/** * Before advice for all methods annotated with "@Flow\Session(autoStart=true)". * Those methods will trigger a session initialization if a session does not exist * yet. * * @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current join point * @return void * @fixme The pointcut expression below does not consider the options of the session annotation – needs adjustments in the AOP framework * @Flow\Before("methodAnnotatedWith(TYPO3\Flow\Annotations\Session)") */ public function initializeSession(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint) { if ($this->session->isStarted() === TRUE) { return; } $objectName = $this->objectManager->getObjectNameByClassName(get_class($joinPoint->getProxy())); $methodName = $joinPoint->getMethodName(); $this->systemLogger->log(sprintf('Session initialization triggered by %s->%s.', $objectName, $methodName), LOG_DEBUG); $this->session->start(); }
/** * Hooks into the editable viewhelper to render those attributes needed for the package's inline editing * * @Flow\Around("method(TYPO3\Neos\Service\ContentElementEditableService->wrapContentProperty())") * @param JoinPointInterface $joinPoint the join point * @return mixed */ public function editableElementAugmentation(JoinPointInterface $joinPoint) { if (!$this->session->isStarted() || !$this->session->getData('__neosEnabled__')) { return $joinPoint->getAdviceChain()->proceed($joinPoint); } $property = $joinPoint->getMethodArgument('property'); $node = $joinPoint->getMethodArgument('node'); $content = $joinPoint->getAdviceChain()->proceed($joinPoint); $attributes = ['data-__neos-property' => $property]; if ($node !== null) { $attributes += ['data-__neos-editable-node-contextpath' => $node->getContextPath()]; } return $this->htmlAugmenter->addAttributes($content, $attributes, 'span'); }
/** * Returns the specified session. If no session with the given identifier exists, * NULL is returned. * * @param string $sessionIdentifier The session identifier * @return \TYPO3\Flow\Session\Session * @api */ public function getSession($sessionIdentifier) { if ($this->currentSession !== NULL && $this->currentSession->isStarted() && $this->currentSession->getId() === $sessionIdentifier) { return $this->currentSession; } if (isset($this->remoteSessions[$sessionIdentifier])) { return $this->remoteSessions[$sessionIdentifier]; } if ($this->metaDataCache->has($sessionIdentifier)) { $sessionInfo = $this->metaDataCache->get($sessionIdentifier); $this->remoteSessions[$sessionIdentifier] = new Session($sessionIdentifier, $sessionInfo['storageIdentifier'], $sessionInfo['lastActivityTimestamp'], $sessionInfo['tags']); return $this->remoteSessions[$sessionIdentifier]; } }
/** * Shows the specified node and takes visibility and access restrictions into * account. * * @param NodeInterface $node * @return string View output for the specified node * @Flow\SkipCsrfProtection We need to skip CSRF protection here because this action could be called with unsafe requests from widgets or plugins that are rendered on the node - For those the CSRF token is validated on the sub-request, so it is safe to be skipped here * @Flow\IgnoreValidation("node") * @throws NodeNotFoundException */ public function showAction(NodeInterface $node = NULL) { if ($node === NULL) { throw new NodeNotFoundException('The requested node does not exist or isn\'t accessible to the current user', 1430218623); } if (!$node->getContext()->isLive() && !$this->privilegeManager->isPrivilegeTargetGranted('TYPO3.Neos:Backend.GeneralAccess')) { $this->redirect('index', 'Login', NULL, array('unauthorized' => TRUE)); } $inBackend = $node->getContext()->isInBackend(); if ($node->getNodeType()->isOfType('TYPO3.Neos:Shortcut') && !$inBackend) { $this->handleShortcutNode($node); } $this->view->assign('value', $node); if ($inBackend) { $this->overrideViewVariablesFromInternalArguments(); /** @var UserInterfaceMode $renderingMode */ $renderingMode = $node->getContext()->getCurrentRenderingMode(); $this->response->setHeader('Cache-Control', 'no-cache'); if ($renderingMode !== NULL) { // Deprecated TypoScript context variable from version 2.0. $this->view->assign('editPreviewMode', $renderingMode->getTypoScriptPath()); } if (!$this->view->canRenderWithNodeAndPath()) { $this->view->setTypoScriptPath('rawContent'); } } if ($this->session->isStarted() && $inBackend) { $this->session->putData('lastVisitedNode', $node->getContextPath()); } }
/** * @param \Peytz\Vote\Domain\Model\Vote $newVote * @return void */ public function registerAction(Vote $newVote) { if (!$this->session->isStarted()) { $this->session->start(); } /** @var \Peytz\Vote\Domain\Model\Vote $vote */ if ($vote = $this->voteRepository->findOneBySession($this->session->getId())) { $vote->setDate(new \DateTime()); $vote->setValue($newVote->getValue()); $this->voteRepository->update($vote); } else { $newVote->setDate(new \DateTime()); $newVote->setSession($this->session->getId()); $this->voteRepository->add($newVote); } $this->session->putData('hasVoted', true); $this->addFlashMessage('Vote registered.'); $this->redirect('index'); }
/** * * @param string $workspaceName * @return NodeInterface */ protected function getLastVisitedNode($workspaceName) { if (!$this->session->isStarted() || !$this->session->hasKey('lastVisitedNode')) { return null; } try { $lastVisitedNode = $this->propertyMapper->convert($this->session->getData('lastVisitedNode'), NodeInterface::class); $q = new FlowQuery([$lastVisitedNode]); $lastVisitedNodeUserWorkspace = $q->context(['workspaceName' => $workspaceName])->get(0); return $lastVisitedNodeUserWorkspace; } catch (\Exception $exception) { return null; } }
/** * Logout all active authentication tokens * * @return void */ public function logout() { if ($this->isAuthenticated() !== TRUE) { return; } $this->isAuthenticated = NULL; /** @var $token TokenInterface */ foreach ($this->securityContext->getAuthenticationTokens() as $token) { $token->setAuthenticationStatus(TokenInterface::NO_CREDENTIALS_GIVEN); } $this->emitLoggedOut(); if ($this->session->isStarted()) { $this->session->destroy('Logout through AuthenticationProviderManager'); } }
/** * Validate the Captcha in the current request by asking the recaptcha server. * For this to work, the form of the current request has to contain the <x:recaptcha /> template * function. * @param string $challenge The challenge that was given by recaptcha * @param string $response The response the user put in * @param boolean $remember Optional. If true, the correctly solved captcha is remembered and the * user does not have to fill it out again. Remember to use invalidate() in this case! * @return mixed Boolean true on success, the localized error string on failure (check with ===). */ public function validate($challenge, $response, $remember = false) { if (!$this->session->isStarted()) { $this->session->start(); } if ($remember && $this->isRemembered()) { return true; } if (empty($response)) { return "Please type in the confirmation code!"; } // Check via recaptcha lib require_once "resource://TYPO3.Recaptcha/PHP/recaptchalib.php"; $remoteAddress = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : NULL; $resp = Ext\recaptcha_check_answer($this->settings["security"]["privateKey"], $remoteAddress, $challenge, $response); if (!$resp->is_valid) { return $this->decodeError($resp->error); } // remember if we want to remember if ($remember) { $this->session->putData("recaptcha_timestamp", time()); } return true; }
public function enableNewBackend() { return $this->session->isStarted() && $this->session->getData('__cheEnabled__'); }