WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
		2	`declare(strict_types=1);`
		3
		4	`namespace LeadersLinked;`
		5
		6	`use Laminas\Db\Adapter\AdapterInterface;`
		7	`use Laminas\ModuleManager\ModuleEvent;`
		8	`use Laminas\ModuleManager\ModuleManager;`
		9	`use Laminas\Mvc\MvcEvent;`
		10	`use Laminas\Config\Reader\Ini;`
		11	`use Laminas\Permissions\Acl\Acl;`
		12	`use Laminas\Permissions\Acl\Role\GenericRole;`
		13	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		14	`use LeadersLinked\Mapper\UserMapper;`
		15	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		16	`use Laminas\Authentication\AuthenticationService;`
		17	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		18	`use LeadersLinked\Model\UserType;`
		19	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		20	`use LeadersLinked\Model\Network;`
		21	`use LeadersLinked\Model\User;`
		22	`use LeadersLinked\Mapper\CompanyUserMapper;`
		23	`use LeadersLinked\Model\CompanyUser;`
		24	`use LeadersLinked\Mapper\CompanyMapper;`
		25	`use LeadersLinked\Mapper\CompanyServiceMapper;`
		26	`use LeadersLinked\Model\Service;`
		27
		28	`use LeadersLinked\Library\Functions;`
		29	`use LeadersLinked\Mapper\DailyPulseMapper;`
		30	`use LeadersLinked\Model\DailyPulse;`
		31	`use LeadersLinked\Mapper\OrganizationPositionMapper;`
		32	`use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;`
		33	`use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;`
		34	`use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;`
		35	`use LeadersLinked\Mapper\MyCoachCategoryUserMapper;`
23	efrain	36	`use Firebase\JWT\JWT;`
		37	`use Firebase\JWT\Key;`
		38	`use LeadersLinked\Mapper\JwtTokenMapper;`
		39	`use LeadersLinked\Authentication\AuthUserIdAdapter;`
1	efrain	40
		41	`class Module`
		42	`{`
		43	`/**`
		44	`*`
		45	`* @var Acl`
		46	`*/`
		47	`private $acl;`
		48
		49	`/**`
		50	`*`
		51	`* @var AdapterInterface`
		52	`*/`
		53	`private $adapter;`
		54
		55	`/**`
		56	`*`
		57	`* @var CurrentUserPlugin`
		58	`*/`
		59	`private $currentUserPlugin;`
		60
		61	`/**`
		62	`*`
		63	`* @var CurrentNetworkPlugin`
		64	`*/`
		65	`private $currentNetworkPlugin;`
		66
		67	`/**`
		68	`*`
		69	`* @var array`
		70	`*/`
		71	`private $routesAuthorized = [];`
		72
		73	`/**`
		74	`*`
		75	`* @var boolean`
		76	`*/`
23	efrain	77	`private $authByOTP = false;`
1	efrain	78
23	efrain	79	`/**`
		80	`*`
		81	`* @var boolean`
		82	`*/`
		83	`private $authByJWT = false;`
1	efrain	84
23	efrain	85
1	efrain	86	`/**`
		87	`*`
		88	`* @var array`
		89	`*/`
		90	`private $config;`
		91
		92
		93
		94	`public function init(ModuleManager $moduleManager)`
		95	`{`
		96	`$events = $moduleManager->getEventManager();`
		97	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array($this, 'onMergeConfig'));`
		98	`}`
		99
		100	`public function onMergeConfig(ModuleEvent $event)`
		101	`{`
		102	`$configListener = $event->getConfigListener();`
		103	`$this->config = $configListener->getMergedConfig(false);`
		104
		105	`$reader = new Ini();`
		106	`$data = $reader->fromFile('config/leaderslinked.ini');`
		107
		108	`$prefix = 'leaderslinked';`
		109	`foreach($data as $section => $pairs)`
		110	`{`
		111	`foreach($pairs as $key => $value)`
		112	`{`
		113	`$this->config[$prefix . '.' . $section . '.' . $key] = $value;`
		114	`}`
		115	`}`
		116	`$configListener->setMergedConfig($this->config);`
		117	`}`
		118
		119
		120	`public function getConfig() : array`
		121	`{`
		122	`return include __DIR__ . '/../config/module.config.php';`
		123	`}`
		124
		125	`public function onBootstrap(MvcEvent $event)`
		126	`{`
68	efrain	127	`$serviceManager = $event->getApplication()->getServiceManager();`
55	efrain	128
		129
68	efrain	130	`$eventManager = $event->getApplication()->getEventManager();`
		131	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this,'onDispatchError'], 0);`
		132	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this,'onRenderError'], 0);`
		133
		134
72	efrain	135	`//$corsRequestListener = $serviceManager->get('corsRequestListener');`
		136	`//$corsRequestListener->attach($eventManager);`
68	efrain	137
		138
1	efrain	139	`$adapter = $serviceManager->get('leaders-linked-db');`
		140	`// $logger = $serviceManager->get('Zend\Log\Logger');`
		141
		142
		143	`$session = $serviceManager->get('leaders-linked-session');`
		144	`$session->start();`
		145
		146
		147	`$translator = $serviceManager->get('MvcTranslator');`
		148	`$translator->addTranslationFile(`
		149	`'phpArray',`
		150	`__DIR__ . '/i18n/validate.php',`
		151	`'default'`
		152	`);`
		153
		154	`$translator->addTranslationFile(`
		155	`'phpArray',`
		156	`__DIR__ . '/i18n/spanish.php',`
		157	`'default'`
		158	`);`
		159
		160	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
		161
		162
		163	`$headers = $event->getRequest()->getHeaders();`
		164	`if($headers->has('token')) {`
		165	`$device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());`
		166	`} else {`
		167	`$device_uuid = '';`
		168	`}`
		169	`if($headers->has('secret')) {`
		170	`$password = Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());`
		171	`} else {`
		172	`$password = '';`
		173	`}`
		174	`if($headers->has('rand')) {`
		175	`$rand = Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());`
		176	`} else {`
		177	`$rand = 0;`
		178	`}`
		179	`if($headers->has('created')) {`
		180	`$timestamp = Functions::sanitizeFilterString($headers->get('created')->getFieldValue());`
		181	`} else {`
		182	`$timestamp = 0;`
		183	`}`
		184
		185
4	efrain	186
1	efrain	187	`$this->currentNetworkPlugin = new CurrentNetworkPlugin($adapter);`
		188	`if(!$this->currentNetworkPlugin->hasNetwork()) {`
43	efrain	189
1	efrain	190	`$response = $event->getResponse();`
45	efrain	191	`$code = 200;`
		192	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - not found', 'fatal' => true]);`
43	efrain	193	`$this->sendResponse($response, $code, $content);`
		194
1	efrain	195	`}`
		196
		197	`if($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
43	efrain	198
1	efrain	199	`$response = $event->getResponse();`
45	efrain	200	`$code = 200;`
		201	`$content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - inactive', 'fatal' => true]);`
43	efrain	202	`$this->sendResponse($response, $code, $content);`
		203
1	efrain	204	`}`
		205
		206
23	efrain	207	`$this->authByOTP = false;`
1	efrain	208	`if($device_uuid && $password && $rand && $timestamp) {`
23	efrain	209	`$this->authByOTP = true;`
1	efrain	210
		211
		212	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		213	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
		214
		215	`$authService = new AuthenticationService();`
		216	`$result = $authService->authenticate($tokenAuthAdapter);`
		217	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	218
1	efrain	219	`$response = $event->getResponse();`
43	efrain	220	`$code = 200;`
		221	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		222	`$this->sendResponse($response, $code, $content);`
		223
1	efrain	224	`}`
		225
		226	`}`
23	efrain	227
		228	`$this->authByJWT = false;`
		229	`$headers = getallheaders();`
34	efrain	230
		231	`if(!empty($headers['authorization']) \|\| !empty($headers['Authorization'])) {`
23	efrain	232
34	efrain	233	`$token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);`
		234
		235
23	efrain	236	`if (substr($token, 0, 6 ) == 'Bearer') {`
43	efrain	237
23	efrain	238
		239	`$token = trim(substr($token, 7));`
		240
		241	`if(!empty($this->config['leaderslinked.jwt.key'])) {`
		242	`$key = $this->config['leaderslinked.jwt.key'];`
		243
		244
		245	`try {`
		246	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
		247
		248
		249	`if(empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
43	efrain	250
23	efrain	251	`$response = $event->getResponse();`
45	efrain	252	`$code = 200;`
43	efrain	253	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong server', 'fatal' => true]);`
		254	`$this->sendResponse($response, $code, $content);`
23	efrain	255
43	efrain	256
		257
23	efrain	258	`}`
		259
		260	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
		261	`if($uuid) {`
		262	`$jwtTokenMapper = JwtTokenMapper::getInstance($adapter);`
		263	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
		264	`if($jwtToken) {`
		265
		266	`$_SESSION['aes'] = $jwtToken->aes;`
		267
		268	`if($jwtToken->user_id) {`
		269	`$authByUserId = new AuthUserIdAdapter($adapter);`
		270	`$authByUserId->setData($jwtToken->user_id);`
		271
		272	`$authService = new AuthenticationService();`
		273	`$result = $authService->authenticate($authByUserId);`
		274	`if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
43	efrain	275
23	efrain	276	`$response = $event->getResponse();`
45	efrain	277	`$code = 200;`
43	efrain	278	`$content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);`
		279	`$this->sendResponse($response, $code, $content);`
23	efrain	280
		281	`}`
24	efrain	282
		283	`$this->authByJWT = true;`
23	efrain	284	`}`
		285
		286
		287	`} else {`
		288	`$response = $event->getResponse();`
45	efrain	289	`$code = 200;`
43	efrain	290	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Expired', 'fatal' => true]);`
		291	`$this->sendResponse($response, $code, $content);`
		292
23	efrain	293	`}`
		294
		295	`}`
		296	`} catch(\Exception $e) {`
43	efrain	297
23	efrain	298	`$response = $event->getResponse();`
45	efrain	299	`$code = 200;`
43	efrain	300	`$content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong key', 'fatal' => true]);`
		301	`$this->sendResponse($response, $code, $content);`
		302
23	efrain	303	`}`
		304	`}`
		305	`}`
		306	`}`
1	efrain	307
		308
		309
		310	`if(empty($_SERVER['REDIRECT_URL'])) {`
		311	`if(empty($_SERVER['REQUEST_URI'])) {`
		312	`$routeName = '';`
		313
		314	`} else {`
		315	`$routeName = $_SERVER['REQUEST_URI'];`
		316	`}`
		317
		318	`} else {`
		319	`$routeName = $_SERVER['REDIRECT_URL'];`
		320
		321	`}`
		322
		323
		324	`$routeName = strtolower(trim($routeName));`
		325	`if(strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
		326	`$routeName = substr($routeName, 1);`
		327	`}`
		328
		329	`$this->currentUserPlugin = new CurrentUserPlugin($adapter);`
		330
		331
23	efrain	332	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	333	`$checkUserForNetwork = false;`
		334	`} else {`
		335	`if($this->currentUserPlugin->hasIdentity()) {`
		336
		337	`$checkUserForNetwork = true;`
		338	`} else {`
		339	`$checkUserForNetwork = false;`
		340	`}`
		341	`}`
		342
		343	`if($checkUserForNetwork) {`
		344	`if(!$routeName \|\| in_array($routeName, ['signout', 'signin', 'home'])) {`
		345	`$checkUserForNetwork = false;`
		346	`}`
		347	`}`
		348
		349	`if($checkUserForNetwork) {`
		350
		351
		352
		353	`if($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
		354	`$response = $event->getResponse();`
45	efrain	355	`$this->sendResponse($response, ['success' => false, 'data' => '200 Unauthorized - The user is not part of this private network', 'fatal' => true]);`
1	efrain	356	`exit;`
		357	`}`
		358	`}`
		359
		360
		361
		362	`$this->initAcl($event);`
68	efrain	363
1	efrain	364
		365	`$sharedManager = $eventManager->getSharedManager();`
		366	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPreDispatch'], 100);`
		367	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPosDispatch'], -100);`
		368	`}`
		369
		370	`public function initAcl(MvcEvent $event)`
		371	`{`
		372
		373	`$serviceManager = $event->getApplication()->getServiceManager();`
		374	`$adapter = $serviceManager->get('leaders-linked-db');`
		375
		376
		377	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		378
		379
		380	`$this->acl = new Acl();`
		381	`$resources = getAclResources();`
		382
		383	`foreach($resources as $resourceName)`
		384	`{`
		385	`$this->acl->addResource(new GenericResource($resourceName));`
		386	`}`
		387
		388	`$usertypes = getAclUsertype();`
		389	`foreach($usertypes as $usertype => $resources)`
		390	`{`
		391	`$this->acl->addRole(new GenericRole($usertype));`
		392	`foreach ($resources as $resourceName)`
		393	`{`
		394	`$this->acl->allow($usertype, $resourceName);`
		395	`}`
		396	`}`
		397
		398
		399
		400	`if($this->currentUserPlugin->hasIdentity() && $this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		401
		402	`$resources = getAclSuperAdmin();`
		403	`foreach($resources as $resourceName)`
		404	`{`
		405	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		406	`}`
		407	`}`
		408
		409
		410
		411	`$allowMyCoach = false;`
		412	`$allowKnowledgeArea = false;`
		413	`$allowDailyPulse = false;`
		414
		415
		416
		417	`$companyMapper = CompanyMapper::getInstance($adapter);`
		418	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
		419
		420
		421	`if($company) {`
		422
		423	`$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);`
		424	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);`
		425
		426
		427	`$companyUserMapper = CompanyUserMapper::getInstance($adapter);`
		428	`$companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id, $this->currentUserPlugin->getUserId());`
		429
		430
		431
		432
		433	`if($companyService) {`
		434
		435	`$dailyPulseMapper = DailyPulseMapper::getInstance($adapter);`
		436	`$dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);`
		437
		438	`if($dailyPulse) {`
		439	`$privacy = $dailyPulse->privacy;`
		440
		441	`} else {`
		442	`$privacy = DailyPulse::PRIVACY_COMPANY;`
		443	`}`
		444
		445	`if($privacy == DailyPulse::PRIVACY_PUBLIC) {`
		446	`$allowDailyPulse = true;`
		447	`} else {`
		448	`$allowDailyPulse = !empty($companyUser);`
		449	`}`
		450
		451
		452	`}`
		453
		454	`$job_description_ids = [];`
		455
		456	`$organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);`
		457	`$records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id, $this->currentUserPlugin->getUserId());`
		458	`foreach($records as $record)`
		459	`{`
		460	`array_push($job_description_ids, $record->job_description_id);`
		461	`}`
		462
		463
		464	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);`
		465	`if($companyService) {`
		466	`if($job_description_ids) {`
		467
		468
		469	`$knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);`
		470	`$records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		471
		472	`if(!empty($records)) {`
		473	`$allowKnowledgeArea = true;`
		474	`}`
		475
		476	`}`
		477
		478	`if($companyUser && !$allowKnowledgeArea) {`
		479	`$knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);`
		480	`$records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		481	`if(!empty($records)) {`
		482	`$allowKnowledgeArea = true;`
		483	`}`
		484	`}`
		485	`}`
		486
		487	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);`
		488	`if($companyService) {`
		489
		490
		491	`if($job_description_ids) {`
		492
		493
		494	`$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);`
		495	`$records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
		496
		497	`if(!empty($records)) {`
		498	`$allowKnowledgeArea = true;`
		499	`}`
		500
		501	`}`
		502
		503	`if($companyUser && !$allowMyCoach) {`
		504	`$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);`
		505	`$records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
		506	`if(!empty($records)) {`
		507	`$allowMyCoach = true;`
		508	`}`
		509
		510
		511	`}`
		512	`}`
		513
		514	`} else {`
		515	`$companyUser = '';`
		516	`}`
		517
		518
		519	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		520	`if($allowDailyPulse) {`
		521	`$resources = getAclDailyPulse();`
		522	`foreach($resources as $resourceName)`
		523	`{`
		524	`$this->acl->allow($usertype, $resourceName);`
		525	`}`
		526	`}`
		527
		528	`if($allowKnowledgeArea) {`
		529	`$resources = getAclKnowledgeArea();`
		530	`foreach($resources as $resourceName)`
		531	`{`
		532	`$this->acl->allow($usertype, $resourceName);`
		533	`}`
		534	`}`
		535
		536	`if($allowMyCoach) {`
		537	`$resources = getAclMyCoach();`
		538
		539
		540
		541	`foreach($resources as $resourceName)`
		542	`{`
		543	`$this->acl->allow($usertype, $resourceName);`
		544	`}`
		545
		546	`}`
		547
		548
		549
		550	`if($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		551
		552	`$usertypes = getAclUsertypeDefaultNetwork();`
		553	`foreach($usertypes as $usertype => $resources)`
		554	`{`
		555
		556
		557
		558	`foreach ($resources as $resourceName)`
		559	`{`
		560	`$this->acl->allow($usertype, $resourceName);`
		561	`}`
		562	`}`
		563
		564
		565	`} else {`
		566
		567	`if($this->currentUserPlugin->hasIdentity()) {`
		568
		569
		570	`if($company) {`
		571
		572
		573	`if($companyUser) {`
		574	`$usertype = $this->currentUserPlugin->getUserTypeId();`
		575
		576	`if($companyUser->creator == CompanyUser::CREATOR_YES) {`
		577
		578	`$resources = getAclUsertypeOtherNetworkCreator();`
		579	`foreach($resources as $resourceName)`
		580	`{`
		581	`$this->acl->allow($usertype, $resourceName);`
		582	`}`
		583
		584	`}`
		585	`if($companyUser->creator == CompanyUser::CREATOR_NO) {`
		586	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		587	`foreach($resources as $resourceName)`
		588	`{`
		589	`$this->acl->allow($usertype, $resourceName);`
		590	`}`
		591	`}`
		592	`}`
		593	`}`
		594	`}`
		595	`}`
		596
		597
		598	`$event->getViewModel()->setVariable('acl', $this->acl);`
		599
		600	`}`
		601
		602	`public function onDispatchError(MvcEvent $event)`
		603	`{`
		604	`$this->processError($event);`
		605	`}`
		606
		607	`public function onRenderError(MvcEvent $event)`
		608	`{`
		609	`$this->processError($event);`
		610	`}`
		611
43	efrain	612	`/**`
		613	`*`
		614	`* @param \Laminas\Http\Response $response`
		615	`* @param int $code`
		616	`* @param string $content`
		617	`*/`
		618	`public function sendResponse($response, $code, $content)`
1	efrain	619	`{`
44	efrain	620	`error_log($content);`
43	efrain	621
44	efrain	622
1	efrain	623	`$headers = $response->getHeaders();`
		624	`$headers->clearHeaders();`
		625	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		626
43	efrain	627	`Functions::addCrossSiteToResponse($response);`
		628
		629	`$response->setStatusCode($code);`
		630	`$response->setContent($content); //json_encode($data));`
1	efrain	631	`$response->send();`
		632	`exit;`
		633	`}`
		634
		635	`public function processError(MvcEvent $event)`
		636	`{`
		637	`$error = $event->getError();`
		638	`if (!$error) {`
		639	`return;`
		640	`}`
		641
		642	`$response = $event->getResponse();`
		643	`if('error-exception' == $error) {`
		644	`$exception = $event->getParam('exception');`
		645	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		646	`error_log($exception->getTraceAsString());`
43	efrain	647
1	efrain	648	`$response = $event->getResponse();`
45	efrain	649	`$code = 200;`
43	efrain	650	`$content = json_encode(['success' => false, 'data' => $exception->getCode() . ' ' . $exception->getMessage(), 'fatal' => true]);`
		651	`$this->sendResponse($response, $code, $content);`
1	efrain	652
		653	`} else if('error-router-no-match' == $error) {`
43	efrain	654
1	efrain	655	`$response = $event->getResponse();`
43	efrain	656	`$code = 404;`
		657	`$content = json_encode(['success' => false, 'data' => 'error-router-no-match', 'fatal' => true]);`
		658	`$this->sendResponse($response, $code, $content);`
1	efrain	659
		660
		661
		662	`} else if(' error-controller-not-found' == $error) {`
43	efrain	663
1	efrain	664	`$response = $event->getResponse();`
43	efrain	665	`$code = 404;`
		666	`$content = json_encode(['success' => false, 'data' => 'error-controller-not-found', 'fatal' => true]);`
		667	`$this->sendResponse($response, $code, $content);`
1	efrain	668
43	efrain	669
1	efrain	670	`} else {`
		671	`$response = $event->getResponse();`
45	efrain	672	`$code = 200;`
43	efrain	673	`$content = json_encode(['success' => false, 'data' => $error, 'fatal' => true]);`
		674	`$this->sendResponse($response, $code, $content);`
1	efrain	675
43	efrain	676
1	efrain	677	`}`
		678
		679	`exit;`
		680
		681	`}`
		682
		683
		684	`public function authPreDispatch(MvcEvent $event)`
		685	`{`
		686
		687
		688
		689
		690	`$serviceManager = $event->getApplication()->getServiceManager();`
		691	`$adapter = $serviceManager->get('leaders-linked-db');`
		692
		693	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		694
		695
		696	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
		697
		698	`if($requestMethod == 'POST' \|\| $requestMethod == 'PUT' \|\| $requestMethod == 'DELETE') {`
		699
		700
23	efrain	701	`if($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	702	`$exclude = true;`
		703	`} else {`
		704	`$exclude = false;`
		705
		706	`$usertypes = getAclUsertype();`
		707
		708
		709	`foreach($usertypes[UserType::GUEST] as $resourceName)`
		710	`{`
		711	`if($routeName == $resourceName) {`
		712	`$exclude = true;`
		713	`break;`
		714	`}`
		715	`}`
		716	`}`
		717
17	efrain	718	`//$exclude = true;`
1	efrain	719
		720	`if(!$exclude) {`
		721	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
		722	`$sessionToken = isset($_SESSION['token']) ? $_SESSION['token'] : uniqid();`
		723
		724	`unset($_SESSION['token']);`
		725	`if ( $httpToken != $sessionToken) {`
		726	`$response = $event->getResponse();`
		727	`$headers = $response->getHeaders();`
		728	`$headers->clearHeaders();`
		729	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
		730
45	efrain	731	`$response->setStatusCode(200);`
1	efrain	732	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));`
		733	`$response->send();`
		734	`exit;`
		735	`}`
		736
		737	`}`
		738	`}`
		739
		740
		741
		742	`if($this->currentUserPlugin->hasIdentity()) {`
		743	`$user = $this->currentUserPlugin->getUser();`
		744	`$userTypeId = $user->usertype_id;`
		745
		746
		747	`} else {`
		748
		749	`$userTypeId = UserType::GUEST;`
		750	`}`
		751
		752
		753	`if($this->acl->isAllowed($userTypeId, $routeName)) {`
		754	`$user = $this->currentUserPlugin->getUser();`
		755
		756
		757	`if($user) {`
		758
		759	`$updateLastActivity = true;`
		760	`if ('chat' == substr($routeName, 0, 4)) {`
		761	`$updateLastActivity = false;`
		762	`}`
		763	`if ('inmail' == substr($routeName, 0, 6)) {`
		764	`$updateLastActivity = false;`
		765	`}`
		766	`if ('check-session' == $routeName) {`
		767	`$updateLastActivity = false;`
		768	`}`
		769
		770
		771	`if($updateLastActivity) {`
		772	`$userMapper = UserMapper::getInstance($adapter);`
		773	`$userMapper->updateLastActivity($user->id);`
		774	`}`
		775	`}`
		776
		777
		778
		779	`} else {`
		780	`$response = $event->getResponse();`
54	efrain	781
45	efrain	782	`$response->setStatusCode(200);`
1	efrain	783	`$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));`
		784	`$response->send();`
		785	`exit;`
		786
		787
		788
		789	`}`
		790
		791
		792	`}`
		793
		794
		795	`public function authPosDispatch(MvcEvent $event)`
		796	`{`
54	efrain	797	`$response = $event->getResponse();`
		798	`Functions::addCrossSiteToResponse($response);`
1	efrain	799	`}`
		800
		801
		802
		803
		804	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Module.php – Rev 72