public function beforeExecuteRoute(Event $event, Dispatcher $dispatcher) { try { // read class annotation $class_annotation = $this->annotations->get($dispatcher->getHandlerClass())->getClassAnnotations(); $api_annotation = $class_annotation->get("Api"); // read method annotation $method_annotation = $this->annotations->getMethod($dispatcher->getHandlerClass(), $dispatcher->getActiveMethod()); $engine = new SecurityEngine(); // check API key $key = $engine->checkKeyLevel($this->request->getHeader("HTTP_X_API_KEY"), $api_annotation); // check authentication if exist $engine->checkAuth($method_annotation); // check IP whitelist $engine->checkWhitelist($method_annotation); $hasLimit = $api_annotation->hasNamedArgument("limits") || $method_annotation->has("Limit"); // check limit if (!$key->getIgnoreLimit() && $hasLimit) { $engine->checkKeyLimitOnClass($key, $api_annotation->getNamedArgument("limits")); $engine->checkMethodLimitByKey($key, $method_annotation->get("Limit")->getArguments()); } // write logs to db $engine->log($key->getApiKeyId(), $this->request->getClientAddress(), $this->request->getMethod(), $this->request->get("_url")); } catch (PhalconException $e) { $this->apiResponse->withError($e->getMessage(), $e->getCode()); return false; } return true; }
/** * Pulls all the data that might be in the url and saves it here * * @param Phalcon\Mvc\Dispatcher $dispatcher * @param array $map * @param array $default{order_by, order, limit} */ public function __construct(Phalcon\Dispatcher $dispatcher, array $map = array(), $default = array()) { $di = Phalcon\DI::getDefault(); // Set page if ($di->get('request')->hasQuery('page') && $di->get('request')->getQuery('page', array('int'))) { $this->page = $di->get('request')->getQuery('page', array('int')); } // Set limit if ($di->get('request')->hasQuery('limit') && $di->get('request')->getQuery('limit', array('int'))) { $this->limit = $di->get('request')->getQuery('limit', array('int')); } else { if (isset($default['limit'])) { $this->limit = $default['limit']; } } // Map values foreach ($map as $k => $v) { $p = $dispatcher->getParam($k); if ($p !== null) { $p = (int) (bool) $p; //force it to be 0 or 1 $this->query = "{$v} " . self::$sort[$p]; $this->pageLink = "/{$k}/" . (int) $p; $this->orderColumn = $k; $this->order = (int) $p; break; } } // Set default values if nothing set if ($this->query === NULL && count((array) $default)) { if (count($map) && isset($default['order_by']) && isset($map[$default['order_by']])) { $this->query = $map[$default['order_by']] . ' ' . self::$sort[(int) (bool) $default['order']]; $this->orderColumn = $default['order_by']; $this->order = (int) (bool) $default['order']; } else { if (isset($default['order_by'])) { // Pass complex order if (is_array($default['order_by'])) { $order = array(); foreach ($default['order_by'] as $k => $v) { $order_by[] = isset($default['order'][$k]) ? $v . ' ' . self::$sort[(int) (bool) $default['order'][$k]] : $v . ' ' . self::$sort[$default['order']]; } $this->orderColumn = $default['order_by'][0]; $this->order = (array) $default['order'][0]; $this->query = implode(', ', $order_by); } else { $this->query = $default['order_by'] . ' ' . self::$sort[(int) (bool) $default['order']]; $this->orderColumn = $default['order_by']; $this->order = (int) (bool) $default['order']; } } } } if ($dispatcher instanceof Phalcon\Mvc\Dispatcher) { $this->baseLink = $dispatcher->getControllerName() . '/' . $dispatcher->getActionName(); } }
/** * Before exception is happening. * * @param Event $event Event object. * @param Dispatcher $dispatcher Dispatcher object. * @param PhalconException $exception Exception object. * * @throws \Phalcon\Exception * @return bool */ public function beforeException($event, $dispatcher, $exception) { // Handle 404 exceptions. if ($exception instanceof DispatchException) { $dispatcher->forward(['module' => EngineApplication::SYSTEM_DEFAULT_MODULE, 'namespace' => ucfirst(EngineApplication::SYSTEM_DEFAULT_MODULE) . '\\Controller', 'controller' => 'Error', 'action' => 'show404']); return false; } if (APPLICATION_STAGE == APPLICATION_STAGE_DEVELOPMENT) { throw $exception; } else { EngineException::logException($exception); } // Handle other exceptions. $dispatcher->forward(['module' => EngineApplication::SYSTEM_DEFAULT_MODULE, 'namespace' => ucfirst(EngineApplication::SYSTEM_DEFAULT_MODULE) . '\\Controller', 'controller' => 'Error', 'action' => 'show500']); return $event->isStopped(); }
/** * This event is executed before every route is executed in the dispatcher. * * @param Event $event Event object. * @param Dispatcher $dispatcher Dispatcher object. * * @return bool */ public function beforeExecuteRoute($event, $dispatcher) { // Parse the annotations in the method currently executed. $annotations = $this->annotations->getMethod($dispatcher->getActiveController(), $dispatcher->getActiveMethod()); // Check if the method has an annotation 'Cache'. if ($annotations->has('Cache')) { // The method has the annotation 'Cache'. /** @var \Phalcon\Annotations\Annotation $annotation */ $annotation = $annotations->get('Cache'); // Get the lifetime. $lifetime = $annotation->getNamedArgument('lifetime'); $options = ['lifetime' => $lifetime]; // Check if there is a user defined cache key. if ($annotation->hasNamedArgument('key')) { $options['key'] = $annotation->getNamedArgument('key'); } // Enable the cache for the current method. $this->view->cache($options); } return !$event->isStopped(); }
/** * Execute before the router so we can determine if this is a private controller, and must be authenticated, or a * public controller that is open to all. * * @param \Phalcon\Dispatcher $dispatcher * @return boolean */ public function beforeExecuteRoute(Dispatcher $dispatcher) { $controllerName = $dispatcher->getControllerName(); // Only check permissions on private controllers if ($this->acl->isPrivate($controllerName)) { // Get the current identity $identity = $this->auth->getIdentity(); // If there is no identity available the user is redirected to index/index if (!is_array($identity)) { $this->flashSession->notice('You are not logged in!'); return $this->redirect('session/login'); } // // Check if the user have permission to the current option // $actionName = $dispatcher->getActionName(); // if (!$this->acl->isAllowed($identity['profile'], $controllerName, $actionName)) { // // $this->flash->notice('You don\'t have access to this module: ' . $controllerName . ':' . $actionName); // // if ($this->acl->isAllowed($identity['profile'], $controllerName, 'index')) { // $dispatcher->forward(array( // 'controller' => $controllerName, // 'action' => 'index' // )); // } else { // $dispatcher->forward(array( // 'controller' => 'user_control', // 'action' => 'index' // )); // } // // return false; // } } }
/** * Forward event if required * * @param Dispatcher Current dispatcher **/ protected function forward(Dispatcher $dispatcher) { if (is_array($this->forwards)) { if (Phalcana::$isCli) { echo "HTTP Error: " . $this->code; echo ' - ' . $this->message . PHP_EOL; exit; } if (isset($this->forwards['namespace'])) { $dispatcher->setNamespaceName($this->forwards['namespace']); } else { $dispatcher->setNamespaceName('Phalcana\\Controllers'); } $dispatcher->setControllerName($this->forwards['controller']); $dispatcher->setActionName($this->forwards['action']); $controller = $dispatcher->dispatch(); $view = $controller->view; $view->start(); // Render the related views $view->render($dispatcher->getControllerName(), $dispatcher->getActionName(), $dispatcher->getParams()); // Finish the view $view->finish(); $response = $controller->response; // Pass the output of the view to the response $response->setContent($view->getContent()); // Send the request headers $response->sendHeaders(); // Print the response echo $response->getContent(); exit(1); } return true; }