WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
		2	`declare(strict_types=1);`
		3
		4	`namespace LeadersLinked;`
		5
		6	`use Laminas\Db\Adapter\AdapterInterface;`
		7	`use Laminas\ModuleManager\ModuleEvent;`
		8	`use Laminas\ModuleManager\ModuleManager;`
		9	`use Laminas\Mvc\MvcEvent;`
		10	`use Laminas\Config\Reader\Ini;`
		11	`use Laminas\Permissions\Acl\Acl;`
		12	`use Laminas\Permissions\Acl\Role\GenericRole;`
		13	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		14	`use LeadersLinked\Mapper\UserMapper;`
		15	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		16	`use Laminas\Authentication\AuthenticationService;`
		17	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		18	`use LeadersLinked\Model\UserType;`
		19	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		20	`use LeadersLinked\Model\Network;`
		21	`use LeadersLinked\Model\User;`
		22	`use LeadersLinked\Mapper\CompanyUserMapper;`
		23	`use LeadersLinked\Model\CompanyUser;`
		24	`use LeadersLinked\Mapper\CompanyMapper;`
		25	`use LeadersLinked\Mapper\CompanyServiceMapper;`
		26	`use LeadersLinked\Model\Service;`
		27
		28	`use LeadersLinked\Library\Functions;`
		29	`use LeadersLinked\Mapper\DailyPulseMapper;`
		30	`use LeadersLinked\Model\DailyPulse;`
		31	`use LeadersLinked\Mapper\OrganizationPositionMapper;`
		32	`use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;`
		33	`use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;`
		34	`use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;`
		35	`use LeadersLinked\Mapper\MyCoachCategoryUserMapper;`
23	efrain	36	`use Firebase\JWT\JWT;`
		37	`use Firebase\JWT\Key;`
		38	`use LeadersLinked\Mapper\JwtTokenMapper;`
		39	`use LeadersLinked\Authentication\AuthUserIdAdapter;`
95	efrain	40	`use LeadersLinked\Model\JwtToken;`
154	efrain	41	`use Laminas\Http\Response;`
1	efrain	42
		43	`class Module`
		44	`{`
		45	`/**`
		46	`*`
		47	`* @var Acl`
		48	`*/`
		49	`private $acl;`
		50
		51	`/**`
		52	`*`
		53	`* @var AdapterInterface`
		54	`*/`
		55	`private $adapter;`
		56
		57	`/**`
		58	`*`
		59	`* @var CurrentUserPlugin`
		60	`*/`
		61	`private $currentUserPlugin;`
		62
		63	`/**`
		64	`*`
		65	`* @var CurrentNetworkPlugin`
		66	`*/`
		67	`private $currentNetworkPlugin;`
		68
		69	`/**`
		70	`*`
		71	`* @var array`
		72	`*/`
		73	`private $routesAuthorized = [];`
		74
		75	`/**`
		76	`*`
		77	`* @var boolean`
		78	`*/`
23	efrain	79	`private $authByOTP = false;`
1	efrain	80
23	efrain	81	`/**`
		82	`*`
		83	`* @var boolean`
		84	`*/`
		85	`private $authByJWT = false;`
1	efrain	86
102	efrain	87	`/**`
		88	`*`
		89	`* @var int`
		90	`*/`
		91	`private $jwtID = 0;`
23	efrain	92
102	efrain	93
1	efrain	94	`/**`
		95	`*`
95	efrain	96	`* @var JwtToken`
		97	`*/`
		98	`private $jwtToken;`
		99
		100
		101	`/**`
		102	`*`
1	efrain	103	`* @var array`
		104	`*/`
		105	`private $config;`
		106
		107
		108
		109	`public function init(ModuleManager $moduleManager)`
		110	`{`
		111	`$events = $moduleManager->getEventManager();`
		112	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array($this, 'onMergeConfig'));`
		113	`}`
		114
		115	`public function onMergeConfig(ModuleEvent $event)`
		116	`{`
		117	`$configListener = $event->getConfigListener();`
		118	`$this->config = $configListener->getMergedConfig(false);`
		119
		120	`$reader = new Ini();`
		121	`$data = $reader->fromFile('config/leaderslinked.ini');`
		122
		123	`$prefix = 'leaderslinked';`
		124	`foreach($data as $section => $pairs)`
		125	`{`
		126	`foreach($pairs as $key => $value)`
		127	`{`
		128	`$this->config[$prefix . '.' . $section . '.' . $key] = $value;`
		129	`}`
		130	`}`
		131	`$configListener->setMergedConfig($this->config);`
		132	`}`
		133
		134
		135	`public function getConfig() : array`
		136	`{`
		137	`return include __DIR__ . '/../config/module.config.php';`
		138	`}`
		139
		140	`public function onBootstrap(MvcEvent $event)`
		141	`{`
164	efrain	142	`header('Access-Control-Allow-Origin: *');`
		143	`header('Access-Control-Allow-Headers: *');`
		144	`header('Access-Control-Allow-Method: POST, GET, HEAD, OPTIONS');`
		145	`header('Access-Control-Max-Age: 86400');`
		146
86	efrain	147
96	efrain	148	`$response = $event->getResponse();`
		149	`Functions::addCrossSiteToResponse($response);`
		150	`$event->setResponse($response);`
		151
68	efrain	152	`$serviceManager = $event->getApplication()->getServiceManager();`
55	efrain	153
		154
68	efrain	155	`$eventManager = $event->getApplication()->getEventManager();`
		156	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this,'onDispatchError'], 0);`
		157	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this,'onRenderError'], 0);`
		158
1	efrain	159	`$adapter = $serviceManager->get('leaders-linked-db');`
		160
		161	`$session = $serviceManager->get('leaders-linked-session');`
		162	`$session->start();`
		163
		164
		165	`$translator = $serviceManager->get('MvcTranslator');`
		166	`$translator->addTranslationFile(`
		167	`'phpArray',`
		168	`__DIR__ . '/i18n/validate.php',`
		169	`'default'`
		170	`);`
		171
		172	`$translator->addTranslationFile(`
		173	`'phpArray',`
		174	`__DIR__ . '/i18n/spanish.php',`
		175	`'default'`
		176	`);`
		177
86	efrain	178
97	efrain	179
		180
		181
		182
1	efrain	183	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
		184
		185
		186	`$headers = $event->getRequest()->getHeaders();`
		187	`if($headers->has('token')) {`
		188	`$device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());`
		189	`} else {`
		190	`$device_uuid = '';`
		191	`}`
		192	`if($headers->has('secret')) {`
		193	`$password = Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());`
		194	`} else {`
		195	`$password = '';`
		196	`}`
		197	`if($headers->has('rand')) {`
		198	`$rand = Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());`
		199	`} else {`
		200	`$rand = 0;`
		201	`}`
		202	`if($headers->has('created')) {`
		203	`$timestamp = Functions::sanitizeFilterString($headers->get('created')->getFieldValue());`
		204	`} else {`
		205	`$timestamp = 0;`
		206	`}`
		207
		208
4	efrain	209
1	efrain	210	`$this->currentNetworkPlugin = new CurrentNetworkPlugin($adapter);`
		211	`if(!$this->currentNetworkPlugin->hasNetwork()) {`
43	efrain	212
1	efrain	213	`$response = $event->getResponse();`
45	efrain	214	`$code = 200;`
		215	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - not found', 'fatal' => true]);`
43	efrain	216	`$this->sendResponse($response, $code, $content);`
		217
1	efrain	218	`}`
		219
		220	`if($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
43	efrain	221
1	efrain	222	`$response = $event->getResponse();`
45	efrain	223	`$code = 200;`
		224	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - inactive', 'fatal' => true]);`
43	efrain	225	`$this->sendResponse($response, $code, $content);`
		226
1	efrain	227	`}`
		228
		229
23	efrain	230	`$this->authByOTP = false;`
1	efrain	231	`if($device_uuid && $password && $rand && $timestamp) {`
23	efrain	232	`$this->authByOTP = true;`
1	efrain	233
		234
		235	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		236	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
		237
		238	`$authService = new AuthenticationService();`
		239	`$result = $authService->authenticate($tokenAuthAdapter);`
		240	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	241
1	efrain	242	`$response = $event->getResponse();`
43	efrain	243	`$code = 200;`
		244	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		245	`$this->sendResponse($response, $code, $content);`
		246
1	efrain	247	`}`
		248
		249	`}`
23	efrain	250
102	efrain	251	`$this->jwtID = 0;`
23	efrain	252	`$this->authByJWT = false;`
		253	`$headers = getallheaders();`
34	efrain	254
		255	`if(!empty($headers['authorization']) \|\| !empty($headers['Authorization'])) {`
23	efrain	256
34	efrain	257	`$token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);`
		258
		259
23	efrain	260	`if (substr($token, 0, 6 ) == 'Bearer') {`
43	efrain	261
23	efrain	262
		263	`$token = trim(substr($token, 7));`
		264
		265	`if(!empty($this->config['leaderslinked.jwt.key'])) {`
		266	`$key = $this->config['leaderslinked.jwt.key'];`
		267
		268
		269	`try {`
		270	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
		271
		272
		273	`if(empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
43	efrain	274
23	efrain	275	`$response = $event->getResponse();`
45	efrain	276	`$code = 200;`
43	efrain	277	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong server', 'fatal' => true]);`
		278	`$this->sendResponse($response, $code, $content);`
23	efrain	279
43	efrain	280
		281
23	efrain	282	`}`
		283
		284	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
		285	`if($uuid) {`
		286	`$jwtTokenMapper = JwtTokenMapper::getInstance($adapter);`
100	efrain	287	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
		288	`if($jwtToken) {`
23	efrain	289
102	efrain	290	`$this->jwtID = $jwtToken->id;`
		291
100	efrain	292	`$_SESSION['aes'] = $jwtToken->aes;`
23	efrain	293
100	efrain	294	`if($jwtToken->user_id) {`
23	efrain	295	`$authByUserId = new AuthUserIdAdapter($adapter);`
100	efrain	296	`$authByUserId->setData($jwtToken->user_id);`
23	efrain	297
		298	`$authService = new AuthenticationService();`
		299	`$result = $authService->authenticate($authByUserId);`
		300	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	301
23	efrain	302	`$response = $event->getResponse();`
45	efrain	303	`$code = 200;`
43	efrain	304	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		305	`$this->sendResponse($response, $code, $content);`
23	efrain	306
		307	`}`
24	efrain	308
102	efrain	309
23	efrain	310	`}`
		311
		312
		313	`} else {`
		314	`$response = $event->getResponse();`
45	efrain	315	`$code = 200;`
43	efrain	316	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Expired', 'fatal' => true]);`
		317	`$this->sendResponse($response, $code, $content);`
		318
23	efrain	319	`}`
		320
		321	`}`
		322	`} catch(\Exception $e) {`
43	efrain	323
23	efrain	324	`$response = $event->getResponse();`
45	efrain	325	`$code = 200;`
43	efrain	326	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong key', 'fatal' => true]);`
		327	`$this->sendResponse($response, $code, $content);`
		328
23	efrain	329	`}`
		330	`}`
		331	`}`
		332	`}`
1	efrain	333
		334
		335
		336	`if(empty($_SERVER['REDIRECT_URL'])) {`
		337	`if(empty($_SERVER['REQUEST_URI'])) {`
		338	`$routeName = '';`
		339
		340	`} else {`
		341	`$routeName = $_SERVER['REQUEST_URI'];`
		342	`}`
		343
		344	`} else {`
		345	`$routeName = $_SERVER['REDIRECT_URL'];`
		346
		347	`}`
		348
		349
		350	`$routeName = strtolower(trim($routeName));`
		351	`if(strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
		352	`$routeName = substr($routeName, 1);`
		353	`}`
		354
		355	`$this->currentUserPlugin = new CurrentUserPlugin($adapter);`
		356
		357
23	efrain	358	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	359	`$checkUserForNetwork = false;`
		360	`} else {`
		361	`if($this->currentUserPlugin->hasIdentity()) {`
		362
		363	`$checkUserForNetwork = true;`
		364	`} else {`
		365	`$checkUserForNetwork = false;`
		366	`}`
		367	`}`
		368
		369	`if($checkUserForNetwork) {`
		370	`if(!$routeName \|\| in_array($routeName, ['signout', 'signin', 'home'])) {`
		371	`$checkUserForNetwork = false;`
		372	`}`
		373	`}`
		374
		375	`if($checkUserForNetwork) {`
		376
154	efrain	377
1	efrain	378
		379	`if($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
154	efrain	380
1	efrain	381	`$response = $event->getResponse();`
154	efrain	382	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - The user is not part of this private network', 'fatal' => true]);`
		383	`$this->sendResponse($response, 200, $content);`
1	efrain	384	`exit;`
		385	`}`
		386	`}`
		387
		388
		389
		390	`$this->initAcl($event);`
68	efrain	391
88	efrain	392
1	efrain	393
		394	`$sharedManager = $eventManager->getSharedManager();`
		395	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPreDispatch'], 100);`
		396	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPosDispatch'], -100);`
		397	`}`
		398
		399	`public function initAcl(MvcEvent $event)`
		400	`{`
		401
		402	`$serviceManager = $event->getApplication()->getServiceManager();`
		403	`$adapter = $serviceManager->get('leaders-linked-db');`
		404
		405
		406	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		407
		408
		409	`$this->acl = new Acl();`
		410	`$resources = getAclResources();`
		411
		412	`foreach($resources as $resourceName)`
		413	`{`
		414	`$this->acl->addResource(new GenericResource($resourceName));`
		415	`}`
		416
		417	`$usertypes = getAclUsertype();`
		418	`foreach($usertypes as $usertype => $resources)`
		419	`{`
		420	`$this->acl->addRole(new GenericRole($usertype));`
		421	`foreach ($resources as $resourceName)`
		422	`{`
		423	`$this->acl->allow($usertype, $resourceName);`
		424	`}`
		425	`}`
		426
		427
		428
		429	`if($this->currentUserPlugin->hasIdentity() && $this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		430
		431	`$resources = getAclSuperAdmin();`
		432	`foreach($resources as $resourceName)`
		433	`{`
		434	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		435	`}`
		436	`}`
		437
		438
		439
		440	`$allowMyCoach = false;`
		441	`$allowKnowledgeArea = false;`
		442	`$allowDailyPulse = false;`
		443
		444
		445
		446	`$companyMapper = CompanyMapper::getInstance($adapter);`
		447	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
		448
		449
		450	`if($company) {`
		451
		452	`$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);`
		453	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);`
		454
		455
		456	`$companyUserMapper = CompanyUserMapper::getInstance($adapter);`
		457	`$companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id, $this->currentUserPlugin->getUserId());`
		458
		459
		460
		461
		462	`if($companyService) {`
		463
		464	`$dailyPulseMapper = DailyPulseMapper::getInstance($adapter);`
		465	`$dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);`
		466
		467	`if($dailyPulse) {`
		468	`$privacy = $dailyPulse->privacy;`
		469
		470	`} else {`
		471	`$privacy = DailyPulse::PRIVACY_COMPANY;`
		472	`}`
		473
		474	`if($privacy == DailyPulse::PRIVACY_PUBLIC) {`
		475	`$allowDailyPulse = true;`
		476	`} else {`
		477	`$allowDailyPulse = !empty($companyUser);`
		478	`}`
		479
		480
		481	`}`
		482
		483	`$job_description_ids = [];`
		484
		485	`$organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);`
		486	`$records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id, $this->currentUserPlugin->getUserId());`
		487	`foreach($records as $record)`
		488	`{`
		489	`array_push($job_description_ids, $record->job_description_id);`
		490	`}`
		491
		492
		493	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);`
		494	`if($companyService) {`
		495	`if($job_description_ids) {`
		496
		497
		498	`$knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);`
		499	`$records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		500
		501	`if(!empty($records)) {`
		502	`$allowKnowledgeArea = true;`
		503	`}`
		504
		505	`}`
		506
		507	`if($companyUser && !$allowKnowledgeArea) {`
		508	`$knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);`
		509	`$records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		510	`if(!empty($records)) {`
		511	`$allowKnowledgeArea = true;`
		512	`}`
		513	`}`
		514	`}`
		515
		516	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);`
		517	`if($companyService) {`
		518
		519
		520	`if($job_description_ids) {`
		521
		522
		523	`$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);`
		524	`$records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		525
		526	`if(!empty($records)) {`
		527	`$allowKnowledgeArea = true;`
		528	`}`
		529
		530	`}`
		531
		532	`if($companyUser && !$allowMyCoach) {`
		533	`$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);`
		534	`$records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		535	`if(!empty($records)) {`
		536	`$allowMyCoach = true;`
		537	`}`
		538
		539
		540	`}`
		541	`}`
		542
		543	`} else {`
		544	`$companyUser = '';`
		545	`}`
		546
		547
		548	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		549	`if($allowDailyPulse) {`
		550	`$resources = getAclDailyPulse();`
		551	`foreach($resources as $resourceName)`
		552	`{`
		553	`$this->acl->allow($usertype, $resourceName);`
		554	`}`
		555	`}`
		556
		557	`if($allowKnowledgeArea) {`
		558	`$resources = getAclKnowledgeArea();`
		559	`foreach($resources as $resourceName)`
		560	`{`
		561	`$this->acl->allow($usertype, $resourceName);`
		562	`}`
		563	`}`
		564
		565	`if($allowMyCoach) {`
		566	`$resources = getAclMyCoach();`
		567
		568
		569
		570	`foreach($resources as $resourceName)`
		571	`{`
		572	`$this->acl->allow($usertype, $resourceName);`
		573	`}`
		574
		575	`}`
		576
		577
		578
		579	`if($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		580
		581	`$usertypes = getAclUsertypeDefaultNetwork();`
		582	`foreach($usertypes as $usertype => $resources)`
		583	`{`
		584
		585
		586
		587	`foreach ($resources as $resourceName)`
		588	`{`
		589	`$this->acl->allow($usertype, $resourceName);`
		590	`}`
		591	`}`
		592
		593
		594	`} else {`
		595
		596	`if($this->currentUserPlugin->hasIdentity()) {`
		597
		598
		599	`if($company) {`
		600
		601
		602	`if($companyUser) {`
		603	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		604
		605	`if($companyUser->creator == CompanyUser::CREATOR_YES) {`
		606
		607	`$resources = getAclUsertypeOtherNetworkCreator();`
		608	`foreach($resources as $resourceName)`
		609	`{`
		610	`$this->acl->allow($usertype, $resourceName);`
		611	`}`
		612
		613	`}`
		614	`if($companyUser->creator == CompanyUser::CREATOR_NO) {`
		615	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		616	`foreach($resources as $resourceName)`
		617	`{`
		618	`$this->acl->allow($usertype, $resourceName);`
		619	`}`
		620	`}`
		621	`}`
		622	`}`
		623	`}`
		624	`}`
		625
		626
		627	`$event->getViewModel()->setVariable('acl', $this->acl);`
88	efrain	628
		629
1	efrain	630
		631	`}`
		632
		633	`public function onDispatchError(MvcEvent $event)`
		634	`{`
		635	`$this->processError($event);`
		636	`}`
		637
		638	`public function onRenderError(MvcEvent $event)`
		639	`{`
		640	`$this->processError($event);`
		641	`}`
		642
43	efrain	643	`/**`
		644	`*`
		645	`* @param \Laminas\Http\Response $response`
		646	`* @param int $code`
		647	`* @param string $content`
		648	`*/`
		649	`public function sendResponse($response, $code, $content)`
1	efrain	650	`{`
94	efrain	651
43	efrain	652
44	efrain	653
1	efrain	654	`$headers = $response->getHeaders();`
		655	`$headers->clearHeaders();`
		656	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		657
43	efrain	658	`Functions::addCrossSiteToResponse($response);`
		659
		660	`$response->setStatusCode($code);`
		661	`$response->setContent($content); //json_encode($data));`
1	efrain	662	`$response->send();`
		663	`exit;`
		664	`}`
		665
		666	`public function processError(MvcEvent $event)`
		667	`{`
		668	`$error = $event->getError();`
		669	`if (!$error) {`
		670	`return;`
		671	`}`
		672
		673	`$response = $event->getResponse();`
		674	`if('error-exception' == $error) {`
		675	`$exception = $event->getParam('exception');`
		676	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		677	`error_log($exception->getTraceAsString());`
43	efrain	678
1	efrain	679	`$response = $event->getResponse();`
45	efrain	680	`$code = 200;`
43	efrain	681	`$content = json_encode(['success' => false, 'data' => $exception->getCode() . ' ' . $exception->getMessage(), 'fatal' => true]);`
		682	`$this->sendResponse($response, $code, $content);`
1	efrain	683
		684	`} else if('error-router-no-match' == $error) {`
43	efrain	685
1	efrain	686	`$response = $event->getResponse();`
43	efrain	687	`$code = 404;`
		688	`$content = json_encode(['success' => false, 'data' => 'error-router-no-match', 'fatal' => true]);`
		689	`$this->sendResponse($response, $code, $content);`
1	efrain	690
		691
		692
		693	`} else if(' error-controller-not-found' == $error) {`
43	efrain	694
1	efrain	695	`$response = $event->getResponse();`
43	efrain	696	`$code = 404;`
		697	`$content = json_encode(['success' => false, 'data' => 'error-controller-not-found', 'fatal' => true]);`
		698	`$this->sendResponse($response, $code, $content);`
1	efrain	699
43	efrain	700
1	efrain	701	`} else {`
		702	`$response = $event->getResponse();`
45	efrain	703	`$code = 200;`
43	efrain	704	`$content = json_encode(['success' => false, 'data' => $error, 'fatal' => true]);`
		705	`$this->sendResponse($response, $code, $content);`
1	efrain	706
43	efrain	707
1	efrain	708	`}`
		709
		710	`exit;`
		711
		712	`}`
		713
		714
		715	`public function authPreDispatch(MvcEvent $event)`
		716	`{`
		717
		718
92	efrain	719
1	efrain	720
		721	`$serviceManager = $event->getApplication()->getServiceManager();`
		722	`$adapter = $serviceManager->get('leaders-linked-db');`
		723
		724	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		725
		726
		727	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
		728
95	efrain	729	`if($requestMethod == 'POST') {`
1	efrain	730
		731
23	efrain	732	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	733	`$exclude = true;`
		734	`} else {`
		735	`$exclude = false;`
		736
		737	`$usertypes = getAclUsertype();`
		738
		739
		740	`foreach($usertypes[UserType::GUEST] as $resourceName)`
		741	`{`
		742	`if($routeName == $resourceName) {`
		743	`$exclude = true;`
		744	`break;`
		745	`}`
		746	`}`
		747	`}`
		748
95	efrain	749
1	efrain	750	`if(!$exclude) {`
95	efrain	751
1	efrain	752	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
		753
100	efrain	754
		755
102	efrain	756	`if($this->jwtID) {`
103	efrain	757
95	efrain	758	`$jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);`
102	efrain	759	`$jwtToken = $jwtTokenMapper->fetchOne($this->jwtID);`
100	efrain	760	`if($jwtToken) {`
95	efrain	761
100	efrain	762	`$sessionToken = $jwtToken->csrf;`
		763	`//$jwtToken->csrf= '';`
		764
		765
		766	`// $jwtTokenMapper->update($jwtToken);`
		767	`} else {`
		768	`$sessionToken = '';`
		769	`}`
		770
95	efrain	771
		772	`} else {`
		773	`$sessionToken = '';`
		774	`}`
		775
		776
106	efrain	777	`//error_log('$this->jwtID = ' . $this->jwtID . ' $httpToken = ' . $httpToken . ' $sessionToken = ' . $sessionToken);`
100	efrain	778
1	efrain	779	`if ( $httpToken != $sessionToken) {`
		780	`$response = $event->getResponse();`
106	efrain	781	`$this->sendResponse($response, 200, json_encode(['success' => false, 'data' => 'Unauthorized - CSRF fail', 'fatal' => true]));`
1	efrain	782	`}`
		783
		784	`}`
		785	`}`
95	efrain	786
1	efrain	787
		788
		789
		790	`if($this->currentUserPlugin->hasIdentity()) {`
		791	`$user = $this->currentUserPlugin->getUser();`
		792	`$userTypeId = $user->usertype_id;`
		793
		794
		795	`} else {`
		796
		797	`$userTypeId = UserType::GUEST;`
		798	`}`
		799
		800
		801	`if($this->acl->isAllowed($userTypeId, $routeName)) {`
		802	`$user = $this->currentUserPlugin->getUser();`
		803
		804
		805	`if($user) {`
		806
		807	`$updateLastActivity = true;`
		808	`if ('chat' == substr($routeName, 0, 4)) {`
		809	`$updateLastActivity = false;`
		810	`}`
		811	`if ('inmail' == substr($routeName, 0, 6)) {`
		812	`$updateLastActivity = false;`
		813	`}`
		814	`if ('check-session' == $routeName) {`
		815	`$updateLastActivity = false;`
		816	`}`
		817
		818
		819	`if($updateLastActivity) {`
		820	`$userMapper = UserMapper::getInstance($adapter);`
		821	`$userMapper->updateLastActivity($user->id);`
		822	`}`
		823	`}`
		824
		825
		826
		827	`} else {`
		828	`$response = $event->getResponse();`
54	efrain	829
45	efrain	830	`$response->setStatusCode(200);`
106	efrain	831	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized - Does not have permission', 'fatal' => true]));`
1	efrain	832	`$response->send();`
		833	`exit;`
		834
		835
		836
		837	`}`
90	efrain	838
91	efrain	839
90	efrain	840
1	efrain	841
		842
		843	`}`
		844
		845
		846	`public function authPosDispatch(MvcEvent $event)`
		847	`{`
90	efrain	848	`//$response = $event->getResponse();`
		849	`// Functions::addCrossSiteToResponse($response);`
1	efrain	850	`}`
		851
		852
		853
		854
		855	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Module.php – Rev 164