/** * Testing the doGET method. */ public function testDoGET() { $front = new FrontController(); $request = new Request(array('method' => 'GET', 'URI' => '/')); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('text/html', $response->getHeader('Content-Type'), 'Testing the doGET method'); }
/** * Testing the doGET method. */ public function testDoGET() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $request = new Request(array('method' => 'GET', 'URI' => '/log/' . urlencode($config->get('app.file.store.dir') . 'logs/alpha.log'))); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('text/html', $response->getHeader('Content-Type'), 'Testing the doGET method'); }
/** * Testing the doGET method. */ public function testDoGET() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $request = new Request(array('method' => 'GET', 'URI' => '/metric', 'params' => array('dir' => 'Alpha'))); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('text/html', $response->getHeader('Content-Type'), 'Testing the doGET method'); }
/** * Testing the doPOST method. */ public function testDoPOST() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $controller = new GenSecureQueryStringController(); $securityParams = $controller->generateSecurityFields(); $params = array('QS' => 'act=ViewArticle&oid=00000000001', 'var1' => $securityParams[0], 'var2' => $securityParams[1]); $request = new Request(array('method' => 'POST', 'URI' => '/gensecure', 'params' => $params)); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doPOST method'); $this->assertEquals('text/html', $response->getHeader('Content-Type'), 'Testing the doPOST method'); }
/** * Testing the doGET method. */ public function testDoGET() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $request = new Request(array('method' => 'GET', 'URI' => '/image/' . urlencode($config->get('app.root') . 'public/images/icons/accept.png') . '/16/16/png/0.75/false/false')); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('image/jpeg', $response->getHeader('Content-Type'), 'Testing the doGET method'); $request = new Request(array('method' => 'GET', 'URI' => '/image/' . urlencode($config->get('app.root') . 'public/images/icons/accept.png') . '/16/16/png/0.75/false/true')); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('image/jpeg', $response->getHeader('Content-Type'), 'Testing the doGET method with secure image and no tokens'); $tokens = Controller::generateSecurityFields(); $request = new Request(array('method' => 'GET', 'URI' => '/image/' . urlencode($config->get('app.root') . 'public/images/icons/accept.png') . '/16/16/png/0.75/false/true/' . urlencode($tokens[0]) . '/' . urlencode($tokens[1]))); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('image/jpeg', $response->getHeader('Content-Type'), 'Testing the doGET method with secure image and valid tokens'); }
/** * Testing the doDELETE method. */ public function testDoDELETE() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $controller = new TagController(); $securityParams = $controller->generateSecurityFields(); $article = $this->createArticle('testing'); $article->save(); $tags = $article->getPropObject('tags')->getRelatedObjects(); $existingTags = array(); foreach ($tags as $tag) { $existingTags['content_' . $tag->getOID()] = $tag->get('content'); } $params = array('saveBut' => true, 'NewTagValue' => 'somenewtag', 'var1' => $securityParams[0], 'var2' => $securityParams[1]); $params = array_merge($params, $existingTags); $request = new Request(array('method' => 'POST', 'URI' => '/tag/' . urlencode('Alpha\\Model\\Article') . '/' . $article->getOID(), 'params' => $params)); $response = $front->process($request); $tags = $article->getPropObject('tags')->getRelatedObjects(); $found = false; $tagOID = ''; foreach ($tags as $tag) { if ($tag->get('content') == 'somenewtag') { $found = true; $tagOID = $tag->getOID(); break; } } $this->assertTrue($found, 'Checking that the new tag added was actually saved'); $params = array('ActiveRecordOID' => $tagOID, 'var1' => $securityParams[0], 'var2' => $securityParams[1]); $request = new Request(array('method' => 'DELETE', 'URI' => '/tag/' . urlencode('Alpha\\Model\\Article') . '/' . $article->getOID(), 'params' => $params)); $response = $front->process($request); $this->assertEquals(301, $response->getStatus(), 'Testing the doDELETE method'); $this->assertTrue(strpos($response->getHeader('Location'), '/tag/' . urlencode('Alpha\\Model\\Article') . '/' . $article->getOID()) !== false, 'Testing the doDELETE method'); $tags = $article->getPropObject('tags')->getRelatedObjects(); $notFound = true; foreach ($tags as $tag) { if ($tag->get('content') == 'somenewtag') { $notFound = false; break; } } $this->assertTrue($notFound, 'Checking that a deleted tag was actually removed'); }
/** * Testing the doDELETE method. */ public function testDoDELETE() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $controller = new ActiveRecordController(); $securityParams = $controller->generateSecurityFields(); $person = $this->createPersonObject('test'); $person->save(); $params = array('var1' => $securityParams[0], 'var2' => $securityParams[1]); $request = new Request(array('method' => 'DELETE', 'URI' => '/record/' . urlencode('Alpha\\Model\\Person') . '/' . $person->getOID(), 'params' => $params)); $response = $front->process($request); $this->assertEquals(301, $response->getStatus(), 'Testing the doDELETE method'); $this->assertTrue(strpos($response->getHeader('Location'), '/records/' . urlencode('Alpha\\Model\\Person')) !== false, 'Testing the doDELETE method'); $person = $this->createPersonObject('test'); $person->save(); $params = array('var1' => $securityParams[0], 'var2' => $securityParams[1]); $request = new Request(array('method' => 'DELETE', 'URI' => '/tk/' . FrontController::encodeQuery('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=Alpha\\Model\\Person&ActiveRecordOID=' . $person->getOID()), 'params' => $params)); $response = $front->process($request); $this->assertEquals(301, $response->getStatus(), 'Testing the doDELETE method'); $this->assertTrue(strpos($response->getHeader('Location'), '/tk/') !== false, 'Testing the doDELETE method'); $person = $this->createPersonObject('test'); $person->save(); $request = new Request(array('method' => 'DELETE', 'URI' => '/record/' . urlencode('Alpha\\Model\\Person') . '/' . $person->getOID(), 'params' => $params, 'headers' => array('Accept' => 'application/json'))); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doDELETE method'); $this->assertEquals('application/json', $response->getHeader('Content-Type'), 'Testing the doDELETE method'); $this->assertEquals('deleted', json_decode($response->getBody())->message, 'Testing the doDELETE method'); }
/** * {@inheritdoc} */ public function adminView($fields = array()) { self::$logger->debug('>>adminView(fields=[' . var_export($fields, true) . '])'); $config = ConfigProvider::getInstance(); // the class name of the BO $fields['fullClassName'] = stripslashes(get_class($this->BO)); // the table name in the DB for the BO $fields['tableName'] = $this->BO->getTableName(); // record count for the BO in the DB $fields['count'] = $this->BO->checkTableExists() ? $this->BO->getCount() : '<span class="warning">unavailable</span>'; // table exists in the DB? $fields['tableExists'] = $this->BO->checkTableExists() ? '<span class="success">Yes</span>' : '<span class="warning">No</span>'; if ($this->BO->getMaintainHistory()) { $fields['tableExists'] = $this->BO->checkTableExists(true) ? '<span class="success">Yes</span>' : '<span class="warning">No history table</span>'; } // table schema needs to be updated in the DB? $fields['tableNeedsUpdate'] = $this->BO->checkTableNeedsUpdate() ? '<span class="warning">Yes</span>' : '<span class="success">No</span>'; // create button if ($this->BO->checkTableExists()) { if (isset($fields['createButtonURL'])) { $button = new Button("document.location = '" . $fields['createButtonURL'] . "'", 'Create New', 'create' . stripslashes(get_class($this->BO)) . 'But'); } else { $button = new Button("document.location = '" . FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=' . get_class($this->BO)) . "'", 'Create New', 'create' . stripslashes(get_class($this->BO)) . 'But'); } $fields['createButton'] = $button->render(); } else { $fields['createButton'] = ''; } // list all button if ($this->BO->checkTableExists()) { $button = new Button("document.location = '" . FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=' . get_class($this->BO) . '&start=0&limit=' . $config->get('app.list.page.amount')) . "'", 'List All', 'list' . stripslashes(get_class($this->BO)) . 'But'); $fields['listButton'] = $button->render(); } else { $fields['listButton'] = ''; } // the create table button (if required) $html = ''; if (!$this->BO->checkTableExists()) { $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('createTableBut')) : 'createTableBut'; $button = new Button('submit', 'Create Table', $fieldname); $html .= $button->render(); // hidden field so that we know which class to create the table for $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('createTableClass')) : 'createTableClass'; $html .= '<input type="hidden" name="' . $fieldname . '" value="' . get_class($this->BO) . '"/>'; } if ($html == '' && $this->BO->getMaintainHistory() && !$this->BO->checkTableExists(true)) { $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('createHistoryTableBut')) : 'createHistoryTableBut'; $button = new Button('submit', 'Create History Table', $fieldname); $html .= $button->render(); // hidden field so that we know which class to create the table for $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('createTableClass')) : 'createTableClass'; $html .= '<input type="hidden" name="' . $fieldname . '" value="' . get_class($this->BO) . '"/>'; } $fields['createTableButton'] = $html; // recreate and update table buttons (if required) $html = ''; if ($this->BO->checkTableNeedsUpdate() && $this->BO->checkTableExists()) { $js = "if(window.jQuery) {\n BootstrapDialog.show({\n title: 'Confirmation',\n message: 'Are you sure you wish to recreate this class table (all data will be lost)?',\n buttons: [\n {\n icon: 'glyphicon glyphicon-remove',\n label: 'Cancel',\n cssClass: 'btn btn-default btn-xs',\n action: function(dialogItself){\n dialogItself.close();\n }\n },\n {\n icon: 'glyphicon glyphicon-ok',\n label: 'Okay',\n cssClass: 'btn btn-default btn-xs',\n action: function(dialogItself) {\n \$('[Id=\"" . ($config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('admin_' . stripslashes(get_class($this->BO)) . '_button_pressed')) : 'admin_' . stripslashes(get_class($this->BO)) . '_button_pressed') . "\"]').attr('value', 'recreateTableBut');\n \$('#admin_" . stripslashes(get_class($this->BO)) . "').submit();\n dialogItself.close();\n }\n }\n ]\n });\n }"; $button = new Button($js, 'Recreate Table', 'recreateTableBut'); $html .= $button->render(); // hidden field so that we know which class to recreate the table for $html .= '<input type="hidden" name="recreateTableClass" value="' . get_class($this->BO) . '"/>'; $html .= ' '; $js = "if(window.jQuery) {\n BootstrapDialog.show({\n title: 'Confirmation',\n message: 'Are you sure you wish to attempt to modify this class table by adding new attributes?',\n buttons: [\n {\n icon: 'glyphicon glyphicon-remove',\n label: 'Cancel',\n cssClass: 'btn btn-default btn-xs',\n action: function(dialogItself){\n dialogItself.close();\n }\n },\n {\n icon: 'glyphicon glyphicon-ok',\n label: 'Okay',\n cssClass: 'btn btn-default btn-xs',\n action: function(dialogItself) {\n \$('[Id=\"" . ($config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('admin_' . stripslashes(get_class($this->BO)) . '_button_pressed')) : 'admin_' . stripslashes(get_class($this->BO)) . '_button_pressed') . "\"]').attr('value', 'updateTableBut');\n \$('#admin_" . stripslashes(get_class($this->BO)) . "').submit();\n dialogItself.close();\n }\n }\n ]\n });\n }"; $button = new Button($js, 'Update Table', 'updateTableBut'); $html .= $button->render(); // hidden field so that we know which class to update the table for $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('updateTableClass')) : 'updateTableClass'; $html .= '<input type="hidden" name="' . $fieldname . '" value="' . get_class($this->BO) . '"/>'; // hidden field to tell us which button was pressed $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('admin_' . stripslashes(get_class($this->BO)) . '_button_pressed')) : 'admin_' . stripslashes(get_class($this->BO)) . '_button_pressed'; $html .= '<input type="hidden" id="' . $fieldname . '" name="' . $fieldname . '" value=""/>'; } $fields['recreateOrUpdateButtons'] = $html; // buffer security fields to $formSecurityFields variable $fields['formSecurityFields'] = self::renderSecurityFields(); self::$logger->debug('<<adminView [HTML]'); return View::loadTemplate($this->BO, 'admin', $fields); }
/** * Method for rendering the pagination links. * * @return string * * @since 1.0 */ protected function renderPageLinks() { $config = ConfigProvider::getInstance(); $params = $this->request->getParams(); $body = ''; $end = $this->startPoint + $config->get('app.list.page.amount'); if ($end > $this->resultCount) { $end = $this->resultCount; } if ($this->resultCount > 0) { $body .= '<p align="center">Displaying ' . ($this->startPoint + 1) . ' to ' . $end . ' of <strong>' . $this->resultCount . '</strong>. '; } else { if (!empty($this->query)) { $body .= View::displayUpdateMessage('There were no search results for your query.'); } } $body .= '<ul class="pagination">'; if ($this->startPoint > 0) { // handle secure URLs if (isset($params['tk'])) { $body .= '<li><a href="' . FrontController::generateSecureURL('act=Search&q=' . $this->query . '&start=' . ($this->startPoint - $config->get('app.list.page.amount'))) . '">«</a></li>'; } else { $body .= '<li><a href="' . $config->get('app.url') . '/search/' . $this->query . '/' . ($this->startPoint - $config->get('app.list.page.amount')) . '">«</a></li>'; } } elseif ($this->resultCount > $config->get('app.list.page.amount')) { $body .= '<li class="disabled"><a href="#">«</a></li>'; } $page = 1; for ($i = 0; $i < $this->resultCount; $i += $config->get('app.list.page.amount')) { if ($i != $this->startPoint) { // handle secure URLs if (isset($params['tk'])) { $body .= '<li><a href="' . FrontController::generateSecureURL('act=Search&q=' . $this->query . '&start=' . $i) . '">' . $page . '</a></li>'; } else { $body .= '<li><a href="' . $config->get('app.url') . '/search/' . $this->query . '/' . $i . '">' . $page . '</a></li>'; } } elseif ($this->resultCount > $config->get('app.list.page.amount')) { $body .= '<li class="active"><a href="#">' . $page . '</a></li>'; } ++$page; } if ($this->resultCount > $end) { // handle secure URLs if (isset($params['tk'])) { $body .= '<li><a href="' . FrontController::generateSecureURL('act=Search&q=' . $this->query . '&start=' . ($this->startPoint + $config->get('app.list.page.amount'))) . '">Next->></a></li>'; } else { $body .= '<li><a href="' . $config->get('app.url') . '/search/' . $this->query . '/' . ($this->startPoint + $config->get('app.list.page.amount')) . '">»</a></li>'; } } elseif ($this->resultCount > $config->get('app.list.page.amount')) { $body .= '<li class="disabled"><a href="#">»</a></li>'; } $body .= '</ul>'; $body .= '</p>'; return $body; }
/** * Testing the doGET method. */ public function testDoGET() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $person = $this->createPersonObject('test'); $person->save(); $request = new Request(array('method' => 'GET', 'URI' => '/excel/Person/' . $person->getOID())); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('application/vnd.ms-excel', $response->getHeader('Content-Type'), 'Testing the doGET method'); $this->assertEquals('attachment; filename=Person-00000000001.xls', $response->getHeader('Content-Disposition'), 'Testing the doGET method'); }
/** * Generates a secure URL for downloading an attachment file via the ViewAttachment controller. * * @param string $filename * * @since 1.0 */ public function getAttachmentSecureURL($filename) { $config = ConfigProvider::getInstance(); return FrontController::generateSecureURL('act=Alpha\\Controller\\AttachmentController&articleOID=' . $this->getOID() . '&filename=' . $filename); }
/** * Testing the doGET method. */ public function testDoGET() { $config = ConfigProvider::getInstance(); $front = new FrontController(); $article = $this->createArticle('testing'); $article->save(); $request = new Request(array('method' => 'GET', 'URI' => '/search/blah')); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('text/html', $response->getHeader('Content-Type'), 'Testing the doGET method'); $request = new Request(array('method' => 'GET', 'URI' => '/search/blah/0/1')); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method with pagination params'); $this->assertEquals('text/html', $response->getHeader('Content-Type'), 'Testing the doGET method'); }
require_once __DIR__ . '/../vendor/autoload.php'; use Alpha\Controller\Front\FrontController; use Alpha\Util\Config\ConfigProvider; use Alpha\Util\Http\Filter\ClientBlacklistFilter; use Alpha\Util\Http\Filter\IPBlacklistFilter; use Alpha\Util\Http\Filter\ClientTempBlacklistFilter; use Alpha\Util\Http\Request; use Alpha\Util\Http\Response; use Alpha\Exception\ResourceNotFoundException; use Alpha\Exception\ResourceNotAllowedException; use Alpha\View\View; try { $config = ConfigProvider::getInstance(); set_exception_handler('Alpha\\Util\\ErrorHandlers::catchException'); set_error_handler('Alpha\\Util\\ErrorHandlers::catchError', $config->get('php.error.log.level')); $front = new FrontController(); if ($config->get('security.client.blacklist.filter.enabled')) { $front->registerFilter(new ClientBlacklistFilter()); } if ($config->get('security.ip.blacklist.filter.enabled')) { $front->registerFilter(new IPBlacklistFilter()); } if ($config->get('security.client.temp.blacklist.filter.enabled')) { $front->registerFilter(new ClientTempBlacklistFilter()); } $request = new Request(); $response = $front->process($request); } catch (ResourceNotFoundException $rnfe) { $response = new Response(404, View::renderErrorPage(404, $rnfe->getMessage(), array('Content-Type' => 'text/html'))); } catch (ResourceNotAllowedException $rnae) { $response = new Response(403, View::renderErrorPage(403, $rnae->getMessage(), array('Content-Type' => 'text/html')));
/** * Custom list view. * * @param array $fields Hash array of HTML fields to pass to the template. * * @since 1.0 */ public function listView($fields = array()) { self::$logger->debug('>>listView(fields=[' . var_export($fields, true) . '])'); if (method_exists($this, 'before_listView_callback')) { $this->before_listView_callback(); } $config = ConfigProvider::getInstance(); // the form action $fields['formAction'] = $fields['URI']; // work out how many columns will be in the table $reflection = new \ReflectionClass(get_class($this->BO)); $properties = array_keys($reflection->getDefaultProperties()); $fields['colCount'] = 1 + count(array_diff($properties, $this->BO->getDefaultAttributes(), $this->BO->getTransientAttributes())); // get the class attributes $properties = $reflection->getProperties(); $html = ''; $html .= '<tr>'; foreach ($properties as $propObj) { $propName = $propObj->name; // skip over password fields $property = $this->BO->getPropObject($propName); if (!($property instanceof String && $property->checkIsPassword())) { if (!in_array($propName, $this->BO->getDefaultAttributes()) && !in_array($propName, $this->BO->getTransientAttributes())) { $html .= ' <th>' . $this->BO->getDataLabel($propName) . '</th>'; } if ($propName == 'OID') { $html .= ' <th>' . $this->BO->getDataLabel($propName) . '</th>'; } } else { $fields['colCount'] = $fields['colCount'] - 1; } } $html .= '</tr><tr>'; $fields['formHeadings'] = $html; $html = ''; // and now the values foreach ($properties as $propObj) { $propName = $propObj->name; $property = $this->BO->getPropObject($propName); if (!($property instanceof String && $property->checkIsPassword())) { if (!in_array($propName, $this->BO->getDefaultAttributes()) && !in_array($propName, $this->BO->getTransientAttributes())) { $propClass = get_class($this->BO->getPropObject($propName)); if ($propClass == 'Alpha\\Model\\Type\\Text') { $text = htmlentities($this->BO->get($propName), ENT_COMPAT, 'utf-8'); if (mb_strlen($text) > 70) { $html .= ' <td> ' . mb_substr($text, 0, 70) . '...</td>'; } else { $html .= ' <td> ' . $text . '</td>'; } } elseif ($propClass == 'Alpha\\Model\\Type\\DEnum') { $html .= ' <td> ' . $this->BO->getPropObject($propName)->getDisplayValue() . '</td>'; } else { $html .= ' <td> ' . $this->BO->get($propName) . '</td>'; } } if ($propName == 'OID') { $html .= ' <td> ' . $this->BO->getOID() . '</td>'; } } } $html .= '</tr>'; $fields['formFields'] = $html; $button = new Button("document.location = '" . FrontController::generateSecureURL('act=Detail&bo=' . get_class($this->BO) . '&oid=' . $this->BO->getOID()) . "';", 'View', 'viewBut'); $fields['viewButton'] = $button->render(); // supressing the edit/delete buttons for Sequences $fields['adminButtons'] = ''; // buffer security fields to $formSecurityFields variable $fields['formSecurityFields'] = $this->renderSecurityFields(); $html = $this->loadTemplate($this->BO, 'list', $fields); if (method_exists($this, 'after_listView_callback')) { $this->after_listView_callback(); } self::$logger->debug('<<listView'); return $html; }
/** * Custom edit view. * * @param array $fields Hash array of HTML fields to pass to the template. * * @since 1.0 * * @return string */ public function editView($fields = array()) { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $html = '<table cols="2" class="edit_view" style="width:100%; margin:0px">'; $html .= '<form action="' . $fields['formAction'] . '" method="POST" accept-charset="UTF-8">'; $textBox = new TextBox($this->BO->getPropObject('content'), $this->BO->getDataLabel('content'), 'content', '', 5, $this->BO->getID()); $html .= $textBox->render(); $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('version_num')) : 'version_num'; $html .= '<input type="hidden" name="' . $fieldname . '" value="' . $this->BO->getVersion() . '"/>'; $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('ActiveRecordOID')) : 'ActiveRecordOID'; $html .= '<input type="hidden" name="' . $fieldname . '" value="' . $this->BO->getID() . '"/>'; // render special buttons for admins only if ($session->get('currentUser')->inGroup('Admin') && strpos($fields['formAction'], '/tk/') !== false) { $html .= '<tr><td colspan="2">'; $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('saveBut')) : 'saveBut'; $temp = new Button('submit', 'Save', $fieldname); $html .= $temp->render(); $html .= ' '; $js = "\$('#dialogDiv').text('Are you sure you wish to delete this item?');\n \$('#dialogDiv').dialog({\n buttons: {\n 'OK': function(event, ui) {\n \$('[id=\"" . ($config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('ActiveRecordOID')) : 'ActiveRecordOID') . "\"]').attr('value', '" . $this->BO->getOID() . "');\n \$('#deleteForm').submit();\n },\n 'Cancel': function(event, ui) {\n \$(this).dialog('close');\n }\n }\n })\n \$('#dialogDiv').dialog('open');\n return false;"; $temp = new Button($js, 'Delete', 'deleteBut'); $html .= $temp->render(); $html .= ' '; $temp = new Button("document.location = '" . FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=' . get_class($this->BO)) . "'", 'Back to List', 'cancelBut'); $html .= $temp->render(); $html .= '</td></tr>'; $html .= View::renderSecurityFields(); $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('_METHOD')) : '_METHOD'; $html .= '<input type="hidden" name="' . $fieldname . '" id="' . $fieldname . '" value="PUT"/>'; $html .= '</form></table>'; } else { $html .= '</table>'; $html .= '<div align="center">'; $temp = new Button('submit', 'Update Your Comment', 'saveBut' . $this->BO->getID()); $html .= $temp->render(); $html .= '</div>'; $html .= View::renderSecurityFields(); $fieldname = $config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('_METHOD')) : '_METHOD'; $html .= '<input type="hidden" name="' . $fieldname . '" id="' . $fieldname . '" value="PUT"/>'; $html .= '</form>'; } return $html; }
/** * Renders the HTML <img> tag to the ViewImage controller, with all of the correct params to render the source * image in the desired resolution. * * @param $altText Set this value to render alternate text as part of the HTML link (defaults to no alternate text) * * @return string * * @since 1.0 */ public function renderHTMLLink($altText = '') { $config = ConfigProvider::getInstance(); if ($this->secure->getBooleanValue()) { $params = Controller::generateSecurityFields(); return '<img src="' . FrontController::generateSecureURL('act=Alpha\\Controller\\ImageController&source=' . $this->source . '&width=' . $this->width->getValue() . '&height=' . $this->height->getValue() . '&type=' . $this->sourceType->getValue() . '&quality=' . $this->quality->getValue() . '&scale=' . $this->scale->getValue() . '&secure=' . $this->secure->getValue() . '&var1=' . $params[0] . '&var2=' . $params[1]) . '"' . (empty($altText) ? '' : ' alt="' . $altText . '"') . ($config->get('cms.images.widget.bootstrap.responsive') ? ' class="img-responsive"' : '') . '/>'; } else { return '<img src="' . FrontController::generateSecureURL('act=Alpha\\Controller\\ImageController&source=' . $this->source . '&width=' . $this->width->getValue() . '&height=' . $this->height->getValue() . '&type=' . $this->sourceType->getValue() . '&quality=' . $this->quality->getValue() . '&scale=' . $this->scale->getValue() . '&secure=' . $this->secure->getValue()) . '"' . (empty($altText) ? '' : ' alt="' . $altText . '"') . ($config->get('cms.images.widget.bootstrap.responsive') ? ' class="img-responsive"' : '') . '/>'; } }
/** * Testing the doGET method. */ public function testDoGET() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $controller = new LogoutController(); $securityParams = $controller->generateSecurityFields(); $person = $this->createPersonObject('logintest'); $person->save(); $params = array('loginBut' => true, 'var1' => $securityParams[0], 'var2' => $securityParams[1], 'email' => '*****@*****.**', 'password' => 'passwordTest'); $request = new Request(array('method' => 'POST', 'URI' => '/login', 'params' => $params)); $response = $front->process($request); $this->assertEquals(301, $response->getStatus(), 'Testing the doPOST with correct password'); $this->assertTrue($session->get('currentUser') instanceof Person, 'Testing that the user is logged in'); $request = new Request(array('method' => 'GET', 'URI' => '/logout')); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('text/html', $response->getHeader('Content-Type'), 'Testing the doGET method'); $this->assertFalse($session->get('currentUser'), 'Testing that the user is no longer logged in'); }
/** * Handle GET requests. * * @param Alpha\Util\Http\Request $request * * @return Alpha\Util\Http\Response * * @since 2.0.3 */ public function doGET($request) { self::$logger->debug('>>doGET($request=[' . var_export($request, true) . '])'); if ($request->getParam('displayphpinfo') != null) { ob_start(); phpinfo(); $body = ob_get_contents(); } else { $body = View::displayPageHead($this); $url = FrontController::generateSecureURL('act=Alpha\\Controller\\PhpinfoController&displayphpinfo=true'); $body .= '<iframe src="' . $url . '" style="border:none; overflow-x: scroll; overflow-y: scroll; width:100%; height:100vh;"></iframe>'; $body .= View::displayPageFoot($this); } self::$logger->debug('<<doGET'); return new Response(200, $body, array('Content-Type' => 'text/html', 'X-Frame-Options' => 'SAMEORIGIN')); }
/** * Testing that a blacklisted IP cannot pass the IPBlacklistFilter filter. * * @since 1.2.3 */ public function testIPBlacklistFilter() { $_SERVER['REMOTE_ADDR'] = $this->badIP; $_SERVER['REQUEST_URI'] = '/'; $request = new Request(array('method' => 'GET')); try { $front = new FrontController(); $front->registerFilter(new IPBlacklistFilter()); $front->process($request); $this->fail('Testing that a blacklisted IP cannot pass the IPBlacklistFilter filter'); } catch (ResourceNotAllowedException $e) { $this->assertEquals('Not allowed!', $e->getMessage(), 'Testing that a blacklisted IP cannot pass the IPBlacklistFilter filter'); } }
/** * Login the user and re-direct to the defined destination. * * @param string $password The password supplied by the user logging in * * @throws Alpha\Exception\ValidationException * * @return Alpha\Util\Http\Response * * @since 1.0 */ protected function doLoginAndRedirect($password) { self::$logger->debug('>>doLoginAndRedirect(password=[' . $password . '])'); $config = ConfigProvider::getInstance(); if (!$this->personObject->isTransient() && $this->personObject->get('state') == 'Active') { if (password_verify($password, $this->personObject->get('password'))) { $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $session->set('currentUser', $this->personObject); self::$logger->debug('Logging in [' . $this->personObject->get('email') . '] at [' . date('Y-m-d H:i:s') . ']'); self::$logger->action('Login'); $response = new Response(301); if ($this->getNextJob() != '') { $response->redirect(FrontController::generateSecureURL('act=' . $this->getNextJob())); $this->clearUnitOfWorkAttributes(); } else { $response->redirect($config->get('app.url')); } return $response; } else { throw new ValidationException('Failed to login user ' . $this->personObject->get('email') . ', the password is incorrect!'); self::$logger->debug('<<doLoginAndRedirect'); } } }
/** * Method to render the reset password HTML form. * * @return string * * @since 1.0 */ public function displayResetForm() { $config = ConfigProvider::getInstance(); $html = '<div class="bordered padded">'; $html .= '<h1>Password reset</h1>'; $html .= '<p>If you have forgotten your password, you can use this form to have a new password automatically generated and sent to your e-mail address.</p>'; $html .= '<form action="' . FrontController::generateSecureURL('act=Alpha\\Controller\\LoginController&reset=true') . '" method="POST" id="resetForm" accept-charset="UTF-8">'; $request = new Request(array('method' => 'GET')); $email = new String($request->getParam('email', '')); $email->setRule(Validator::REQUIRED_EMAIL); $email->setSize(70); $email->setHelper('Please provide a valid e-mail address!'); $stringBox = new StringBox($email, $this->BO->getDataLabel('email'), 'email', 'resetForm', '50'); $html .= $stringBox->render(); $html .= '<div class="form-group lower spread">'; $temp = new Button('submit', 'Reset Password', 'resetBut'); $html .= $temp->render(); $temp = new Button("document.location.replace('" . $config->get('app.url') . "')", 'Cancel', 'cancelBut'); $html .= $temp->render(); $html .= '</div>'; $html .= $this->renderSecurityFields(); $html .= '</form>'; $html .= '</div>'; return $html; }
/** * Method for rendering the pagination links. * * @return string * * @since 2.0 */ protected function renderPageLinks() { $config = ConfigProvider::getInstance(); $body = ''; // the index of the last record displayed on this page $last = $this->start + $config->get('app.list.page.amount'); // ensure that the last index never overruns the total record count if ($last > $this->recordCount) { $last = $this->recordCount; } // render a message for an empty list if ($this->recordCount > 0) { $body .= '<ul class="pagination">'; } else { $body .= '<p align="center">The list is empty. </p>'; return $body; } // render "Previous" link if ($this->start > 0) { // handle secure URLs if ($this->request->getParam('token', null) != null) { $body .= '<li><a href="' . FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=' . $this->request->getParam('ActiveRecordType') . '&start=' . ($this->start - $this->limit) . '&limit=' . $this->limit) . '"><<-Previous</a></li>'; } else { $body .= '<li><a href="/records/' . urlencode($this->request->getParam('ActiveRecordType')) . '/' . ($this->start - $this->limit) . '/' . $this->limit . '"><<-Previous</a></li>'; } } elseif ($this->recordCount > $this->limit) { $body .= '<li class="disabled"><a href="#"><<-Previous</a></li>'; } // render the page index links if ($this->recordCount > $this->limit) { $page = 1; for ($i = 0; $i < $this->recordCount; $i += $this->limit) { if ($i != $this->start) { // handle secure URLs if ($this->request->getParam('token', null) != null) { $body .= '<li><a href="' . FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=' . $this->request->getParam('ActiveRecordType') . '&start=' . $i . '&limit=' . $this->limit) . '">' . $page . '</a></li>'; } else { $body .= '<li><a href="/records/' . urlencode($this->request->getParam('ActiveRecordType')) . '/' . $i . '/' . $this->limit . '">' . $page . '</a></li>'; } } elseif ($this->recordCount > $this->limit) { // render an anchor for the current page $body .= '<li class="active"><a href="#">' . $page . '</a></li>'; } ++$page; } } // render "Next" link if ($this->recordCount > $last) { // handle secure URLs if ($this->request->getParam('token', null) != null) { $body .= '<li><a href="' . FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=' . $this->request->getParam('ActiveRecordType') . '&start=' . ($this->start + $this->limit) . '&limit=' . $this->limit) . '">Next->></a></li>'; } else { $body .= '<li><a href="/records/' . urlencode($this->request->getParam('ActiveRecordType')) . '/' . ($this->start + $this->limit . '/' . $this->limit) . '">Next->></a></li>'; } } elseif ($this->recordCount > $this->limit) { $body .= '<li class="disabled"><a href="#">Next->></a></li>'; } $body .= '</ul>'; return $body; }
/** * Handle POST requests. * * @param Alpha\Util\Http\Request $request * * @return Alpha\Util\Http\Response * * @since 1.0 */ public function doPOST($request) { self::$logger->debug('>>doPOST($request=[' . var_export($request, true) . '])'); $config = ConfigProvider::getInstance(); $params = $request->getParams(); $body = View::displayPageHead($this); $body .= '<p class="alert alert-success">'; if (isset($params['QS'])) { $body .= FrontController::generateSecureURL($params['QS']); self::$logger->action('Generated the secure URL in admin: ' . FrontController::generateSecureURL($params['QS'])); } $body .= '</p>'; $body .= $this->renderForm(); $body .= View::displayPageFoot($this); self::$logger->debug('<<doPOST'); return new Response(200, $body, array('Content-Type' => 'text/html')); }
/** * Testing the doGET method. */ public function testDoGET() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $article = $this->createArticleObject('test article'); $article->save(); $request = new Request(array('method' => 'GET', 'URI' => '/feed/' . urlencode('Alpha\\Model\\Article'))); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('application/atom+xml', $response->getHeader('Content-Type'), 'Testing the doGET method'); $request = new Request(array('method' => 'GET', 'URI' => '/feed/' . urlencode('Alpha\\Model\\Article') . '/RSS')); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('application/rss+xml', $response->getHeader('Content-Type'), 'Testing the doGET method'); $request = new Request(array('method' => 'GET', 'URI' => '/feed/' . urlencode('Alpha\\Model\\Article') . '/RSS2')); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method'); $this->assertEquals('application/rss+xml', $response->getHeader('Content-Type'), 'Testing the doGET method'); }
/** * Overrides the TCPDF::Image method to decrypt encrypted $file paths from the Image widget, then pass * them to the normal TCPDF::Image along with all of the other (unmodified) parameters. * * @param string $file Name of the file containing the image. * @param float $x Abscissa of the upper-left corner. * @param float $y Ordinate of the upper-left corner. * @param float $w Width of the image in the page. If not specified or equal to zero, it is automatically calculated. * @param float $h Height of the image in the page. If not specified or equal to zero, it is automatically calculated. * @param string $type Image format. Possible values are (case insensitive): JPEG and PNG (whitout GD library) and all images supported by GD: GD, GD2, GD2PART, GIF, JPEG, PNG, BMP, XBM, XPM;. If not specified, the type is inferred from the file extension. * @param mixed $link URL or identifier returned by AddLink(). * @param string $align Indicates the alignment of the pointer next to image insertion relative to image height. The value can be:<ul><li>T: top-right for LTR or top-left for RTL</li><li>M: middle-right for LTR or middle-left for RTL</li><li>B: bottom-right for LTR or bottom-left for RTL</li><li>N: next line</li></ul> * @param bool $resize If true resize (reduce) the image to fit $w and $h (requires GD library). * @param int $dpi dot-per-inch resolution used on resize * @param string $palign Allows to center or align the image on the current line. Possible values are:<ul><li>L : left align</li><li>C : center</li><li>R : right align</li><li>'' : empty string : left for LTR or right for RTL</li></ul> * @param bool $ismask true if this image is a mask, false otherwise * @param mixed $imgmask image object returned by this function or false * @param mixed $border Indicates if borders must be drawn around the image. The value can be either a number:<ul><li>0: no border (default)</li><li>1: frame</li></ul>or a string containing some or all of the following characters (in any order):<ul><li>L: left</li><li>T: top</li><li>R: right</li><li>B: bottom</li></ul> * * @since 1.0 */ public function Image($file, $x = '', $y = '', $w = 0, $h = 0, $type = '', $link = '', $align = '', $resize = false, $dpi = 300, $palign = '', $ismask = false, $imgmask = false, $border = 0) { if (self::$logger == null) { self::$logger = new Logger('TCPDF'); } $config = ConfigProvider::getInstance(); self::$logger->debug('Processing image file URL [' . $file . ']'); try { if (mb_strpos($file, '/tk/') !== false) { $start = mb_strpos($file, '/tk/') + 3; $end = mb_strlen($file); $tk = mb_substr($file, $start + 1, $end - ($start + 1)); $decoded = FrontController::getDecodeQueryParams($tk); parent::Image($decoded['source'], $x, $y, $w, $h, $type, $link, $align, $resize, $dpi, $palign, $ismask, $imgmask, $border); } else { // it has no query string, so threat as a regular image URL if (Validator::isURL($file)) { parent::Image($config->get('app.root') . '/' . Image::convertImageURLToPath($file), $x, $y, $w, $h, $type, $link, $align, $resize, $dpi, $palign, $ismask, $imgmask, $border); } else { parent::Image($file, $x, $y, $w, $h, $type, $link, $align, $resize, $dpi, $palign, $ismask, $imgmask, $border); } } } catch (\Exception $e) { self::$logger->error('Error processing image file URL [' . $file . '], error [' . $e->getMessage() . ']'); throw $e; } }
/** * Handle GET requests. * * @param Alpha\Util\Http\Request $request * * @return Alpha\Util\Http\Response * * @since 1.0 */ public function doGET($request) { self::$logger->debug('>>doGET($request=[' . var_export($request, true) . '])'); $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); // if there is nobody logged in, we will send them off to the Login controller to do so before coming back here if ($session->get('currentUser') === false) { self::$logger->info('Nobody logged in, invoking Login controller...'); $controller = new LoginController(); $controller->setName('LoginController'); $controller->setRequest($request); $controller->setUnitOfWork(array('Alpha\\Controller\\LoginController', 'Alpha\\Controller\\InstallController')); self::$logger->debug('<<__construct'); return $controller->doGET($request); } $params = $request->getParams(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $body = View::displayPageHead($this); $body .= '<h1>Installing the ' . $config->get('app.title') . ' application</h1>'; try { $body .= $this->createApplicationDirs(); } catch (\Exception $e) { $body .= View::displayErrorMessage($e->getMessage()); $body .= View::displayErrorMessage('Aborting.'); return new Response(500, $body, array('Content-Type' => 'text/html')); } // start a new database transaction ActiveRecord::begin(); /* * Create DEnum tables */ $DEnum = new DEnum(); $DEnumItem = new DEnumItem(); try { $body .= '<p>Attempting to create the DEnum tables...'; if (!$DEnum->checkTableExists()) { $DEnum->makeTable(); } self::$logger->info('Created the [' . $DEnum->getTableName() . '] table successfully'); if (!$DEnumItem->checkTableExists()) { $DEnumItem->makeTable(); } self::$logger->info('Created the [' . $DEnumItem->getTableName() . '] table successfully'); // create a default article DEnum category $DEnum = new DEnum('Alpha\\Model\\Article::section'); $DEnumItem = new DEnumItem(); $DEnumItem->set('value', 'Main'); $DEnumItem->set('DEnumID', $DEnum->getID()); $DEnumItem->save(); $body .= View::displayUpdateMessage('DEnums set up successfully.'); } catch (\Exception $e) { $body .= View::displayErrorMessage($e->getMessage()); $body .= View::displayErrorMessage('Aborting.'); self::$logger->error($e->getMessage()); ActiveRecord::rollback(); return new Response(500, $body, array('Content-Type' => 'text/html')); } /* * Loop over each business object in the system, and create a table for it */ $classNames = ActiveRecord::getBOClassNames(); $loadedClasses = array(); foreach ($classNames as $classname) { array_push($loadedClasses, $classname); } foreach ($loadedClasses as $classname) { try { $body .= '<p>Attempting to create the table for the class [' . $classname . ']...'; try { $BO = new $classname(); if (!$BO->checkTableExists()) { $BO->makeTable(); } else { if ($BO->checkTableNeedsUpdate()) { $missingFields = $BO->findMissingFields(); $count = count($missingFields); for ($i = 0; $i < $count; ++$i) { $BO->addProperty($missingFields[$i]); } } } } catch (FailedIndexCreateException $eice) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($eice->getMessage()); } catch (FailedLookupCreateException $elce) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($elce->getMessage()); } self::$logger->info('Created the [' . $BO->getTableName() . '] table successfully'); $body .= View::displayUpdateMessage('Created the [' . $BO->getTableName() . '] table successfully'); } catch (\Exception $e) { $body .= View::displayErrorMessage($e->getMessage()); $body .= View::displayErrorMessage('Aborting.'); self::$logger->error($e->getMessage()); ActiveRecord::rollback(); return new Response(500, $body, array('Content-Type' => 'text/html')); } } $body .= View::displayUpdateMessage('All business object tables created successfully!'); /* * Create the Admin and Standard groups */ $adminGroup = new Rights(); $adminGroup->set('name', 'Admin'); $standardGroup = new Rights(); $standardGroup->set('name', 'Standard'); try { try { $body .= '<p>Attempting to create the Admin and Standard groups...'; $adminGroup->save(); $standardGroup->save(); self::$logger->info('Created the Admin and Standard rights groups successfully'); $body .= View::displayUpdateMessage('Created the Admin and Standard rights groups successfully'); } catch (FailedIndexCreateException $eice) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($eice->getMessage()); } catch (FailedLookupCreateException $elce) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($elce->getMessage()); } } catch (\Exception $e) { $body .= View::displayErrorMessage($e->getMessage()); $body .= View::displayErrorMessage('Aborting.'); self::$logger->error($e->getMessage()); ActiveRecord::rollback(); return new Response(500, $body, array('Content-Type' => 'text/html')); } /* * Save the admin user to the database in the right group */ try { try { $body .= '<p>Attempting to save the Admin account...'; $admin = new Person(); $admin->set('displayName', 'Admin'); $admin->set('email', $session->get('currentUser')->get('email')); $admin->set('password', $session->get('currentUser')->get('password')); $admin->save(); self::$logger->info('Created the admin user account [' . $session->get('currentUser')->get('email') . '] successfully'); $adminGroup->loadByAttribute('name', 'Admin'); $lookup = $adminGroup->getMembers()->getLookup(); $lookup->setValue(array($admin->getID(), $adminGroup->getID())); $lookup->save(); self::$logger->info('Added the admin account to the Admin group successfully'); $body .= View::displayUpdateMessage('Added the admin account to the Admin group successfully'); } catch (FailedIndexCreateException $eice) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($eice->getMessage()); } catch (FailedLookupCreateException $elce) { // this are safe to ignore for now as they will be auto-created later once all of the tables are in place self::$logger->warn($elce->getMessage()); } } catch (\Exception $e) { $body .= View::displayErrorMessage($e->getMessage()); $body .= View::displayErrorMessage('Aborting.'); self::$logger->error($e->getMessage()); ActiveRecord::rollback(); return new Response(500, $body, array('Content-Type' => 'text/html')); } $body .= '<br><p align="center"><a href="' . FrontController::generateSecureURL('act=Alpha\\Controller\\ListActiveRecordsController') . '">Administration Home Page</a></p><br>'; $body .= View::displayPageFoot($this); // commit ActiveRecord::commit(); self::$logger->info('Finished installation!'); self::$logger->action('Installed the application'); self::$logger->debug('<<doGET'); return new Response(200, $body, array('Content-Type' => 'text/html')); }
/** * Testing the doGET method. */ public function testDoGET() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $uri = '/recordselector/m2m/1/hiddenformfield/' . urlencode('Alpha\\Model\\Person') . '/email/' . urlencode('Alpha\\Model\\Rights') . '/name/' . urlencode('Alpha\\Model\\Person') . '/1'; $request = new Request(array('method' => 'GET', 'URI' => $uri)); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method for MANY-TO-MANY relation'); $this->assertEquals('text/html', $response->getHeader('Content-Type'), 'Testing the doGET method'); $uri = '/recordselector/12m/1/hiddenformfield/' . urlencode('Alpha\\Model\\ArticleComment') . '/articleOID/content'; $request = new Request(array('method' => 'GET', 'URI' => $uri)); $response = $front->process($request); $this->assertEquals(200, $response->getStatus(), 'Testing the doGET method for ONE-TO-MANY relation'); $this->assertEquals('text/html', $response->getHeader('Content-Type'), 'Testing the doGET method'); }
public function testDoPUT() { $config = ConfigProvider::getInstance(); $sessionProvider = $config->get('session.provider.name'); $session = SessionProviderFactory::getInstance($sessionProvider); $front = new FrontController(); $controller = new ArticleController(); $article = $this->createArticleObject('test article'); $article->save(); if (!file_exists($article->getAttachmentsLocation())) { mkdir($article->getAttachmentsLocation(), 0774); } $person = $this->createPersonObject('test'); $person->save(); $session->set('currentUser', $person); $securityParams = $controller->generateSecurityFields(); $attachment = array('name' => 'logo.png', 'type' => 'image/png', 'tmp_name' => $config->get('app.root') . 'public/images/logo-small.png'); $params = array('uploadBut' => true, 'var1' => $securityParams[0], 'var2' => $securityParams[1]); $params = array_merge($params, $article->toArray()); $request = new Request(array('method' => 'PUT', 'URI' => '/a/test-article', 'params' => $params, 'files' => array('userfile' => $attachment))); $response = $front->process($request); $this->assertEquals(301, $response->getStatus(), 'Testing the doPUT method'); $this->assertTrue(strpos($response->getHeader('Location'), '/a/test-article/edit') !== false, 'Testing the doPUT method'); $this->assertTrue(file_exists($article->getAttachmentsLocation() . '/logo.png')); $params = array('deletefile' => 'logo.png', 'var1' => $securityParams[0], 'var2' => $securityParams[1]); $params = array_merge($params, $article->toArray()); $request = new Request(array('method' => 'PUT', 'URI' => '/a/test-article', 'params' => $params)); $response = $front->process($request); $this->assertEquals(301, $response->getStatus(), 'Testing the doPUT method'); $this->assertTrue(strpos($response->getHeader('Location'), '/a/test-article/edit') !== false, 'Testing the doPUT method'); $this->assertFalse(file_exists($article->getAttachmentsLocation() . '/logo.png')); }
/** * Renders a form to enable article editing with attachments options. * * @param array $fields hash array of HTML fields to pass to the template * * @since 1.0 * * @return string */ public function editView($fields = array()) { if (method_exists($this, 'before_editView_callback')) { $this->before_editView_callback(); } $config = ConfigProvider::getInstance(); // the form action if (isset($fields['URI'])) { $fields['formAction'] = $fields['URI']; } // the form ID $fields['formID'] = stripslashes(get_class($this->BO)) . '_' . $this->BO->getID(); // buffer form fields to $formFields $fields['formFields'] = $this->renderAllFields('edit'); // buffer HTML output for Create and Cancel buttons $button = new Button('submit', 'Save', 'saveBut'); $fields['saveButton'] = $button->render(); $js = "if(window.jQuery) {\n BootstrapDialog.show({\n title: 'Confirmation',\n message: 'Are you sure you wish to delete this item?',\n buttons: [\n {\n icon: 'glyphicon glyphicon-remove',\n label: 'Cancel',\n cssClass: 'btn btn-default btn-xs',\n action: function(dialogItself){\n dialogItself.close();\n }\n },\n {\n icon: 'glyphicon glyphicon-ok',\n label: 'Okay',\n cssClass: 'btn btn-default btn-xs',\n action: function(dialogItself) {\n \$('[id=\"" . ($config->get('security.encrypt.http.fieldnames') ? base64_encode(SecurityUtils::encrypt('ActiveRecordOID')) : 'ActiveRecordOID') . "\"]').attr('value', '" . $this->BO->getOID() . "');\n \$('#deleteForm').submit();\n dialogItself.close();\n }\n }\n ]\n });\n }"; $button = new Button($js, 'Delete', 'deleteBut'); $fields['deleteButton'] = $button->render(); $button = new Button("document.location = '" . FrontController::generateSecureURL('act=Alpha\\Controller\\ActiveRecordController&ActiveRecordType=' . get_class($this->BO) . '&start=0&limit=' . $config->get('app.list.page.amount')) . "'", 'Back to List', 'cancelBut'); $fields['cancelButton'] = $button->render(); $tags = array(); if (is_object($this->BO->getPropObject('tags'))) { $tags = $this->BO->getPropObject('tags')->getRelatedObjects(); } if (count($tags) > 0) { $button = new Button("document.location = '" . FrontController::generateSecureURL('act=Alpha\\Controller\\TagController&ActiveRecordType=' . get_class($this->BO) . '&ActiveRecordOID=' . $this->BO->getOID()) . "'", 'Edit Tags', 'tagsBut'); $fields['tagsButton'] = $button->render(); } // buffer security fields to $formSecurityFields variable $fields['formSecurityFields'] = $this->renderSecurityFields(); // OID will need to be posted for optimistic lock checking $fields['version_num'] = $this->BO->getVersionNumber(); // file attachments section $fields['fileAttachments'] = $this->renderFileUploadSection(); if (method_exists($this, 'after_editView_callback')) { $this->after_editView_callback(); } return $this->loadTemplate($this->BO, 'edit', $fields); }
/** * Testing default param values are handled correctly. */ public function testDefaultParamValues() { $_SERVER['REQUEST_URI'] = '/'; $front = new FrontController(); $front->addRoute('/one/{param}', function ($request) { return new Response(200, $request->getParam('param')); })->value('param', 'blah'); $request = new Request(array('method' => 'GET', 'URI' => '/one')); $response = $front->process($request); $this->assertEquals('blah', $response->getBody(), 'Testing default param values are handled correctly'); $front->addRoute('/two/{param1}/{param2}', function ($request) { return new Response(200, $request->getParam('param1') . ' ' . $request->getParam('param2')); })->value('param1', 'two')->value('param2', 'params'); $request = new Request(array('method' => 'GET', 'URI' => '/two')); $response = $front->process($request); $this->assertEquals('two params', $response->getBody(), 'Testing default param values are handled correctly'); $request = new Request(array('method' => 'GET', 'URI' => '/two/two')); $response = $front->process($request); $this->assertEquals('two params', $response->getBody(), 'Testing default param values are handled correctly'); $front->addRoute('/three/{param1}/params/{param2}/{param3}', function ($request) { return new Response(200, $request->getParam('param1') . ' ' . $request->getParam('param2')); })->value('param1', 'has')->value('param2', 'three')->value('param3', 'params'); $request = new Request(array('method' => 'GET', 'URI' => '/three/has/params')); $response = $front->process($request); $this->assertEquals('has three', $response->getBody(), 'Testing default param values are handled correctly'); }