WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
		2	`declare(strict_types=1);`
		3
		4	`namespace LeadersLinked;`
		5
		6	`use Laminas\Db\Adapter\AdapterInterface;`
		7	`use Laminas\ModuleManager\ModuleEvent;`
		8	`use Laminas\ModuleManager\ModuleManager;`
		9	`use Laminas\Mvc\MvcEvent;`
		10	`use Laminas\Config\Reader\Ini;`
		11	`use Laminas\Permissions\Acl\Acl;`
		12	`use Laminas\Permissions\Acl\Role\GenericRole;`
		13	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		14	`use LeadersLinked\Mapper\UserMapper;`
		15	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		16	`use Laminas\Authentication\AuthenticationService;`
		17	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		18	`use LeadersLinked\Model\UserType;`
		19	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		20	`use LeadersLinked\Model\Network;`
		21	`use LeadersLinked\Model\User;`
		22	`use LeadersLinked\Mapper\CompanyUserMapper;`
		23	`use LeadersLinked\Model\CompanyUser;`
		24	`use LeadersLinked\Mapper\CompanyMapper;`
		25	`use LeadersLinked\Mapper\CompanyServiceMapper;`
		26	`use LeadersLinked\Model\Service;`
		27
		28	`use LeadersLinked\Library\Functions;`
		29	`use LeadersLinked\Mapper\DailyPulseMapper;`
		30	`use LeadersLinked\Model\DailyPulse;`
		31	`use LeadersLinked\Mapper\OrganizationPositionMapper;`
		32	`use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;`
		33	`use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;`
		34	`use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;`
		35	`use LeadersLinked\Mapper\MyCoachCategoryUserMapper;`
23	efrain	36	`use Firebase\JWT\JWT;`
		37	`use Firebase\JWT\Key;`
		38	`use LeadersLinked\Mapper\JwtTokenMapper;`
		39	`use LeadersLinked\Authentication\AuthUserIdAdapter;`
95	efrain	40	`use LeadersLinked\Model\JwtToken;`
154	efrain	41	`use Laminas\Http\Response;`
1	efrain	42
		43	`class Module`
		44	`{`
		45	`/**`
		46	`*`
		47	`* @var Acl`
		48	`*/`
		49	`private $acl;`
		50
		51	`/**`
		52	`*`
		53	`* @var AdapterInterface`
		54	`*/`
		55	`private $adapter;`
		56
		57	`/**`
		58	`*`
		59	`* @var CurrentUserPlugin`
		60	`*/`
		61	`private $currentUserPlugin;`
		62
		63	`/**`
		64	`*`
		65	`* @var CurrentNetworkPlugin`
		66	`*/`
		67	`private $currentNetworkPlugin;`
		68
		69	`/**`
		70	`*`
		71	`* @var array`
		72	`*/`
		73	`private $routesAuthorized = [];`
		74
		75	`/**`
		76	`*`
		77	`* @var boolean`
		78	`*/`
23	efrain	79	`private $authByOTP = false;`
1	efrain	80
23	efrain	81	`/**`
		82	`*`
		83	`* @var boolean`
		84	`*/`
		85	`private $authByJWT = false;`
1	efrain	86
102	efrain	87	`/**`
		88	`*`
		89	`* @var int`
		90	`*/`
		91	`private $jwtID = 0;`
23	efrain	92
102	efrain	93
1	efrain	94	`/**`
		95	`*`
95	efrain	96	`* @var JwtToken`
		97	`*/`
		98	`private $jwtToken;`
		99
		100
		101	`/**`
		102	`*`
1	efrain	103	`* @var array`
		104	`*/`
		105	`private $config;`
		106
		107
		108
		109	`public function init(ModuleManager $moduleManager)`
		110	`{`
195	efrain	111
		112
1	efrain	113	`$events = $moduleManager->getEventManager();`
		114	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array($this, 'onMergeConfig'));`
		115	`}`
		116
		117	`public function onMergeConfig(ModuleEvent $event)`
		118	`{`
		119	`$configListener = $event->getConfigListener();`
		120	`$this->config = $configListener->getMergedConfig(false);`
		121
		122	`$reader = new Ini();`
		123	`$data = $reader->fromFile('config/leaderslinked.ini');`
		124
		125	`$prefix = 'leaderslinked';`
		126	`foreach($data as $section => $pairs)`
		127	`{`
		128	`foreach($pairs as $key => $value)`
		129	`{`
		130	`$this->config[$prefix . '.' . $section . '.' . $key] = $value;`
		131	`}`
		132	`}`
		133	`$configListener->setMergedConfig($this->config);`
		134	`}`
		135
		136
		137	`public function getConfig() : array`
		138	`{`
		139	`return include __DIR__ . '/../config/module.config.php';`
		140	`}`
		141
		142	`public function onBootstrap(MvcEvent $event)`
		143	`{`
195	efrain	144
283	www	145	`$timezone = $this->config['leaderslinked.runmode.timezone'];`
		146	`date_default_timezone_set($timezone);`
195	efrain	147
		148
164	efrain	149	`header('Access-Control-Allow-Origin: *');`
		150	`header('Access-Control-Allow-Headers: *');`
		151	`header('Access-Control-Allow-Method: POST, GET, HEAD, OPTIONS');`
		152	`header('Access-Control-Max-Age: 86400');`
		153
86	efrain	154
96	efrain	155	`$response = $event->getResponse();`
		156	`Functions::addCrossSiteToResponse($response);`
		157	`$event->setResponse($response);`
		158
68	efrain	159	`$serviceManager = $event->getApplication()->getServiceManager();`
55	efrain	160
		161
68	efrain	162	`$eventManager = $event->getApplication()->getEventManager();`
		163	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this,'onDispatchError'], 0);`
		164	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this,'onRenderError'], 0);`
		165
1	efrain	166	`$adapter = $serviceManager->get('leaders-linked-db');`
		167
283	www	168	`/*`
1	efrain	169	`$session = $serviceManager->get('leaders-linked-session');`
		170	`$session->start();`
231	efrain	171	`$session->regenerateId(true);`
283	www	172	`*/`
1	efrain	173
		174	`$translator = $serviceManager->get('MvcTranslator');`
		175	`$translator->addTranslationFile(`
		176	`'phpArray',`
		177	`__DIR__ . '/i18n/validate.php',`
		178	`'default'`
		179	`);`
		180
		181	`$translator->addTranslationFile(`
		182	`'phpArray',`
		183	`__DIR__ . '/i18n/spanish.php',`
		184	`'default'`
		185	`);`
		186
97	efrain	187
		188
		189
		190
1	efrain	191	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
		192
		193
		194	`$headers = $event->getRequest()->getHeaders();`
		195	`if($headers->has('token')) {`
		196	`$device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());`
		197	`} else {`
		198	`$device_uuid = '';`
		199	`}`
		200	`if($headers->has('secret')) {`
		201	`$password = Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());`
		202	`} else {`
		203	`$password = '';`
		204	`}`
		205	`if($headers->has('rand')) {`
		206	`$rand = Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());`
		207	`} else {`
		208	`$rand = 0;`
		209	`}`
		210	`if($headers->has('created')) {`
		211	`$timestamp = Functions::sanitizeFilterString($headers->get('created')->getFieldValue());`
		212	`} else {`
		213	`$timestamp = 0;`
		214	`}`
		215
		216
4	efrain	217
283	www	218	`$this->currentNetworkPlugin = CurrentNetworkPlugin::getInstance($adapter);`
1	efrain	219	`if(!$this->currentNetworkPlugin->hasNetwork()) {`
43	efrain	220
1	efrain	221	`$response = $event->getResponse();`
45	efrain	222	`$code = 200;`
		223	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - not found', 'fatal' => true]);`
43	efrain	224	`$this->sendResponse($response, $code, $content);`
		225
1	efrain	226	`}`
		227
		228	`if($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
43	efrain	229
1	efrain	230	`$response = $event->getResponse();`
45	efrain	231	`$code = 200;`
		232	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - inactive', 'fatal' => true]);`
43	efrain	233	`$this->sendResponse($response, $code, $content);`
		234
1	efrain	235	`}`
		236
192	efrain	237
1	efrain	238
192	efrain	239
23	efrain	240	`$this->authByOTP = false;`
1	efrain	241	`if($device_uuid && $password && $rand && $timestamp) {`
23	efrain	242	`$this->authByOTP = true;`
1	efrain	243
		244
		245	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		246	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
		247
		248	`$authService = new AuthenticationService();`
		249	`$result = $authService->authenticate($tokenAuthAdapter);`
		250	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	251
1	efrain	252	`$response = $event->getResponse();`
43	efrain	253	`$code = 200;`
		254	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		255	`$this->sendResponse($response, $code, $content);`
		256
1	efrain	257	`}`
		258
		259	`}`
23	efrain	260
102	efrain	261	`$this->jwtID = 0;`
23	efrain	262	`$this->authByJWT = false;`
		263	`$headers = getallheaders();`
34	efrain	264
		265	`if(!empty($headers['authorization']) \|\| !empty($headers['Authorization'])) {`
23	efrain	266
34	efrain	267	`$token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);`
		268
		269
23	efrain	270	`if (substr($token, 0, 6 ) == 'Bearer') {`
43	efrain	271
23	efrain	272
		273	`$token = trim(substr($token, 7));`
		274
		275	`if(!empty($this->config['leaderslinked.jwt.key'])) {`
		276	`$key = $this->config['leaderslinked.jwt.key'];`
		277
		278
		279	`try {`
		280	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
		281
		282
		283	`if(empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
43	efrain	284
23	efrain	285	`$response = $event->getResponse();`
45	efrain	286	`$code = 200;`
43	efrain	287	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong server', 'fatal' => true]);`
		288	`$this->sendResponse($response, $code, $content);`
23	efrain	289
43	efrain	290
		291
23	efrain	292	`}`
		293
		294	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
		295	`if($uuid) {`
		296	`$jwtTokenMapper = JwtTokenMapper::getInstance($adapter);`
100	efrain	297	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
		298	`if($jwtToken) {`
23	efrain	299
102	efrain	300	`$this->jwtID = $jwtToken->id;`
		301
100	efrain	302	`$_SESSION['aes'] = $jwtToken->aes;`
23	efrain	303
100	efrain	304	`if($jwtToken->user_id) {`
23	efrain	305	`$authByUserId = new AuthUserIdAdapter($adapter);`
100	efrain	306	`$authByUserId->setData($jwtToken->user_id);`
23	efrain	307
		308	`$authService = new AuthenticationService();`
		309	`$result = $authService->authenticate($authByUserId);`
		310	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	311
23	efrain	312	`$response = $event->getResponse();`
45	efrain	313	`$code = 200;`
43	efrain	314	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		315	`$this->sendResponse($response, $code, $content);`
23	efrain	316
		317	`}`
24	efrain	318
102	efrain	319
23	efrain	320	`}`
		321
		322
		323	`} else {`
		324	`$response = $event->getResponse();`
45	efrain	325	`$code = 200;`
43	efrain	326	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Expired', 'fatal' => true]);`
		327	`$this->sendResponse($response, $code, $content);`
		328
23	efrain	329	`}`
		330
		331	`}`
		332	`} catch(\Exception $e) {`
43	efrain	333
23	efrain	334	`$response = $event->getResponse();`
45	efrain	335	`$code = 200;`
43	efrain	336	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong key', 'fatal' => true]);`
		337	`$this->sendResponse($response, $code, $content);`
		338
23	efrain	339	`}`
		340	`}`
		341	`}`
		342	`}`
1	efrain	343
		344
		345
		346	`if(empty($_SERVER['REDIRECT_URL'])) {`
		347	`if(empty($_SERVER['REQUEST_URI'])) {`
		348	`$routeName = '';`
		349
		350	`} else {`
		351	`$routeName = $_SERVER['REQUEST_URI'];`
		352	`}`
		353
		354	`} else {`
		355	`$routeName = $_SERVER['REDIRECT_URL'];`
		356
		357	`}`
		358
		359
		360	`$routeName = strtolower(trim($routeName));`
		361	`if(strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
		362	`$routeName = substr($routeName, 1);`
		363	`}`
		364
283	www	365	`$this->currentUserPlugin = CurrentUserPlugin::getInstance($adapter);`
192	efrain	366	`if($this->currentUserPlugin->hasIdentity()) {`
		367
195	efrain	368
		369
192	efrain	370	`if(User::STATUS_BANNED == $this->currentUserPlugin->getUser()->status) {`
		371
		372	`$code = 200;`
		373	`$content = json_encode(['success' => false, 'data' => '403 Forbidden - Banned', 'fatal' => true]);`
		374	`$this->sendResponse($response, $code, $content);`
		375	`}`
		376
		377	`}`
1	efrain	378
23	efrain	379	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	380	`$checkUserForNetwork = false;`
		381	`} else {`
		382	`if($this->currentUserPlugin->hasIdentity()) {`
		383
		384	`$checkUserForNetwork = true;`
		385	`} else {`
		386	`$checkUserForNetwork = false;`
		387	`}`
		388	`}`
		389
		390	`if($checkUserForNetwork) {`
		391	`if(!$routeName \|\| in_array($routeName, ['signout', 'signin', 'home'])) {`
		392	`$checkUserForNetwork = false;`
		393	`}`
		394	`}`
		395
		396	`if($checkUserForNetwork) {`
		397
154	efrain	398
1	efrain	399
		400	`if($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
154	efrain	401
1	efrain	402	`$response = $event->getResponse();`
154	efrain	403	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - The user is not part of this private network', 'fatal' => true]);`
		404	`$this->sendResponse($response, 200, $content);`
1	efrain	405	`exit;`
		406	`}`
		407	`}`
		408
		409
		410
		411	`$this->initAcl($event);`
68	efrain	412
88	efrain	413
1	efrain	414
		415	`$sharedManager = $eventManager->getSharedManager();`
		416	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPreDispatch'], 100);`
		417	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPosDispatch'], -100);`
		418	`}`
		419
		420	`public function initAcl(MvcEvent $event)`
		421	`{`
		422
		423	`$serviceManager = $event->getApplication()->getServiceManager();`
		424	`$adapter = $serviceManager->get('leaders-linked-db');`
		425
		426
		427	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		428
		429
		430	`$this->acl = new Acl();`
		431	`$resources = getAclResources();`
		432
		433	`foreach($resources as $resourceName)`
		434	`{`
		435	`$this->acl->addResource(new GenericResource($resourceName));`
		436	`}`
		437
		438	`$usertypes = getAclUsertype();`
		439	`foreach($usertypes as $usertype => $resources)`
		440	`{`
		441	`$this->acl->addRole(new GenericRole($usertype));`
		442	`foreach ($resources as $resourceName)`
		443	`{`
		444	`$this->acl->allow($usertype, $resourceName);`
		445	`}`
		446	`}`
		447
		448
		449
167	efrain	450	`if($this->currentUserPlugin->hasIdentity()) {`
		451	`$user_id = $this->currentUserPlugin->getUserId();`
		452
		453	`if($this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		454
		455
		456	`$resources = getAclSuperAdmin();`
		457	`foreach($resources as $resourceName)`
		458	`{`
		459	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		460	`}`
1	efrain	461	`}`
167	efrain	462	`} else {`
		463	`$user_id = 0;`
1	efrain	464	`}`
		465
		466	`$allowMyCoach = false;`
		467	`$allowKnowledgeArea = false;`
		468	`$allowDailyPulse = false;`
		469
		470
167	efrain	471	`if( $user_id) {`
		472	`$allowMicrolearning = $this->isMicroLeargningAccessGranted($adapter, $user_id);`
		473	`} else {`
		474	`$allowMicrolearning = false;`
		475	`}`
1	efrain	476
167	efrain	477
		478
		479
		480
		481
1	efrain	482	`$companyMapper = CompanyMapper::getInstance($adapter);`
		483	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
		484
		485
		486	`if($company) {`
		487
		488	`$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);`
		489	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);`
		490
		491
		492	`$companyUserMapper = CompanyUserMapper::getInstance($adapter);`
		493	`$companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id, $this->currentUserPlugin->getUserId());`
		494
		495
		496
		497
		498	`if($companyService) {`
		499
		500	`$dailyPulseMapper = DailyPulseMapper::getInstance($adapter);`
		501	`$dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);`
		502
		503	`if($dailyPulse) {`
		504	`$privacy = $dailyPulse->privacy;`
		505
		506	`} else {`
		507	`$privacy = DailyPulse::PRIVACY_COMPANY;`
		508	`}`
		509
		510	`if($privacy == DailyPulse::PRIVACY_PUBLIC) {`
		511	`$allowDailyPulse = true;`
		512	`} else {`
		513	`$allowDailyPulse = !empty($companyUser);`
		514	`}`
		515
		516
		517	`}`
		518
		519	`$job_description_ids = [];`
		520
		521	`$organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);`
		522	`$records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id, $this->currentUserPlugin->getUserId());`
		523	`foreach($records as $record)`
		524	`{`
		525	`array_push($job_description_ids, $record->job_description_id);`
		526	`}`
		527
		528
		529	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);`
		530	`if($companyService) {`
		531	`if($job_description_ids) {`
		532
		533
		534	`$knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);`
		535	`$records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		536
		537	`if(!empty($records)) {`
		538	`$allowKnowledgeArea = true;`
		539	`}`
		540
		541	`}`
		542
		543	`if($companyUser && !$allowKnowledgeArea) {`
		544	`$knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);`
		545	`$records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		546	`if(!empty($records)) {`
		547	`$allowKnowledgeArea = true;`
		548	`}`
		549	`}`
		550	`}`
		551
		552	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);`
		553	`if($companyService) {`
		554
		555
		556	`if($job_description_ids) {`
		557
		558
		559	`$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);`
		560	`$records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		561
		562	`if(!empty($records)) {`
		563	`$allowKnowledgeArea = true;`
		564	`}`
		565
		566	`}`
		567
		568	`if($companyUser && !$allowMyCoach) {`
		569	`$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);`
		570	`$records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		571	`if(!empty($records)) {`
		572	`$allowMyCoach = true;`
		573	`}`
		574
		575
		576	`}`
		577	`}`
		578
		579	`} else {`
		580	`$companyUser = '';`
		581	`}`
		582
		583
		584	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		585	`if($allowDailyPulse) {`
		586	`$resources = getAclDailyPulse();`
		587	`foreach($resources as $resourceName)`
		588	`{`
		589	`$this->acl->allow($usertype, $resourceName);`
		590	`}`
		591	`}`
		592
167	efrain	593	`if($allowMicrolearning) {`
		594	`$resources = getAclMicrolearning();`
		595	`foreach($resources as $resourceName)`
		596	`{`
		597	`$this->acl->allow($usertype, $resourceName);`
		598	`}`
		599	`}`
		600
		601
1	efrain	602	`if($allowKnowledgeArea) {`
		603	`$resources = getAclKnowledgeArea();`
		604	`foreach($resources as $resourceName)`
		605	`{`
		606	`$this->acl->allow($usertype, $resourceName);`
		607	`}`
		608	`}`
		609
		610	`if($allowMyCoach) {`
		611	`$resources = getAclMyCoach();`
		612
		613
		614
		615	`foreach($resources as $resourceName)`
		616	`{`
		617	`$this->acl->allow($usertype, $resourceName);`
		618	`}`
		619
		620	`}`
		621
		622
		623
		624	`if($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		625
		626	`$usertypes = getAclUsertypeDefaultNetwork();`
		627	`foreach($usertypes as $usertype => $resources)`
		628	`{`
		629
		630
		631
		632	`foreach ($resources as $resourceName)`
		633	`{`
		634	`$this->acl->allow($usertype, $resourceName);`
		635	`}`
		636	`}`
		637
		638
		639	`} else {`
		640
		641	`if($this->currentUserPlugin->hasIdentity()) {`
		642
		643
		644	`if($company) {`
		645
		646
		647	`if($companyUser) {`
		648	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		649
		650	`if($companyUser->creator == CompanyUser::CREATOR_YES) {`
		651
		652	`$resources = getAclUsertypeOtherNetworkCreator();`
		653	`foreach($resources as $resourceName)`
		654	`{`
		655	`$this->acl->allow($usertype, $resourceName);`
		656	`}`
		657
		658	`}`
		659	`if($companyUser->creator == CompanyUser::CREATOR_NO) {`
		660	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		661	`foreach($resources as $resourceName)`
		662	`{`
		663	`$this->acl->allow($usertype, $resourceName);`
		664	`}`
		665	`}`
		666	`}`
		667	`}`
		668	`}`
		669	`}`
		670
		671
		672	`$event->getViewModel()->setVariable('acl', $this->acl);`
88	efrain	673
		674
1	efrain	675
		676	`}`
		677
		678	`public function onDispatchError(MvcEvent $event)`
		679	`{`
		680	`$this->processError($event);`
		681	`}`
		682
		683	`public function onRenderError(MvcEvent $event)`
		684	`{`
		685	`$this->processError($event);`
		686	`}`
		687
43	efrain	688	`/**`
		689	`*`
		690	`* @param \Laminas\Http\Response $response`
		691	`* @param int $code`
		692	`* @param string $content`
		693	`*/`
		694	`public function sendResponse($response, $code, $content)`
1	efrain	695	`{`
94	efrain	696
43	efrain	697
44	efrain	698
1	efrain	699	`$headers = $response->getHeaders();`
		700	`$headers->clearHeaders();`
		701	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		702
43	efrain	703	`Functions::addCrossSiteToResponse($response);`
		704
		705	`$response->setStatusCode($code);`
		706	`$response->setContent($content); //json_encode($data));`
1	efrain	707	`$response->send();`
		708	`exit;`
		709	`}`
		710
		711	`public function processError(MvcEvent $event)`
		712	`{`
		713	`$error = $event->getError();`
		714	`if (!$error) {`
		715	`return;`
		716	`}`
		717
		718	`$response = $event->getResponse();`
		719	`if('error-exception' == $error) {`
195	efrain	720
		721
1	efrain	722	`$exception = $event->getParam('exception');`
		723	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		724	`error_log($exception->getTraceAsString());`
43	efrain	725
1	efrain	726	`$response = $event->getResponse();`
45	efrain	727	`$code = 200;`
43	efrain	728	`$content = json_encode(['success' => false, 'data' => $exception->getCode() . ' ' . $exception->getMessage(), 'fatal' => true]);`
		729	`$this->sendResponse($response, $code, $content);`
1	efrain	730
		731	`} else if('error-router-no-match' == $error) {`
43	efrain	732
1	efrain	733	`$response = $event->getResponse();`
43	efrain	734	`$code = 404;`
		735	`$content = json_encode(['success' => false, 'data' => 'error-router-no-match', 'fatal' => true]);`
		736	`$this->sendResponse($response, $code, $content);`
1	efrain	737
		738
		739
		740	`} else if(' error-controller-not-found' == $error) {`
43	efrain	741
1	efrain	742	`$response = $event->getResponse();`
43	efrain	743	`$code = 404;`
		744	`$content = json_encode(['success' => false, 'data' => 'error-controller-not-found', 'fatal' => true]);`
		745	`$this->sendResponse($response, $code, $content);`
1	efrain	746
43	efrain	747
1	efrain	748	`} else {`
		749	`$response = $event->getResponse();`
45	efrain	750	`$code = 200;`
43	efrain	751	`$content = json_encode(['success' => false, 'data' => $error, 'fatal' => true]);`
		752	`$this->sendResponse($response, $code, $content);`
1	efrain	753
43	efrain	754
1	efrain	755	`}`
		756
		757	`exit;`
		758
		759	`}`
		760
		761
		762	`public function authPreDispatch(MvcEvent $event)`
		763	`{`
		764
195	efrain	765
1	efrain	766
		767
		768	`$serviceManager = $event->getApplication()->getServiceManager();`
		769	`$adapter = $serviceManager->get('leaders-linked-db');`
		770
		771	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		772
		773
		774	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
		775
95	efrain	776	`if($requestMethod == 'POST') {`
1	efrain	777
		778
23	efrain	779	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	780	`$exclude = true;`
		781	`} else {`
		782	`$exclude = false;`
		783
		784	`$usertypes = getAclUsertype();`
		785
		786
		787	`foreach($usertypes[UserType::GUEST] as $resourceName)`
		788	`{`
		789	`if($routeName == $resourceName) {`
		790	`$exclude = true;`
		791	`break;`
		792	`}`
		793	`}`
		794	`}`
		795
95	efrain	796
1	efrain	797	`if(!$exclude) {`
95	efrain	798
1	efrain	799	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
		800
100	efrain	801
		802
102	efrain	803	`if($this->jwtID) {`
103	efrain	804
95	efrain	805	`$jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);`
102	efrain	806	`$jwtToken = $jwtTokenMapper->fetchOne($this->jwtID);`
100	efrain	807	`if($jwtToken) {`
95	efrain	808
100	efrain	809	`$sessionToken = $jwtToken->csrf;`
		810	`//$jwtToken->csrf= '';`
		811
		812
		813	`// $jwtTokenMapper->update($jwtToken);`
		814	`} else {`
		815	`$sessionToken = '';`
		816	`}`
		817
95	efrain	818
		819	`} else {`
		820	`$sessionToken = '';`
		821	`}`
		822
		823
106	efrain	824	`//error_log('$this->jwtID = ' . $this->jwtID . ' $httpToken = ' . $httpToken . ' $sessionToken = ' . $sessionToken);`
100	efrain	825
283	www	826	`// if ( $httpToken != $sessionToken) {`
		827	`// $response = $event->getResponse();`
		828	`// $this->sendResponse($response, 200, json_encode(['success' => false, 'data' => 'Unauthorized - CSRF fail', 'fatal' => true]));`
		829	`// }`
1	efrain	830
		831	`}`
		832	`}`
95	efrain	833
1	efrain	834
		835
		836
		837	`if($this->currentUserPlugin->hasIdentity()) {`
		838	`$user = $this->currentUserPlugin->getUser();`
167	efrain	839	`$user_id = $user->id;`
1	efrain	840	`$userTypeId = $user->usertype_id;`
		841
		842
		843	`} else {`
		844
		845	`$userTypeId = UserType::GUEST;`
167	efrain	846	`$user_id = 0;`
1	efrain	847	`}`
		848
167	efrain	849
1	efrain	850
167	efrain	851
		852
		853
		854
1	efrain	855	`if($this->acl->isAllowed($userTypeId, $routeName)) {`
		856	`$user = $this->currentUserPlugin->getUser();`
		857
		858
		859	`if($user) {`
		860
		861	`$updateLastActivity = true;`
		862	`if ('chat' == substr($routeName, 0, 4)) {`
		863	`$updateLastActivity = false;`
		864	`}`
		865	`if ('inmail' == substr($routeName, 0, 6)) {`
		866	`$updateLastActivity = false;`
		867	`}`
		868	`if ('check-session' == $routeName) {`
		869	`$updateLastActivity = false;`
		870	`}`
		871
		872
		873	`if($updateLastActivity) {`
		874	`$userMapper = UserMapper::getInstance($adapter);`
		875	`$userMapper->updateLastActivity($user->id);`
		876	`}`
		877	`}`
		878
		879
		880
		881	`} else {`
		882	`$response = $event->getResponse();`
54	efrain	883
45	efrain	884	`$response->setStatusCode(200);`
106	efrain	885	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized - Does not have permission', 'fatal' => true]));`
1	efrain	886	`$response->send();`
		887	`exit;`
		888
		889
		890
		891	`}`
90	efrain	892
91	efrain	893
90	efrain	894
1	efrain	895
		896
		897	`}`
		898
		899
		900	`public function authPosDispatch(MvcEvent $event)`
		901	`{`
90	efrain	902	`//$response = $event->getResponse();`
		903	`// Functions::addCrossSiteToResponse($response);`
1	efrain	904	`}`
		905
167	efrain	906
		907	`/**`
		908	`*`
		909	`* @param \Laminas\Db\Adapter\AdapterInterface $adapter`
		910	`* @param int $user_id`
		911	`* @return boolean`
		912	`*/`
		913	`private function isMicroLeargningAccessGranted($adapter, $user_id)`
		914	`{`
		915
		916	`$accessGranted = false;`
283	www	917	`$capsuleUserMapper = \LeadersLinked\Mapper\MicrolearningCapsuleUserMapper::getInstance($adapter);`
167	efrain	918	`$now = $capsuleUserMapper->getDatebaseNow();`
		919
		920	`$records = $capsuleUserMapper->fetchAllActiveByUserId($user_id);`
		921
		922
		923	`foreach($records as $record)`
		924	`{`
283	www	925	`if($record->access != \LeadersLinked\Model\MicrolearningCapsuleUser::ACCESS_UNLIMITED && $record->access != \LeadersLinked\Model\MicrolearningCapsuleUser::ACCESS_PAY_PERIOD) {`
167	efrain	926	`continue;`
		927	`}`
283	www	928	`if($record->access == \LeadersLinked\Model\MicrolearningCapsuleUser::ACCESS_PAY_PERIOD) {`
167	efrain	929	`if($now < $record->paid_from \|\| $now > $record->paid_to) {`
		930	`continue;`
		931	`}`
		932	`}`
		933	`$accessGranted = true;`
		934	`break;`
		935	`}`
		936
		937	`return $accessGranted;`
		938	`}`
1	efrain	939
		940
		941
		942	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Module.php – Rev 283