diff --git a/app/modules/web/Controllers/Account/AccountControllerBase.php b/app/modules/web/Controllers/Account/AccountControllerBase.php index 847bb0a4..0e7c9f46 100644 --- a/app/modules/web/Controllers/Account/AccountControllerBase.php +++ b/app/modules/web/Controllers/Account/AccountControllerBase.php @@ -24,9 +24,11 @@ namespace SP\Modules\Web\Controllers\Account; +use SP\Core\Application; use SP\Core\Context\ContextBase; use SP\Domain\Account\Services\AccountAclService; use SP\Modules\Web\Controllers\ControllerBase; +use SP\Mvc\Controller\WebControllerHelper; /** * AccountControllerBase @@ -35,13 +37,25 @@ abstract class AccountControllerBase extends ControllerBase { private const LOGIN_NOT_REQUIRED = ['ViewLinkController']; + /** + * @throws \SP\Core\Exceptions\SessionTimeout + * @throws \SP\Domain\Auth\Services\AuthException + * @throws \JsonException + */ + public function __construct(Application $application, WebControllerHelper $webControllerHelper) + { + parent::__construct($application, $webControllerHelper); + + $this->initialize(); + } + /** * Initialize class * * @throws \SP\Core\Exceptions\SessionTimeout * @throws \SP\Domain\Auth\Services\AuthException */ - final protected function initialize(): void + private function initialize(): void { if (in_array(static::class, self::LOGIN_NOT_REQUIRED)) { $this->checkLoggedIn(); diff --git a/app/modules/web/Controllers/ConfigManager/IndexController.php b/app/modules/web/Controllers/ConfigManager/IndexController.php index 8d8d32f1..ba6451f6 100644 --- a/app/modules/web/Controllers/ConfigManager/IndexController.php +++ b/app/modules/web/Controllers/ConfigManager/IndexController.php @@ -96,6 +96,8 @@ final class IndexController extends ControllerBase ) { parent::__construct($application, $webControllerHelper); + $this->checkLoggedIn(); + $this->tabsHelper = $tabsHelper; $this->userService = $userService; $this->userGroupService = $userGroupService; @@ -590,13 +592,4 @@ final class IndexController extends ControllerBase { return $this->tabsHelper; } - - /** - * @throws \SP\Core\Exceptions\SessionTimeout - * @throws \SP\Domain\Auth\Services\AuthException - */ - protected function initialize(): void - { - $this->checkLoggedIn(); - } } \ No newline at end of file diff --git a/app/modules/web/Controllers/ControllerBase.php b/app/modules/web/Controllers/ControllerBase.php index 881d79d6..3b6fa2ec 100644 --- a/app/modules/web/Controllers/ControllerBase.php +++ b/app/modules/web/Controllers/ControllerBase.php @@ -28,10 +28,8 @@ defined('APP_ROOT') || die(); use Exception; use Klein\Klein; -use Psr\Container\ContainerInterface; use SP\Core\Acl\Acl; use SP\Core\Application; -use SP\Core\Bootstrap\BootstrapBase; use SP\Core\Context\ContextInterface; use SP\Core\Crypt\Hash; use SP\Core\Events\EventDispatcher; @@ -61,9 +59,6 @@ abstract class ControllerBase protected const ERR_UNAVAILABLE = 0; - // TODO: remove when controllers are ready - protected ContainerInterface $dic; - protected EventDispatcher $eventDispatcher; protected ConfigFileService $config; protected ContextInterface $session; @@ -80,17 +75,10 @@ abstract class ControllerBase protected LayoutHelper $layoutHelper; private BrowserAuthInterface $browser; - /** - * @throws \SP\Core\Exceptions\SessionTimeout - * @throws \JsonException - */ public function __construct( Application $application, WebControllerHelper $webControllerHelper ) { - // TODO: remove when controllers are ready - $this->dic = BootstrapBase::getContainer(); - $this->controllerName = $this->getControllerName(); $this->config = $application->getConfig(); $this->configData = $this->config->getConfigData(); @@ -119,17 +107,6 @@ abstract class ControllerBase $this->setup = true; - // TODO: call handleSessionTimeout from controller::initialize directly - try { - if (method_exists($this, 'initialize')) { - $this->initialize(); - } - } catch (SessionTimeout $sessionTimeout) { - $this->handleSessionTimeout(fn() => true); - - throw $sessionTimeout; - } - logger(static::class); } @@ -138,36 +115,19 @@ abstract class ControllerBase */ private function setViewVars(bool $loggedIn = false): void { - $this->view->assign( - 'timeStart', - $this->request->getServer('REQUEST_TIME_FLOAT') - ); + $this->view->assign('timeStart', $this->request->getServer('REQUEST_TIME_FLOAT')); $this->view->assign('queryTimeStart', microtime()); + $this->view->assign('isDemo', $this->configData->isDemoEnabled()); + $this->view->assign('themeUri', $this->view->getTheme()->getThemeUri()); + $this->view->assign('configData', $this->configData); if ($loggedIn) { $this->view->assign('ctx_userId', $this->userData->getId()); - $this->view->assign( - 'ctx_userGroupId', - $this->userData->getUserGroupId() - ); - $this->view->assign( - 'ctx_userIsAdminApp', - $this->userData->getIsAdminApp() - ); - $this->view->assign( - 'ctx_userIsAdminAcc', - $this->userData->getIsAdminAcc() - ); + $this->view->assign('ctx_userGroupId', $this->userData->getUserGroupId()); + $this->view->assign('ctx_userIsAdminApp', $this->userData->getIsAdminApp()); + $this->view->assign('ctx_userIsAdminAcc', $this->userData->getIsAdminAcc()); } - $this->view->assign('isDemo', $this->configData->isDemoEnabled()); - $this->view->assign( - 'themeUri', - $this->view->getTheme()->getThemeUri() - ); - $this->view->assign('configData', $this->configData); - - // Pass the action name to the template as a variable $this->view->assign('action', true); } @@ -177,15 +137,11 @@ abstract class ControllerBase protected function view(): void { try { - $this->router->response() - ->body($this->view->render()) - ->send(); + $this->router->response()->body($this->view->render())->send(); } catch (FileNotFoundException $e) { processException($e); - $this->router->response() - ->body(__($e->getMessage())) - ->send(true); + $this->router->response()->body(__($e->getMessage()))->send(true); } } @@ -214,10 +170,7 @@ abstract class ControllerBase return; } - $this->view->assign( - 'contentPage', - $page ?: strtolower($this->getViewBaseName()) - ); + $this->view->assign('contentPage', $page ?: strtolower($this->getViewBaseName())); try { $this->layoutHelper->getFullLayout('main', $this->acl); @@ -226,23 +179,6 @@ abstract class ControllerBase } } - /** - * Obtener los datos para la vista de depuración - */ - protected function getDebug(): void - { - global $memInit; - - $this->view->addTemplate('debug', 'common'); - - $this->view->assign( - 'time', - getElapsedTime($this->router->request()->server()->get('REQUEST_TIME_FLOAT')) - ); - $this->view->assign('memInit', $memInit / 1000); - $this->view->assign('memEnd', memory_get_usage() / 1000); - } - /** * Comprobar si el usuario está logado. * @@ -253,8 +189,7 @@ abstract class ControllerBase */ protected function checkLoggedIn(bool $requireAuthCompleted = true): void { - if ($this->session->isLoggedIn() === false - || $this->session->getAuthCompleted() !== $requireAuthCompleted + if ($this->session->isLoggedIn() === false || $this->session->getAuthCompleted() !== $requireAuthCompleted ) { throw new SessionTimeout(); } @@ -284,10 +219,7 @@ abstract class ControllerBase $this->request->verifySignature($this->configData->getPasswordSalt()); $this->view->assign('from', $from); - $this->view->assign( - 'from_hash', - Hash::signMessage($from, $this->configData->getPasswordSalt()) - ); + $this->view->assign('from_hash', Hash::signMessage($from, $this->configData->getPasswordSalt())); } catch (SPException $e) { processException($e); } @@ -301,7 +233,6 @@ abstract class ControllerBase */ protected function checkAccess(int $action): bool { - return $this->userData->getIsAdminApp() - || $this->acl->checkUserAccess($action); + return $this->userData->getIsAdminApp() || $this->acl->checkUserAccess($action); } } \ No newline at end of file diff --git a/app/modules/web/Controllers/Login/LoginController.php b/app/modules/web/Controllers/Login/LoginController.php index 1094c082..de17255a 100644 --- a/app/modules/web/Controllers/Login/LoginController.php +++ b/app/modules/web/Controllers/Login/LoginController.php @@ -25,8 +25,6 @@ namespace SP\Modules\Web\Controllers\Login; use Exception; -use Psr\Container\ContainerExceptionInterface; -use Psr\Container\NotFoundExceptionInterface; use SP\Core\Application; use SP\Core\Bootstrap\BootstrapBase; use SP\Core\Events\Event; @@ -59,18 +57,16 @@ final class LoginController extends ControllerBase $this->loginService = $loginService; } - /** * Login action * - * @throws ContainerExceptionInterface - * @throws NotFoundExceptionInterface + * @return bool * @throws \JsonException */ public function loginAction(): bool { try { - $from = $this->getSignedUriFromRequest($this->request); + $from = $this->getSignedUriFromRequest($this->request, $this->configData); $this->loginService->setFrom($from); $loginResponse = $this->loginService->doLogin(); diff --git a/app/modules/web/Controllers/Plugin/IndexController.php b/app/modules/web/Controllers/Plugin/IndexController.php index 6d070fd0..61bebc46 100644 --- a/app/modules/web/Controllers/Plugin/IndexController.php +++ b/app/modules/web/Controllers/Plugin/IndexController.php @@ -24,23 +24,7 @@ namespace SP\Modules\Web\Controllers\Plugin; -use DI\DependencyException; -use DI\NotFoundException; -use Exception; -use SP\Core\Acl\Acl; use SP\Core\Acl\ActionsInterface; -use SP\Core\Events\Event; -use SP\Core\Events\EventMessage; -use SP\Core\Exceptions\ConstraintException; -use SP\Core\Exceptions\QueryException; -use SP\Core\Exceptions\SessionTimeout; -use SP\Domain\Auth\Services\AuthException; -use SP\Domain\Plugin\Services\PluginDataService; -use SP\Domain\Plugin\Services\PluginService; -use SP\Http\JsonResponse; -use SP\Infrastructure\Common\Repositories\NoSuchItemException; -use SP\Infrastructure\Plugin\Repositories\PluginModel; -use SP\Plugin\PluginManager; /** * Class IndexController @@ -67,28 +51,4 @@ final class IndexController extends PluginSearchBase $this->view(); } - - - - - - - - - - - - /** - * @throws AuthException - * @throws DependencyException - * @throws NotFoundException - * @throws SessionTimeout - */ - protected function initialize(): void - { - $this->checkLoggedIn(); - - $this->pluginService = $this->dic->get(PluginService::class); - $this->pluginDataService = $this->dic->get(PluginDataService::class); - } } \ No newline at end of file diff --git a/app/modules/web/Controllers/SimpleControllerBase.php b/app/modules/web/Controllers/SimpleControllerBase.php index ef74ef80..92c7b35a 100644 --- a/app/modules/web/Controllers/SimpleControllerBase.php +++ b/app/modules/web/Controllers/SimpleControllerBase.php @@ -34,6 +34,7 @@ use SP\Core\Exceptions\SessionTimeout; use SP\Core\Exceptions\SPException; use SP\Core\PhpExtensionChecker; use SP\Core\UI\ThemeInterface; +use SP\Domain\Config\In\ConfigDataInterface; use SP\Domain\Config\Services\ConfigFileService; use SP\Http\Request; use SP\Http\RequestInterface; @@ -56,6 +57,7 @@ abstract class SimpleControllerBase protected Acl $acl; protected Request $request; protected PhpExtensionChecker $extensionChecker; + protected ConfigDataInterface $configData; /** * @throws \SP\Core\Exceptions\SessionTimeout @@ -69,32 +71,20 @@ abstract class SimpleControllerBase RequestInterface $request, PhpExtensionChecker $extensionChecker ) { - $this->controllerName = $this->getControllerName(); - $this->config = $application->getConfig(); - $this->configData = $this->config->getConfigData(); - $this->eventDispatcher = $application->getEventDispatcher(); - $this->session = $application->getContext(); $this->theme = $theme; $this->router = $router; $this->acl = $acl; $this->request = $request; $this->extensionChecker = $extensionChecker; - + $this->controllerName = $this->getControllerName(); + $this->config = $application->getConfig(); + $this->configData = $this->config->getConfigData(); + $this->eventDispatcher = $application->getEventDispatcher(); + $this->session = $application->getContext(); $this->setup = true; - // TODO: call handleSessionTimeout from controller::initialize directly - try { - if (method_exists($this, 'initialize')) { - $this->initialize(); - } - } catch (SessionTimeout $sessionTimeout) { - $this->handleSessionTimeout( - function () { - return true; - } - ); - - throw $sessionTimeout; + if (method_exists($this, 'initialize')) { + $this->initialize(); } } @@ -102,12 +92,13 @@ abstract class SimpleControllerBase * Comprobaciones * * @throws SessionTimeout + * @throws \JsonException */ protected function checks(): void { - if ($this->session->isLoggedIn() === false - || $this->session->getAuthCompleted() !== true - ) { + if ($this->session->isLoggedIn() === false || $this->session->getAuthCompleted() !== true) { + $this->handleSessionTimeout(); + throw new SessionTimeout(); } @@ -121,9 +112,7 @@ abstract class SimpleControllerBase */ protected function checkAccess(int $action): void { - if (!$this->acl->checkUserAccess($action) - && !$this->session->getUserData()->getIsAdminApp() - ) { + if (!$this->acl->checkUserAccess($action) && !$this->session->getUserData()->getIsAdminApp()) { throw new UnauthorizedPageException(SPException::INFO); } } diff --git a/app/modules/web/Controllers/Traits/WebControllerTrait.php b/app/modules/web/Controllers/Traits/WebControllerTrait.php index e26097e8..4a790e78 100644 --- a/app/modules/web/Controllers/Traits/WebControllerTrait.php +++ b/app/modules/web/Controllers/Traits/WebControllerTrait.php @@ -24,10 +24,8 @@ namespace SP\Modules\Web\Controllers\Traits; -use Closure; -use SP\Core\Exceptions\SessionTimeout; use SP\Core\Exceptions\SPException; -use SP\Http\Request; +use SP\Domain\Config\In\ConfigDataInterface; use SP\Http\RequestInterface; use SP\Mvc\Controller\ControllerTrait; @@ -44,8 +42,10 @@ trait WebControllerTrait * Returns the signed URI component after validating its signature. * This component is used for deep linking */ - final protected function getSignedUriFromRequest(RequestInterface $request): ?string - { + final protected function getSignedUriFromRequest( + RequestInterface $request, + ConfigDataInterface $configData + ): ?string { if (!$this->setup) { return null; } @@ -54,10 +54,7 @@ trait WebControllerTrait if ($from) { try { - $request->verifySignature( - $this->configData->getPasswordSalt(), - 'from' - ); + $request->verifySignature($configData->getPasswordSalt(), 'from'); } catch (SPException $e) { processException($e); @@ -70,21 +67,13 @@ trait WebControllerTrait /** * @throws \JsonException - * @throws SessionTimeout */ - private function handleSessionTimeout(Closure $checker): void + private function handleSessionTimeout(): void { - if ($checker->call($this) === true) { - $this->sessionLogout( - $this->request, - function ($redirect) { - $this->router->response() - ->redirect($redirect) - ->send(true); - } - ); - - throw new SessionTimeout(); - } + $this->sessionLogout( + $this->request, + $this->configData, + fn($redirect) => $this->router->response()->redirect($redirect)->send(true) + ); } } \ No newline at end of file diff --git a/lib/SP/Mvc/Controller/ControllerTrait.php b/lib/SP/Mvc/Controller/ControllerTrait.php index 9cf1ef6e..5ba568ee 100644 --- a/lib/SP/Mvc/Controller/ControllerTrait.php +++ b/lib/SP/Mvc/Controller/ControllerTrait.php @@ -39,12 +39,10 @@ use SP\Util\Util; * Trait ControllerTrait * * @package SP\Mvc\Controller - * @property ConfigDataInterface $configData */ trait ControllerTrait { - protected ConfigDataInterface $configData; - protected string $controllerName; + protected string $controllerName; protected function getControllerName(): string { @@ -67,6 +65,7 @@ trait ControllerTrait */ protected function sessionLogout( RequestInterface $request, + ConfigDataInterface $configData, Closure $onRedirect ): void { if ($request->isJson()) { @@ -88,7 +87,7 @@ trait ControllerTrait $uri->addParam('_r', 'login'); if ($route && $hash) { - $key = $this->configData->getPasswordSalt(); + $key = $configData->getPasswordSalt(); $request->verifySignature($key); $uri->addParam('from', $route); @@ -117,23 +116,18 @@ trait ControllerTrait * @throws SPException * @deprecated */ - protected function checkSecurityToken(string $previousToken, RequestInterface $request): void - { - if (isset($this->configData) - && $request->analyzeString('h') !== null - && $request->analyzeString('from') === null - ) { - $request->verifySignature($this->configData->getPasswordSalt()); + protected function checkSecurityToken( + string $previousToken, + RequestInterface $request, + ConfigDataInterface $configData + ): void { + if ($request->analyzeString('h') !== null && $request->analyzeString('from') === null) { + $request->verifySignature($configData->getPasswordSalt()); } else { $sk = $request->analyzeString('sk'); if (!$sk || $previousToken !== $sk) { - throw new SPException( - __u('Invalid Action'), - SPException::ERROR, - null, - 1 - ); + throw new SPException(__u('Invalid Action'), SPException::ERROR, null, 1); } } } diff --git a/lib/SP/Mvc/Controller/WebControllerHelper.php b/lib/SP/Mvc/Controller/WebControllerHelper.php index 0707b6a4..a464c1db 100644 --- a/lib/SP/Mvc/Controller/WebControllerHelper.php +++ b/lib/SP/Mvc/Controller/WebControllerHelper.php @@ -34,6 +34,9 @@ use SP\Modules\Web\Controllers\Helpers\LayoutHelper; use SP\Mvc\View\TemplateInterface; use SP\Providers\Auth\Browser\BrowserAuthInterface; +/** + * Class WebControllerHelper + */ final class WebControllerHelper { private ThemeInterface $theme;