WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
		2	`declare(strict_types=1);`
		3
		4	`namespace LeadersLinked;`
		5
		6	`use Laminas\Db\Adapter\AdapterInterface;`
		7	`use Laminas\ModuleManager\ModuleEvent;`
		8	`use Laminas\ModuleManager\ModuleManager;`
		9	`use Laminas\Mvc\MvcEvent;`
		10	`use Laminas\Config\Reader\Ini;`
		11	`use Laminas\Permissions\Acl\Acl;`
		12	`use Laminas\Permissions\Acl\Role\GenericRole;`
		13	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		14	`use LeadersLinked\Mapper\UserMapper;`
		15	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		16	`use Laminas\Authentication\AuthenticationService;`
		17	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		18	`use LeadersLinked\Model\UserType;`
		19	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		20	`use LeadersLinked\Model\Network;`
		21	`use LeadersLinked\Model\User;`
		22	`use LeadersLinked\Mapper\CompanyUserMapper;`
		23	`use LeadersLinked\Model\CompanyUser;`
		24	`use LeadersLinked\Mapper\CompanyMapper;`
		25	`use LeadersLinked\Mapper\CompanyServiceMapper;`
		26	`use LeadersLinked\Model\Service;`
		27
		28	`use LeadersLinked\Library\Functions;`
		29	`use LeadersLinked\Mapper\DailyPulseMapper;`
		30	`use LeadersLinked\Model\DailyPulse;`
		31	`use LeadersLinked\Mapper\OrganizationPositionMapper;`
		32	`use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;`
		33	`use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;`
		34	`use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;`
		35	`use LeadersLinked\Mapper\MyCoachCategoryUserMapper;`
23	efrain	36	`use Firebase\JWT\JWT;`
		37	`use Firebase\JWT\Key;`
		38	`use LeadersLinked\Mapper\JwtTokenMapper;`
		39	`use LeadersLinked\Authentication\AuthUserIdAdapter;`
95	efrain	40	`use LeadersLinked\Model\JwtToken;`
1	efrain	41
		42	`class Module`
		43	`{`
		44	`/**`
		45	`*`
		46	`* @var Acl`
		47	`*/`
		48	`private $acl;`
		49
		50	`/**`
		51	`*`
		52	`* @var AdapterInterface`
		53	`*/`
		54	`private $adapter;`
		55
		56	`/**`
		57	`*`
		58	`* @var CurrentUserPlugin`
		59	`*/`
		60	`private $currentUserPlugin;`
		61
		62	`/**`
		63	`*`
		64	`* @var CurrentNetworkPlugin`
		65	`*/`
		66	`private $currentNetworkPlugin;`
		67
		68	`/**`
		69	`*`
		70	`* @var array`
		71	`*/`
		72	`private $routesAuthorized = [];`
		73
		74	`/**`
		75	`*`
		76	`* @var boolean`
		77	`*/`
23	efrain	78	`private $authByOTP = false;`
1	efrain	79
23	efrain	80	`/**`
		81	`*`
		82	`* @var boolean`
		83	`*/`
		84	`private $authByJWT = false;`
1	efrain	85
23	efrain	86
1	efrain	87	`/**`
		88	`*`
95	efrain	89	`* @var JwtToken`
		90	`*/`
		91	`private $jwtToken;`
		92
		93
		94	`/**`
		95	`*`
1	efrain	96	`* @var array`
		97	`*/`
		98	`private $config;`
		99
		100
		101
		102	`public function init(ModuleManager $moduleManager)`
		103	`{`
		104	`$events = $moduleManager->getEventManager();`
		105	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array($this, 'onMergeConfig'));`
		106	`}`
		107
		108	`public function onMergeConfig(ModuleEvent $event)`
		109	`{`
		110	`$configListener = $event->getConfigListener();`
		111	`$this->config = $configListener->getMergedConfig(false);`
		112
		113	`$reader = new Ini();`
		114	`$data = $reader->fromFile('config/leaderslinked.ini');`
		115
		116	`$prefix = 'leaderslinked';`
		117	`foreach($data as $section => $pairs)`
		118	`{`
		119	`foreach($pairs as $key => $value)`
		120	`{`
		121	`$this->config[$prefix . '.' . $section . '.' . $key] = $value;`
		122	`}`
		123	`}`
		124	`$configListener->setMergedConfig($this->config);`
		125	`}`
		126
		127
		128	`public function getConfig() : array`
		129	`{`
		130	`return include __DIR__ . '/../config/module.config.php';`
		131	`}`
		132
		133	`public function onBootstrap(MvcEvent $event)`
		134	`{`
86	efrain	135
96	efrain	136	`$response = $event->getResponse();`
		137	`Functions::addCrossSiteToResponse($response);`
		138	`$event->setResponse($response);`
		139
68	efrain	140	`$serviceManager = $event->getApplication()->getServiceManager();`
55	efrain	141
		142
68	efrain	143	`$eventManager = $event->getApplication()->getEventManager();`
		144	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this,'onDispatchError'], 0);`
		145	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this,'onRenderError'], 0);`
		146
1	efrain	147	`$adapter = $serviceManager->get('leaders-linked-db');`
		148
		149	`$session = $serviceManager->get('leaders-linked-session');`
		150	`$session->start();`
		151
		152
		153	`$translator = $serviceManager->get('MvcTranslator');`
		154	`$translator->addTranslationFile(`
		155	`'phpArray',`
		156	`__DIR__ . '/i18n/validate.php',`
		157	`'default'`
		158	`);`
		159
		160	`$translator->addTranslationFile(`
		161	`'phpArray',`
		162	`__DIR__ . '/i18n/spanish.php',`
		163	`'default'`
		164	`);`
		165
86	efrain	166
97	efrain	167
		168
		169
		170
1	efrain	171	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
		172
		173
		174	`$headers = $event->getRequest()->getHeaders();`
		175	`if($headers->has('token')) {`
		176	`$device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());`
		177	`} else {`
		178	`$device_uuid = '';`
		179	`}`
		180	`if($headers->has('secret')) {`
		181	`$password = Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());`
		182	`} else {`
		183	`$password = '';`
		184	`}`
		185	`if($headers->has('rand')) {`
		186	`$rand = Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());`
		187	`} else {`
		188	`$rand = 0;`
		189	`}`
		190	`if($headers->has('created')) {`
		191	`$timestamp = Functions::sanitizeFilterString($headers->get('created')->getFieldValue());`
		192	`} else {`
		193	`$timestamp = 0;`
		194	`}`
		195
		196
4	efrain	197
1	efrain	198	`$this->currentNetworkPlugin = new CurrentNetworkPlugin($adapter);`
		199	`if(!$this->currentNetworkPlugin->hasNetwork()) {`
43	efrain	200
1	efrain	201	`$response = $event->getResponse();`
45	efrain	202	`$code = 200;`
		203	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - not found', 'fatal' => true]);`
43	efrain	204	`$this->sendResponse($response, $code, $content);`
		205
1	efrain	206	`}`
		207
		208	`if($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
43	efrain	209
1	efrain	210	`$response = $event->getResponse();`
45	efrain	211	`$code = 200;`
		212	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - inactive', 'fatal' => true]);`
43	efrain	213	`$this->sendResponse($response, $code, $content);`
		214
1	efrain	215	`}`
		216
		217
23	efrain	218	`$this->authByOTP = false;`
1	efrain	219	`if($device_uuid && $password && $rand && $timestamp) {`
23	efrain	220	`$this->authByOTP = true;`
1	efrain	221
		222
		223	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		224	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
		225
		226	`$authService = new AuthenticationService();`
		227	`$result = $authService->authenticate($tokenAuthAdapter);`
		228	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	229
1	efrain	230	`$response = $event->getResponse();`
43	efrain	231	`$code = 200;`
		232	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		233	`$this->sendResponse($response, $code, $content);`
		234
1	efrain	235	`}`
		236
		237	`}`
23	efrain	238
		239	`$this->authByJWT = false;`
		240	`$headers = getallheaders();`
34	efrain	241
		242	`if(!empty($headers['authorization']) \|\| !empty($headers['Authorization'])) {`
23	efrain	243
34	efrain	244	`$token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);`
		245
		246
23	efrain	247	`if (substr($token, 0, 6 ) == 'Bearer') {`
43	efrain	248
23	efrain	249
		250	`$token = trim(substr($token, 7));`
		251
		252	`if(!empty($this->config['leaderslinked.jwt.key'])) {`
		253	`$key = $this->config['leaderslinked.jwt.key'];`
		254
		255
		256	`try {`
		257	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
		258
		259
		260	`if(empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
43	efrain	261
23	efrain	262	`$response = $event->getResponse();`
45	efrain	263	`$code = 200;`
43	efrain	264	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong server', 'fatal' => true]);`
		265	`$this->sendResponse($response, $code, $content);`
23	efrain	266
43	efrain	267
		268
23	efrain	269	`}`
		270
		271	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
		272	`if($uuid) {`
		273	`$jwtTokenMapper = JwtTokenMapper::getInstance($adapter);`
100	efrain	274	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
		275	`if($jwtToken) {`
23	efrain	276
100	efrain	277	`$_SESSION['aes'] = $jwtToken->aes;`
23	efrain	278
100	efrain	279	`if($jwtToken->user_id) {`
23	efrain	280	`$authByUserId = new AuthUserIdAdapter($adapter);`
100	efrain	281	`$authByUserId->setData($jwtToken->user_id);`
23	efrain	282
		283	`$authService = new AuthenticationService();`
		284	`$result = $authService->authenticate($authByUserId);`
		285	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	286
23	efrain	287	`$response = $event->getResponse();`
45	efrain	288	`$code = 200;`
43	efrain	289	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		290	`$this->sendResponse($response, $code, $content);`
23	efrain	291
		292	`}`
24	efrain	293
100	efrain	294	`$this->authByJWT = $jwtToken->id;`
23	efrain	295	`}`
		296
		297
		298	`} else {`
		299	`$response = $event->getResponse();`
45	efrain	300	`$code = 200;`
43	efrain	301	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Expired', 'fatal' => true]);`
		302	`$this->sendResponse($response, $code, $content);`
		303
23	efrain	304	`}`
		305
		306	`}`
		307	`} catch(\Exception $e) {`
43	efrain	308
23	efrain	309	`$response = $event->getResponse();`
45	efrain	310	`$code = 200;`
43	efrain	311	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong key', 'fatal' => true]);`
		312	`$this->sendResponse($response, $code, $content);`
		313
23	efrain	314	`}`
		315	`}`
		316	`}`
		317	`}`
1	efrain	318
		319
		320
		321	`if(empty($_SERVER['REDIRECT_URL'])) {`
		322	`if(empty($_SERVER['REQUEST_URI'])) {`
		323	`$routeName = '';`
		324
		325	`} else {`
		326	`$routeName = $_SERVER['REQUEST_URI'];`
		327	`}`
		328
		329	`} else {`
		330	`$routeName = $_SERVER['REDIRECT_URL'];`
		331
		332	`}`
		333
		334
		335	`$routeName = strtolower(trim($routeName));`
		336	`if(strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
		337	`$routeName = substr($routeName, 1);`
		338	`}`
		339
		340	`$this->currentUserPlugin = new CurrentUserPlugin($adapter);`
		341
		342
23	efrain	343	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	344	`$checkUserForNetwork = false;`
		345	`} else {`
		346	`if($this->currentUserPlugin->hasIdentity()) {`
		347
		348	`$checkUserForNetwork = true;`
		349	`} else {`
		350	`$checkUserForNetwork = false;`
		351	`}`
		352	`}`
		353
		354	`if($checkUserForNetwork) {`
		355	`if(!$routeName \|\| in_array($routeName, ['signout', 'signin', 'home'])) {`
		356	`$checkUserForNetwork = false;`
		357	`}`
		358	`}`
		359
		360	`if($checkUserForNetwork) {`
		361
		362
		363
		364	`if($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
		365	`$response = $event->getResponse();`
45	efrain	366	`$this->sendResponse($response, ['success' => false, 'data' => '200 Unauthorized - The user is not part of this private network', 'fatal' => true]);`
1	efrain	367	`exit;`
		368	`}`
		369	`}`
		370
		371
		372
		373	`$this->initAcl($event);`
68	efrain	374
88	efrain	375
1	efrain	376
		377	`$sharedManager = $eventManager->getSharedManager();`
		378	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPreDispatch'], 100);`
		379	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPosDispatch'], -100);`
		380	`}`
		381
		382	`public function initAcl(MvcEvent $event)`
		383	`{`
		384
		385	`$serviceManager = $event->getApplication()->getServiceManager();`
		386	`$adapter = $serviceManager->get('leaders-linked-db');`
		387
		388
		389	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		390
		391
		392	`$this->acl = new Acl();`
		393	`$resources = getAclResources();`
		394
		395	`foreach($resources as $resourceName)`
		396	`{`
		397	`$this->acl->addResource(new GenericResource($resourceName));`
		398	`}`
		399
		400	`$usertypes = getAclUsertype();`
		401	`foreach($usertypes as $usertype => $resources)`
		402	`{`
		403	`$this->acl->addRole(new GenericRole($usertype));`
		404	`foreach ($resources as $resourceName)`
		405	`{`
		406	`$this->acl->allow($usertype, $resourceName);`
		407	`}`
		408	`}`
		409
		410
		411
		412	`if($this->currentUserPlugin->hasIdentity() && $this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		413
		414	`$resources = getAclSuperAdmin();`
		415	`foreach($resources as $resourceName)`
		416	`{`
		417	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		418	`}`
		419	`}`
		420
		421
		422
		423	`$allowMyCoach = false;`
		424	`$allowKnowledgeArea = false;`
		425	`$allowDailyPulse = false;`
		426
		427
		428
		429	`$companyMapper = CompanyMapper::getInstance($adapter);`
		430	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
		431
		432
		433	`if($company) {`
		434
		435	`$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);`
		436	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);`
		437
		438
		439	`$companyUserMapper = CompanyUserMapper::getInstance($adapter);`
		440	`$companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id, $this->currentUserPlugin->getUserId());`
		441
		442
		443
		444
		445	`if($companyService) {`
		446
		447	`$dailyPulseMapper = DailyPulseMapper::getInstance($adapter);`
		448	`$dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);`
		449
		450	`if($dailyPulse) {`
		451	`$privacy = $dailyPulse->privacy;`
		452
		453	`} else {`
		454	`$privacy = DailyPulse::PRIVACY_COMPANY;`
		455	`}`
		456
		457	`if($privacy == DailyPulse::PRIVACY_PUBLIC) {`
		458	`$allowDailyPulse = true;`
		459	`} else {`
		460	`$allowDailyPulse = !empty($companyUser);`
		461	`}`
		462
		463
		464	`}`
		465
		466	`$job_description_ids = [];`
		467
		468	`$organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);`
		469	`$records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id, $this->currentUserPlugin->getUserId());`
		470	`foreach($records as $record)`
		471	`{`
		472	`array_push($job_description_ids, $record->job_description_id);`
		473	`}`
		474
		475
		476	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);`
		477	`if($companyService) {`
		478	`if($job_description_ids) {`
		479
		480
		481	`$knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);`
		482	`$records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		483
		484	`if(!empty($records)) {`
		485	`$allowKnowledgeArea = true;`
		486	`}`
		487
		488	`}`
		489
		490	`if($companyUser && !$allowKnowledgeArea) {`
		491	`$knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);`
		492	`$records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		493	`if(!empty($records)) {`
		494	`$allowKnowledgeArea = true;`
		495	`}`
		496	`}`
		497	`}`
		498
		499	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);`
		500	`if($companyService) {`
		501
		502
		503	`if($job_description_ids) {`
		504
		505
		506	`$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);`
		507	`$records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		508
		509	`if(!empty($records)) {`
		510	`$allowKnowledgeArea = true;`
		511	`}`
		512
		513	`}`
		514
		515	`if($companyUser && !$allowMyCoach) {`
		516	`$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);`
		517	`$records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		518	`if(!empty($records)) {`
		519	`$allowMyCoach = true;`
		520	`}`
		521
		522
		523	`}`
		524	`}`
		525
		526	`} else {`
		527	`$companyUser = '';`
		528	`}`
		529
		530
		531	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		532	`if($allowDailyPulse) {`
		533	`$resources = getAclDailyPulse();`
		534	`foreach($resources as $resourceName)`
		535	`{`
		536	`$this->acl->allow($usertype, $resourceName);`
		537	`}`
		538	`}`
		539
		540	`if($allowKnowledgeArea) {`
		541	`$resources = getAclKnowledgeArea();`
		542	`foreach($resources as $resourceName)`
		543	`{`
		544	`$this->acl->allow($usertype, $resourceName);`
		545	`}`
		546	`}`
		547
		548	`if($allowMyCoach) {`
		549	`$resources = getAclMyCoach();`
		550
		551
		552
		553	`foreach($resources as $resourceName)`
		554	`{`
		555	`$this->acl->allow($usertype, $resourceName);`
		556	`}`
		557
		558	`}`
		559
		560
		561
		562	`if($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		563
		564	`$usertypes = getAclUsertypeDefaultNetwork();`
		565	`foreach($usertypes as $usertype => $resources)`
		566	`{`
		567
		568
		569
		570	`foreach ($resources as $resourceName)`
		571	`{`
		572	`$this->acl->allow($usertype, $resourceName);`
		573	`}`
		574	`}`
		575
		576
		577	`} else {`
		578
		579	`if($this->currentUserPlugin->hasIdentity()) {`
		580
		581
		582	`if($company) {`
		583
		584
		585	`if($companyUser) {`
		586	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		587
		588	`if($companyUser->creator == CompanyUser::CREATOR_YES) {`
		589
		590	`$resources = getAclUsertypeOtherNetworkCreator();`
		591	`foreach($resources as $resourceName)`
		592	`{`
		593	`$this->acl->allow($usertype, $resourceName);`
		594	`}`
		595
		596	`}`
		597	`if($companyUser->creator == CompanyUser::CREATOR_NO) {`
		598	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		599	`foreach($resources as $resourceName)`
		600	`{`
		601	`$this->acl->allow($usertype, $resourceName);`
		602	`}`
		603	`}`
		604	`}`
		605	`}`
		606	`}`
		607	`}`
		608
		609
		610	`$event->getViewModel()->setVariable('acl', $this->acl);`
88	efrain	611
		612
1	efrain	613
		614	`}`
		615
		616	`public function onDispatchError(MvcEvent $event)`
		617	`{`
		618	`$this->processError($event);`
		619	`}`
		620
		621	`public function onRenderError(MvcEvent $event)`
		622	`{`
		623	`$this->processError($event);`
		624	`}`
		625
43	efrain	626	`/**`
		627	`*`
		628	`* @param \Laminas\Http\Response $response`
		629	`* @param int $code`
		630	`* @param string $content`
		631	`*/`
		632	`public function sendResponse($response, $code, $content)`
1	efrain	633	`{`
94	efrain	634
43	efrain	635
44	efrain	636
1	efrain	637	`$headers = $response->getHeaders();`
		638	`$headers->clearHeaders();`
		639	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		640
43	efrain	641	`Functions::addCrossSiteToResponse($response);`
		642
		643	`$response->setStatusCode($code);`
		644	`$response->setContent($content); //json_encode($data));`
1	efrain	645	`$response->send();`
		646	`exit;`
		647	`}`
		648
		649	`public function processError(MvcEvent $event)`
		650	`{`
		651	`$error = $event->getError();`
		652	`if (!$error) {`
		653	`return;`
		654	`}`
		655
		656	`$response = $event->getResponse();`
		657	`if('error-exception' == $error) {`
		658	`$exception = $event->getParam('exception');`
		659	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		660	`error_log($exception->getTraceAsString());`
43	efrain	661
1	efrain	662	`$response = $event->getResponse();`
45	efrain	663	`$code = 200;`
43	efrain	664	`$content = json_encode(['success' => false, 'data' => $exception->getCode() . ' ' . $exception->getMessage(), 'fatal' => true]);`
		665	`$this->sendResponse($response, $code, $content);`
1	efrain	666
		667	`} else if('error-router-no-match' == $error) {`
43	efrain	668
1	efrain	669	`$response = $event->getResponse();`
43	efrain	670	`$code = 404;`
		671	`$content = json_encode(['success' => false, 'data' => 'error-router-no-match', 'fatal' => true]);`
		672	`$this->sendResponse($response, $code, $content);`
1	efrain	673
		674
		675
		676	`} else if(' error-controller-not-found' == $error) {`
43	efrain	677
1	efrain	678	`$response = $event->getResponse();`
43	efrain	679	`$code = 404;`
		680	`$content = json_encode(['success' => false, 'data' => 'error-controller-not-found', 'fatal' => true]);`
		681	`$this->sendResponse($response, $code, $content);`
1	efrain	682
43	efrain	683
1	efrain	684	`} else {`
		685	`$response = $event->getResponse();`
45	efrain	686	`$code = 200;`
43	efrain	687	`$content = json_encode(['success' => false, 'data' => $error, 'fatal' => true]);`
		688	`$this->sendResponse($response, $code, $content);`
1	efrain	689
43	efrain	690
1	efrain	691	`}`
		692
		693	`exit;`
		694
		695	`}`
		696
		697
		698	`public function authPreDispatch(MvcEvent $event)`
		699	`{`
		700
		701
92	efrain	702
1	efrain	703
		704	`$serviceManager = $event->getApplication()->getServiceManager();`
		705	`$adapter = $serviceManager->get('leaders-linked-db');`
		706
		707	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		708
		709
		710	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
		711
95	efrain	712	`if($requestMethod == 'POST') {`
1	efrain	713
		714
23	efrain	715	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	716	`$exclude = true;`
		717	`} else {`
		718	`$exclude = false;`
		719
		720	`$usertypes = getAclUsertype();`
		721
		722
		723	`foreach($usertypes[UserType::GUEST] as $resourceName)`
		724	`{`
		725	`if($routeName == $resourceName) {`
		726	`$exclude = true;`
		727	`break;`
		728	`}`
		729	`}`
		730	`}`
		731
95	efrain	732
1	efrain	733	`if(!$exclude) {`
95	efrain	734
1	efrain	735	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
		736
100	efrain	737
		738
		739	`if($this->authByJWT) {`
101	efrain	740	`error_log('token id = ' . $this->authByJWT);`
		741
95	efrain	742	`$jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);`
100	efrain	743	`$jwtToken = $jwtTokenMapper->fetchOne($this->authByJWT);`
		744	`if($jwtToken) {`
95	efrain	745
100	efrain	746	`$sessionToken = $jwtToken->csrf;`
		747	`//$jwtToken->csrf= '';`
		748
		749
		750	`// $jwtTokenMapper->update($jwtToken);`
		751	`} else {`
		752	`$sessionToken = '';`
		753	`}`
		754
95	efrain	755
		756	`} else {`
		757	`$sessionToken = '';`
		758	`}`
		759
		760
100	efrain	761	`error_log('$httpToken = ' . $httpToken . ' $sessionToken = ' . $sessionToken);`
		762
1	efrain	763	`if ( $httpToken != $sessionToken) {`
		764	`$response = $event->getResponse();`
94	efrain	765	`$this->sendResponse($response, 200, json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));`
1	efrain	766	`}`
		767
		768	`}`
		769	`}`
95	efrain	770
1	efrain	771
		772
		773
		774	`if($this->currentUserPlugin->hasIdentity()) {`
		775	`$user = $this->currentUserPlugin->getUser();`
		776	`$userTypeId = $user->usertype_id;`
		777
		778
		779	`} else {`
		780
		781	`$userTypeId = UserType::GUEST;`
		782	`}`
		783
		784
		785	`if($this->acl->isAllowed($userTypeId, $routeName)) {`
		786	`$user = $this->currentUserPlugin->getUser();`
		787
		788
		789	`if($user) {`
		790
		791	`$updateLastActivity = true;`
		792	`if ('chat' == substr($routeName, 0, 4)) {`
		793	`$updateLastActivity = false;`
		794	`}`
		795	`if ('inmail' == substr($routeName, 0, 6)) {`
		796	`$updateLastActivity = false;`
		797	`}`
		798	`if ('check-session' == $routeName) {`
		799	`$updateLastActivity = false;`
		800	`}`
		801
		802
		803	`if($updateLastActivity) {`
		804	`$userMapper = UserMapper::getInstance($adapter);`
		805	`$userMapper->updateLastActivity($user->id);`
		806	`}`
		807	`}`
		808
		809
		810
		811	`} else {`
		812	`$response = $event->getResponse();`
54	efrain	813
45	efrain	814	`$response->setStatusCode(200);`
1	efrain	815	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));`
		816	`$response->send();`
		817	`exit;`
		818
		819
		820
		821	`}`
90	efrain	822
91	efrain	823
90	efrain	824
1	efrain	825
		826
		827	`}`
		828
		829
		830	`public function authPosDispatch(MvcEvent $event)`
		831	`{`
90	efrain	832	`//$response = $event->getResponse();`
		833	`// Functions::addCrossSiteToResponse($response);`
1	efrain	834	`}`
		835
		836
		837
		838
		839	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Module.php – Rev 101