WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
		2	`declare(strict_types=1);`
		3
		4	`namespace LeadersLinked;`
		5
		6	`use Laminas\Db\Adapter\AdapterInterface;`
		7	`use Laminas\ModuleManager\ModuleEvent;`
		8	`use Laminas\ModuleManager\ModuleManager;`
		9	`use Laminas\Mvc\MvcEvent;`
		10	`use Laminas\Config\Reader\Ini;`
		11	`use Laminas\Permissions\Acl\Acl;`
		12	`use Laminas\Permissions\Acl\Role\GenericRole;`
		13	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		14	`use LeadersLinked\Mapper\UserMapper;`
		15	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		16	`use Laminas\Authentication\AuthenticationService;`
		17	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		18	`use LeadersLinked\Model\UserType;`
		19	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		20	`use LeadersLinked\Model\Network;`
		21	`use LeadersLinked\Model\User;`
		22	`use LeadersLinked\Mapper\CompanyUserMapper;`
		23	`use LeadersLinked\Model\CompanyUser;`
		24	`use LeadersLinked\Mapper\CompanyMapper;`
		25	`use LeadersLinked\Mapper\CompanyServiceMapper;`
		26	`use LeadersLinked\Model\Service;`
		27
		28	`use LeadersLinked\Library\Functions;`
		29	`use LeadersLinked\Mapper\DailyPulseMapper;`
		30	`use LeadersLinked\Model\DailyPulse;`
		31	`use LeadersLinked\Mapper\OrganizationPositionMapper;`
		32	`use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;`
		33	`use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;`
		34	`use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;`
		35	`use LeadersLinked\Mapper\MyCoachCategoryUserMapper;`
23	efrain	36	`use Firebase\JWT\JWT;`
		37	`use Firebase\JWT\Key;`
		38	`use LeadersLinked\Mapper\JwtTokenMapper;`
		39	`use LeadersLinked\Authentication\AuthUserIdAdapter;`
1	efrain	40
		41	`class Module`
		42	`{`
		43	`/**`
		44	`*`
		45	`* @var Acl`
		46	`*/`
		47	`private $acl;`
		48
		49	`/**`
		50	`*`
		51	`* @var AdapterInterface`
		52	`*/`
		53	`private $adapter;`
		54
		55	`/**`
		56	`*`
		57	`* @var CurrentUserPlugin`
		58	`*/`
		59	`private $currentUserPlugin;`
		60
		61	`/**`
		62	`*`
		63	`* @var CurrentNetworkPlugin`
		64	`*/`
		65	`private $currentNetworkPlugin;`
		66
		67	`/**`
		68	`*`
		69	`* @var array`
		70	`*/`
		71	`private $routesAuthorized = [];`
		72
		73	`/**`
		74	`*`
		75	`* @var boolean`
		76	`*/`
23	efrain	77	`private $authByOTP = false;`
1	efrain	78
23	efrain	79	`/**`
		80	`*`
		81	`* @var boolean`
		82	`*/`
		83	`private $authByJWT = false;`
1	efrain	84
23	efrain	85
1	efrain	86	`/**`
		87	`*`
		88	`* @var array`
		89	`*/`
		90	`private $config;`
		91
		92
		93
		94	`public function init(ModuleManager $moduleManager)`
		95	`{`
		96	`$events = $moduleManager->getEventManager();`
		97	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array($this, 'onMergeConfig'));`
		98	`}`
		99
		100	`public function onMergeConfig(ModuleEvent $event)`
		101	`{`
		102	`$configListener = $event->getConfigListener();`
		103	`$this->config = $configListener->getMergedConfig(false);`
		104
		105	`$reader = new Ini();`
		106	`$data = $reader->fromFile('config/leaderslinked.ini');`
		107
		108	`$prefix = 'leaderslinked';`
		109	`foreach($data as $section => $pairs)`
		110	`{`
		111	`foreach($pairs as $key => $value)`
		112	`{`
		113	`$this->config[$prefix . '.' . $section . '.' . $key] = $value;`
		114	`}`
		115	`}`
		116	`$configListener->setMergedConfig($this->config);`
		117	`}`
		118
		119
		120	`public function getConfig() : array`
		121	`{`
		122	`return include __DIR__ . '/../config/module.config.php';`
		123	`}`
		124
		125	`public function onBootstrap(MvcEvent $event)`
		126	`{`
		127	`$serviceManager = $event->getApplication()->getServiceManager();`
		128	`$adapter = $serviceManager->get('leaders-linked-db');`
		129	`// $logger = $serviceManager->get('Zend\Log\Logger');`
		130
		131
		132	`$session = $serviceManager->get('leaders-linked-session');`
		133	`$session->start();`
		134
		135
		136	`$translator = $serviceManager->get('MvcTranslator');`
		137	`$translator->addTranslationFile(`
		138	`'phpArray',`
		139	`__DIR__ . '/i18n/validate.php',`
		140	`'default'`
		141	`);`
		142
		143	`$translator->addTranslationFile(`
		144	`'phpArray',`
		145	`__DIR__ . '/i18n/spanish.php',`
		146	`'default'`
		147	`);`
		148
		149	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
		150
		151
		152	`$headers = $event->getRequest()->getHeaders();`
		153	`if($headers->has('token')) {`
		154	`$device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());`
		155	`} else {`
		156	`$device_uuid = '';`
		157	`}`
		158	`if($headers->has('secret')) {`
		159	`$password = Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());`
		160	`} else {`
		161	`$password = '';`
		162	`}`
		163	`if($headers->has('rand')) {`
		164	`$rand = Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());`
		165	`} else {`
		166	`$rand = 0;`
		167	`}`
		168	`if($headers->has('created')) {`
		169	`$timestamp = Functions::sanitizeFilterString($headers->get('created')->getFieldValue());`
		170	`} else {`
		171	`$timestamp = 0;`
		172	`}`
		173
		174
4	efrain	175
1	efrain	176	`$this->currentNetworkPlugin = new CurrentNetworkPlugin($adapter);`
		177	`if(!$this->currentNetworkPlugin->hasNetwork()) {`
		178	`$response = $event->getResponse();`
		179	`$this->sendResponse($response, ['success' => false, 'data' => '401 Unauthorized - Private network - not found', 'fatal' => true]);`
		180	`exit;`
		181	`}`
		182
		183	`if($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
		184	`$response = $event->getResponse();`
		185	`$this->sendResponse($response, ['success' => false, 'data' => '401 Unauthorized - Private network - inactive', 'fatal' => true]);`
		186	`exit;`
		187	`}`
		188
		189
23	efrain	190	`$this->authByOTP = false;`
1	efrain	191	`if($device_uuid && $password && $rand && $timestamp) {`
23	efrain	192	`$this->authByOTP = true;`
1	efrain	193
		194
		195	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		196	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
		197
		198	`$authService = new AuthenticationService();`
		199	`$result = $authService->authenticate($tokenAuthAdapter);`
		200	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
		201	`$response = $event->getResponse();`
		202
		203	`$this->sendResponse($response, ['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		204	`}`
		205
		206	`}`
23	efrain	207
		208	`$this->authByJWT = false;`
		209	`$headers = getallheaders();`
34	efrain	210
		211	`if(!empty($headers['authorization']) \|\| !empty($headers['Authorization'])) {`
23	efrain	212
34	efrain	213	`$token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);`
		214
		215
23	efrain	216	`if (substr($token, 0, 6 ) == 'Bearer') {`
		217	`$response = $event->getResponse();`
		218
		219	`$token = trim(substr($token, 7));`
		220
		221	`if(!empty($this->config['leaderslinked.jwt.key'])) {`
		222	`$key = $this->config['leaderslinked.jwt.key'];`
		223
		224
		225	`try {`
		226	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
		227
		228
		229	`if(empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
		230	`$response = $event->getResponse();`
		231	`$this->sendResponse($response, ['success' => false, 'data' => 'Unauthorized - JWT - Wrong server', 'fatal' => true]);`
		232
		233	`}`
		234
		235	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
		236	`if($uuid) {`
		237	`$jwtTokenMapper = JwtTokenMapper::getInstance($adapter);`
		238	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
		239	`if($jwtToken) {`
		240
		241	`$_SESSION['aes'] = $jwtToken->aes;`
		242
		243	`if($jwtToken->user_id) {`
		244	`$authByUserId = new AuthUserIdAdapter($adapter);`
		245	`$authByUserId->setData($jwtToken->user_id);`
		246
		247	`$authService = new AuthenticationService();`
		248	`$result = $authService->authenticate($authByUserId);`
		249	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
		250	`$response = $event->getResponse();`
		251
		252	`$this->sendResponse($response, ['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		253	`}`
24	efrain	254
		255	`$this->authByJWT = true;`
23	efrain	256	`}`
		257
		258
		259	`} else {`
		260	`$response = $event->getResponse();`
		261	`$this->sendResponse($response, ['success' => false, 'data' => 'Unauthorized - JWT - Expired', 'fatal' => true]);`
		262	`}`
		263
		264	`}`
		265	`} catch(\Exception $e) {`
		266	`$response = $event->getResponse();`
		267	`$this->sendResponse($response, ['success' => false, 'data' => 'Unauthorized - JWT - Wrong key', 'fatal' => true]);`
		268	`}`
		269	`}`
		270	`}`
		271	`}`
1	efrain	272
		273
		274
		275	`if(empty($_SERVER['REDIRECT_URL'])) {`
		276	`if(empty($_SERVER['REQUEST_URI'])) {`
		277	`$routeName = '';`
		278
		279	`} else {`
		280	`$routeName = $_SERVER['REQUEST_URI'];`
		281	`}`
		282
		283	`} else {`
		284	`$routeName = $_SERVER['REDIRECT_URL'];`
		285
		286	`}`
		287
		288
		289	`$routeName = strtolower(trim($routeName));`
		290	`if(strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
		291	`$routeName = substr($routeName, 1);`
		292	`}`
		293
		294	`$this->currentUserPlugin = new CurrentUserPlugin($adapter);`
		295
		296
23	efrain	297	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	298	`$checkUserForNetwork = false;`
		299	`} else {`
		300	`if($this->currentUserPlugin->hasIdentity()) {`
		301
		302	`$checkUserForNetwork = true;`
		303	`} else {`
		304	`$checkUserForNetwork = false;`
		305	`}`
		306	`}`
		307
		308	`if($checkUserForNetwork) {`
		309	`if(!$routeName \|\| in_array($routeName, ['signout', 'signin', 'home'])) {`
		310	`$checkUserForNetwork = false;`
		311	`}`
		312	`}`
		313
		314	`if($checkUserForNetwork) {`
		315
		316
		317
		318	`if($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
		319	`$response = $event->getResponse();`
		320	`$this->sendResponse($response, ['success' => false, 'data' => '401 Unauthorized - The user is not part of this private network', 'fatal' => true]);`
		321	`exit;`
		322	`}`
		323	`}`
		324
		325
		326
		327	`$this->initAcl($event);`
		328	`$eventManager = $event->getApplication()->getEventManager();`
		329	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this,'onDispatchError'], 0);`
		330	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this,'onRenderError'], 0);`
		331
		332	`$sharedManager = $eventManager->getSharedManager();`
		333	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPreDispatch'], 100);`
		334	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPosDispatch'], -100);`
		335	`}`
		336
		337	`public function initAcl(MvcEvent $event)`
		338	`{`
		339
		340	`$serviceManager = $event->getApplication()->getServiceManager();`
		341	`$adapter = $serviceManager->get('leaders-linked-db');`
		342
		343
		344	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		345
		346
		347	`$this->acl = new Acl();`
		348	`$resources = getAclResources();`
		349
		350	`foreach($resources as $resourceName)`
		351	`{`
		352	`$this->acl->addResource(new GenericResource($resourceName));`
		353	`}`
		354
		355	`$usertypes = getAclUsertype();`
		356	`foreach($usertypes as $usertype => $resources)`
		357	`{`
		358	`$this->acl->addRole(new GenericRole($usertype));`
		359	`foreach ($resources as $resourceName)`
		360	`{`
		361	`$this->acl->allow($usertype, $resourceName);`
		362	`}`
		363	`}`
		364
		365
		366
		367	`if($this->currentUserPlugin->hasIdentity() && $this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		368
		369	`$resources = getAclSuperAdmin();`
		370	`foreach($resources as $resourceName)`
		371	`{`
		372	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		373	`}`
		374	`}`
		375
		376
		377
		378	`$allowMyCoach = false;`
		379	`$allowKnowledgeArea = false;`
		380	`$allowDailyPulse = false;`
		381
		382
		383
		384	`$companyMapper = CompanyMapper::getInstance($adapter);`
		385	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
		386
		387
		388	`if($company) {`
		389
		390	`$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);`
		391	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);`
		392
		393
		394	`$companyUserMapper = CompanyUserMapper::getInstance($adapter);`
		395	`$companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id, $this->currentUserPlugin->getUserId());`
		396
		397
		398
		399
		400	`if($companyService) {`
		401
		402	`$dailyPulseMapper = DailyPulseMapper::getInstance($adapter);`
		403	`$dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);`
		404
		405	`if($dailyPulse) {`
		406	`$privacy = $dailyPulse->privacy;`
		407
		408	`} else {`
		409	`$privacy = DailyPulse::PRIVACY_COMPANY;`
		410	`}`
		411
		412	`if($privacy == DailyPulse::PRIVACY_PUBLIC) {`
		413	`$allowDailyPulse = true;`
		414	`} else {`
		415	`$allowDailyPulse = !empty($companyUser);`
		416	`}`
		417
		418
		419	`}`
		420
		421	`$job_description_ids = [];`
		422
		423	`$organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);`
		424	`$records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id, $this->currentUserPlugin->getUserId());`
		425	`foreach($records as $record)`
		426	`{`
		427	`array_push($job_description_ids, $record->job_description_id);`
		428	`}`
		429
		430
		431	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);`
		432	`if($companyService) {`
		433	`if($job_description_ids) {`
		434
		435
		436	`$knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);`
		437	`$records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		438
		439	`if(!empty($records)) {`
		440	`$allowKnowledgeArea = true;`
		441	`}`
		442
		443	`}`
		444
		445	`if($companyUser && !$allowKnowledgeArea) {`
		446	`$knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);`
		447	`$records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		448	`if(!empty($records)) {`
		449	`$allowKnowledgeArea = true;`
		450	`}`
		451	`}`
		452	`}`
		453
		454	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);`
		455	`if($companyService) {`
		456
		457
		458	`if($job_description_ids) {`
		459
		460
		461	`$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);`
		462	`$records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		463
		464	`if(!empty($records)) {`
		465	`$allowKnowledgeArea = true;`
		466	`}`
		467
		468	`}`
		469
		470	`if($companyUser && !$allowMyCoach) {`
		471	`$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);`
		472	`$records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		473	`if(!empty($records)) {`
		474	`$allowMyCoach = true;`
		475	`}`
		476
		477
		478	`}`
		479	`}`
		480
		481	`} else {`
		482	`$companyUser = '';`
		483	`}`
		484
		485
		486	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		487	`if($allowDailyPulse) {`
		488	`$resources = getAclDailyPulse();`
		489	`foreach($resources as $resourceName)`
		490	`{`
		491	`$this->acl->allow($usertype, $resourceName);`
		492	`}`
		493	`}`
		494
		495	`if($allowKnowledgeArea) {`
		496	`$resources = getAclKnowledgeArea();`
		497	`foreach($resources as $resourceName)`
		498	`{`
		499	`$this->acl->allow($usertype, $resourceName);`
		500	`}`
		501	`}`
		502
		503	`if($allowMyCoach) {`
		504	`$resources = getAclMyCoach();`
		505
		506
		507
		508	`foreach($resources as $resourceName)`
		509	`{`
		510	`$this->acl->allow($usertype, $resourceName);`
		511	`}`
		512
		513	`}`
		514
		515
		516
		517	`if($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		518
		519	`$usertypes = getAclUsertypeDefaultNetwork();`
		520	`foreach($usertypes as $usertype => $resources)`
		521	`{`
		522
		523
		524
		525	`foreach ($resources as $resourceName)`
		526	`{`
		527	`$this->acl->allow($usertype, $resourceName);`
		528	`}`
		529	`}`
		530
		531
		532	`} else {`
		533
		534	`if($this->currentUserPlugin->hasIdentity()) {`
		535
		536
		537	`if($company) {`
		538
		539
		540	`if($companyUser) {`
		541	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		542
		543	`if($companyUser->creator == CompanyUser::CREATOR_YES) {`
		544
		545	`$resources = getAclUsertypeOtherNetworkCreator();`
		546	`foreach($resources as $resourceName)`
		547	`{`
		548	`$this->acl->allow($usertype, $resourceName);`
		549	`}`
		550
		551	`}`
		552	`if($companyUser->creator == CompanyUser::CREATOR_NO) {`
		553	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		554	`foreach($resources as $resourceName)`
		555	`{`
		556	`$this->acl->allow($usertype, $resourceName);`
		557	`}`
		558	`}`
		559	`}`
		560	`}`
		561	`}`
		562	`}`
		563
		564
		565	`$event->getViewModel()->setVariable('acl', $this->acl);`
		566
		567	`}`
		568
		569	`public function onDispatchError(MvcEvent $event)`
		570	`{`
		571	`$this->processError($event);`
		572	`}`
		573
		574	`public function onRenderError(MvcEvent $event)`
		575	`{`
		576	`$this->processError($event);`
		577	`}`
		578
		579	`public function sendResponse(\Laminas\Http\Response $response, $data)`
		580	`{`
		581	`$headers = $response->getHeaders();`
		582	`$headers->clearHeaders();`
		583	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		584
		585	`$response->setStatusCode(200);`
		586	`$response->setContent(json_encode($data));`
		587	`$response->send();`
		588	`exit;`
		589	`}`
		590
		591	`public function processError(MvcEvent $event)`
		592	`{`
		593	`$error = $event->getError();`
		594	`if (!$error) {`
		595	`return;`
		596	`}`
		597
		598	`$response = $event->getResponse();`
		599	`if('error-exception' == $error) {`
		600	`$exception = $event->getParam('exception');`
		601	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		602	`error_log($exception->getTraceAsString());`
		603
		604	`$response = $event->getResponse();`
		605	`$headers = $response->getHeaders();`
		606	`$headers->clearHeaders();`
		607	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		608
		609	`$response->setStatusCode(500);`
		610	`$response->setContent(json_encode(['success' => false, 'data' => $exception->getCode() . ' ' . $exception->getMessage(), 'fatal' => true]));`
		611	`$response->send();`
		612
		613	`} else if('error-router-no-match' == $error) {`
		614	`$response = $event->getResponse();`
		615	`$headers = $response->getHeaders();`
		616	`$headers->clearHeaders();`
		617	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		618
		619	`$response->setStatusCode(404);`
		620	`$response->setContent(json_encode(['success' => false, 'data' => 'error-router-no-match', 'fatal' => true]));`
		621	`$response->send();`
		622
		623
		624	`} else if(' error-controller-not-found' == $error) {`
		625	`$response = $event->getResponse();`
		626	`$headers = $response->getHeaders();`
		627	`$headers->clearHeaders();`
		628	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		629
		630	`$response->setStatusCode(404);`
		631	`$response->setContent(json_encode(['success' => false, 'data' => 'error-controller-not-found', 'fatal' => true]));`
		632	`$response->send();`
		633	`} else {`
		634
		635	`$response = $event->getResponse();`
		636	`$headers = $response->getHeaders();`
		637	`$headers->clearHeaders();`
		638	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		639
		640	`$response->setStatusCode(500);`
		641	`$response->setContent(json_encode(['success' => false, 'data' => $error, 'fatal' => true]));`
		642	`$response->send();`
		643
		644	`}`
		645
		646	`exit;`
		647
		648	`//$this->initAcl($event);`
		649	`//$this->authPreDispatch($event);`
		650	`}`
		651
		652
		653	`public function authPreDispatch(MvcEvent $event)`
		654	`{`
		655
		656
		657
		658
		659	`$serviceManager = $event->getApplication()->getServiceManager();`
		660	`$adapter = $serviceManager->get('leaders-linked-db');`
		661
		662	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		663
		664
		665	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
		666
		667	`if($requestMethod == 'POST' \|\| $requestMethod == 'PUT' \|\| $requestMethod == 'DELETE') {`
		668
		669
23	efrain	670	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	671	`$exclude = true;`
		672	`} else {`
		673	`$exclude = false;`
		674
		675	`$usertypes = getAclUsertype();`
		676
		677
		678	`foreach($usertypes[UserType::GUEST] as $resourceName)`
		679	`{`
		680	`if($routeName == $resourceName) {`
		681	`$exclude = true;`
		682	`break;`
		683	`}`
		684	`}`
		685	`}`
		686
17	efrain	687	`//$exclude = true;`
1	efrain	688
		689	`if(!$exclude) {`
		690	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
		691	`$sessionToken = isset($_SESSION['token']) ? $_SESSION['token'] : uniqid();`
		692
		693	`unset($_SESSION['token']);`
		694	`if ( $httpToken != $sessionToken) {`
		695	`$response = $event->getResponse();`
		696	`$headers = $response->getHeaders();`
		697	`$headers->clearHeaders();`
		698	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		699
		700	`$response->setStatusCode(401);`
		701	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));`
		702	`$response->send();`
		703	`exit;`
		704	`}`
		705
		706	`}`
		707	`}`
		708
		709
		710
		711	`if($this->currentUserPlugin->hasIdentity()) {`
		712	`$user = $this->currentUserPlugin->getUser();`
		713	`$userTypeId = $user->usertype_id;`
		714
		715
		716	`} else {`
		717
		718	`$userTypeId = UserType::GUEST;`
		719	`}`
		720
		721
		722	`if($this->acl->isAllowed($userTypeId, $routeName)) {`
		723	`$user = $this->currentUserPlugin->getUser();`
		724
		725
		726	`if($user) {`
		727
		728	`$updateLastActivity = true;`
		729	`if ('chat' == substr($routeName, 0, 4)) {`
		730	`$updateLastActivity = false;`
		731	`}`
		732	`if ('inmail' == substr($routeName, 0, 6)) {`
		733	`$updateLastActivity = false;`
		734	`}`
		735	`if ('check-session' == $routeName) {`
		736	`$updateLastActivity = false;`
		737	`}`
		738
		739
		740	`if($updateLastActivity) {`
		741	`$userMapper = UserMapper::getInstance($adapter);`
		742	`$userMapper->updateLastActivity($user->id);`
		743	`}`
		744	`}`
		745
		746
		747
		748	`} else {`
		749	`$response = $event->getResponse();`
		750	`$headers = $response->getHeaders();`
		751	`$headers->clearHeaders();`
		752	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		753
		754	`$response->setStatusCode(401);`
		755	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));`
		756	`$response->send();`
		757	`exit;`
		758
		759
		760
		761	`}`
		762
		763
		764	`}`
		765
		766
		767	`public function authPosDispatch(MvcEvent $event)`
		768	`{`
		769
		770	`}`
		771
		772
		773
		774
		775	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Module.php – Rev 34