/** * {@inheritdoc} */ public function isAllowed($role, $resource, $privilege) { if ($role instanceof IRole) { $role = $role->getRoleId(); } if (!$resource instanceof PresenterResource) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('Resource must be instance of %s, %s given.', PresenterResource::class, gettype($resource))); } $request = $resource->getRequest(); $presenterName = $request->getPresenterName(); list($signal, $signalReceiver) = $this->getSignal($request); if (!$signal) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('No signal sent.')); } $refClass = new PresenterComponentReflection($class = $this->presenterFactory->getPresenterClass($presenterName)); while ($name = array_shift($signalReceiver)) { $name = 'createComponent' . ucfirst($name); if (!$refClass->hasMethod($name)) { throw new \Nette\InvalidStateException(sprintf('Method %s::%s is not implemented.', $refClass->getName(), $name)); } $refMethod = $refClass->getMethod($name); if (!$refMethod->hasAnnotation('return')) { throw new \Nette\InvalidStateException(sprintf('Method %s::%s must have fully qualified return annotation.', $refClass->getName(), $name)); } $refClass = new ClassType($refMethod->getAnnotation('return')); } if (!$refClass->hasMethod($name = Presenter::formatSignalMethod($signal))) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('Method %s::%s is not implemented.', $refClass->getName(), $name)); } $refMethod = $refClass->getMethod($name); if (!$refMethod->hasAnnotation($privilege)) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('Method %s::%s does not have annotation %s.', $refClass->getName(), $name, $privilege)); } return in_array($role, preg_split('#\\s+#', trim((string) $refMethod->getAnnotation($privilege)))); }
/** * @return null|string */ public function getErrorPresenter() { $errorPresenter = $this->defaultErrorPresenter; $request = $this->router->match($this->httpRequest); if (!$request instanceof Request) { return $errorPresenter; } $name = $request->getPresenterName(); $modules = explode(":", $name); unset($modules[count($modules) - 1]); while (count($modules) != 0) { $catched = false; try { $errorPresenter = implode(":", $modules) . ':Error'; $this->presenterFactory->getPresenterClass($errorPresenter); break; } catch (InvalidPresenterException $e) { $catched = true; } unset($modules[count($modules) - 1]); } if (isset($catched) && $catched) { return $this->defaultErrorPresenter; } return $errorPresenter; }
/** * Generates URL to presenter. * @param string destination in format "[[[module:]presenter:]action] [#fragment]" * @return string * @throws UI\InvalidLinkException */ public function link($dest, array $params = array()) { if (!preg_match('~^([\\w:]+):(\\w*+)(#.*)?()\\z~', $dest, $m)) { throw new UI\InvalidLinkException("Invalid link destination '{$dest}'."); } list(, $presenter, $action, $frag) = $m; try { $class = $this->presenterFactory ? $this->presenterFactory->getPresenterClass($presenter) : NULL; } catch (InvalidPresenterException $e) { throw new UI\InvalidLinkException($e->getMessage(), NULL, $e); } if (is_subclass_of($class, 'Nette\\Application\\UI\\Presenter')) { if ($action === '') { $action = UI\Presenter::DEFAULT_ACTION; } if (method_exists($class, $method = $class::formatActionMethod($action)) || method_exists($class, $method = $class::formatRenderMethod($action))) { UI\Presenter::argsToParams($class, $method, $params); } } if ($action !== '') { $params[UI\Presenter::ACTION_KEY] = $action; } $url = $this->router->constructUrl(new Request($presenter, NULL, $params), $this->refUrl); if ($url === NULL) { unset($params[UI\Presenter::ACTION_KEY]); $params = urldecode(http_build_query($params, NULL, ', ')); throw new UI\InvalidLinkException("No route for {$dest}({$params})"); } return $url . $frag; }
/** * Check whenever current user is allowed to use given link * * @param string $element etc "this", ":Admin:Show:default" * * @return bool */ public function isAllowed($element) { list($presenter, $action) = $this->formatLink($element); $presenterReflection = UI\PresenterComponentReflection::from($this->presenterFactory->getPresenterClass($presenter)); if (!$this->requirementsChecker->isAllowed($presenterReflection)) { return FALSE; } $actionKey = UI\Presenter::ACTION_KEY . ucfirst($action); if ($presenterReflection->hasMethod($actionKey) && !$this->requirementsChecker->isAllowed($presenterReflection->getMethod($actionKey))) { return FALSE; } return TRUE; }
/** * Check whenever current user is allowed to use given link * @param string $link etc "this", ":Admin:Show:default" * @return bool */ public function isAllowed($link) { list($presenter, $action) = $this->formatLink($link); $presenterReflection = PresenterComponentReflection::from($this->presenterFactory->getPresenterClass($presenter)); if (!$this->permissionChecker->isAllowed($presenterReflection)) { return false; } $actionKey = Presenter::ACTION_KEY . ucfirst($action); if ($presenterReflection->hasMethod($actionKey) && !$this->permissionChecker->isAllowed($presenterReflection->getMethod($actionKey))) { return false; } return true; }
private function findSource() { $request = $this->request; $presenter = $request->getPresenterName(); try { $class = $this->presenterFactory->getPresenterClass($presenter); } catch (Nette\Application\InvalidPresenterException $e) { return; } $rc = Nette\Reflection\ClassType::from($class); if ($rc->isSubclassOf('Nette\Application\UI\Presenter')) { if (isset($request->parameters[Presenter::SIGNAL_KEY])) { $method = $class::formatSignalMethod($request->parameters[Presenter::SIGNAL_KEY]); } elseif (isset($request->parameters[Presenter::ACTION_KEY])) { $action = $request->parameters[Presenter::ACTION_KEY]; $method = $class::formatActionMethod($action); if (!$rc->hasMethod($method)) { $method = $class::formatRenderMethod($action); } } } $this->source = isset($method) && $rc->hasMethod($method) ? $rc->getMethod($method) : $rc; }
/** * @param string $destination in format "[[module:]presenter:]action" or "signal!" or "this" * @param string [] * @return bool */ public function isAuthorized($destination) { if ($destination == 'this') { $class = get_class($this); $action = $this->action; } elseif (substr($destination, -1, 1) == '!') { $class = get_class($this); $action = $this->action; $do = substr($destination, 0, -1); } elseif (ctype_lower(substr($destination, 0, 1))) { $class = get_class($this); $action = $destination; } else { if (substr($destination, 0, 1) === ':') { $link = substr($destination, 1); $link = substr($link, 0, strrpos($link, ':')); $action = substr($destination, strrpos($destination, ':') + 1); } else { $link = substr($this->name, 0, strrpos($this->name, ':')); $link = $link . ($link ? ':' : '') . substr($destination, 0, strrpos($destination, ':')); $action = substr($destination, strrpos($destination, ':') + 1); } $action = $action ?: 'default'; $class = $this->presenterFactory->getPresenterClass($link); } $schema = $this->controlVerifier->getControlVerifierReader()->getSchema($class); if (isset($schema['action' . ucfirst($action)])) { $classReflection = new \Nette\Reflection\ClassType($class); $method = $classReflection->getMethod('action' . ucfirst($action)); try { $this->controlVerifier->checkRequirements($method); } catch (ForbiddenRequestException $e) { return false; } } if (isset($do) && isset($schema['handle' . ucfirst($do)])) { $classReflection = new \Nette\Reflection\ClassType($class); $method = $classReflection->getMethod('handle' . ucfirst($do)); try { $this->controlVerifier->checkRequirements($method); } catch (ForbiddenRequestException $e) { return false; } } return true; }
/** * {@inheritdoc} */ public function isAllowed($role, $resource, $privilege) { if ($role instanceof IRole) { $role = $role->getRoleId(); } if (!$resource instanceof PresenterResource) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('Resource must be instance of %s, %s given.', PresenterResource::class, gettype($resource))); } $request = $resource->getRequest(); $presenterName = $request->getPresenterName(); $refClass = new PresenterComponentReflection($class = $this->presenterFactory->getPresenterClass($presenterName)); if (!$refClass->hasMethod($name = Presenter::formatRenderMethod($this->getRenderName($request)))) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('Method %s::%s is not implemented.', $class, $name)); } $refMethod = $refClass->getMethod($name); if (!$refMethod->hasAnnotation($privilege)) { throw new \Ark8\Security\Exceptions\SkipException(sprintf('Method %s::%s does not have annotation %s.', $class, $name, $privilege)); } return in_array($role, preg_split('#\\s+#', trim((string) $refMethod->getAnnotation($privilege)))); }
/** * Generates URL to presenter. * @param string destination in format "[[[module:]presenter:]action] [#fragment]" * @return string * @throws UI\InvalidLinkException */ public function link($dest, array $params = []) { if (!preg_match('~^([\\w:]+):(\\w*+)(#.*)?()\\z~', $dest, $m)) { throw new UI\InvalidLinkException("Invalid link destination '{$dest}'."); } list(, $presenter, $action, $frag) = $m; try { $class = $this->presenterFactory ? $this->presenterFactory->getPresenterClass($presenter) : NULL; } catch (InvalidPresenterException $e) { throw new UI\InvalidLinkException($e->getMessage(), NULL, $e); } if (is_subclass_of($class, UI\Presenter::class)) { if ($action === '') { $action = UI\Presenter::DEFAULT_ACTION; } if (method_exists($class, $method = $class::formatActionMethod($action)) || method_exists($class, $method = $class::formatRenderMethod($action))) { UI\Presenter::argsToParams($class, $method, $params, [], $missing); if ($missing) { $rp = $missing[0]; throw new UI\InvalidLinkException("Missing parameter \${$rp->getName()} required by {$rp->getDeclaringClass()->getName()}::{$rp->getDeclaringFunction()->getName()}()"); } } elseif (array_key_exists(0, $params)) { throw new UI\InvalidLinkException("Unable to pass parameters to action '{$presenter}:{$action}', missing corresponding method."); } } if ($action !== '') { $params[UI\Presenter::ACTION_KEY] = $action; } $url = $this->router->constructUrl(new Request($presenter, NULL, $params), $this->refUrl); if ($url === NULL) { unset($params[UI\Presenter::ACTION_KEY]); $params = urldecode(http_build_query($params, NULL, ', ')); throw new UI\InvalidLinkException("No route for {$dest}({$params})"); } return $url . $frag; }
private function findErrorPresenter($module) { while ($module !== '') { $pos = strrpos($module, ':'); $module = $pos !== false ? substr($module, 0, $pos) : ''; $errorPresenter = "{$module}:{$this->errorPresenter}"; try { $this->presenterFactory->getPresenterClass($errorPresenter); } catch (InvalidPresenterException $_) { continue; } return $errorPresenter; } return $this->errorPresenter; }
/** * @return Request */ public function createInitialRequest() { $request = $this->router->match($this->httpRequest); if (!$request instanceof Request) { throw new BadRequestException('No route for HTTP request.'); } elseif (strcasecmp($request->getPresenterName(), $this->errorPresenter) === 0) { throw new BadRequestException('Invalid request. Presenter is not achievable.'); } try { $name = $request->getPresenterName(); $this->presenterFactory->getPresenterClass($name); } catch (InvalidPresenterException $e) { throw new BadRequestException($e->getMessage(), 0, $e); } return $request; }
/** * Request/URL factory. * @param PresenterComponent base * @param string destination in format "[//] [[[module:]presenter:]action | signal! | this] [#fragment]" * @param array array of arguments * @param string forward|redirect|link * @return string URL * @throws InvalidLinkException * @internal */ protected function createRequest($component, $destination, array $args, $mode) { // note: createRequest supposes that saveState(), run() & tryCall() behaviour is final $this->lastCreatedRequest = $this->lastCreatedRequestFlag = NULL; // PARSE DESTINATION // 1) fragment $a = strpos($destination, '#'); if ($a === FALSE) { $fragment = ''; } else { $fragment = substr($destination, $a); $destination = substr($destination, 0, $a); } // 2) ?query syntax $a = strpos($destination, '?'); if ($a !== FALSE) { parse_str(substr($destination, $a + 1), $args); $destination = substr($destination, 0, $a); } // 3) URL scheme $a = strpos($destination, '//'); if ($a === FALSE) { $scheme = FALSE; } else { $scheme = substr($destination, 0, $a); $destination = substr($destination, $a + 2); } // 4) signal or empty if (!$component instanceof self || substr($destination, -1) === '!') { $signal = rtrim($destination, '!'); $a = strrpos($signal, ':'); if ($a !== FALSE) { $component = $component->getComponent(strtr(substr($signal, 0, $a), ':', '-')); $signal = (string) substr($signal, $a + 1); } if ($signal == NULL) { // intentionally == throw new InvalidLinkException('Signal must be non-empty string.'); } $destination = 'this'; } if ($destination == NULL) { // intentionally == throw new InvalidLinkException('Destination must be non-empty string.'); } // 5) presenter: action $current = FALSE; $a = strrpos($destination, ':'); if ($a === FALSE) { $action = $destination === 'this' ? $this->action : $destination; $presenter = $this->getName(); $presenterClass = get_class($this); } else { $action = (string) substr($destination, $a + 1); if ($destination[0] === ':') { // absolute if ($a < 2) { throw new InvalidLinkException("Missing presenter name in '{$destination}'."); } $presenter = substr($destination, 1, $a - 1); } else { // relative $presenter = $this->getName(); $b = strrpos($presenter, ':'); if ($b === FALSE) { // no module $presenter = substr($destination, 0, $a); } else { // with module $presenter = substr($presenter, 0, $b + 1) . substr($destination, 0, $a); } } if (!$this->presenterFactory) { throw new Nette\InvalidStateException('Unable to create link to other presenter, service PresenterFactory has not been set.'); } try { $presenterClass = $this->presenterFactory->getPresenterClass($presenter); } catch (Application\InvalidPresenterException $e) { throw new InvalidLinkException($e->getMessage(), NULL, $e); } } // PROCESS SIGNAL ARGUMENTS if (isset($signal)) { // $component must be IStatePersistent $reflection = new PresenterComponentReflection(get_class($component)); if ($signal === 'this') { // means "no signal" $signal = ''; if (array_key_exists(0, $args)) { throw new InvalidLinkException("Unable to pass parameters to 'this!' signal."); } } elseif (strpos($signal, self::NAME_SEPARATOR) === FALSE) { // counterpart of signalReceived() & tryCall() $method = $component->formatSignalMethod($signal); if (!$reflection->hasCallableMethod($method)) { throw new InvalidLinkException("Unknown signal '{$signal}', missing handler {$reflection->getName()}::{$method}()"); } if ($args) { // convert indexed parameters to named self::argsToParams(get_class($component), $method, $args); } } // counterpart of IStatePersistent if ($args && array_intersect_key($args, $reflection->getPersistentParams())) { $component->saveState($args); } if ($args && $component !== $this) { $prefix = $component->getUniqueId() . self::NAME_SEPARATOR; foreach ($args as $key => $val) { unset($args[$key]); $args[$prefix . $key] = $val; } } } // PROCESS ARGUMENTS if (is_subclass_of($presenterClass, __CLASS__)) { if ($action === '') { $action = self::DEFAULT_ACTION; } $current = ($action === '*' || strcasecmp($action, $this->action) === 0) && $presenterClass === get_class($this); $reflection = new PresenterComponentReflection($presenterClass); if ($args || $destination === 'this') { // counterpart of run() & tryCall() $method = $presenterClass::formatActionMethod($action); if (!$reflection->hasCallableMethod($method)) { $method = $presenterClass::formatRenderMethod($action); if (!$reflection->hasCallableMethod($method)) { $method = NULL; } } // convert indexed parameters to named if ($method === NULL) { if (array_key_exists(0, $args)) { throw new InvalidLinkException("Unable to pass parameters to action '{$presenter}:{$action}', missing corresponding method."); } } elseif ($destination === 'this') { self::argsToParams($presenterClass, $method, $args, $this->params); } else { self::argsToParams($presenterClass, $method, $args); } } // counterpart of IStatePersistent if ($args && array_intersect_key($args, $reflection->getPersistentParams())) { $this->saveState($args, $reflection); } if ($mode === 'redirect') { $this->saveGlobalState(); } $globalState = $this->getGlobalState($destination === 'this' ? NULL : $presenterClass); if ($current && $args) { $tmp = $globalState + $this->params; foreach ($args as $key => $val) { if (http_build_query([$val]) !== (isset($tmp[$key]) ? http_build_query([$tmp[$key]]) : '')) { $current = FALSE; break; } } } $args += $globalState; } // ADD ACTION & SIGNAL & FLASH if ($action) { $args[self::ACTION_KEY] = $action; } if (!empty($signal)) { $args[self::SIGNAL_KEY] = $component->getParameterId($signal); $current = $current && $args[self::SIGNAL_KEY] === $this->getParameter(self::SIGNAL_KEY); } if (($mode === 'redirect' || $mode === 'forward') && $this->hasFlashSession()) { $args[self::FLASH_KEY] = $this->getParameter(self::FLASH_KEY); } $this->lastCreatedRequest = new Application\Request($presenter, Application\Request::FORWARD, $args, [], []); $this->lastCreatedRequestFlag = ['current' => $current]; if ($mode === 'forward' || $mode === 'test') { return; } // CONSTRUCT URL static $refUrl; if ($refUrl === NULL) { $refUrl = new Http\Url($this->httpRequest->getUrl()); $refUrl->setPath($this->httpRequest->getUrl()->getScriptPath()); } if (!$this->router) { throw new Nette\InvalidStateException('Unable to generate URL, service Router has not been set.'); } $url = $this->router->constructUrl($this->lastCreatedRequest, $refUrl); if ($url === NULL) { unset($args[self::ACTION_KEY]); $params = urldecode(http_build_query($args, NULL, ', ')); throw new InvalidLinkException("No route for {$presenter}:{$action}({$params})"); } // make URL relative if possible if ($mode === 'link' && $scheme === FALSE && !$this->absoluteUrls) { $hostUrl = $refUrl->getHostUrl() . '/'; if (strncmp($url, $hostUrl, strlen($hostUrl)) === 0) { $url = substr($url, strlen($hostUrl) - 1); } } return $url . $fragment; }
/** * Dispatch a HTTP request to a front controller. * * @return void */ public function run() { $request = null; $repeatedError = false; do { try { if (count($this->requests) > self::$maxLoop) { throw new ApplicationException('Too many loops detected in application life cycle.'); } if (!$request) { $this->onStartup($this); $request = $this->router->match($this->httpRequest); if (!$request instanceof Request) { $request = null; throw new BadRequestException('No route for HTTP request.'); } if (strcasecmp($request->getPresenterName(), $this->errorPresenter) === 0) { throw new BadRequestException('Invalid request. Presenter is not achievable.'); } } $this->requests[] = $request; $this->onRequest($this, $request); // Instantiate presenter $presenterName = $request->getPresenterName(); try { $this->presenter = $this->presenterFactory->createPresenter($presenterName); } catch (InvalidPresenterException $e) { throw new BadRequestException($e->getMessage(), 404, $e); } $this->presenterFactory->getPresenterClass($presenterName); $request->setPresenterName($presenterName); $request->freeze(); // Execute presenter $response = $this->presenter->run($request); if ($response) { $this->onResponse($this, $response); } // Send response if ($response instanceof Responses\ForwardResponse) { $request = $response->getRequest(); continue; } elseif ($response instanceof IResponse) { $response->send($this->httpRequest, $this->httpResponse); } break; } catch (\Exception $e) { // fault barrier $this->onError($this, $e); if (!$this->catchExceptions) { $this->onShutdown($this, $e); throw $e; } if ($repeatedError) { $e = new ApplicationException('An error occurred while executing error-presenter', 0, $e); } if (!$this->httpResponse->isSent()) { $this->httpResponse->setCode($e instanceof BadRequestException ? $e->getCode() : 500); } if (!$repeatedError && $this->errorPresenter) { $repeatedError = true; if ($this->presenter instanceof UI\Presenter) { try { $this->presenter->forward(":{$this->errorPresenter}:", array('exception' => $e)); } catch (AbortException $foo) { $request = $this->presenter->getLastCreatedRequest(); } } else { $request = new Request($this->errorPresenter, Request::FORWARD, array('exception' => $e)); } // continue } else { // default error handler if ($e instanceof BadRequestException) { $code = $e->getCode(); } else { $code = 500; Nette\Diagnostics\Debugger::log($e, Nette\Diagnostics\Debugger::ERROR); } require __DIR__ . '/templates/error.phtml'; break; } } } while (1); $this->onShutdown($this, isset($e) ? $e : null); }
/** * Dispatch a HTTP request to a front controller. * @return void */ public function run() { $request = NULL; $repeatedError = FALSE; do { try { if (count($this->requests) > self::$maxLoop) { throw new ApplicationException('Too many loops detected in application life cycle.'); } if (!$request) { $this->onStartup($this); $request = $this->router->match($this->httpRequest); if (!$request instanceof Request) { $request = NULL; throw new BadRequestException('No route for HTTP request.'); } if (strcasecmp($request->getPresenterName(), $this->errorPresenter) === 0) { throw new BadRequestException('Invalid request. Presenter is not achievable.'); } } $this->requests[] = $request; $this->onRequest($this, $request); // Instantiate presenter $presenterName = $request->getPresenterName(); try { $this->presenter = $this->presenterFactory->createPresenter($presenterName); } catch (InvalidPresenterException $e) { throw new BadRequestException($e->getMessage(), 404, $e); } $this->presenterFactory->getPresenterClass($presenterName); $request->setPresenterName($presenterName); $request->freeze(); // Execute presenter $response = $this->presenter->run($request); if ($response) { $this->onResponse($this, $response); } // Send response if ($response instanceof Responses\ForwardResponse) { $request = $response->getRequest(); continue; } elseif ($response instanceof IResponse) { $response->send($this->httpRequest, $this->httpResponse); } break; } catch (\Exception $e) { $this->onError($this, $e); if ($repeatedError) { $e = new ApplicationException("An error occurred while executing error-presenter '{$this->errorPresenter}'.", 0, $e); } if ($repeatedError || !$this->catchExceptions) { $this->onShutdown($this, $e); throw $e; } $repeatedError = TRUE; $this->errorPresenter = $this->errorPresenter ?: 'Nette:Error'; if (!$this->httpResponse->isSent()) { $this->httpResponse->setCode($e instanceof BadRequestException ? $e->getCode() : 500); } if ($this->presenter instanceof UI\Presenter) { try { $this->presenter->forward(":{$this->errorPresenter}:", array('exception' => $e)); } catch (AbortException $foo) { $request = $this->presenter->getLastCreatedRequest(); } } else { $request = new Request($this->errorPresenter, Request::FORWARD, array('exception' => $e)); } // continue } } while (1); $this->onShutdown($this, isset($e) ? $e : NULL); }