'stopwatch' for the profiler. $app['stopwatch']->start('bolt.backend.before'); $route = $request->get('_route'); $app['debugbar'] = true; // Sanity checks for doubles in in contenttypes. // unfortunately this has to be done here, because the 'translator' classes need to be initialised. $app['config']->checkConfig(); // If we had to reload the config earlier on because we detected a version change, display a notice. if ($app['config']->notify_update) { $notice = Trans::__("Detected Bolt version change to <b>%VERSION%</b>, and the cache has been cleared. Please <a href=\"%URI%\">check the database</a>, if you haven't done so already.", array('%VERSION%' => $app->getVersion(), '%URI%' => $app['resources']->getUrl('bolt') . 'dbcheck')); $app['logger.system']->notice(strip_tags($notice), array('event' => 'config')); $app['session']->getFlashBag()->add('info', $notice); } // Check the database users table exists $tableExists = $app['integritychecker']->checkUserTableIntegrity(); // Test if we have a valid users in our table $hasUsers = false; if ($tableExists) { $hasUsers = $app['users']->hasUsers(); } // If the users table is present, but there are no users, and we're on /bolt/userfirst, // we let the user stay, because they need to set up the first user. if ($tableExists && !$hasUsers && $route == 'userfirst') { return null; } // If there are no users in the users table, or the table doesn't exist. Repair // the DB, and let's add a new user. if (!$tableExists || !$hasUsers) { $app['integritychecker']->repairTables(); $app['session']->getFlashBag()->add('info', Trans::__('There are no users in the database. Please create the first user.')); return Lib::redirect('userfirst'); } // Confirm the user is enabled or bounce them if ($app['users']->getCurrentUser() && !$app['users']->isEnabled() && $route !== 'userfirst' && $route !== 'login' && $route !== 'postLogin' && $route !== 'logout') { $app['session']->getFlashBag()->add('error', Trans::__('Your account is disabled. Sorry about that.')); return Lib::redirect('logout'); } // Check if there's at least one 'root' user, and otherwise promote the current user. $app['users']->checkForRoot(); // Most of the 'check if user is allowed' happens here: match the current route to the 'allowed' settings. if (!$app['users']->isValidSession() && !$app['users']->isAllowed($route)) { $app['session']->getFlashBag()->add('info', Trans::__('Please log on.')); return Lib::redirect('login'); } elseif (!$app['users']->isAllowed($route)) { $app['session']->getFlashBag()->add('error', Trans::__('You do not have the right privileges to view that page.')); return Lib::redirect('dashboard'); } // Stop the 'stopwatch' for the profiler. $app['stopwatch']->stop('bolt.backend.before'); return null; }
public function labelsSavePost(Request $request) { $columns = array_map('strtolower', json_decode($request->get('columns'))); $labels = json_decode($request->get('labels')); // remove the label. array_shift($columns); $arr = array(); foreach ($labels as $labelrow) { $key = strtolower(trim(array_shift($labelrow))); $values = array_combine($columns, $labelrow); if (!empty($key)) { $arr[$key] = $values; } } $jsonarr = json_encode($arr, 128); // '128' == 'JSON_PRETTY_PRINT' if (strlen($jsonarr) < 50) { $this->app['session']->getFlashBag()->set('error', 'There was an issue encoding the file. Changes were NOT saved.'); return Lib::redirect('labels'); } $fs = new Filesystem(); try { $fs->dumpFile($this->jsonFile, $jsonarr); $this->app['session']->getFlashBag()->set('success', 'Changes to the labels have been saved.'); } catch (IOException $e) { $this->app['session']->getFlashBag()->set('error', 'The labels file at <tt>../app/config/extensions/labels.json</tt> is not writable. Changes were NOT saved.'); } return Lib::redirect('labels'); }