public function testFromGet() { $key = 'context_test_get'; $_GET[$key] = 1; $context = rex_context::fromGet(); $this->assertEquals($_GET[$key], $context->getParam($key)); }
public function execute() { // check if a new category was folded $category_id = rex_request('toggle_category_id', 'int', -1); $category_id = rex_category::get($category_id) ? $category_id : -1; /** * @var rex_user */ $user = rex::getUser(); if (!$user->getComplexPerm('structure')->hasCategoryPerm($category_id)) { throw new rex_api_exception('user has no permission for this category!'); } $context = rex_context::fromGet(); $categoryTree = new rex_sitemap_category_tree($context); $tree = $categoryTree->getTree($category_id); $result = new rex_api_result(true); return $result; }
/** * checks whether an api function is bound to the current requests. If so, so the api function will be executed. */ public static function handleCall() { if (static::hasFactoryClass()) { return static::callFactoryClass(__FUNCTION__, func_get_args()); } $apiFunc = self::factory(); if ($apiFunc != null) { if ($apiFunc->published !== true) { if (rex::isBackend() !== true) { throw new rex_http_exception(new rex_api_exception('the api function ' . get_class($apiFunc) . ' is not published, therefore can only be called from the backend!'), rex_response::HTTP_FORBIDDEN); } if (!rex::getUser()) { throw new rex_http_exception(new rex_api_exception('missing backend session to call api function ' . get_class($apiFunc) . '!'), rex_response::HTTP_UNAUTHORIZED); } } $urlResult = rex_get(self::REQ_RESULT_PARAM, 'string'); if ($urlResult) { // take over result from url and do not execute the apiFunc $result = rex_api_result::fromJSON($urlResult); $apiFunc->result = $result; } else { try { $result = $apiFunc->execute(); if (!$result instanceof rex_api_result) { throw new rex_exception('Illegal result returned from api-function ' . rex_get(self::REQ_CALL_PARAM) . '. Expected a instance of rex_api_result but got "' . (is_object($result) ? get_class($result) : gettype($result)) . '".'); } $apiFunc->result = $result; if ($result->requiresReboot()) { $context = rex_context::fromGet(); // add api call result to url $context->setParam(self::REQ_RESULT_PARAM, $result->toJSON()); // and redirect to SELF for reboot rex_response::sendRedirect($context->getUrl([], false)); } } catch (rex_api_exception $e) { $message = $e->getMessage(); $result = new rex_api_result(false, $message); $apiFunc->result = $result; } } } }
public static function checkPagePermissions(rex_user $user) { $check = function (rex_be_page $page) use(&$check, $user) { if (!$page->checkPermission($user)) { return false; } $subpages = $page->getSubpages(); foreach ($subpages as $key => $subpage) { if (!$check($subpage)) { unset($subpages[$key]); } } $page->setSubpages($subpages); return true; }; foreach (self::$pages as $key => $page) { if (!$check($page)) { unset(self::$pages[$key]); } } self::$pageObject = null; $page = self::getCurrentPageObject(); // --- page pruefen und benoetigte rechte checken if (!$page) { // --- fallback zur user startpage -> rechte checken $page = self::getPageObject($user->getStartPage()); if (!$page) { // --- fallback zur system startpage -> rechte checken $page = self::getPageObject(rex::getProperty('start_page')); if (!$page) { // --- fallback zur profile page $page = self::getPageObject('profile'); } } rex_response::setStatus(rex_response::HTTP_NOT_FOUND); rex_response::sendRedirect($page->getHref()); } if ($page !== ($leaf = $page->getFirstSubpagesLeaf())) { rex_response::setStatus(rex_response::HTTP_MOVED_PERMANENTLY); $url = $leaf->hasHref() ? $leaf->getHref() : rex_context::fromGet()->getUrl(['page' => $leaf->getFullKey()], false); rex_response::sendRedirect($url); } }