Get request
| public getRequest ( ) : Zend\Stdlib\RequestInterface | ||
| return | Zend\Stdlib\RequestInterface | |
public function __invoke(MvcEvent $event)
{
if ($event->getRouteMatch()->getMatchedRouteName() === 'oauth/authorize' || $event->getRouteMatch()->getMatchedRouteName() === 'oauth/code') {
$auth = $this->authentication;
if (!$auth->hasIdentity()) {
//redirect to login form before granting permissions - exception would be client_credentials grant type
$url = $event->getRouter()->assemble([], array('name' => 'dotuser/login'));
$host = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'on' ? 'https://' : 'http://';
$host .= $_SERVER['HTTP_HOST'];
$url = $host . $url . '?redirect=' . urlencode($event->getRequest()->getUriString());
$response = $event->getResponse();
$response->getHeaders()->addHeaderLine('Location', $url);
$response->setStatusCode(302);
$response->sendHeaders();
exit;
} else {
$identity = $auth->getIdentity();
$request = $event->getRequest();
$client_id = $request->getQuery('client_id');
//check to see if user already ganted permissions and is not revoked to skip the step and redirecting directly
if ($event->getRouteMatch()->getMatchedRouteName() === 'oauth/authorize') {
if ($this->userRevokeStorage->isAuthorized($client_id, $identity->getUsername())) {
$newRequest = new \ZF\ContentNegotiation\Request();
$newRequest->setMethod(\Zend\Http\Request::METHOD_POST);
$newRequest->getPost()->set('authorized', 'yes');
$event->setRequest($newRequest);
}
}
}
}
}
public function onBootstrap(MvcEvent $e)
{
$eventManager = $e->getApplication()->getEventManager();
$moduleRouteListener = new ModuleRouteListener();
$moduleRouteListener->attach($eventManager);
UriFactory::registerScheme('chrome-extension', 'Zend\\Uri\\Uri');
if (method_exists($e->getRequest(), 'getHeaders')) {
$headers = $e->getRequest()->getHeaders();
if ($headers->has('Origin') && $headers->has('X-Requested-With') && $headers->addHeaderLine('Access-Control-Allow-Methods: PUT, GET, POST, PATCH, DELETE, OPTIONS') && $headers->get('X-Requested-With')->getFieldValue() === 'com.ionicframework.notifycar') {
//convert to array because get method throw an exception
$headersArray = $headers->toArray();
$origin = $headersArray['Origin'];
if ($origin === 'file://') {
unset($headersArray['Origin']);
$headers->clearHeaders();
$headers->addHeaders($headersArray);
//$headers->addHeaderLine('Access-Control-Allow-Methods: PUT, GET, POST, PATCH, DELETE, OPTIONS');
//this is a valid uri
$headers->addHeaderLine('Origin', 'file://mobile');
} else {
if ($origin === 'chrome-extension') {
unset($headersArray['Origin']);
$headers->clearHeaders();
$headers->addHeaders($headersArray);
//$headers->addHeaderLine('Access-Control-Allow-Methods: PUT, GET, POST, PATCH, DELETE, OPTIONS');
//this is a valid uri
$headers->addHeaderLine('Origin', 'chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop');
//$headers->addHeaderLine('Origin', 'chrome-extension://aicmkgpgakddgnaphhhpliifpcfhicfo');
}
}
}
}
}
/**
* @param $controllerName
* @param $action
* @param array $params
* @return string|\Zend\Stdlib\ResponseInterface
* @throws \Exception
*/
public function runControllerAction($controllerName, $action, $params = array())
{
$this->event->getRouteMatch()->setParam('controller', $controllerName)->setParam('action', $action);
foreach ($params as $key => $value) {
$this->event->getRouteMatch()->setParam($key, $value);
}
$serviceManager = $this->event->getApplication()->getServiceManager();
$controllerManager = $serviceManager->get('ControllerLoader');
/** @var AbstractActionController $controller */
$controller = $controllerManager->get($controllerName);
$controller->setEvent($this->event);
$result = $controller->dispatch($this->event->getRequest());
if ($result instanceof Response) {
return $result;
}
/** @var ViewManager $viewManager */
$viewManager = $serviceManager->get('ViewManager');
$renderingStrategy = $viewManager->getMvcRenderingStrategy();
$this->event->setViewModel($result);
/** @var ViewModel $result */
if (!$result->terminate()) {
$layout = new ViewModel();
$layoutTemplate = $renderingStrategy->getLayoutTemplate();
$layout->setTemplate($layoutTemplate);
$layout->addChild($result);
$this->event->setViewModel($layout);
}
$response = $renderingStrategy->render($this->event);
return $response;
}
public function __invoke(MvcEvent $e)
{
$response = $e->getResponse();
$this->rateLimitService->consume($e->getRouteMatch(), $e->getRequest());
//var_dump($this->rateLimitService->getTopMeters('daily_limits'));exit;
$status = $this->rateLimitService->getLimitStatus($e->getRouteMatch(), $e->getRequest(), 'daily_limits');
if (!empty($status)) {
//add info headers
$headers = $response->getHeaders();
$headers->addHeaderLine('X-RateLimit-Limit', $status['limit']);
$headers->addHeaderLine('X-RateLimit-Remaining', $status['remaining']);
$headers->addHeaderLine('X-RateLimit-Reset', $status['reset']);
$response->setHeaders($headers);
}
if ($this->rateLimitService->isLimitExceeded()) {
//trigger the ratelimit exceeded event
$mvcLimitEvent = $this->mvcLimitEvent;
$response = $this->eventManager->trigger(MvcLimitEvent::EVENT_RATELIMIT_EXCEEDED, $mvcLimitEvent, function ($r) {
return $r instanceof Response;
});
$response = $response->last();
return $response;
} elseif ($this->rateLimitService->isLimitWarning()) {
//trigger the ratelimit warning event
$mvcLimitEvent = $this->mvcLimitEvent;
$response = $this->eventManager->trigger(MvcLimitEvent::EVENT_RATELIMIT_WARN, $mvcLimitEvent, function ($r) {
return $r instanceof Response;
});
$response = $response->last();
$e->setResponse($response);
}
}
protected function onInvokation(MvcEvent $e, $error = false)
{
$viewModel = $e->getResult();
$isJsonModel = $viewModel instanceof JsonModel;
$routeMatch = $e->getRouteMatch();
if ($routeMatch && $routeMatch->getParam('forceJson', false) || $isJsonModel || "json" == $e->getRequest()->getQuery('format') || "json" == $e->getRequest()->getPost('format')) {
if (!$isJsonModel) {
$model = new JsonModel();
if ($error) {
$model->status = 'error';
$model->message = $viewModel->message;
if ($viewModel->display_exceptions) {
if (isset($viewModel->exception)) {
$model->exception = $viewModel->exception->getMessage();
}
}
} else {
$model->setVariables($viewModel->getVariables());
}
$viewModel = $model;
$e->setResult($model);
$e->setViewModel($model);
}
$viewModel->setTerminal(true);
$strategy = new \Zend\View\Strategy\JsonStrategy(new \Zend\View\Renderer\JsonRenderer());
$view = $e->getApplication()->getServiceManager()->get('ViewManager')->getView();
$view->addRenderingStrategy(array($strategy, 'selectRenderer'), 10);
$view->addResponseStrategy(array($strategy, 'injectResponse'), 10);
}
}
public function onBootstrap(MvcEvent $e)
{
$serviceLocator = $e->getApplication()->getServiceManager();
$e->getApplication()->getEventManager()->attach(\Zend\Mvc\MvcEvent::EVENT_DISPATCH, function (MvcEvent $e) use($serviceLocator) {
if (!$e->getRequest() instanceof Request) {
return;
}
$request = $e->getRequest();
$config = $serviceLocator->get('Config');
$serviceName = isset($config['hermes']['service_name']) ? $config['hermes']['service_name'] : '';
$data = ['direction' => 'in', 'status' => 'success', 'destination' => ['service' => $serviceName, 'server' => $request->getUri()->getHost(), 'uri' => $request->getUriString()], 'source' => ['server' => $_SERVER['REMOTE_ADDR'], 'service' => $request->getHeader('X-Request-Name') ? $request->getHeader('X-Request-Name')->getFieldValue() : '', 'uri' => '']];
if (!$e->getRequest()->isGet()) {
$post = json_decode($e->getRequest()->getContent(), true, 100);
unset($post['password']);
$data['data'] = $post;
}
\LosLog\Log\RequestLogger::save($e->getRequest(), $data);
}, 100);
$hermes = $serviceLocator->get('hermes');
$em = $hermes->getEventManager();
$em->attach('request.post', function (Event $e) use($serviceLocator) {
/* @var \Hermes\Api\Client $hermes */
$hermes = $e->getTarget();
$request = $hermes->getZendClient()->getRequest();
$config = $serviceLocator->get('Config');
$serviceName = isset($config['hermes']['service_name']) ? $config['hermes']['service_name'] : '';
$data = ['direction' => 'out', 'status' => 'success', 'source' => ['service' => $serviceName, 'server' => $_SERVER['SERVER_ADDR'], 'uri' => $_SERVER['REQUEST_URI']], 'destination' => ['service' => $hermes->getServiceName(), 'server' => $request->getUri()->getHost(), 'uri' => $request->getUriString()], 'http_code' => $hermes->getZendClient()->getResponse()->getStatusCode()];
if (!$request->isGet()) {
$post = json_decode($request->getContent(), true, 100);
unset($post['password']);
$data['data'] = $post;
}
\LosLog\Log\RequestLogger::save($request, $data);
}, 100);
$em->attach('request.fail', function (Event $e) use($serviceLocator) {
/* @var \Hermes\Api\Client $hermes */
$hermes = $e->getTarget();
$request = $hermes->getZendClient()->getRequest();
$config = $serviceLocator->get('Config');
$serviceName = isset($config['hermes']['service_name']) ? $config['hermes']['service_name'] : '';
$data = ['direction' => 'out', 'status' => 'failed', 'source' => ['service' => $serviceName, 'server' => $_SERVER['SERVER_ADDR'], 'uri' => $_SERVER['REQUEST_URI']], 'destination' => ['service' => $hermes->getServiceName(), 'server' => $request->getUri()->getHost(), 'uri' => $request->getUriString()]];
if (!$request->isGet()) {
$post = json_decode($request->getContent(), true, 100);
unset($post['password']);
$data['data'] = $post;
}
$exception = $e->getParams();
$data['http_code'] = $exception->getCode();
$data['error'] = $exception->getMessage();
\LosLog\Log\RequestLogger::save($request, $data);
}, 100);
}
/**
* Called after routing
*
* @param MvcEvent $event
*/
public function onRoute(MvcEvent $event)
{
$serviceManager = $event->getApplication()->getServiceManager();
/* @var RouteMatch $routeMatch */
$routeMatch = $event->getRouteMatch();
$language = '';
// check if the language is set by routing (parameter, domain name, etc)
if ($routeMatch->getParam('language') == '') {
// get route
$route = explode('/', $routeMatch->getMatchedRouteName());
//
$module = $route[0];
/** @var \Msingi\Cms\Settings $settings */
$settings = $event->getApplication()->getServiceManager()->get('Settings');
// get defaults from settings
$multilanguage = (bool) $settings->get($module . ':languages:multilanguage');
$language_default = $settings->get($module . ':languages:default');
$languages_enabled = $settings->get($module . ':languages:enabled');
if ($multilanguage && is_array($languages_enabled)) {
/** @var \Zend\Http\Request $request */
$request = $event->getRequest();
// try to get language from cookie
if ($request->getCookie('language') != '') {
$language = $event->getRequest()->getCookie('language');
}
// try to get language from browser
if ($language == '' && isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
$language = \Locale::getPrimaryLanguage(\Locale::acceptFromHttp($_SERVER['HTTP_ACCEPT_LANGUAGE']));
}
// fallback to default language if given one is not supported
if (!in_array($language, $languages_enabled)) {
$language = $language_default;
}
} else {
// not multilanguage module, use default language
$language = $language_default;
}
$routeMatch->setParam('language', $language);
} else {
$language = $routeMatch->getParam('language');
$language_default = $language;
}
// translator
$translator = $serviceManager->get('Translator');
$translator->setLocale($language)->setFallbackLocale($language_default);
// cache
$cache = $serviceManager->get('Application\\Cache');
if ($cache) {
$translator->setCache($cache);
}
}
/**
* Redirect old assets on sites that we do not control to new AWS urls
*/
public function routeEvent(MvcEvent $event)
{
$host = $event->getRequest()->getUri()->getHost();
if (!isset($this->domainRedirects[$host])) {
return null;
}
$event->getResponse()->setStatusCode(301);
/**
* @var $headers \Zend\Http\Headers
*/
$headers = $event->getResponse()->getHeaders();
$headers->addHeaderLine('location', $this->domainRedirects[$host] . $event->getRequest()->getUri()->getPath());
return $event->getResponse();
}
public function onDispatch(MvcEvent $e)
{
if (!$e->getRequest() instanceof ConsoleRequest) {
throw new RuntimeException('You can only use this action from a console!');
}
$migrations = $this->versionResolver->getAll($e->getRequest()->getParam('all'));
$list = [];
foreach ($migrations as $m) {
$list[] = sprintf("%s %s - %s", $m['applied'] ? '-' : '+', $m['version'], $m['description']);
}
$response = (empty($list) ? 'No migrations available.' : implode("\n", $list)) . "\n";
$e->setResult($response);
return $response;
}
/**
* {@inheritdoc}
*/
public function collect(MvcEvent $mvcEvent)
{
if (PHP_VERSION_ID >= 50400) {
$start = $mvcEvent->getRequest()->getServer()->get('REQUEST_TIME_FLOAT');
} elseif (defined('REQUEST_MICROTIME')) {
$start = REQUEST_MICROTIME;
} else {
$start = $mvcEvent->getRequest()->getServer()->get('REQUEST_TIME');
}
if (!isset($this->data)) {
$this->data = array();
}
$this->data['start'] = $start;
$this->data['end'] = microtime(true);
}
public function outputFatalError(ErrorException $exception, MvcEvent $e)
{
// Clean the buffer from previously badly rendered views
if (ob_get_level() >= 1) {
ob_end_clean();
}
$sm = $e->getApplication()->getServiceManager();
$request = $e->getRequest();
$manager = $sm->get('viewManager');
$renderer = $manager->getRenderer();
$config = $sm->get('Config');
$display = isset($config['view_manager']['display_exceptions']) ? $config['view_manager']['display_exceptions'] : null;
$layout = $manager->getLayoutTemplate();
$template = isset($config['view_manager']['exception_template']) ? $config['view_manager']['exception_template'] : null;
$viewType = get_class($manager->getViewModel());
// Console
if ($request instanceof ConsoleRequest || (bool) $display !== true) {
return;
}
// Get layout
$model = new $viewType();
$model->setTemplate($layout);
// Error page
if (null !== $template) {
$content = new $viewType(array('exception' => $exception, 'display_exceptions' => $display));
$content->setTemplate($template);
$result = $renderer->render($content);
$model->setVariables(['content' => $result, 'exception' => $exception]);
}
$this->triggerErrorEvent($exception, $e);
echo $renderer->render($model);
exit;
}
public function dispatch(MvcEvent $event)
{
$request = $event->getRequest();
if ($request instanceof ConsoleRequest) {
return true;
}
$auth = new AuthenticationService();
//ALREADY LOGGED IN
// user has auth,
if ($auth->hasIdentity()) {
return true;
//NOT LOGGED IN
//
} else {
/** @var $request \Zend\Http\PhpEnvironment\Request */
$cookies = $request->getCookie();
/** @var $cookies \Zend\Http\Header\Cookie */
$userService = $this->getServiceLocator()->get('Stjornvisi\\Service\\User');
/** @var $user \Stjornvisi\Service\User */
if ($cookies && $cookies->offsetExists('backpfeifengesicht')) {
if (($user = $userService->getByHash($cookies->offsetGet('backpfeifengesicht'))) != false) {
$authAdapter = $this->getServiceLocator()->get('Stjornvisi\\Auth\\Adapter');
$authAdapter->setIdentifier($user->id);
$result = $auth->authenticate($authAdapter);
$result->isValid();
}
}
}
}
public function onPostLogin(MvcEvent $e)
{
if (!$e->getRouteMatch()) {
return;
}
/** @var string $matchedRouteName */
$matchedRouteName = $e->getRouteMatch()->getMatchedRouteName();
if ($matchedRouteName !== 'login') {
return;
}
if (!$e->getRequest()->isPost()) {
return;
}
/** @var ZourceAuthenticationService $authenticationService */
$authenticationService = $e->getApplication()->getServiceManager()->get(AuthenticationService::class);
/** @var ManagerInterface $sessionManager */
$sessionManager = $e->getApplication()->getServiceManager()->get(ManagerInterface::class);
/** @var EntityManager $entityManager */
$entityManager = $e->getApplication()->getServiceManager()->get('doctrine.entitymanager.orm_default');
/** @var SessionEntity $respository */
$respository = $entityManager->getRepository(SessionEntity::class);
/** @var SessionEntity $session */
$session = $respository->find($sessionManager->getId());
$session->setAccount($authenticationService->getAccountEntity());
$entityManager->persist($session);
$entityManager->flush($session);
}
public function afterDispatch(MvcEvent $e)
{
$controllerName = $e->getRouteMatch()->getMatchedRouteName();
if ($controllerName != 'login' && ($controllerName != 'application' && $controllerName != 'home')) {
$containerSession = new \Zend\Session\Container('cbol');
$e->getTarget()->layout()->repo = $containerSession->reportesVias;
$e->getTarget()->layout()->acceso = $containerSession->permisosUser;
$e->getTarget()->layout()->suge = $containerSession->sugerencias;
$auth = new \Zend\Authentication\AuthenticationService();
$response = $e->getResponse();
if (!$auth->hasIdentity()) {
$url = $e->getRequest()->getBaseUrl() . '/login';
$response->getHeaders()->addHeaderLine('Location', $url);
$response->setStatusCode(302);
$response->sendHeaders();
return $response;
} else {
$localAcl = new \Login\Model\permisos();
if (!$localAcl->isAllowed($auth->getIdentity()->perfil_id, $controllerName)) {
$this->onDispatchError($e, $controllerName);
} elseif (is_null($containerSession->idSession)) {
$url = $e->getRequest()->getBaseUrl() . '/login/logout';
$response->getHeaders()->addHeaderLine('Location', $url);
$response->setStatusCode(302);
$response->sendHeaders();
return $response;
} elseif ($e->getResponse()->getStatusCode() == 403) {
$this->onDispatchError($e, $controllerName);
}
}
}
}
public function onBootstrap(MvcEvent $e)
{
$eventManager = $e->getApplication()->getEventManager();
$moduleRouteListener = new ModuleRouteListener();
$moduleRouteListener->attach($eventManager);
$sharedEvents = $eventManager->getSharedManager();
$application = $e->getApplication();
$sm = $application->getServiceManager();
/*SETANDO BASE URL */
$e->getRequest()->setBaseUrl('/');
$basePathHelper = $sm->get('viewRenderer')->plugin('basePath');
/* @var $basePathHelper \Zend\View\Helper\BasePath */
$basePathHelper->setBasePath('/');
$sharedEvents->attach('Zend\\Mvc\\Controller\\AbstractActionController', 'dispatch', function ($ev) use($sm) {
$auth = $ev->getApplication()->getServiceManager()->get('Zend\\Authentication\\AuthenticationService');
if ($auth->hasIdentity()) {
return;
}
if ($ev->getRouteMatch()->getParam('action') == 'login') {
return;
}
$target = $ev->getTarget();
$flash = $sm->get('ControllerPluginManager')->get('FlashMessenger')->addErrorMessage('Efetue login no sistema para acessar este recurso!');
return $target->redirect()->toUrl('/security/autenticacao/login');
//return;
}, 3);
$eventManager->attach('route', array($this, 'loadConfiguration'), 2);
}
/**
* Listens to the route event.
*
* Detects the language to use and sets translator locale.
* The language is detected either via query parameter "lang" or
* browser setting (ACCEPT-LANGUAGE header)
*
* @param MvcEvent $e
*/
public function onRoute(MvcEvent $e)
{
/* @var $request \Zend\Http\PhpEnvironment\Request */
$request = $e->getRequest();
/* Detect language */
$lang = $request->getQuery('lang');
if (!$lang) {
$headers = $request->getHeaders();
if ($headers->has('Accept-Language')) {
/* @var $acceptLangs \Zend\Http\Header\AcceptLanguage */
$acceptLangs = $headers->get('Accept-Language');
$locales = $acceptLangs->getPrioritized();
$locale = $locales[0];
$lang = $locale->type;
} else {
$lang = 'en';
}
}
/* Set locale */
$translator = $e->getApplication()->getServiceManager()->get('mvctranslator');
$locale = $lang . '_' . strtoupper($lang);
setlocale(LC_ALL, array($locale . ".utf8", $locale . ".iso88591", $locale, substr($locale, 0, 2), 'de_DE.utf8', 'de_DE', 'de'));
\Locale::setDefault($locale);
$translator->setLocale($locale);
$routeMatch = $e->getRouteMatch();
if ($routeMatch && $routeMatch->getParam('lang') === null) {
$routeMatch->setParam('lang', $lang);
}
/* @var $router \Zend\Mvc\Router\SimpleRouteStack */
$router = $e->getRouter();
$router->setDefaultParam('lang', $lang);
}
public function onDispatch(MvcEvent $e)
{
if (!$e->getRequest() instanceof ConsoleRequest) {
throw new RuntimeException('Only requests form console are allowed.');
}
$this->cronService->run();
}
/**
* Determine if versioning is in the route matches, and update the controller accordingly
*
* @param MvcEvent $e
*/
public function onRoute(MvcEvent $e)
{
$request = $e->getRequest();
if ($request instanceof HttpRequest && $request->isOptions()) {
return;
}
$routeMatches = $e->getRouteMatch();
if (!$routeMatches instanceof RouteMatch) {
return;
}
$version = $this->getVersionFromRouteMatch($routeMatches);
if (!$version) {
// No version found in matches; done
return;
}
$controller = $routeMatches->getParam('controller', false);
if (!$controller) {
// no controller; we have bigger problems!
return;
}
$pattern = '#' . preg_quote('\\V') . '(\\d+)' . preg_quote('\\') . '#';
if (!preg_match($pattern, $controller, $matches)) {
// controller does not have a version subnamespace
return;
}
$replacement = preg_replace($pattern, '\\V' . $version . '\\', $controller);
if ($controller === $replacement) {
return;
}
$routeMatches->setParam('controller', $replacement);
return $routeMatches;
}
public function onDispatch(MvcEvent $e)
{
if (!$e->getRequest() instanceof ConsoleRequest) {
throw new RuntimeException('You can only use this action from a console!');
}
$table = new Ddl\CreateTable('queue_messages');
$table->addColumn(new Ddl\Column\Integer('id', false, null, ['autoincrement' => true]));
$table->addColumn(new Ddl\Column\Varchar('queue_name', 100));
$table->addColumn(new Ddl\Column\Integer('status', false));
$table->addColumn(new Ddl\Column\Varchar('options', 250));
$table->addColumn(new Ddl\Column\Text('message', null, true));
$table->addColumn(new Ddl\Column\Text('output', null, true));
$table->addColumn(new Ddl\Column\Datetime('started_dt', true));
$table->addColumn(new Ddl\Column\Datetime('finished_dt', true));
$table->addColumn(new Ddl\Column\Datetime('created_dt', false));
$table->addColumn(new Ddl\Column\Datetime('updated_dt', true));
$table->addConstraint(new Ddl\Constraint\PrimaryKey('id'));
$sql = new Sql($this->dbAdapter);
try {
$this->dbAdapter->query($sql->buildSqlString($table), DbAdapter::QUERY_MODE_EXECUTE);
} catch (\Exception $e) {
// currently there are no db-independent way to check if table exists
// so we assume that table exists when we catch exception
}
}
/**
* Test if the accept content-type received is allowable.
*
* @param MvcEvent $e
* @return null|ApiProblemResponse
*/
public function onRoute(MvcEvent $e)
{
if (empty($this->config)) {
return;
}
$controllerName = $e->getRouteMatch()->getParam('controller');
if (!isset($this->config[$controllerName])) {
return;
}
$request = $e->getRequest();
if (!method_exists($request, 'getHeaders')) {
// Not an HTTP request; nothing to do
return;
}
$headers = $request->getHeaders();
$matched = false;
if (is_string($this->config[$controllerName])) {
$matched = $this->validateMediaType($this->config[$controllerName], $headers);
} elseif (is_array($this->config[$controllerName])) {
foreach ($this->config[$controllerName] as $whitelistType) {
$matched = $this->validateMediaType($whitelistType, $headers);
if ($matched) {
break;
}
}
}
if (!$matched) {
return new ApiProblemResponse(new ApiProblem(406, 'Cannot honor Accept type specified'));
}
}
/**
* Test if the content-type received is allowable.
*
* @param MvcEvent $e
* @return null|ApiProblemResponse
*/
public function onRoute(MvcEvent $e)
{
if (empty($this->config)) {
return;
}
$controllerName = $e->getRouteMatch()->getParam('controller');
if (!isset($this->config[$controllerName])) {
return;
}
// Only worry about content types on HTTP methods that submit content
// via the request body.
$request = $e->getRequest();
if (!method_exists($request, 'getHeaders')) {
// Not an HTTP request; nothing to do
return;
}
$requestBody = (string) $request->getContent();
if (empty($requestBody)) {
return;
}
$headers = $request->getHeaders();
if (!$headers->has('content-type')) {
return new ApiProblemResponse(new ApiProblem(415, 'Invalid content-type specified'));
}
$contentTypeHeader = $headers->get('content-type');
$matched = $contentTypeHeader->match($this->config[$controllerName]);
if (false === $matched) {
return new ApiProblemResponse(new ApiProblem(415, 'Invalid content-type specified'));
}
}
/**
* Return all query parameters or a single query parameter.
*
* @param string $param Parameter name to retrieve, or null to get all.
* @param mixed $default Default value to use when the parameter is missing.
* @return mixed
*/
public function fromQuery($param = null, $default = null)
{
if ($param === null) {
return $this->event->getRequest()->getQuery($param, $default)->toArray();
}
return $this->event->getRequest()->getQuery($param, $default);
}
/**
* Render the view
*
* @param MvcEvent $e
* @return Response
*/
public function render(MvcEvent $e)
{
$result = $e->getResult();
if ($result instanceof Response) {
return $result;
}
// Martial arguments
$request = $e->getRequest();
$response = $e->getResponse();
$viewModel = $e->getViewModel();
if (!$viewModel instanceof ViewModel) {
return;
}
$view = $this->view;
$view->setRequest($request);
$view->setResponse($response);
try {
$view->render($viewModel);
} catch (\Exception $ex) {
if ($e->getName() === MvcEvent::EVENT_RENDER_ERROR) {
throw $ex;
}
$application = $e->getApplication();
$events = $application->getEventManager();
$e->setError(Application::ERROR_EXCEPTION)->setParam('exception', $ex);
$events->trigger(MvcEvent::EVENT_RENDER_ERROR, $e);
}
return $response;
}
public function checkAcl(MvcEvent $e)
{
if (!$e->getRequest() instanceof \Zend\Http\Request) {
return;
}
$route = $e->getRouteMatch()->getMatchedRouteName();
/* @var $aclEnforcer \FzyAuth\Service\AclEnforcerInterface */
$aclEnforcer = $this->getServiceLocator()->get('FzyAuth\\AclEnforcerFactory');
$aclEnforcer->init($e);
$aclEnforcer->attachToView($e->getViewModel());
$controller = $e->getRouteMatch()->getParam('controller');
$action = $e->getRouteMatch()->getParam('action');
$missing = true;
if ($aclEnforcer->hasControllerResource($controller)) {
$missing = false;
if ($aclEnforcer->isAllowed(AclEnforcerInterface::RESOURCE_CONTROLLER_PREFIX . $controller, $action)) {
return $aclEnforcer->handleAllowed($e);
}
}
if ($aclEnforcer->hasRouteResource($route)) {
$missing = false;
if ($aclEnforcer->isAllowed(AclEnforcerInterface::RESOURCE_ROUTE_PREFIX . $route, $action)) {
return $aclEnforcer->handleAllowed($e);
}
}
return $missing ? $aclEnforcer->handleRouteMissing($e) : $aclEnforcer->handleNotAllowed($e);
}
/**
* Bootstrap session
*
* @param MvcEvent $event
*/
private function bootstrapSession(MvcEvent $event)
{
$session = $event->getApplication()->getServiceManager()->get('Zend\\Session\\SessionManager');
$session->start();
$container = new Container('initialized');
if (!isset($container->init)) {
$serviceManager = $event->getApplication()->getServiceManager();
$request = $event->getRequest();
$session->regenerateId();
$container->init = 1;
$container->remoteAddr = $request->getServer()->get('REMOTE_ADDR');
$container->httpUserAgent = $request->getServer()->get('HTTP_USER_AGENT');
$config = $serviceManager->get('Config');
if (!isset($config['session'])) {
return;
}
$sessionConfig = $config['session'];
if (isset($sessionConfig['validators'])) {
$chain = $session->getValidatorChain();
foreach ($sessionConfig['validators'] as $validator) {
switch ($validator) {
case 'Zend\\Session\\Validator\\HttpUserAgent':
$validator = new $validator($container->httpUserAgent);
break;
case 'Zend\\Session\\Validator\\RemoteAddr':
$validator = new $validator($container->remoteAddr);
break;
default:
$validator = new $validator();
}
$chain->attach('session.validate', array($validator, 'isValid'));
}
}
}
}
/**
* Take parameters from RouteMatch and inject them into the request.
*
* @param MvcEvent $e
* @return void
*/
public function injectParams(MvcEvent $e)
{
$routeMatchParams = $e->getRouteMatch()->getParams();
$request = $e->getRequest();
/** @var $params \Zend\Stdlib\Parameters */
if ($request instanceof ConsoleRequest) {
$params = $request->params();
} elseif ($request instanceof HttpRequest) {
$params = $request->get();
} else {
// unsupported request type
return;
}
if ($this->overwrite) {
foreach ($routeMatchParams as $key => $val) {
$params->{$key} = $val;
}
} else {
foreach ($routeMatchParams as $key => $val) {
if (!$params->offsetExists($key)) {
$params->{$key} = $val;
}
}
}
}
public function dispatchError(MvcEvent $e)
{
$sharedManager = $e->getApplication()->getEventManager()->getSharedManager();
$sharedManager->attach('Zend\\Mvc\\Application', 'dispatch.error', function ($e) {
if ($e->getParam('exception')) {
ob_clean();
//Limpar a tela de erros do php
header('HTTP/1.1 400 Bad Request');
$exception = $e->getParam('exception');
$sm = $e->getApplication()->getServiceManager();
$config = $sm->get('Config');
$e->getApplication()->getServiceManager()->get('Controller\\Plugin\\Manager')->get('jsLog')->log($exception, 2);
$viewModel = new \Zend\View\Model\ViewModel(['exception' => $exception]);
if ($e->getRequest()->isXmlHttpRequest()) {
$viewModel->setTemplate($config['js_library']['error_ajax_exception']);
$e->getApplication()->getServiceManager()->get('ViewRenderer')->render($viewModel);
} else {
$viewModel->setTemplate($config['js_library']['error_exception']);
echo $e->getApplication()->getServiceManager()->get('ViewRenderer')->render($viewModel);
}
/*
* Com erros handler o codigo continua a ser executado,
* entao o exit para e so mostra os erros
*/
exit;
}
});
}
/**
* Handles redirects in case of dispatch errors caused by unauthorized access
*
* @param MvcEvent $event
* @return void
*/
public function onError(MvcEvent $event)
{
if (!$event->getRequest() instanceof HttpRequest || !($routeMatch = $event->getRouteMatch())) {
return;
}
if (null === $this->redirectUri) {
if (null === $this->redirectRoute) {
if ($this->authenticationService->hasIdentity()) {
$this->setRedirectRoute($this->options->getAuthenticatedIdentityRedirectRoute());
} else {
$this->setRedirectRoute($this->options->getUnauthenticatedIdentityRedirectRoute());
}
}
if (!($this->redirectRoute && $this->redirectRoute !== $routeMatch->getMatchedRouteName())) {
return parent::onError($event);
}
$params = ['name' => $this->redirectRoute];
if ($this->options->getUseRedirectParameter()) {
$redirectKey = $this->options->getRedirectKey();
$params['query'][$redirectKey] = $event->getRequest()->getUriString();
}
$this->setRedirectUri($event->getRouter()->assemble([], $params));
}
$response = $event->getResponse() ?: new HttpResponse();
$response->getHeaders()->addHeaderLine('Location', $this->redirectUri);
$response->setStatusCode(302);
$event->setResponse($response);
}
/**
* Create an exception view model, and set the HTTP status code
*
* @todo dispatch.error does not halt dispatch unless a response is
* returned. As such, we likely need to trigger rendering as a low
* priority dispatch.error event (or goto a render event) to ensure
* rendering occurs, and that munging of view models occurs when
* expected.
* @param MvcEvent $e
* @return void
*/
public function prepareExceptionViewModel(MvcEvent $e)
{
// Do nothing if no error in the event
$error = $e->getError();
if (empty($error)) {
return;
}
// Do nothing if the result is a response object
$result = $e->getResult();
if ($result instanceof Response) {
return;
}
// Do nothing if there is no exception or the exception is not
// an UnauthorizedAccessException
$exception = $e->getParam('exception');
if (!$exception instanceof UnauthorizedAccessException) {
return;
}
$response = $e->getResponse();
if (!$response) {
$response = new Response();
$e->setResponse($response);
}
/*
* Return an image, if an image was requested.
*/
if ($exception instanceof UnauthorizedImageAccessException) {
$image = __DIR__ . '/../../../../../public/images/unauthorized-access.png';
$response->setStatusCode(403)->setContent(file_get_contents($image))->getHeaders()->addHeaderLine('Content-Type', 'image/png');
$e->stopPropagation();
$response->sendHeaders();
//echo file_get_contents($image);
//$response->stopped = true;
return $response;
}
$auth = $e->getApplication()->getServiceManager()->get('AuthenticationService');
if (!$auth->hasIdentity()) {
$response->setStatusCode(Response::STATUS_CODE_403);
$routeMatch = $e->getRouteMatch();
$routeMatch->setParam('controller', 'Auth\\Controller\\Index');
$routeMatch->setParam('action', 'index');
$query = $e->getRequest()->getQuery();
$ref = $e->getRequest()->getRequestUri();
$ref = preg_replace('~^' . preg_quote($e->getRouter()->getBaseUrl()) . '~', '', $ref);
$query->set('ref', $ref);
$query->set('req', 1);
$result = $e->getApplication()->getEventManager()->trigger('dispatch', $e);
$e->stopPropagation();
return $result;
}
$message = $exception->getMessage();
$model = new ViewModel(array('message' => empty($message) ? 'You are not permitted to access this resource.' : $message, 'exception' => $e->getParam('exception'), 'display_exceptions' => $this->displayExceptions()));
$model->setTemplate($this->getExceptionTemplate());
$e->setResult($model);
// $statusCode = $response->getStatusCode();
// if ($statusCode === 200) {
$response->setStatusCode(403);
// }
}
public function onDispatchError(MvcEvent $e)
{
$result = $e->getResult();
$response = $e->getResponse();
if ($result instanceof Response || $response && !$response instanceof HttpResponse) {
return;
}
$viewVariables = array('error' => $e->getParam('error'), 'identity' => $e->getParam('identity'));
switch ($e->getError()) {
case Controller::ERROR:
$viewVariables['controller'] = $e->getParam('controller');
$viewVariables['action'] = $e->getParam('action');
$router = $e->getRouter();
if ($e->getParam('exception') instanceof UnAuthorizedException && !$e->getApplication()->getServiceManager()->get('Zend\\Authentication\\AuthenticationService')->hasIdentity()) {
$session = new Container('location');
$session->location = $e->getRequest()->getUri();
// get url to the login route
$options['name'] = 'login';
$url = $router->assemble(array(), $options);
if (!$response) {
$response = new HttpResponse();
$e->setResponse($response);
}
if ($e->getRequest()->isXmlHttpRequest()) {
$response->setStatusCode(204);
$response->getHeaders()->addHeaderLine('Fury-Redirect', $url);
} else {
$response->setStatusCode(302);
$response->getHeaders()->addHeaderLine('Location', $url);
}
return;
}
break;
case Route::ERROR:
$viewVariables['route'] = $e->getParam('route');
break;
case Application::ERROR_EXCEPTION:
if (!$e->getParam('exception') instanceof UnAuthorizedException) {
return;
}
$viewVariables['reason'] = $e->getParam('exception')->getMessage();
$viewVariables['error'] = 'error-unauthorized';
break;
default:
/*
* do nothing if there is no error in the event or the error
* does not match one of our predefined errors (we don't want
* our 403 template to handle other types of errors)
*/
return;
}
$model = new ViewModel($viewVariables);
$response = $response ?: new HttpResponse();
$model->setTemplate($this->getTemplate());
$e->getViewModel()->addChild($model);
$response->setStatusCode(403);
$e->setResponse($response);
}
