WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
		2	`declare(strict_types=1);`
		3
		4	`namespace LeadersLinked;`
		5
		6	`use Laminas\Db\Adapter\AdapterInterface;`
		7	`use Laminas\ModuleManager\ModuleEvent;`
		8	`use Laminas\ModuleManager\ModuleManager;`
		9	`use Laminas\Mvc\MvcEvent;`
		10	`use Laminas\Config\Reader\Ini;`
		11	`use Laminas\Permissions\Acl\Acl;`
		12	`use Laminas\Permissions\Acl\Role\GenericRole;`
		13	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		14	`use LeadersLinked\Mapper\UserMapper;`
		15	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		16	`use Laminas\Authentication\AuthenticationService;`
		17	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		18	`use LeadersLinked\Model\UserType;`
		19	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		20	`use LeadersLinked\Model\Network;`
		21	`use LeadersLinked\Model\User;`
		22	`use LeadersLinked\Mapper\CompanyUserMapper;`
		23	`use LeadersLinked\Model\CompanyUser;`
		24	`use LeadersLinked\Mapper\CompanyMapper;`
		25	`use LeadersLinked\Mapper\CompanyServiceMapper;`
		26	`use LeadersLinked\Model\Service;`
		27
		28	`use LeadersLinked\Library\Functions;`
		29	`use LeadersLinked\Mapper\DailyPulseMapper;`
		30	`use LeadersLinked\Model\DailyPulse;`
		31	`use LeadersLinked\Mapper\OrganizationPositionMapper;`
		32	`use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;`
		33	`use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;`
		34	`use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;`
		35	`use LeadersLinked\Mapper\MyCoachCategoryUserMapper;`
23	efrain	36	`use Firebase\JWT\JWT;`
		37	`use Firebase\JWT\Key;`
		38	`use LeadersLinked\Mapper\JwtTokenMapper;`
		39	`use LeadersLinked\Authentication\AuthUserIdAdapter;`
95	efrain	40	`use LeadersLinked\Model\JwtToken;`
154	efrain	41	`use Laminas\Http\Response;`
1	efrain	42
		43	`class Module`
		44	`{`
		45	`/**`
		46	`*`
		47	`* @var Acl`
		48	`*/`
		49	`private $acl;`
		50
		51	`/**`
		52	`*`
		53	`* @var AdapterInterface`
		54	`*/`
		55	`private $adapter;`
		56
		57	`/**`
		58	`*`
		59	`* @var CurrentUserPlugin`
		60	`*/`
		61	`private $currentUserPlugin;`
		62
		63	`/**`
		64	`*`
		65	`* @var CurrentNetworkPlugin`
		66	`*/`
		67	`private $currentNetworkPlugin;`
		68
		69	`/**`
		70	`*`
		71	`* @var array`
		72	`*/`
		73	`private $routesAuthorized = [];`
		74
		75	`/**`
		76	`*`
		77	`* @var boolean`
		78	`*/`
23	efrain	79	`private $authByOTP = false;`
1	efrain	80
23	efrain	81	`/**`
		82	`*`
		83	`* @var boolean`
		84	`*/`
		85	`private $authByJWT = false;`
1	efrain	86
102	efrain	87	`/**`
		88	`*`
		89	`* @var int`
		90	`*/`
		91	`private $jwtID = 0;`
23	efrain	92
102	efrain	93
1	efrain	94	`/**`
		95	`*`
95	efrain	96	`* @var JwtToken`
		97	`*/`
		98	`private $jwtToken;`
		99
		100
		101	`/**`
		102	`*`
1	efrain	103	`* @var array`
		104	`*/`
		105	`private $config;`
		106
		107
		108
		109	`public function init(ModuleManager $moduleManager)`
		110	`{`
		111	`$events = $moduleManager->getEventManager();`
		112	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array($this, 'onMergeConfig'));`
		113	`}`
		114
		115	`public function onMergeConfig(ModuleEvent $event)`
		116	`{`
		117	`$configListener = $event->getConfigListener();`
		118	`$this->config = $configListener->getMergedConfig(false);`
		119
		120	`$reader = new Ini();`
		121	`$data = $reader->fromFile('config/leaderslinked.ini');`
		122
		123	`$prefix = 'leaderslinked';`
		124	`foreach($data as $section => $pairs)`
		125	`{`
		126	`foreach($pairs as $key => $value)`
		127	`{`
		128	`$this->config[$prefix . '.' . $section . '.' . $key] = $value;`
		129	`}`
		130	`}`
		131	`$configListener->setMergedConfig($this->config);`
		132	`}`
		133
		134
		135	`public function getConfig() : array`
		136	`{`
		137	`return include __DIR__ . '/../config/module.config.php';`
		138	`}`
		139
		140	`public function onBootstrap(MvcEvent $event)`
		141	`{`
86	efrain	142
96	efrain	143	`$response = $event->getResponse();`
		144	`Functions::addCrossSiteToResponse($response);`
		145	`$event->setResponse($response);`
		146
68	efrain	147	`$serviceManager = $event->getApplication()->getServiceManager();`
55	efrain	148
		149
68	efrain	150	`$eventManager = $event->getApplication()->getEventManager();`
		151	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this,'onDispatchError'], 0);`
		152	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this,'onRenderError'], 0);`
		153
1	efrain	154	`$adapter = $serviceManager->get('leaders-linked-db');`
		155
		156	`$session = $serviceManager->get('leaders-linked-session');`
		157	`$session->start();`
		158
		159
		160	`$translator = $serviceManager->get('MvcTranslator');`
		161	`$translator->addTranslationFile(`
		162	`'phpArray',`
		163	`__DIR__ . '/i18n/validate.php',`
		164	`'default'`
		165	`);`
		166
		167	`$translator->addTranslationFile(`
		168	`'phpArray',`
		169	`__DIR__ . '/i18n/spanish.php',`
		170	`'default'`
		171	`);`
		172
86	efrain	173
97	efrain	174
		175
		176
		177
1	efrain	178	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
		179
		180
		181	`$headers = $event->getRequest()->getHeaders();`
		182	`if($headers->has('token')) {`
		183	`$device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());`
		184	`} else {`
		185	`$device_uuid = '';`
		186	`}`
		187	`if($headers->has('secret')) {`
		188	`$password = Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());`
		189	`} else {`
		190	`$password = '';`
		191	`}`
		192	`if($headers->has('rand')) {`
		193	`$rand = Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());`
		194	`} else {`
		195	`$rand = 0;`
		196	`}`
		197	`if($headers->has('created')) {`
		198	`$timestamp = Functions::sanitizeFilterString($headers->get('created')->getFieldValue());`
		199	`} else {`
		200	`$timestamp = 0;`
		201	`}`
		202
		203
4	efrain	204
1	efrain	205	`$this->currentNetworkPlugin = new CurrentNetworkPlugin($adapter);`
		206	`if(!$this->currentNetworkPlugin->hasNetwork()) {`
43	efrain	207
1	efrain	208	`$response = $event->getResponse();`
45	efrain	209	`$code = 200;`
		210	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - not found', 'fatal' => true]);`
43	efrain	211	`$this->sendResponse($response, $code, $content);`
		212
1	efrain	213	`}`
		214
		215	`if($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
43	efrain	216
1	efrain	217	`$response = $event->getResponse();`
45	efrain	218	`$code = 200;`
		219	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - inactive', 'fatal' => true]);`
43	efrain	220	`$this->sendResponse($response, $code, $content);`
		221
1	efrain	222	`}`
		223
		224
23	efrain	225	`$this->authByOTP = false;`
1	efrain	226	`if($device_uuid && $password && $rand && $timestamp) {`
23	efrain	227	`$this->authByOTP = true;`
1	efrain	228
		229
		230	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		231	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
		232
		233	`$authService = new AuthenticationService();`
		234	`$result = $authService->authenticate($tokenAuthAdapter);`
		235	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	236
1	efrain	237	`$response = $event->getResponse();`
43	efrain	238	`$code = 200;`
		239	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		240	`$this->sendResponse($response, $code, $content);`
		241
1	efrain	242	`}`
		243
		244	`}`
23	efrain	245
102	efrain	246	`$this->jwtID = 0;`
23	efrain	247	`$this->authByJWT = false;`
		248	`$headers = getallheaders();`
34	efrain	249
		250	`if(!empty($headers['authorization']) \|\| !empty($headers['Authorization'])) {`
23	efrain	251
34	efrain	252	`$token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);`
		253
		254
23	efrain	255	`if (substr($token, 0, 6 ) == 'Bearer') {`
43	efrain	256
23	efrain	257
		258	`$token = trim(substr($token, 7));`
		259
		260	`if(!empty($this->config['leaderslinked.jwt.key'])) {`
		261	`$key = $this->config['leaderslinked.jwt.key'];`
		262
		263
		264	`try {`
		265	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
		266
		267
		268	`if(empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
43	efrain	269
23	efrain	270	`$response = $event->getResponse();`
45	efrain	271	`$code = 200;`
43	efrain	272	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong server', 'fatal' => true]);`
		273	`$this->sendResponse($response, $code, $content);`
23	efrain	274
43	efrain	275
		276
23	efrain	277	`}`
		278
		279	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
		280	`if($uuid) {`
		281	`$jwtTokenMapper = JwtTokenMapper::getInstance($adapter);`
100	efrain	282	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
		283	`if($jwtToken) {`
23	efrain	284
102	efrain	285	`$this->jwtID = $jwtToken->id;`
		286
100	efrain	287	`$_SESSION['aes'] = $jwtToken->aes;`
23	efrain	288
100	efrain	289	`if($jwtToken->user_id) {`
23	efrain	290	`$authByUserId = new AuthUserIdAdapter($adapter);`
100	efrain	291	`$authByUserId->setData($jwtToken->user_id);`
23	efrain	292
		293	`$authService = new AuthenticationService();`
		294	`$result = $authService->authenticate($authByUserId);`
		295	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	296
23	efrain	297	`$response = $event->getResponse();`
45	efrain	298	`$code = 200;`
43	efrain	299	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		300	`$this->sendResponse($response, $code, $content);`
23	efrain	301
		302	`}`
24	efrain	303
102	efrain	304
23	efrain	305	`}`
		306
		307
		308	`} else {`
		309	`$response = $event->getResponse();`
45	efrain	310	`$code = 200;`
43	efrain	311	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Expired', 'fatal' => true]);`
		312	`$this->sendResponse($response, $code, $content);`
		313
23	efrain	314	`}`
		315
		316	`}`
		317	`} catch(\Exception $e) {`
43	efrain	318
23	efrain	319	`$response = $event->getResponse();`
45	efrain	320	`$code = 200;`
43	efrain	321	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong key', 'fatal' => true]);`
		322	`$this->sendResponse($response, $code, $content);`
		323
23	efrain	324	`}`
		325	`}`
		326	`}`
		327	`}`
1	efrain	328
		329
		330
		331	`if(empty($_SERVER['REDIRECT_URL'])) {`
		332	`if(empty($_SERVER['REQUEST_URI'])) {`
		333	`$routeName = '';`
		334
		335	`} else {`
		336	`$routeName = $_SERVER['REQUEST_URI'];`
		337	`}`
		338
		339	`} else {`
		340	`$routeName = $_SERVER['REDIRECT_URL'];`
		341
		342	`}`
		343
		344
		345	`$routeName = strtolower(trim($routeName));`
		346	`if(strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
		347	`$routeName = substr($routeName, 1);`
		348	`}`
		349
		350	`$this->currentUserPlugin = new CurrentUserPlugin($adapter);`
		351
		352
23	efrain	353	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	354	`$checkUserForNetwork = false;`
		355	`} else {`
		356	`if($this->currentUserPlugin->hasIdentity()) {`
		357
		358	`$checkUserForNetwork = true;`
		359	`} else {`
		360	`$checkUserForNetwork = false;`
		361	`}`
		362	`}`
		363
		364	`if($checkUserForNetwork) {`
		365	`if(!$routeName \|\| in_array($routeName, ['signout', 'signin', 'home'])) {`
		366	`$checkUserForNetwork = false;`
		367	`}`
		368	`}`
		369
		370	`if($checkUserForNetwork) {`
		371
154	efrain	372
1	efrain	373
		374	`if($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
154	efrain	375
1	efrain	376	`$response = $event->getResponse();`
154	efrain	377	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - The user is not part of this private network', 'fatal' => true]);`
		378	`$this->sendResponse($response, 200, $content);`
1	efrain	379	`exit;`
		380	`}`
		381	`}`
		382
		383
		384
		385	`$this->initAcl($event);`
68	efrain	386
88	efrain	387
1	efrain	388
		389	`$sharedManager = $eventManager->getSharedManager();`
		390	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPreDispatch'], 100);`
		391	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPosDispatch'], -100);`
		392	`}`
		393
		394	`public function initAcl(MvcEvent $event)`
		395	`{`
		396
		397	`$serviceManager = $event->getApplication()->getServiceManager();`
		398	`$adapter = $serviceManager->get('leaders-linked-db');`
		399
		400
		401	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		402
		403
		404	`$this->acl = new Acl();`
		405	`$resources = getAclResources();`
		406
		407	`foreach($resources as $resourceName)`
		408	`{`
		409	`$this->acl->addResource(new GenericResource($resourceName));`
		410	`}`
		411
		412	`$usertypes = getAclUsertype();`
		413	`foreach($usertypes as $usertype => $resources)`
		414	`{`
		415	`$this->acl->addRole(new GenericRole($usertype));`
		416	`foreach ($resources as $resourceName)`
		417	`{`
		418	`$this->acl->allow($usertype, $resourceName);`
		419	`}`
		420	`}`
		421
		422
		423
		424	`if($this->currentUserPlugin->hasIdentity() && $this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		425
		426	`$resources = getAclSuperAdmin();`
		427	`foreach($resources as $resourceName)`
		428	`{`
		429	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		430	`}`
		431	`}`
		432
		433
		434
		435	`$allowMyCoach = false;`
		436	`$allowKnowledgeArea = false;`
		437	`$allowDailyPulse = false;`
		438
		439
		440
		441	`$companyMapper = CompanyMapper::getInstance($adapter);`
		442	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
		443
		444
		445	`if($company) {`
		446
		447	`$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);`
		448	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);`
		449
		450
		451	`$companyUserMapper = CompanyUserMapper::getInstance($adapter);`
		452	`$companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id, $this->currentUserPlugin->getUserId());`
		453
		454
		455
		456
		457	`if($companyService) {`
		458
		459	`$dailyPulseMapper = DailyPulseMapper::getInstance($adapter);`
		460	`$dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);`
		461
		462	`if($dailyPulse) {`
		463	`$privacy = $dailyPulse->privacy;`
		464
		465	`} else {`
		466	`$privacy = DailyPulse::PRIVACY_COMPANY;`
		467	`}`
		468
		469	`if($privacy == DailyPulse::PRIVACY_PUBLIC) {`
		470	`$allowDailyPulse = true;`
		471	`} else {`
		472	`$allowDailyPulse = !empty($companyUser);`
		473	`}`
		474
		475
		476	`}`
		477
		478	`$job_description_ids = [];`
		479
		480	`$organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);`
		481	`$records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id, $this->currentUserPlugin->getUserId());`
		482	`foreach($records as $record)`
		483	`{`
		484	`array_push($job_description_ids, $record->job_description_id);`
		485	`}`
		486
		487
		488	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);`
		489	`if($companyService) {`
		490	`if($job_description_ids) {`
		491
		492
		493	`$knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);`
		494	`$records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		495
		496	`if(!empty($records)) {`
		497	`$allowKnowledgeArea = true;`
		498	`}`
		499
		500	`}`
		501
		502	`if($companyUser && !$allowKnowledgeArea) {`
		503	`$knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);`
		504	`$records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		505	`if(!empty($records)) {`
		506	`$allowKnowledgeArea = true;`
		507	`}`
		508	`}`
		509	`}`
		510
		511	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);`
		512	`if($companyService) {`
		513
		514
		515	`if($job_description_ids) {`
		516
		517
		518	`$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);`
		519	`$records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		520
		521	`if(!empty($records)) {`
		522	`$allowKnowledgeArea = true;`
		523	`}`
		524
		525	`}`
		526
		527	`if($companyUser && !$allowMyCoach) {`
		528	`$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);`
		529	`$records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		530	`if(!empty($records)) {`
		531	`$allowMyCoach = true;`
		532	`}`
		533
		534
		535	`}`
		536	`}`
		537
		538	`} else {`
		539	`$companyUser = '';`
		540	`}`
		541
		542
		543	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		544	`if($allowDailyPulse) {`
		545	`$resources = getAclDailyPulse();`
		546	`foreach($resources as $resourceName)`
		547	`{`
		548	`$this->acl->allow($usertype, $resourceName);`
		549	`}`
		550	`}`
		551
		552	`if($allowKnowledgeArea) {`
		553	`$resources = getAclKnowledgeArea();`
		554	`foreach($resources as $resourceName)`
		555	`{`
		556	`$this->acl->allow($usertype, $resourceName);`
		557	`}`
		558	`}`
		559
		560	`if($allowMyCoach) {`
		561	`$resources = getAclMyCoach();`
		562
		563
		564
		565	`foreach($resources as $resourceName)`
		566	`{`
		567	`$this->acl->allow($usertype, $resourceName);`
		568	`}`
		569
		570	`}`
		571
		572
		573
		574	`if($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		575
		576	`$usertypes = getAclUsertypeDefaultNetwork();`
		577	`foreach($usertypes as $usertype => $resources)`
		578	`{`
		579
		580
		581
		582	`foreach ($resources as $resourceName)`
		583	`{`
		584	`$this->acl->allow($usertype, $resourceName);`
		585	`}`
		586	`}`
		587
		588
		589	`} else {`
		590
		591	`if($this->currentUserPlugin->hasIdentity()) {`
		592
		593
		594	`if($company) {`
		595
		596
		597	`if($companyUser) {`
		598	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		599
		600	`if($companyUser->creator == CompanyUser::CREATOR_YES) {`
		601
		602	`$resources = getAclUsertypeOtherNetworkCreator();`
		603	`foreach($resources as $resourceName)`
		604	`{`
		605	`$this->acl->allow($usertype, $resourceName);`
		606	`}`
		607
		608	`}`
		609	`if($companyUser->creator == CompanyUser::CREATOR_NO) {`
		610	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		611	`foreach($resources as $resourceName)`
		612	`{`
		613	`$this->acl->allow($usertype, $resourceName);`
		614	`}`
		615	`}`
		616	`}`
		617	`}`
		618	`}`
		619	`}`
		620
		621
		622	`$event->getViewModel()->setVariable('acl', $this->acl);`
88	efrain	623
		624
1	efrain	625
		626	`}`
		627
		628	`public function onDispatchError(MvcEvent $event)`
		629	`{`
		630	`$this->processError($event);`
		631	`}`
		632
		633	`public function onRenderError(MvcEvent $event)`
		634	`{`
		635	`$this->processError($event);`
		636	`}`
		637
43	efrain	638	`/**`
		639	`*`
		640	`* @param \Laminas\Http\Response $response`
		641	`* @param int $code`
		642	`* @param string $content`
		643	`*/`
		644	`public function sendResponse($response, $code, $content)`
1	efrain	645	`{`
94	efrain	646
43	efrain	647
44	efrain	648
1	efrain	649	`$headers = $response->getHeaders();`
		650	`$headers->clearHeaders();`
		651	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		652
43	efrain	653	`Functions::addCrossSiteToResponse($response);`
		654
		655	`$response->setStatusCode($code);`
		656	`$response->setContent($content); //json_encode($data));`
1	efrain	657	`$response->send();`
		658	`exit;`
		659	`}`
		660
		661	`public function processError(MvcEvent $event)`
		662	`{`
		663	`$error = $event->getError();`
		664	`if (!$error) {`
		665	`return;`
		666	`}`
		667
		668	`$response = $event->getResponse();`
		669	`if('error-exception' == $error) {`
		670	`$exception = $event->getParam('exception');`
		671	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		672	`error_log($exception->getTraceAsString());`
43	efrain	673
1	efrain	674	`$response = $event->getResponse();`
45	efrain	675	`$code = 200;`
43	efrain	676	`$content = json_encode(['success' => false, 'data' => $exception->getCode() . ' ' . $exception->getMessage(), 'fatal' => true]);`
		677	`$this->sendResponse($response, $code, $content);`
1	efrain	678
		679	`} else if('error-router-no-match' == $error) {`
43	efrain	680
1	efrain	681	`$response = $event->getResponse();`
43	efrain	682	`$code = 404;`
		683	`$content = json_encode(['success' => false, 'data' => 'error-router-no-match', 'fatal' => true]);`
		684	`$this->sendResponse($response, $code, $content);`
1	efrain	685
		686
		687
		688	`} else if(' error-controller-not-found' == $error) {`
43	efrain	689
1	efrain	690	`$response = $event->getResponse();`
43	efrain	691	`$code = 404;`
		692	`$content = json_encode(['success' => false, 'data' => 'error-controller-not-found', 'fatal' => true]);`
		693	`$this->sendResponse($response, $code, $content);`
1	efrain	694
43	efrain	695
1	efrain	696	`} else {`
		697	`$response = $event->getResponse();`
45	efrain	698	`$code = 200;`
43	efrain	699	`$content = json_encode(['success' => false, 'data' => $error, 'fatal' => true]);`
		700	`$this->sendResponse($response, $code, $content);`
1	efrain	701
43	efrain	702
1	efrain	703	`}`
		704
		705	`exit;`
		706
		707	`}`
		708
		709
		710	`public function authPreDispatch(MvcEvent $event)`
		711	`{`
		712
		713
92	efrain	714
1	efrain	715
		716	`$serviceManager = $event->getApplication()->getServiceManager();`
		717	`$adapter = $serviceManager->get('leaders-linked-db');`
		718
		719	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		720
		721
		722	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
		723
95	efrain	724	`if($requestMethod == 'POST') {`
1	efrain	725
		726
23	efrain	727	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	728	`$exclude = true;`
		729	`} else {`
		730	`$exclude = false;`
		731
		732	`$usertypes = getAclUsertype();`
		733
		734
		735	`foreach($usertypes[UserType::GUEST] as $resourceName)`
		736	`{`
		737	`if($routeName == $resourceName) {`
		738	`$exclude = true;`
		739	`break;`
		740	`}`
		741	`}`
		742	`}`
		743
95	efrain	744
1	efrain	745	`if(!$exclude) {`
95	efrain	746
1	efrain	747	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
		748
100	efrain	749
		750
102	efrain	751	`if($this->jwtID) {`
103	efrain	752
95	efrain	753	`$jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);`
102	efrain	754	`$jwtToken = $jwtTokenMapper->fetchOne($this->jwtID);`
100	efrain	755	`if($jwtToken) {`
95	efrain	756
100	efrain	757	`$sessionToken = $jwtToken->csrf;`
		758	`//$jwtToken->csrf= '';`
		759
		760
		761	`// $jwtTokenMapper->update($jwtToken);`
		762	`} else {`
		763	`$sessionToken = '';`
		764	`}`
		765
95	efrain	766
		767	`} else {`
		768	`$sessionToken = '';`
		769	`}`
		770
		771
106	efrain	772	`//error_log('$this->jwtID = ' . $this->jwtID . ' $httpToken = ' . $httpToken . ' $sessionToken = ' . $sessionToken);`
100	efrain	773
1	efrain	774	`if ( $httpToken != $sessionToken) {`
		775	`$response = $event->getResponse();`
106	efrain	776	`$this->sendResponse($response, 200, json_encode(['success' => false, 'data' => 'Unauthorized - CSRF fail', 'fatal' => true]));`
1	efrain	777	`}`
		778
		779	`}`
		780	`}`
95	efrain	781
1	efrain	782
		783
		784
		785	`if($this->currentUserPlugin->hasIdentity()) {`
		786	`$user = $this->currentUserPlugin->getUser();`
		787	`$userTypeId = $user->usertype_id;`
		788
		789
		790	`} else {`
		791
		792	`$userTypeId = UserType::GUEST;`
		793	`}`
		794
		795
		796	`if($this->acl->isAllowed($userTypeId, $routeName)) {`
		797	`$user = $this->currentUserPlugin->getUser();`
		798
		799
		800	`if($user) {`
		801
		802	`$updateLastActivity = true;`
		803	`if ('chat' == substr($routeName, 0, 4)) {`
		804	`$updateLastActivity = false;`
		805	`}`
		806	`if ('inmail' == substr($routeName, 0, 6)) {`
		807	`$updateLastActivity = false;`
		808	`}`
		809	`if ('check-session' == $routeName) {`
		810	`$updateLastActivity = false;`
		811	`}`
		812
		813
		814	`if($updateLastActivity) {`
		815	`$userMapper = UserMapper::getInstance($adapter);`
		816	`$userMapper->updateLastActivity($user->id);`
		817	`}`
		818	`}`
		819
		820
		821
		822	`} else {`
		823	`$response = $event->getResponse();`
54	efrain	824
45	efrain	825	`$response->setStatusCode(200);`
106	efrain	826	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized - Does not have permission', 'fatal' => true]));`
1	efrain	827	`$response->send();`
		828	`exit;`
		829
		830
		831
		832	`}`
90	efrain	833
91	efrain	834
90	efrain	835
1	efrain	836
		837
		838	`}`
		839
		840
		841	`public function authPosDispatch(MvcEvent $event)`
		842	`{`
90	efrain	843	`//$response = $event->getResponse();`
		844	`// Functions::addCrossSiteToResponse($response);`
1	efrain	845	`}`
		846
		847
		848
		849
		850	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Module.php – Rev 154