WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
		2	`declare(strict_types=1);`
		3
		4	`namespace LeadersLinked;`
		5
		6	`use Laminas\Db\Adapter\AdapterInterface;`
		7	`use Laminas\ModuleManager\ModuleEvent;`
		8	`use Laminas\ModuleManager\ModuleManager;`
		9	`use Laminas\Mvc\MvcEvent;`
		10	`use Laminas\Config\Reader\Ini;`
		11	`use Laminas\Permissions\Acl\Acl;`
		12	`use Laminas\Permissions\Acl\Role\GenericRole;`
		13	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		14	`use LeadersLinked\Mapper\UserMapper;`
		15	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		16	`use Laminas\Authentication\AuthenticationService;`
		17	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		18	`use LeadersLinked\Model\UserType;`
		19	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		20	`use LeadersLinked\Model\Network;`
		21	`use LeadersLinked\Model\User;`
		22	`use LeadersLinked\Mapper\CompanyUserMapper;`
		23	`use LeadersLinked\Model\CompanyUser;`
		24	`use LeadersLinked\Mapper\CompanyMapper;`
		25	`use LeadersLinked\Mapper\CompanyServiceMapper;`
		26	`use LeadersLinked\Model\Service;`
		27
		28	`use LeadersLinked\Library\Functions;`
		29	`use LeadersLinked\Mapper\DailyPulseMapper;`
		30	`use LeadersLinked\Model\DailyPulse;`
		31	`use LeadersLinked\Mapper\OrganizationPositionMapper;`
		32	`use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;`
		33	`use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;`
		34	`use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;`
		35	`use LeadersLinked\Mapper\MyCoachCategoryUserMapper;`
23	efrain	36	`use Firebase\JWT\JWT;`
		37	`use Firebase\JWT\Key;`
		38	`use LeadersLinked\Mapper\JwtTokenMapper;`
		39	`use LeadersLinked\Authentication\AuthUserIdAdapter;`
95	efrain	40	`use LeadersLinked\Model\JwtToken;`
1	efrain	41
		42	`class Module`
		43	`{`
		44	`/**`
		45	`*`
		46	`* @var Acl`
		47	`*/`
		48	`private $acl;`
		49
		50	`/**`
		51	`*`
		52	`* @var AdapterInterface`
		53	`*/`
		54	`private $adapter;`
		55
		56	`/**`
		57	`*`
		58	`* @var CurrentUserPlugin`
		59	`*/`
		60	`private $currentUserPlugin;`
		61
		62	`/**`
		63	`*`
		64	`* @var CurrentNetworkPlugin`
		65	`*/`
		66	`private $currentNetworkPlugin;`
		67
		68	`/**`
		69	`*`
		70	`* @var array`
		71	`*/`
		72	`private $routesAuthorized = [];`
		73
		74	`/**`
		75	`*`
		76	`* @var boolean`
		77	`*/`
23	efrain	78	`private $authByOTP = false;`
1	efrain	79
23	efrain	80	`/**`
		81	`*`
		82	`* @var boolean`
		83	`*/`
		84	`private $authByJWT = false;`
1	efrain	85
102	efrain	86	`/**`
		87	`*`
		88	`* @var int`
		89	`*/`
		90	`private $jwtID = 0;`
23	efrain	91
102	efrain	92
1	efrain	93	`/**`
		94	`*`
95	efrain	95	`* @var JwtToken`
		96	`*/`
		97	`private $jwtToken;`
		98
		99
		100	`/**`
		101	`*`
1	efrain	102	`* @var array`
		103	`*/`
		104	`private $config;`
		105
		106
		107
		108	`public function init(ModuleManager $moduleManager)`
		109	`{`
		110	`$events = $moduleManager->getEventManager();`
		111	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array($this, 'onMergeConfig'));`
		112	`}`
		113
		114	`public function onMergeConfig(ModuleEvent $event)`
		115	`{`
		116	`$configListener = $event->getConfigListener();`
		117	`$this->config = $configListener->getMergedConfig(false);`
		118
		119	`$reader = new Ini();`
		120	`$data = $reader->fromFile('config/leaderslinked.ini');`
		121
		122	`$prefix = 'leaderslinked';`
		123	`foreach($data as $section => $pairs)`
		124	`{`
		125	`foreach($pairs as $key => $value)`
		126	`{`
		127	`$this->config[$prefix . '.' . $section . '.' . $key] = $value;`
		128	`}`
		129	`}`
		130	`$configListener->setMergedConfig($this->config);`
		131	`}`
		132
		133
		134	`public function getConfig() : array`
		135	`{`
		136	`return include __DIR__ . '/../config/module.config.php';`
		137	`}`
		138
		139	`public function onBootstrap(MvcEvent $event)`
		140	`{`
86	efrain	141
96	efrain	142	`$response = $event->getResponse();`
		143	`Functions::addCrossSiteToResponse($response);`
		144	`$event->setResponse($response);`
		145
68	efrain	146	`$serviceManager = $event->getApplication()->getServiceManager();`
55	efrain	147
		148
68	efrain	149	`$eventManager = $event->getApplication()->getEventManager();`
		150	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this,'onDispatchError'], 0);`
		151	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this,'onRenderError'], 0);`
		152
1	efrain	153	`$adapter = $serviceManager->get('leaders-linked-db');`
		154
		155	`$session = $serviceManager->get('leaders-linked-session');`
		156	`$session->start();`
		157
		158
		159	`$translator = $serviceManager->get('MvcTranslator');`
		160	`$translator->addTranslationFile(`
		161	`'phpArray',`
		162	`__DIR__ . '/i18n/validate.php',`
		163	`'default'`
		164	`);`
		165
		166	`$translator->addTranslationFile(`
		167	`'phpArray',`
		168	`__DIR__ . '/i18n/spanish.php',`
		169	`'default'`
		170	`);`
		171
86	efrain	172
97	efrain	173
		174
		175
		176
1	efrain	177	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
		178
		179
		180	`$headers = $event->getRequest()->getHeaders();`
		181	`if($headers->has('token')) {`
		182	`$device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());`
		183	`} else {`
		184	`$device_uuid = '';`
		185	`}`
		186	`if($headers->has('secret')) {`
		187	`$password = Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());`
		188	`} else {`
		189	`$password = '';`
		190	`}`
		191	`if($headers->has('rand')) {`
		192	`$rand = Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());`
		193	`} else {`
		194	`$rand = 0;`
		195	`}`
		196	`if($headers->has('created')) {`
		197	`$timestamp = Functions::sanitizeFilterString($headers->get('created')->getFieldValue());`
		198	`} else {`
		199	`$timestamp = 0;`
		200	`}`
		201
		202
4	efrain	203
1	efrain	204	`$this->currentNetworkPlugin = new CurrentNetworkPlugin($adapter);`
		205	`if(!$this->currentNetworkPlugin->hasNetwork()) {`
43	efrain	206
1	efrain	207	`$response = $event->getResponse();`
45	efrain	208	`$code = 200;`
		209	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - not found', 'fatal' => true]);`
43	efrain	210	`$this->sendResponse($response, $code, $content);`
		211
1	efrain	212	`}`
		213
		214	`if($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
43	efrain	215
1	efrain	216	`$response = $event->getResponse();`
45	efrain	217	`$code = 200;`
		218	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - inactive', 'fatal' => true]);`
43	efrain	219	`$this->sendResponse($response, $code, $content);`
		220
1	efrain	221	`}`
		222
		223
23	efrain	224	`$this->authByOTP = false;`
1	efrain	225	`if($device_uuid && $password && $rand && $timestamp) {`
23	efrain	226	`$this->authByOTP = true;`
1	efrain	227
		228
		229	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		230	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
		231
		232	`$authService = new AuthenticationService();`
		233	`$result = $authService->authenticate($tokenAuthAdapter);`
		234	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	235
1	efrain	236	`$response = $event->getResponse();`
43	efrain	237	`$code = 200;`
		238	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		239	`$this->sendResponse($response, $code, $content);`
		240
1	efrain	241	`}`
		242
		243	`}`
23	efrain	244
102	efrain	245	`$this->jwtID = 0;`
23	efrain	246	`$this->authByJWT = false;`
		247	`$headers = getallheaders();`
34	efrain	248
		249	`if(!empty($headers['authorization']) \|\| !empty($headers['Authorization'])) {`
23	efrain	250
34	efrain	251	`$token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);`
		252
		253
23	efrain	254	`if (substr($token, 0, 6 ) == 'Bearer') {`
43	efrain	255
23	efrain	256
		257	`$token = trim(substr($token, 7));`
		258
		259	`if(!empty($this->config['leaderslinked.jwt.key'])) {`
		260	`$key = $this->config['leaderslinked.jwt.key'];`
		261
		262
		263	`try {`
		264	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
		265
		266
		267	`if(empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
43	efrain	268
23	efrain	269	`$response = $event->getResponse();`
45	efrain	270	`$code = 200;`
43	efrain	271	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong server', 'fatal' => true]);`
		272	`$this->sendResponse($response, $code, $content);`
23	efrain	273
43	efrain	274
		275
23	efrain	276	`}`
		277
		278	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
		279	`if($uuid) {`
		280	`$jwtTokenMapper = JwtTokenMapper::getInstance($adapter);`
100	efrain	281	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
		282	`if($jwtToken) {`
23	efrain	283
102	efrain	284	`$this->jwtID = $jwtToken->id;`
		285
100	efrain	286	`$_SESSION['aes'] = $jwtToken->aes;`
23	efrain	287
100	efrain	288	`if($jwtToken->user_id) {`
23	efrain	289	`$authByUserId = new AuthUserIdAdapter($adapter);`
100	efrain	290	`$authByUserId->setData($jwtToken->user_id);`
23	efrain	291
		292	`$authService = new AuthenticationService();`
		293	`$result = $authService->authenticate($authByUserId);`
		294	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	295
23	efrain	296	`$response = $event->getResponse();`
45	efrain	297	`$code = 200;`
43	efrain	298	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		299	`$this->sendResponse($response, $code, $content);`
23	efrain	300
		301	`}`
24	efrain	302
102	efrain	303
23	efrain	304	`}`
		305
		306
		307	`} else {`
		308	`$response = $event->getResponse();`
45	efrain	309	`$code = 200;`
43	efrain	310	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Expired', 'fatal' => true]);`
		311	`$this->sendResponse($response, $code, $content);`
		312
23	efrain	313	`}`
		314
		315	`}`
		316	`} catch(\Exception $e) {`
43	efrain	317
23	efrain	318	`$response = $event->getResponse();`
45	efrain	319	`$code = 200;`
43	efrain	320	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong key', 'fatal' => true]);`
		321	`$this->sendResponse($response, $code, $content);`
		322
23	efrain	323	`}`
		324	`}`
		325	`}`
		326	`}`
1	efrain	327
		328
		329
		330	`if(empty($_SERVER['REDIRECT_URL'])) {`
		331	`if(empty($_SERVER['REQUEST_URI'])) {`
		332	`$routeName = '';`
		333
		334	`} else {`
		335	`$routeName = $_SERVER['REQUEST_URI'];`
		336	`}`
		337
		338	`} else {`
		339	`$routeName = $_SERVER['REDIRECT_URL'];`
		340
		341	`}`
		342
		343
		344	`$routeName = strtolower(trim($routeName));`
		345	`if(strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
		346	`$routeName = substr($routeName, 1);`
		347	`}`
		348
		349	`$this->currentUserPlugin = new CurrentUserPlugin($adapter);`
		350
		351
23	efrain	352	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	353	`$checkUserForNetwork = false;`
		354	`} else {`
		355	`if($this->currentUserPlugin->hasIdentity()) {`
		356
		357	`$checkUserForNetwork = true;`
		358	`} else {`
		359	`$checkUserForNetwork = false;`
		360	`}`
		361	`}`
		362
		363	`if($checkUserForNetwork) {`
		364	`if(!$routeName \|\| in_array($routeName, ['signout', 'signin', 'home'])) {`
		365	`$checkUserForNetwork = false;`
		366	`}`
		367	`}`
		368
		369	`if($checkUserForNetwork) {`
		370
		371
		372
		373	`if($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
		374	`$response = $event->getResponse();`
45	efrain	375	`$this->sendResponse($response, ['success' => false, 'data' => '200 Unauthorized - The user is not part of this private network', 'fatal' => true]);`
1	efrain	376	`exit;`
		377	`}`
		378	`}`
		379
		380
		381
		382	`$this->initAcl($event);`
68	efrain	383
88	efrain	384
1	efrain	385
		386	`$sharedManager = $eventManager->getSharedManager();`
		387	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPreDispatch'], 100);`
		388	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPosDispatch'], -100);`
		389	`}`
		390
		391	`public function initAcl(MvcEvent $event)`
		392	`{`
		393
		394	`$serviceManager = $event->getApplication()->getServiceManager();`
		395	`$adapter = $serviceManager->get('leaders-linked-db');`
		396
		397
		398	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		399
		400
		401	`$this->acl = new Acl();`
		402	`$resources = getAclResources();`
		403
		404	`foreach($resources as $resourceName)`
		405	`{`
		406	`$this->acl->addResource(new GenericResource($resourceName));`
		407	`}`
		408
		409	`$usertypes = getAclUsertype();`
		410	`foreach($usertypes as $usertype => $resources)`
		411	`{`
		412	`$this->acl->addRole(new GenericRole($usertype));`
		413	`foreach ($resources as $resourceName)`
		414	`{`
		415	`$this->acl->allow($usertype, $resourceName);`
		416	`}`
		417	`}`
		418
		419
		420
		421	`if($this->currentUserPlugin->hasIdentity() && $this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		422
		423	`$resources = getAclSuperAdmin();`
		424	`foreach($resources as $resourceName)`
		425	`{`
		426	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		427	`}`
		428	`}`
		429
		430
		431
		432	`$allowMyCoach = false;`
		433	`$allowKnowledgeArea = false;`
		434	`$allowDailyPulse = false;`
		435
		436
		437
		438	`$companyMapper = CompanyMapper::getInstance($adapter);`
		439	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
		440
		441
		442	`if($company) {`
		443
		444	`$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);`
		445	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);`
		446
		447
		448	`$companyUserMapper = CompanyUserMapper::getInstance($adapter);`
		449	`$companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id, $this->currentUserPlugin->getUserId());`
		450
		451
		452
		453
		454	`if($companyService) {`
		455
		456	`$dailyPulseMapper = DailyPulseMapper::getInstance($adapter);`
		457	`$dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);`
		458
		459	`if($dailyPulse) {`
		460	`$privacy = $dailyPulse->privacy;`
		461
		462	`} else {`
		463	`$privacy = DailyPulse::PRIVACY_COMPANY;`
		464	`}`
		465
		466	`if($privacy == DailyPulse::PRIVACY_PUBLIC) {`
		467	`$allowDailyPulse = true;`
		468	`} else {`
		469	`$allowDailyPulse = !empty($companyUser);`
		470	`}`
		471
		472
		473	`}`
		474
		475	`$job_description_ids = [];`
		476
		477	`$organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);`
		478	`$records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id, $this->currentUserPlugin->getUserId());`
		479	`foreach($records as $record)`
		480	`{`
		481	`array_push($job_description_ids, $record->job_description_id);`
		482	`}`
		483
		484
		485	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);`
		486	`if($companyService) {`
		487	`if($job_description_ids) {`
		488
		489
		490	`$knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);`
		491	`$records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		492
		493	`if(!empty($records)) {`
		494	`$allowKnowledgeArea = true;`
		495	`}`
		496
		497	`}`
		498
		499	`if($companyUser && !$allowKnowledgeArea) {`
		500	`$knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);`
		501	`$records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		502	`if(!empty($records)) {`
		503	`$allowKnowledgeArea = true;`
		504	`}`
		505	`}`
		506	`}`
		507
		508	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);`
		509	`if($companyService) {`
		510
		511
		512	`if($job_description_ids) {`
		513
		514
		515	`$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);`
		516	`$records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		517
		518	`if(!empty($records)) {`
		519	`$allowKnowledgeArea = true;`
		520	`}`
		521
		522	`}`
		523
		524	`if($companyUser && !$allowMyCoach) {`
		525	`$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);`
		526	`$records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		527	`if(!empty($records)) {`
		528	`$allowMyCoach = true;`
		529	`}`
		530
		531
		532	`}`
		533	`}`
		534
		535	`} else {`
		536	`$companyUser = '';`
		537	`}`
		538
		539
		540	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		541	`if($allowDailyPulse) {`
		542	`$resources = getAclDailyPulse();`
		543	`foreach($resources as $resourceName)`
		544	`{`
		545	`$this->acl->allow($usertype, $resourceName);`
		546	`}`
		547	`}`
		548
		549	`if($allowKnowledgeArea) {`
		550	`$resources = getAclKnowledgeArea();`
		551	`foreach($resources as $resourceName)`
		552	`{`
		553	`$this->acl->allow($usertype, $resourceName);`
		554	`}`
		555	`}`
		556
		557	`if($allowMyCoach) {`
		558	`$resources = getAclMyCoach();`
		559
		560
		561
		562	`foreach($resources as $resourceName)`
		563	`{`
		564	`$this->acl->allow($usertype, $resourceName);`
		565	`}`
		566
		567	`}`
		568
		569
		570
		571	`if($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		572
		573	`$usertypes = getAclUsertypeDefaultNetwork();`
		574	`foreach($usertypes as $usertype => $resources)`
		575	`{`
		576
		577
		578
		579	`foreach ($resources as $resourceName)`
		580	`{`
		581	`$this->acl->allow($usertype, $resourceName);`
		582	`}`
		583	`}`
		584
		585
		586	`} else {`
		587
		588	`if($this->currentUserPlugin->hasIdentity()) {`
		589
		590
		591	`if($company) {`
		592
		593
		594	`if($companyUser) {`
		595	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		596
		597	`if($companyUser->creator == CompanyUser::CREATOR_YES) {`
		598
		599	`$resources = getAclUsertypeOtherNetworkCreator();`
		600	`foreach($resources as $resourceName)`
		601	`{`
		602	`$this->acl->allow($usertype, $resourceName);`
		603	`}`
		604
		605	`}`
		606	`if($companyUser->creator == CompanyUser::CREATOR_NO) {`
		607	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		608	`foreach($resources as $resourceName)`
		609	`{`
		610	`$this->acl->allow($usertype, $resourceName);`
		611	`}`
		612	`}`
		613	`}`
		614	`}`
		615	`}`
		616	`}`
		617
		618
		619	`$event->getViewModel()->setVariable('acl', $this->acl);`
88	efrain	620
		621
1	efrain	622
		623	`}`
		624
		625	`public function onDispatchError(MvcEvent $event)`
		626	`{`
		627	`$this->processError($event);`
		628	`}`
		629
		630	`public function onRenderError(MvcEvent $event)`
		631	`{`
		632	`$this->processError($event);`
		633	`}`
		634
43	efrain	635	`/**`
		636	`*`
		637	`* @param \Laminas\Http\Response $response`
		638	`* @param int $code`
		639	`* @param string $content`
		640	`*/`
		641	`public function sendResponse($response, $code, $content)`
1	efrain	642	`{`
94	efrain	643
43	efrain	644
44	efrain	645
1	efrain	646	`$headers = $response->getHeaders();`
		647	`$headers->clearHeaders();`
		648	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		649
43	efrain	650	`Functions::addCrossSiteToResponse($response);`
		651
		652	`$response->setStatusCode($code);`
		653	`$response->setContent($content); //json_encode($data));`
1	efrain	654	`$response->send();`
		655	`exit;`
		656	`}`
		657
		658	`public function processError(MvcEvent $event)`
		659	`{`
		660	`$error = $event->getError();`
		661	`if (!$error) {`
		662	`return;`
		663	`}`
		664
		665	`$response = $event->getResponse();`
		666	`if('error-exception' == $error) {`
		667	`$exception = $event->getParam('exception');`
		668	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		669	`error_log($exception->getTraceAsString());`
43	efrain	670
1	efrain	671	`$response = $event->getResponse();`
45	efrain	672	`$code = 200;`
43	efrain	673	`$content = json_encode(['success' => false, 'data' => $exception->getCode() . ' ' . $exception->getMessage(), 'fatal' => true]);`
		674	`$this->sendResponse($response, $code, $content);`
1	efrain	675
		676	`} else if('error-router-no-match' == $error) {`
43	efrain	677
1	efrain	678	`$response = $event->getResponse();`
43	efrain	679	`$code = 404;`
		680	`$content = json_encode(['success' => false, 'data' => 'error-router-no-match', 'fatal' => true]);`
		681	`$this->sendResponse($response, $code, $content);`
1	efrain	682
		683
		684
		685	`} else if(' error-controller-not-found' == $error) {`
43	efrain	686
1	efrain	687	`$response = $event->getResponse();`
43	efrain	688	`$code = 404;`
		689	`$content = json_encode(['success' => false, 'data' => 'error-controller-not-found', 'fatal' => true]);`
		690	`$this->sendResponse($response, $code, $content);`
1	efrain	691
43	efrain	692
1	efrain	693	`} else {`
		694	`$response = $event->getResponse();`
45	efrain	695	`$code = 200;`
43	efrain	696	`$content = json_encode(['success' => false, 'data' => $error, 'fatal' => true]);`
		697	`$this->sendResponse($response, $code, $content);`
1	efrain	698
43	efrain	699
1	efrain	700	`}`
		701
		702	`exit;`
		703
		704	`}`
		705
		706
		707	`public function authPreDispatch(MvcEvent $event)`
		708	`{`
		709
		710
92	efrain	711
1	efrain	712
		713	`$serviceManager = $event->getApplication()->getServiceManager();`
		714	`$adapter = $serviceManager->get('leaders-linked-db');`
		715
		716	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		717
		718
		719	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
		720
95	efrain	721	`if($requestMethod == 'POST') {`
1	efrain	722
		723
23	efrain	724	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	725	`$exclude = true;`
		726	`} else {`
		727	`$exclude = false;`
		728
		729	`$usertypes = getAclUsertype();`
		730
		731
		732	`foreach($usertypes[UserType::GUEST] as $resourceName)`
		733	`{`
		734	`if($routeName == $resourceName) {`
		735	`$exclude = true;`
		736	`break;`
		737	`}`
		738	`}`
		739	`}`
		740
95	efrain	741
1	efrain	742	`if(!$exclude) {`
95	efrain	743
1	efrain	744	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
		745
100	efrain	746
		747
102	efrain	748	`if($this->jwtID) {`
		749	`error_log('token id = ' . $this->jwtID);`
101	efrain	750
95	efrain	751	`$jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);`
102	efrain	752	`$jwtToken = $jwtTokenMapper->fetchOne($this->jwtID);`
100	efrain	753	`if($jwtToken) {`
95	efrain	754
100	efrain	755	`$sessionToken = $jwtToken->csrf;`
		756	`//$jwtToken->csrf= '';`
		757
		758
		759	`// $jwtTokenMapper->update($jwtToken);`
		760	`} else {`
		761	`$sessionToken = '';`
		762	`}`
		763
95	efrain	764
		765	`} else {`
		766	`$sessionToken = '';`
		767	`}`
		768
		769
100	efrain	770	`error_log('$httpToken = ' . $httpToken . ' $sessionToken = ' . $sessionToken);`
		771
1	efrain	772	`if ( $httpToken != $sessionToken) {`
		773	`$response = $event->getResponse();`
94	efrain	774	`$this->sendResponse($response, 200, json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));`
1	efrain	775	`}`
		776
		777	`}`
		778	`}`
95	efrain	779
1	efrain	780
		781
		782
		783	`if($this->currentUserPlugin->hasIdentity()) {`
		784	`$user = $this->currentUserPlugin->getUser();`
		785	`$userTypeId = $user->usertype_id;`
		786
		787
		788	`} else {`
		789
		790	`$userTypeId = UserType::GUEST;`
		791	`}`
		792
		793
		794	`if($this->acl->isAllowed($userTypeId, $routeName)) {`
		795	`$user = $this->currentUserPlugin->getUser();`
		796
		797
		798	`if($user) {`
		799
		800	`$updateLastActivity = true;`
		801	`if ('chat' == substr($routeName, 0, 4)) {`
		802	`$updateLastActivity = false;`
		803	`}`
		804	`if ('inmail' == substr($routeName, 0, 6)) {`
		805	`$updateLastActivity = false;`
		806	`}`
		807	`if ('check-session' == $routeName) {`
		808	`$updateLastActivity = false;`
		809	`}`
		810
		811
		812	`if($updateLastActivity) {`
		813	`$userMapper = UserMapper::getInstance($adapter);`
		814	`$userMapper->updateLastActivity($user->id);`
		815	`}`
		816	`}`
		817
		818
		819
		820	`} else {`
		821	`$response = $event->getResponse();`
54	efrain	822
45	efrain	823	`$response->setStatusCode(200);`
1	efrain	824	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));`
		825	`$response->send();`
		826	`exit;`
		827
		828
		829
		830	`}`
90	efrain	831
91	efrain	832
90	efrain	833
1	efrain	834
		835
		836	`}`
		837
		838
		839	`public function authPosDispatch(MvcEvent $event)`
		840	`{`
90	efrain	841	`//$response = $event->getResponse();`
		842	`// Functions::addCrossSiteToResponse($response);`
1	efrain	843	`}`
		844
		845
		846
		847
		848	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Module.php – Rev 102