/**
* Override base method to do some processing of incoming requests
*
* @param \CAction $action
*
* @return bool
* @throws Exception
*/
protected function _beforeAction($action)
{
/**
* fix the slash at the end, Yii removes trailing slash by default,
* but it is needed in some APIs to determine file vs folder, etc.
* 'rest/<service:[_0-9a-zA-Z-]+>/<resource:[_0-9a-zA-Z-\/. ]+>'
*/
$_path = $_service = FilterInput::get($_GET, 'path', null, FILTER_SANITIZE_STRING);
$_resource = null;
if (false !== ($_pos = strpos($_path, '/'))) {
$_service = substr($_path, 0, $_pos);
$_resource = $_pos < strlen($_path) ? substr($_path, $_pos + 1) : null;
// // fix removal of trailing slashes from resource
// if ( !empty( $this->_resource ) )
// {
// $requestUri = Yii::app()->request->requestUri;
//
// if ( ( false === strpos( $requestUri, '?' ) && '/' === substr( $requestUri, strlen( $requestUri ) - 1, 1 ) ) ||
// ( '/' === substr( $requestUri, strpos( $requestUri, '?' ) - 1, 1 ) )
// )
// {
// $this->_resource .= '/';
// }
// }
}
return array($_service, $_resource);
}
/**
*
*/
public function actionGet()
{
$_service = FilterInput::get(INPUT_GET, 'service', '');
try {
/** @var BaseFileSvc $_obj */
$_obj = ServiceHandler::getServiceObject($_service);
switch ($_obj->getType()) {
case 'Local File Storage':
case 'Remote File Storage':
$_fullPath = FilterInput::get(INPUT_GET, 'path', '');
if (!empty($_obj->privatePaths)) {
// match path pieces to public accessible
$_count = substr_count($_fullPath, '/');
$_pos = -1;
for ($_ndx = 0; $_ndx < $_count; $_ndx++) {
$_pos = strpos($_fullPath, '/', $_pos + 1);
$_piece = substr($_fullPath, 0, $_pos) . '/';
if (false !== array_search($_piece, $_obj->privatePaths)) {
$_statusHeader = 'HTTP/1.1 403 Forbidden. You have no access to this file or folder.';
header($_statusHeader);
header('Content-Type: text/html');
Pii::end();
}
}
// check for full file path
if (false !== array_search($_fullPath, $_obj->privatePaths)) {
$_statusHeader = 'HTTP/1.1 403 Forbidden. You have no access to this file or folder.';
header($_statusHeader);
header('Content-Type: text/html');
Pii::end();
}
}
$_container = substr($_fullPath, 0, strpos($_fullPath, '/'));
$_path = ltrim(substr($_fullPath, strpos($_fullPath, '/') + 1), '/');
$_obj->streamFile($_container, $_path);
Pii::end();
break;
}
$_statusHeader = 'HTTP/1.1 403 Forbidden. You have no access to this file or folder.';
header($_statusHeader);
header('Content-Type: text/html');
Pii::end();
} catch (\Exception $ex) {
die($ex->getMessage());
}
}
/**
* First-time Welcome page
*/
public function actionWelcome()
{
// User cool too?
if (null === ($_user = ResourceStore::model('user')->findByPk(Session::getCurrentUserId()))) {
throw new ForbiddenException();
}
/**
* If request contains a "force_remove=1" parameter,
* remove the registration file and redirect
*/
if ('1' == FilterInput::get(INPUT_GET, 'force_remove', 0)) {
Log::debug('Forced removal of registration marker requested.');
SystemManager::registerPlatform($_user, false, true);
$this->redirect($this->_getRedirectUrl());
}
$_model = new SupportForm();
// collect user input data
if (isset($_POST, $_POST['SupportForm'])) {
$_model->setAttributes($_POST['SupportForm']);
// Validate user input and redirect to the previous page if valid
if ($_model->validate()) {
try {
SystemManager::registerPlatform($_user, $_model->getSkipped());
$this->redirect($this->_getRedirectUrl());
return;
} catch (\Exception $_ex) {
$_model->addError(null, $_ex->getMessage());
}
}
$_model->addError('Problem', 'Registration System Unavailable');
}
$this->render('welcome', array('model' => $_model));
}
/**
* Checks the progress of any in-flight OAuth requests
*
* @param bool $skipTokenCheck If true, assume there is no token
*
* @throws NotImplementedException
* @throws \DreamFactory\Oasys\Exceptions\RedirectRequiredException
* @return string
*/
public function checkAuthenticationProgress($skipTokenCheck = false)
{
if (false === $skipTokenCheck && $this->getConfig('access_token')) {
return true;
}
if (GrantTypes::AUTHORIZATION_CODE != $this->getConfig('grant_type')) {
throw new NotImplementedException();
}
$_code = FilterInput::get(INPUT_GET, 'code');
// No code is present, request one
if (empty($_code)) {
$_redirectUrl = $this->getAuthorizationUrl();
if (Flows::SERVER_SIDE == $this->getConfig('flow_type')) {
throw new RedirectRequiredException($_redirectUrl);
}
header('Location: ' . $_redirectUrl);
exit;
}
// Figure out where the redirect goes...
$_redirectUri = $this->getConfig('redirect_uri');
$_proxyUrl = $this->getConfig('redirect_proxy_url');
if (!empty($_proxyUrl)) {
$_redirectUri = $_proxyUrl;
}
// Got a code, now get a token
$_token = $this->requestAccessToken(GrantTypes::AUTHORIZATION_CODE, array('code' => $_code, 'redirect_uri' => $_redirectUri, 'state' => Option::request('state')));
$_info = null;
if (isset($_token, $_token['result'])) {
if (!is_string($_token['result'])) {
$_info = $_token['result'];
} else {
parse_str($_token['result'], $_info);
}
$this->_responsePayload = $_info;
}
if (!is_array($_info) && !is_object($_info) || null !== ($_error = Option::get($_info, 'error'))) {
// Error
Log::error('Error returned from oauth token request: ' . print_r($_info, true));
$this->_revokeAuthorization();
return false;
}
return $this->_processReceivedToken($_info);
}
