WebSVN – LeadersLinked - Antes de SPA – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	www	1	`<?php`
		2	`declare(strict_types=1);`
		3
		4	`namespace LeadersLinked;`
		5
		6	`use Laminas\Db\Adapter\AdapterInterface;`
		7	`use Laminas\Cache\Storage\Adapter\AbstractAdapter as CacheAdapter;`
		8	`use Laminas\ModuleManager\ModuleEvent;`
		9	`use Laminas\ModuleManager\ModuleManager;`
		10	`use Laminas\Mvc\MvcEvent;`
		11	`use Laminas\Config\Reader\Ini;`
		12	`use Laminas\Permissions\Acl\Acl;`
		13	`use Laminas\Permissions\Acl\Role\GenericRole;`
		14	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		15	`use LeadersLinked\Model\Company;`
		16	`use LeadersLinked\Mapper\UserMapper;`
		17	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		18	`use Laminas\Authentication\AuthenticationService;`
		19	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		20	`use LeadersLinked\Model\UserType;`
3639	efrain	21	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		22	`use LeadersLinked\Model\Network;`
		23	`use LeadersLinked\Model\User;`
		24	`use LeadersLinked\Mapper\CompanyUserMapper;`
		25	`use LeadersLinked\Model\CompanyUser;`
		26	`use LeadersLinked\Mapper\CompanyMapper;`
1	www	27
		28	`class Module`
		29	`{`
		30
		31	`/**`
		32	`*`
		33	`* @var boolean`
		34	`*/`
		35	`private $isJson;`
		36
		37	`/**`
		38	`*`
		39	`* @var boolean`
		40	`*/`
		41	`private $isHtml;`
		42
		43	`/**`
		44	`*`
		45	`* @var Acl`
		46	`*/`
		47	`private $acl;`
		48
3639	efrain	49
1	www	50
		51	`/**`
		52	`*`
		53	`* @var AdapterInterface`
		54	`*/`
		55	`private $adapter;`
		56
		57
		58	`/**`
		59	`*`
		60	`* @var CacheAdapter`
		61	`*/`
		62	`private $cache;`
		63
		64	`/**`
		65	`*`
		66	`* @var CurrentUserPlugin`
		67	`*/`
3639	efrain	68	`private $currentUserPlugin;`
1	www	69
		70
		71	`/**`
3639	efrain	72	`*`
		73	`* @var CurrentNetworkPlugin`
		74	`*/`
		75	`private $currentNetworkPlugin;`
		76
		77
		78	`/**`
1	www	79	`*`
		80	`* @var array`
		81	`*/`
		82	`private $routesAuthorized = [];`
		83
		84	`/**`
		85	`*`
		86	`* @var boolean`
		87	`*/`
		88	`private $authByHeaders = false;`
		89
		90	`public function init(ModuleManager $moduleManager)`
		91	`{`
		92	`$events = $moduleManager->getEventManager();`
		93	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array($this, 'onMergeConfig'));`
		94	`}`
		95
		96	`public function onMergeConfig(ModuleEvent $event)`
		97	`{`
		98	`$configListener = $event->getConfigListener();`
		99	`$config = $configListener->getMergedConfig(false);`
		100
		101	`$reader = new Ini();`
		102	`$data = $reader->fromFile('config/leaderslinked.ini');`
		103
		104	`$prefix = 'leaderslinked';`
		105	`foreach($data as $section => $pairs)`
		106	`{`
		107	`foreach($pairs as $key => $value)`
		108	`{`
		109	`$config[$prefix . '.' . $section . '.' . $key] = $value;`
		110	`}`
		111	`}`
		112	`$configListener->setMergedConfig($config);`
		113	`}`
		114
		115
		116	`public function getConfig() : array`
		117	`{`
		118	`return include __DIR__ . '/../config/module.config.php';`
		119	`}`
		120
		121	`public function onBootstrap(MvcEvent $event)`
		122	`{`
		123	`$serviceManager = $event->getApplication()->getServiceManager();`
		124	`$adapter = $serviceManager->get('leaders-linked-db');`
		125	`// $logger = $serviceManager->get('Zend\Log\Logger');`
		126
		127
		128	`$session = $serviceManager->get('leaders-linked-session');`
		129	`$session->start();`
		130
		131
		132	`$translator = $serviceManager->get('MvcTranslator');`
		133	`$translator->addTranslationFile(`
		134	`'phpArray',`
		135	`__DIR__ . '/i18n/validate.php',`
		136	`'default'`
		137	`);`
		138
		139	`$translator->addTranslationFile(`
		140	`'phpArray',`
		141	`__DIR__ . '/i18n/spanish.php',`
		142	`'default'`
		143	`);`
		144
		145	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
		146
		147
		148	`$headers = $event->getRequest()->getHeaders();`
		149	`if($headers->has('Accept')) {`
		150	`$accept = $headers->get('Accept');`
		151	`$prioritized = $accept->getPrioritized();`
		152
		153	`foreach($prioritized as $key => $value) {`
		154	`$raw = trim($value->getRaw());`
		155
		156	`if(!$this->isJson) {`
		157	`$this->isJson = strpos($raw, 'json');`
		158	`}`
		159
		160	`}`
		161	`} else {`
		162	`$accept = '';`
		163	`}`
		164	`if($headers->has('token')) {`
		165	`$device_uuid = filter_var($headers->get('token')->getFieldValue(), FILTER_SANITIZE_STRING);`
		166	`} else {`
		167	`$device_uuid = '';`
		168	`}`
		169	`if($headers->has('secret')) {`
		170	`$password = filter_var($headers->get('secret')->getFieldValue(), FILTER_SANITIZE_STRING);`
		171	`} else {`
		172	`$password = '';`
		173	`}`
		174	`if($headers->has('rand')) {`
		175	`$rand = filter_var($headers->get('rand')->getFieldValue(), FILTER_SANITIZE_NUMBER_INT);`
		176	`} else {`
		177	`$rand = 0;`
		178	`}`
		179	`if($headers->has('created')) {`
		180	`$timestamp = filter_var($headers->get('created')->getFieldValue(), FILTER_SANITIZE_STRING);`
		181	`} else {`
		182	`$timestamp = 0;`
		183	`}`
		184
		185
3639	efrain	186
		187
		188	`$this->currentNetworkPlugin = new CurrentNetworkPlugin($adapter);`
		189	`if(!$this->currentNetworkPlugin->hasNetwork()) {`
		190	`echo '2';`
		191	`exit;`
		192	`header("HTTP/1.1 401 Unauthorized - Private network - not found");`
		193	`exit;`
		194	`}`
		195
		196	`if($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
		197	`echo '3';`
		198	`exit;`
		199	`header("HTTP/1.1 401 Unauthorized - Private network - inactive");`
		200	`exit;`
		201	`}`
		202
		203
1	www	204	`$this->authByHeaders = false;`
		205	`if($device_uuid && $password && $rand && $timestamp) {`
		206	`$this->authByHeaders = true;`
		207
		208
		209	`$this->isJson = true;`
		210
		211	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		212	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
		213
		214	`$authService = new AuthenticationService();`
		215	`$result = $authService->authenticate($tokenAuthAdapter);`
		216	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
		217	`$response = $event->getResponse();`
		218
		219	`$this->sendResponse($response, ['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		220	`}`
210	efrain	221
		222
		223
		224
		225
1	www	226	`}`
3639	efrain	227
1	www	228
3639	efrain	229
		230	`if(empty($_SERVER['REDIRECT_URL'])) {`
		231	`if(empty($_SERVER['REQUEST_URI'])) {`
		232	`$routeName = '';`
		233
		234	`} else {`
		235	`$routeName = $_SERVER['REQUEST_URI'];`
		236	`}`
		237
		238	`} else {`
		239	`$routeName = $_SERVER['REDIRECT_URL'];`
		240
		241	`}`
		242
210	efrain	243
3639	efrain	244	`$routeName = strtolower(trim($routeName));`
		245	`if(strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
		246	`$routeName = substr($routeName, 1);`
		247	`}`
1	www	248
3639	efrain	249	`$this->isHtml = $this->isJson ? false : true;`
		250	`$this->currentUserPlugin = new CurrentUserPlugin($adapter);`
1	www	251
210	efrain	252
3639	efrain	253	`if($this->authByHeaders && substr($routeName, 0, 8) == 'services') {`
		254	`$checkUserForNetwork = false;`
		255	`} else {`
		256	`if($this->currentUserPlugin->hasIdentity()) {`
		257
		258	`$checkUserForNetwork = true;`
		259	`} else {`
		260	`$checkUserForNetwork = false;`
		261	`}`
		262	`}`
		263
		264	`if($checkUserForNetwork) {`
		265	`if(!$routeName \|\| in_array($routeName, ['signout', 'signin', 'home'])) {`
		266	`$checkUserForNetwork = false;`
		267	`}`
		268	`}`
		269
		270	`if($checkUserForNetwork) {`
		271
		272
		273
		274	`if($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
		275	`header("HTTP/1.1 401 Unauthorized - The user is not part of this private network");`
		276	`exit;`
		277	`}`
		278	`}`
		279
		280
		281
1	www	282	`$this->initAcl($event);`
		283	`$eventManager = $event->getApplication()->getEventManager();`
		284	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this,'onDispatchError'], 0);`
		285	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this,'onRenderError'], 0);`
		286
		287	`$sharedManager = $eventManager->getSharedManager();`
		288	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPreDispatch'], 100);`
		289	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPosDispatch'], -100);`
		290	`}`
		291
		292	`public function initAcl(MvcEvent $event)`
		293	`{`
		294
3639	efrain	295	`$serviceManager = $event->getApplication()->getServiceManager();`
		296	`$adapter = $serviceManager->get('leaders-linked-db');`
		297
		298
1	www	299	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		300
		301
		302	`$this->acl = new Acl();`
		303	`$resources = getAclResources();`
1979	efrain	304
1	www	305	`foreach($resources as $resourceName)`
		306	`{`
		307	`$this->acl->addResource(new GenericResource($resourceName));`
		308	`}`
		309
		310	`$usertypes = getAclUsertype();`
		311	`foreach($usertypes as $usertype => $resources)`
		312	`{`
		313	`$this->acl->addRole(new GenericRole($usertype));`
		314	`foreach ($resources as $resourceName)`
		315	`{`
		316	`$this->acl->allow($usertype, $resourceName);`
		317	`}`
		318	`}`
		319
3639	efrain	320
		321
		322
		323	`if($this->currentUserPlugin->hasIdentity() && $this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		324
		325	`$resources = getAclSuperAdmin();`
		326	`foreach($resources as $resourceName)`
		327	`{`
		328	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		329	`}`
		330	`}`
		331
		332
		333	`if($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		334
		335	`$usertypes = getAclUsertypeDefaultNetwork();`
		336	`foreach($usertypes as $usertype => $resources)`
		337	`{`
		338
		339	`foreach ($resources as $resourceName)`
		340	`{`
		341	`$this->acl->allow($usertype, $resourceName);`
		342	`}`
		343	`}`
		344
		345
		346	`} else {`
		347
		348	`$companyMapper = CompanyMapper::getInstance($adapter);`
		349	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
		350	`if($company) {`
		351	`$companyUserMapper = CompanyUserMapper::getInstance($this->adapter);`
		352	`$companyUser = $companyUserMapper->fetchOneByCompanyIdAndUserId($this->company->id, $this->currentUserPlugin->getUserId());`
		353
		354	`if($companyUser) {`
		355	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		356
		357	`if($companyUser->creator == CompanyUser::CREATOR_YES) {`
		358
		359	`$resources = getAclUsertypeOtherNetworkCreator();`
		360	`foreach($resources as $resourceName)`
		361	`{`
		362	`$this->acl->allow($usertype, $resourceName);`
		363	`}`
		364
		365	`}`
		366	`if($companyUser->creator == CompanyUser::CREATOR_NO) {`
		367	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		368	`foreach($resources as $resourceName)`
		369	`{`
		370	`$this->acl->allow($usertype, $resourceName);`
		371	`}`
		372	`}`
		373	`}`
		374	`}`
		375	`}`
		376
		377
1	www	378	`$event->getViewModel()->setVariable('acl', $this->acl);`
		379
		380	`}`
		381
		382	`public function onDispatchError(MvcEvent $event)`
		383	`{`
		384	`$this->processError($event);`
		385	`}`
		386
		387	`public function onRenderError(MvcEvent $event)`
		388	`{`
		389	`$this->processError($event);`
		390	`}`
		391
		392	`public function sendResponse(\Laminas\Http\Response $response, $data)`
		393	`{`
		394
		395
		396	`if($this->isJson) {`
		397	`$headers = $response->getHeaders();`
		398	`$headers->clearHeaders();`
		399	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		400
		401	`$response->setStatusCode(200);`
		402	`$response->setContent(json_encode($data));`
		403	`$response->send();`
		404
		405	`} else {`
		406	`throw new \Exception($data['data']);`
		407	`}`
		408	`exit;`
		409	`}`
		410
		411	`public function processError(MvcEvent $event)`
		412	`{`
		413
		414	`$request = $event->getRequest();`
		415	`if((method_exists($request, 'isXmlHttpRequest') && $request->isXmlHttpRequest()) \|\| ($this->isJson && !$this->isHtml)) {`
		416
		417	`$error = $event->getError();`
		418	`if (!$error) {`
		419	`return;`
		420	`}`
		421
		422	`$response = $event->getResponse();`
		423
		424	`if('error-exception' == $error) {`
		425	`$exception = $event->getParam('exception');`
		426	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		427	`error_log($exception->getTraceAsString());`
		428
		429
		430	`$data = [`
		431	`'success' => false,`
		432	`'data' => 'An error occurred during execution; please try again later.'`
		433	`];`
		434
		435	`} else if('error-router-no-match' == $error) {`
		436	`$data = [`
		437	`'success' => false,`
		438	`'data' => 'Resource not found.'`
		439
		440	`];`
		441	`} else if(' error-controller-not-found' == $error) {`
		442	`$data = [`
		443	`'success' => false,`
		444	`'data' => 'Controller not found.'`
		445
		446	`];`
		447	`} else {`
		448	`$data = [`
		449	`'success' => false,`
		450	`'data' => 'Unknow error.' , 'error' => $error`
		451
		452	`];`
		453	`}`
		454
		455	`$this->sendResponse($response, $data);`
		456	`}`
		457
		458	`$this->initAcl($event);`
		459	`}`
		460
		461
		462	`public function authPreDispatch(MvcEvent $event)`
		463	`{`
210	efrain	464
		465
		466
		467
1	www	468	`$serviceManager = $event->getApplication()->getServiceManager();`
		469	`$adapter = $serviceManager->get('leaders-linked-db');`
		470
210	efrain	471	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		472
1	www	473
210	efrain	474	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
		475
		476	`if($requestMethod == 'POST' \|\| $requestMethod == 'PUT' \|\| $requestMethod == 'DELETE') {`
		477
1979	efrain	478
1323	efrain	479	`if($this->authByHeaders && substr($routeName, 0, 8) == 'services') {`
		480	`$exclude = true;`
		481	`} else {`
		482	`$exclude = false;`
		483
		484	`$usertypes = getAclUsertype();`
		485
		486
		487	`foreach($usertypes[UserType::GUEST] as $resourceName)`
		488	`{`
		489	`if($routeName == $resourceName) {`
		490	`$exclude = true;`
		491	`break;`
		492	`}`
210	efrain	493	`}`
		494	`}`
1979	efrain	495
210	efrain	496	`if(!$exclude) {`
		497	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
		498	`$sessionToken = isset($_SESSION['token']) ? $_SESSION['token'] : uniqid();`
		499
		500	`unset($_SESSION['token']);`
		501	`if ( $httpToken != $sessionToken) {`
		502	`header("HTTP/1.1 401 Unauthorized");`
		503	`exit;`
		504	`}`
		505
		506	`}`
		507	`}`
		508
		509
		510
3639	efrain	511	`if($this->currentUserPlugin->hasIdentity()) {`
		512	`$user = $this->currentUserPlugin->getUser();`
1	www	513	`$userTypeId = $user->usertype_id;`
		514
		515
		516	`} else {`
		517
		518	`$userTypeId = UserType::GUEST;`
		519	`}`
		520
210	efrain	521
1	www	522	`if($this->acl->isAllowed($userTypeId, $routeName)) {`
3639	efrain	523	`$user = $this->currentUserPlugin->getUser();`
210	efrain	524
1	www	525
		526	`if($user) {`
3086	efrain	527
		528	`$updateLastActivity = true;`
		529	`if ('chat' == substr($routeName, 0, 4)) {`
		530	`$updateLastActivity = false;`
		531	`}`
		532	`if ('inmail' == substr($routeName, 0, 6)) {`
		533	`$updateLastActivity = false;`
		534	`}`
		535	`if ('check-session' == $routeName) {`
		536	`$updateLastActivity = false;`
		537	`}`
		538
		539
		540	`if($updateLastActivity) {`
		541	`$userMapper = UserMapper::getInstance($adapter);`
		542	`$userMapper->updateLastActivity($user->id);`
		543	`}`
1	www	544	`}`
		545
		546	`} else {`
210	efrain	547
1	www	548	`if($this->authByHeaders) {`
		549	`$response = $event->getResponse();`
		550	`$headers = $response->getHeaders();`
		551	`$headers->clearHeaders();`
		552	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		553
		554	`$response->setStatusCode(401);`
		555	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));`
		556	`$response->send();`
		557	`exit;`
		558
210	efrain	559	`}`
1	www	560
		561
		562	`//print_r($this->routesAuthorized);`
		563	`// echo 'sin permiso'; exit;`
		564
		565
3639	efrain	566	`$this->currentUserPlugin->clearIdentity();`
1	www	567
		568
		569	`if($this->isJson) {`
		570	`$response = $event->getResponse();`
		571	`$headers = $response->getHeaders();`
		572	`$headers->clearHeaders();`
		573	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		574
		575	`$response->setStatusCode(200);`
		576	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));`
		577	`$response->send();`
		578	`} else {`
		579	`$url = $event->getRouter()->assemble([], ['name' => 'signout']);`
		580
		581	`$response = $event->getResponse();`
		582	`$headers = $response->getHeaders();`
		583	`$headers->clearHeaders();`
		584	`$headers->addHeaderLine('Location', $url);`
		585
		586	`$response->setStatusCode(302);`
		587	`$response->send();`
		588	`}`
		589	`exit;`
		590	`}`
		591
		592
		593	`}`
		594
		595
		596	`public function authPosDispatch(MvcEvent $event)`
		597	`{`
		598
		599	`}`
		600
		601
		602	`}`

Proyectos de Subversion LeadersLinked - Antes de SPA

(root)/module/LeadersLinked/src/Module.php – Rev 3639