WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
345	www	2	`declare(strict_types = 1);`
1	efrain	3	`namespace LeadersLinked;`
		4
		5	`use Laminas\Db\Adapter\AdapterInterface;`
		6	`use Laminas\ModuleManager\ModuleEvent;`
		7	`use Laminas\ModuleManager\ModuleManager;`
		8	`use Laminas\Mvc\MvcEvent;`
		9	`use Laminas\Config\Reader\Ini;`
		10	`use Laminas\Permissions\Acl\Acl;`
		11	`use Laminas\Permissions\Acl\Role\GenericRole;`
		12	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		13	`use LeadersLinked\Mapper\UserMapper;`
		14	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		15	`use Laminas\Authentication\AuthenticationService;`
		16	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		17	`use LeadersLinked\Model\UserType;`
		18	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		19	`use LeadersLinked\Model\Network;`
		20	`use LeadersLinked\Model\User;`
		21	`use LeadersLinked\Mapper\CompanyUserMapper;`
		22	`use LeadersLinked\Model\CompanyUser;`
		23	`use LeadersLinked\Mapper\CompanyMapper;`
		24	`use LeadersLinked\Mapper\CompanyServiceMapper;`
		25	`use LeadersLinked\Model\Service;`
		26	`use LeadersLinked\Library\Functions;`
		27	`use LeadersLinked\Mapper\DailyPulseMapper;`
		28	`use LeadersLinked\Model\DailyPulse;`
		29	`use LeadersLinked\Mapper\OrganizationPositionMapper;`
		30	`use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;`
		31	`use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;`
		32	`use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;`
		33	`use LeadersLinked\Mapper\MyCoachCategoryUserMapper;`
23	efrain	34	`use Firebase\JWT\JWT;`
		35	`use Firebase\JWT\Key;`
		36	`use LeadersLinked\Mapper\JwtTokenMapper;`
		37	`use LeadersLinked\Authentication\AuthUserIdAdapter;`
95	efrain	38	`use LeadersLinked\Model\JwtToken;`
627	stevensc	39	`use LeadersLinked\Mapper\MicrolearningTopicUserMapper;`
154	efrain	40	`use Laminas\Http\Response;`
627	stevensc	41
345	www	42	`class Module`
1	efrain	43	`{`
		44	`/**`
345	www	45	`*`
1	efrain	46	`* @var Acl`
		47	`*/`
		48	`private $acl;`
345	www	49
1	efrain	50	`/**`
345	www	51	`*`
1	efrain	52	`* @var AdapterInterface`
		53	`*/`
		54	`private $adapter;`
345	www	55
1	efrain	56	`/**`
345	www	57	`*`
1	efrain	58	`* @var CurrentUserPlugin`
		59	`*/`
		60	`private $currentUserPlugin;`
345	www	61
1	efrain	62	`/**`
		63	`*`
		64	`* @var CurrentNetworkPlugin`
		65	`*/`
		66	`private $currentNetworkPlugin;`
345	www	67
1	efrain	68	`/**`
345	www	69	`*`
1	efrain	70	`* @var array`
		71	`*/`
		72	`private $routesAuthorized = [];`
345	www	73
1	efrain	74	`/**`
345	www	75	`*`
1	efrain	76	`* @var boolean`
		77	`*/`
23	efrain	78	`private $authByOTP = false;`
345	www	79
23	efrain	80	`/**`
		81	`*`
		82	`* @var boolean`
		83	`*/`
		84	`private $authByJWT = false;`
345	www	85
102	efrain	86	`/**`
		87	`*`
		88	`* @var int`
		89	`*/`
		90	`private $jwtID = 0;`
345	www	91
1	efrain	92	`/**`
345	www	93	`*`
95	efrain	94	`* @var JwtToken`
		95	`*/`
345	www	96	`private $jwtToken;`
		97
95	efrain	98	`/**`
345	www	99	`*`
1	efrain	100	`* @var array`
		101	`*/`
		102	`private $config;`
345	www	103
1	efrain	104	`public function init(ModuleManager $moduleManager)`
		105	`{`
		106	`$events = $moduleManager->getEventManager();`
345	www	107	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array(`
		108	`$this,`
		109	`'onMergeConfig'`
		110	`));`
1	efrain	111	`}`
345	www	112
1	efrain	113	`public function onMergeConfig(ModuleEvent $event)`
		114	`{`
		115	`$configListener = $event->getConfigListener();`
345	www	116	`$this->config = $configListener->getMergedConfig(false);`
		117
1	efrain	118	`$reader = new Ini();`
		119	`$data = $reader->fromFile('config/leaderslinked.ini');`
345	www	120
1	efrain	121	`$prefix = 'leaderslinked';`
345	www	122	`foreach ($data as $section => $pairs) {`
		123	`foreach ($pairs as $key => $value) {`
1	efrain	124	`$this->config[$prefix . '.' . $section . '.' . $key] = $value;`
		125	`}`
		126	`}`
		127	`$configListener->setMergedConfig($this->config);`
		128	`}`
345	www	129
		130	`public function getConfig(): array`
1	efrain	131	`{`
		132	`return include __DIR__ . '/../config/module.config.php';`
		133	`}`
		134
		135	`public function onBootstrap(MvcEvent $event)`
		136	`{`
283	www	137	`$timezone = $this->config['leaderslinked.runmode.timezone'];`
		138	`date_default_timezone_set($timezone);`
195	efrain	139
747	stevensc	140	`// Add CORS headers`
164	efrain	141	`header('Access-Control-Allow-Origin: *');`
		142	`header('Access-Control-Allow-Headers: *');`
		143	`header('Access-Control-Allow-Method: POST, GET, HEAD, OPTIONS');`
		144	`header('Access-Control-Max-Age: 86400');`
86	efrain	145
96	efrain	146	`$response = $event->getResponse();`
		147	`Functions::addCrossSiteToResponse($response);`
		148	`$event->setResponse($response);`
345	www	149
68	efrain	150	`$serviceManager = $event->getApplication()->getServiceManager();`
345	www	151
68	efrain	152	`$eventManager = $event->getApplication()->getEventManager();`
345	www	153	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [`
		154	`$this,`
		155	`'onDispatchError'`
		156	`], 0);`
		157	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [`
		158	`$this,`
		159	`'onRenderError'`
		160	`], 0);`
		161
1	efrain	162	`$adapter = $serviceManager->get('leaders-linked-db');`
345	www	163
283	www	164	`/*`
345	www	165	`* $session = $serviceManager->get('leaders-linked-session');`
		166	`* $session->start();`
		167	`* $session->regenerateId(true);`
		168	`*/`
1	efrain	169
		170	`$translator = $serviceManager->get('MvcTranslator');`
345	www	171	`$translator->addTranslationFile('phpArray', __DIR__ . '/i18n/validate.php', 'default');`
97	efrain	172
345	www	173	`$translator->addTranslationFile('phpArray', __DIR__ . '/i18n/spanish.php', 'default');`
		174
1	efrain	175	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
345	www	176
		177	`$headers = $event->getRequest()->getHeaders();`
		178	`if ($headers->has('token')) {`
1	efrain	179	`$device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());`
		180	`} else {`
		181	`$device_uuid = '';`
		182	`}`
345	www	183	`if ($headers->has('secret')) {`
		184	`$password = Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());`
1	efrain	185	`} else {`
		186	`$password = '';`
		187	`}`
345	www	188	`if ($headers->has('rand')) {`
		189	`$rand = Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());`
1	efrain	190	`} else {`
		191	`$rand = 0;`
		192	`}`
345	www	193	`if ($headers->has('created')) {`
		194	`$timestamp = Functions::sanitizeFilterString($headers->get('created')->getFieldValue());`
1	efrain	195	`} else {`
		196	`$timestamp = 0;`
		197	`}`
		198
283	www	199	`$this->currentNetworkPlugin = CurrentNetworkPlugin::getInstance($adapter);`
747	stevensc	200	`if (!$this->currentNetworkPlugin->hasNetwork()) {`
339	www	201	`$this->currentNetworkPlugin->fetchDefaultNetwork();`
		202	`}`
345	www	203
747	stevensc	204	`if (!$this->currentNetworkPlugin->hasNetwork()) {`
1	efrain	205	`$response = $event->getResponse();`
45	efrain	206	`$code = 200;`
345	www	207	`$content = json_encode([`
		208	`'success' => false,`
		209	`'data' => '200 Unauthorized - Private network - not found',`
		210	`'fatal' => true`
		211	`]);`
43	efrain	212	`$this->sendResponse($response, $code, $content);`
345	www	213	`}`
43	efrain	214
345	www	215	`if ($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
		216
1	efrain	217	`$response = $event->getResponse();`
45	efrain	218	`$code = 200;`
345	www	219	`$content = json_encode([`
		220	`'success' => false,`
		221	`'data' => '200 Unauthorized - Private network - inactive',`
		222	`'fatal' => true`
		223	`]);`
43	efrain	224	`$this->sendResponse($response, $code, $content);`
1	efrain	225	`}`
192	efrain	226
23	efrain	227	`$this->authByOTP = false;`
345	www	228	`if ($device_uuid && $password && $rand && $timestamp) {`
23	efrain	229	`$this->authByOTP = true;`
1	efrain	230
		231	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		232	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
345	www	233
1	efrain	234	`$authService = new AuthenticationService();`
		235	`$result = $authService->authenticate($tokenAuthAdapter);`
345	www	236	`if ($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
		237
1	efrain	238	`$response = $event->getResponse();`
43	efrain	239	`$code = 200;`
345	www	240	`$content = json_encode([`
		241	`'success' => false,`
		242	`'data' => $result->getMessages()[0],`
		243	`'fatal' => true`
		244	`]);`
43	efrain	245	`$this->sendResponse($response, $code, $content);`
1	efrain	246	`}`
		247	`}`
345	www	248
102	efrain	249	`$this->jwtID = 0;`
23	efrain	250	`$this->authByJWT = false;`
		251	`$headers = getallheaders();`
345	www	252
		253	`if (! empty($headers['authorization']) \|\| ! empty($headers['Authorization'])) {`
		254
34	efrain	255	`$token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);`
		256
345	www	257	`if (substr($token, 0, 6) == 'Bearer') {`
43	efrain	258
23	efrain	259	`$token = trim(substr($token, 7));`
345	www	260
		261	`if (! empty($this->config['leaderslinked.jwt.key'])) {`
23	efrain	262	`$key = $this->config['leaderslinked.jwt.key'];`
345	www	263
		264	`try {`
23	efrain	265	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
345	www	266	`if (empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
		267
23	efrain	268	`$response = $event->getResponse();`
45	efrain	269	`$code = 200;`
345	www	270	`$content = json_encode([`
		271	`'success' => false,`
		272	`'data' => 'Unauthorized - JWT - Wrong server',`
		273	`'fatal' => true`
		274	`]);`
43	efrain	275	`$this->sendResponse($response, $code, $content);`
345	www	276	`}`
43	efrain	277
23	efrain	278	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
345	www	279	`if ($uuid) {`
23	efrain	280	`$jwtTokenMapper = JwtTokenMapper::getInstance($adapter);`
100	efrain	281	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
345	www	282	`if ($jwtToken) {`
		283
102	efrain	284	`$this->jwtID = $jwtToken->id;`
345	www	285
100	efrain	286	`$_SESSION['aes'] = $jwtToken->aes;`
345	www	287
		288	`if ($jwtToken->user_id) {`
23	efrain	289	`$authByUserId = new AuthUserIdAdapter($adapter);`
100	efrain	290	`$authByUserId->setData($jwtToken->user_id);`
345	www	291
23	efrain	292	`$authService = new AuthenticationService();`
		293	`$result = $authService->authenticate($authByUserId);`
345	www	294	`if ($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
		295
23	efrain	296	`$response = $event->getResponse();`
45	efrain	297	`$code = 200;`
345	www	298	`$content = json_encode([`
		299	`'success' => false,`
		300	`'data' => $result->getMessages()[0],`
		301	`'fatal' => true`
		302	`]);`
43	efrain	303	`$this->sendResponse($response, $code, $content);`
23	efrain	304	`}`
		305	`}`
345	www	306	`}`
		307	`else {`
23	efrain	308	`$response = $event->getResponse();`
45	efrain	309	`$code = 200;`
345	www	310	`$content = json_encode([`
		311	`'success' => false,`
		312	`'data' => 'Unauthorized - JWT - Expired',`
		313	`'fatal' => true`
		314	`]);`
43	efrain	315	`$this->sendResponse($response, $code, $content);`
23	efrain	316	`}`
		317	`}`
345	www	318	`} catch (\Exception $e) {`
		319
23	efrain	320	`$response = $event->getResponse();`
45	efrain	321	`$code = 200;`
345	www	322	`$content = json_encode([`
		323	`'success' => false,`
		324	`'data' => 'Unauthorized - JWT - Wrong key',`
		325	`'fatal' => true`
		326	`]);`
43	efrain	327	`$this->sendResponse($response, $code, $content);`
23	efrain	328	`}`
		329	`}`
		330	`}`
		331	`}`
1	efrain	332
345	www	333	`if (empty($_SERVER['REDIRECT_URL'])) {`
		334	`if (empty($_SERVER['REQUEST_URI'])) {`
1	efrain	335	`$routeName = '';`
		336	`} else {`
		337	`$routeName = $_SERVER['REQUEST_URI'];`
		338	`}`
		339	`} else {`
		340	`$routeName = $_SERVER['REDIRECT_URL'];`
		341	`}`
		342
		343	`$routeName = strtolower(trim($routeName));`
345	www	344	`if (strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
1	efrain	345	`$routeName = substr($routeName, 1);`
		346	`}`
345	www	347
283	www	348	`$this->currentUserPlugin = CurrentUserPlugin::getInstance($adapter);`
345	www	349	`if ($this->currentUserPlugin->hasIdentity()) {`
		350
		351	`if (User::STATUS_BANNED == $this->currentUserPlugin->getUser()->status) {`
		352
192	efrain	353	`$code = 200;`
345	www	354	`$content = json_encode([`
		355	`'success' => false,`
		356	`'data' => '403 Forbidden - Banned',`
		357	`'fatal' => true`
		358	`]);`
192	efrain	359	`$this->sendResponse($response, $code, $content);`
		360	`}`
		361	`}`
345	www	362
		363	`if ($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	364	`$checkUserForNetwork = false;`
		365	`} else {`
345	www	366	`if ($this->currentUserPlugin->hasIdentity()) {`
		367
1	efrain	368	`$checkUserForNetwork = true;`
		369	`} else {`
		370	`$checkUserForNetwork = false;`
		371	`}`
		372	`}`
345	www	373
		374	`if ($checkUserForNetwork) {`
		375	`if (! $routeName \|\| in_array($routeName, [`
		376	`'signout',`
		377	`'signin',`
		378	`'home'`
		379	`])) {`
1	efrain	380	`$checkUserForNetwork = false;`
		381	`}`
		382	`}`
154	efrain	383
345	www	384	`if ($checkUserForNetwork) {`
		385
		386	`if ($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
		387
1	efrain	388	`$response = $event->getResponse();`
345	www	389	`$content = json_encode([`
		390	`'success' => false,`
		391	`'data' => '200 Unauthorized - The user is not part of this private network',`
		392	`'fatal' => true`
		393	`]);`
154	efrain	394	`$this->sendResponse($response, 200, $content);`
345	www	395	`exit();`
1	efrain	396	`}`
		397	`}`
345	www	398
1	efrain	399	`$this->initAcl($event);`
88	efrain	400
1	efrain	401	`$sharedManager = $eventManager->getSharedManager();`
345	www	402	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [`
		403	`$this,`
		404	`'authPreDispatch'`
		405	`], 100);`
		406	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [`
		407	`$this,`
		408	`'authPosDispatch'`
		409	`], - 100);`
1	efrain	410	`}`
345	www	411
1	efrain	412	`public function initAcl(MvcEvent $event)`
		413	`{`
		414	`$serviceManager = $event->getApplication()->getServiceManager();`
		415	`$adapter = $serviceManager->get('leaders-linked-db');`
345	www	416
		417	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		418
1	efrain	419	`$this->acl = new Acl();`
		420	`$resources = getAclResources();`
		421
345	www	422	`foreach ($resources as $resourceName) {`
1	efrain	423	`$this->acl->addResource(new GenericResource($resourceName));`
		424	`}`
345	www	425
1	efrain	426	`$usertypes = getAclUsertype();`
345	www	427	`foreach ($usertypes as $usertype => $resources) {`
1	efrain	428	`$this->acl->addRole(new GenericRole($usertype));`
345	www	429	`foreach ($resources as $resourceName) {`
1	efrain	430	`$this->acl->allow($usertype, $resourceName);`
		431	`}`
		432	`}`
		433
345	www	434	`if ($this->currentUserPlugin->hasIdentity()) {`
		435	`$user_id = $this->currentUserPlugin->getUserId();`
1	efrain	436
345	www	437	`if ($this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		438
		439	`$resources = getAclSuperAdmin();`
		440	`foreach ($resources as $resourceName) {`
167	efrain	441	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		442	`}`
1	efrain	443	`}`
167	efrain	444	`} else {`
		445	`$user_id = 0;`
1	efrain	446	`}`
345	www	447
1	efrain	448	`$allowMyCoach = false;`
		449	`$allowKnowledgeArea = false;`
		450	`$allowDailyPulse = false;`
345	www	451
		452	`if ($user_id) {`
167	efrain	453	`$allowMicrolearning = $this->isMicroLeargningAccessGranted($adapter, $user_id);`
302	www	454	`$allowHabit = $this->isHabitsAccessGranted($adapter, $user_id);`
167	efrain	455	`} else {`
		456	`$allowMicrolearning = false;`
345	www	457	`$allowHabit = false;`
167	efrain	458	`}`
		459
1	efrain	460	`$companyMapper = CompanyMapper::getInstance($adapter);`
		461	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
345	www	462
		463	`if ($company) {`
		464
1	efrain	465	`$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);`
		466	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);`
345	www	467
1	efrain	468	`$companyUserMapper = CompanyUserMapper::getInstance($adapter);`
345	www	469	`$companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id, $this->currentUserPlugin->getUserId());`
		470
		471	`if ($companyService) {`
		472
1	efrain	473	`$dailyPulseMapper = DailyPulseMapper::getInstance($adapter);`
		474	`$dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);`
345	www	475
		476	`if ($dailyPulse) {`
1	efrain	477	`$privacy = $dailyPulse->privacy;`
		478	`} else {`
		479	`$privacy = DailyPulse::PRIVACY_COMPANY;`
		480	`}`
345	www	481
		482	`if ($privacy == DailyPulse::PRIVACY_PUBLIC) {`
1	efrain	483	`$allowDailyPulse = true;`
		484	`} else {`
345	www	485	`$allowDailyPulse = ! empty($companyUser);`
1	efrain	486	`}`
		487	`}`
345	www	488
1	efrain	489	`$job_description_ids = [];`
345	www	490
1	efrain	491	`$organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);`
345	www	492	`$records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id, $this->currentUserPlugin->getUserId());`
		493	`foreach ($records as $record) {`
1	efrain	494	`array_push($job_description_ids, $record->job_description_id);`
		495	`}`
		496
		497	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);`
345	www	498	`if ($companyService) {`
		499	`if ($job_description_ids) {`
		500
1	efrain	501	`$knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);`
		502	`$records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
345	www	503
		504	`if (! empty($records)) {`
1	efrain	505	`$allowKnowledgeArea = true;`
		506	`}`
		507	`}`
345	www	508
		509	`if ($companyUser && ! $allowKnowledgeArea) {`
1	efrain	510	`$knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);`
		511	`$records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
345	www	512	`if (! empty($records)) {`
1	efrain	513	`$allowKnowledgeArea = true;`
		514	`}`
		515	`}`
		516	`}`
345	www	517
1	efrain	518	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);`
345	www	519	`if ($companyService) {`
		520
		521	`if ($job_description_ids) {`
		522
1	efrain	523	`$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);`
		524	`$records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
345	www	525
		526	`if (! empty($records)) {`
1	efrain	527	`$allowKnowledgeArea = true;`
		528	`}`
		529	`}`
345	www	530
		531	`if ($companyUser && ! $allowMyCoach) {`
1	efrain	532	`$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);`
		533	`$records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
345	www	534	`if (! empty($records)) {`
1	efrain	535	`$allowMyCoach = true;`
		536	`}`
		537	`}`
		538	`}`
		539	`} else {`
		540	`$companyUser = '';`
		541	`}`
345	www	542
1	efrain	543	`$usertype = $this->currentUserPlugin->getUserTypeId();`
345	www	544	`if ($allowDailyPulse) {`
1	efrain	545	`$resources = getAclDailyPulse();`
345	www	546	`foreach ($resources as $resourceName) {`
1	efrain	547	`$this->acl->allow($usertype, $resourceName);`
		548	`}`
		549	`}`
345	www	550
		551	`if ($allowMicrolearning) {`
167	efrain	552	`$resources = getAclMicrolearning();`
345	www	553	`foreach ($resources as $resourceName) {`
167	efrain	554	`$this->acl->allow($usertype, $resourceName);`
		555	`}`
		556	`}`
345	www	557
		558	`if ($allowHabit) {`
302	www	559	`$resources = getAclHabits();`
345	www	560	`foreach ($resources as $resourceName) {`
302	www	561	`$this->acl->allow($usertype, $resourceName);`
		562	`}`
		563	`}`
345	www	564
		565	`if ($allowKnowledgeArea) {`
1	efrain	566	`$resources = getAclKnowledgeArea();`
345	www	567	`foreach ($resources as $resourceName) {`
1	efrain	568	`$this->acl->allow($usertype, $resourceName);`
		569	`}`
		570	`}`
345	www	571
		572	`if ($allowMyCoach) {`
1	efrain	573	`$resources = getAclMyCoach();`
345	www	574
		575	`foreach ($resources as $resourceName) {`
1	efrain	576	`$this->acl->allow($usertype, $resourceName);`
		577	`}`
		578	`}`
345	www	579
		580	`if ($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		581
1	efrain	582	`$usertypes = getAclUsertypeDefaultNetwork();`
345	www	583	`foreach ($usertypes as $usertype => $resources) {`
1	efrain	584
345	www	585	`foreach ($resources as $resourceName) {`
1	efrain	586	`$this->acl->allow($usertype, $resourceName);`
		587	`}`
		588	`}`
		589	`} else {`
345	www	590
		591	`if ($this->currentUserPlugin->hasIdentity()) {`
		592
		593	`if ($company) {`
		594
		595	`if ($companyUser) {`
1	efrain	596	`$usertype = $this->currentUserPlugin->getUserTypeId();`
345	www	597
		598	`if ($companyUser->creator == CompanyUser::CREATOR_YES) {`
		599
		600	`$resources = getAclUsertypeOtherNetworkCreator();`
		601	`foreach ($resources as $resourceName) {`
1	efrain	602	`$this->acl->allow($usertype, $resourceName);`
		603	`}`
		604	`}`
345	www	605	`if ($companyUser->creator == CompanyUser::CREATOR_NO) {`
		606	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		607	`foreach ($resources as $resourceName) {`
1	efrain	608	`$this->acl->allow($usertype, $resourceName);`
		609	`}`
		610	`}`
		611	`}`
		612	`}`
		613	`}`
		614	`}`
345	www	615
1	efrain	616	`$event->getViewModel()->setVariable('acl', $this->acl);`
345	www	617	`}`
1	efrain	618
		619	`public function onDispatchError(MvcEvent $event)`
		620	`{`
		621	`$this->processError($event);`
		622	`}`
345	www	623
1	efrain	624	`public function onRenderError(MvcEvent $event)`
		625	`{`
		626	`$this->processError($event);`
		627	`}`
345	www	628
43	efrain	629	`/**`
345	www	630	`*`
43	efrain	631	`* @param \Laminas\Http\Response $response`
		632	`* @param int $code`
		633	`* @param string $content`
		634	`*/`
		635	`public function sendResponse($response, $code, $content)`
1	efrain	636	`{`
		637	`$headers = $response->getHeaders();`
		638	`$headers->clearHeaders();`
		639	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
345	www	640
43	efrain	641	`Functions::addCrossSiteToResponse($response);`
345	www	642
43	efrain	643	`$response->setStatusCode($code);`
345	www	644	`$response->setContent($content); // json_encode($data));`
1	efrain	645	`$response->send();`
345	www	646	`exit();`
1	efrain	647	`}`
345	www	648
1	efrain	649	`public function processError(MvcEvent $event)`
		650	`{`
		651	`$error = $event->getError();`
345	www	652	`if (! $error) {`
1	efrain	653	`return;`
		654	`}`
345	www	655
1	efrain	656	`$response = $event->getResponse();`
345	www	657	`if ('error-exception' == $error) {`
		658
1	efrain	659	`$exception = $event->getParam('exception');`
		660	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		661	`error_log($exception->getTraceAsString());`
345	www	662
1	efrain	663	`$response = $event->getResponse();`
45	efrain	664	`$code = 200;`
345	www	665	`$content = json_encode([`
		666	`'success' => false,`
		667	`'data' => $exception->getCode() . ' ' . $exception->getMessage(),`
		668	`'fatal' => true`
		669	`]);`
43	efrain	670	`$this->sendResponse($response, $code, $content);`
345	www	671	`} else if ('error-router-no-match' == $error) {`
		672
1	efrain	673	`$response = $event->getResponse();`
43	efrain	674	`$code = 404;`
345	www	675	`$content = json_encode([`
		676	`'success' => false,`
		677	`'data' => 'error-router-no-match',`
		678	`'fatal' => true`
		679	`]);`
43	efrain	680	`$this->sendResponse($response, $code, $content);`
345	www	681	`} else if (' error-controller-not-found' == $error) {`
1	efrain	682
		683	`$response = $event->getResponse();`
43	efrain	684	`$code = 404;`
345	www	685	`$content = json_encode([`
		686	`'success' => false,`
		687	`'data' => 'error-controller-not-found',`
		688	`'fatal' => true`
		689	`]);`
43	efrain	690	`$this->sendResponse($response, $code, $content);`
1	efrain	691	`} else {`
		692	`$response = $event->getResponse();`
45	efrain	693	`$code = 200;`
345	www	694	`$content = json_encode([`
		695	`'success' => false,`
		696	`'data' => $error,`
		697	`'fatal' => true`
		698	`]);`
43	efrain	699	`$this->sendResponse($response, $code, $content);`
1	efrain	700	`}`
		701
345	www	702	`exit();`
1	efrain	703	`}`
		704
		705	`public function authPreDispatch(MvcEvent $event)`
		706	`{`
		707	`$serviceManager = $event->getApplication()->getServiceManager();`
		708	`$adapter = $serviceManager->get('leaders-linked-db');`
345	www	709
1	efrain	710	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		711
		712	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
345	www	713
		714	`if ($requestMethod == 'POST') {`
		715
		716	`if ($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	717	`$exclude = true;`
		718	`} else {`
		719	`$exclude = false;`
345	www	720
1	efrain	721	`$usertypes = getAclUsertype();`
345	www	722
		723	`foreach ($usertypes[UserType::GUEST] as $resourceName) {`
		724	`if ($routeName == $resourceName) {`
		725	`$exclude = true;`
		726	`break;`
1	efrain	727	`}`
		728	`}`
		729	`}`
		730
345	www	731	`if (! $exclude) {`
95	efrain	732
1	efrain	733	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
103	efrain	734
345	www	735	`if ($this->jwtID) {`
		736
95	efrain	737	`$jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);`
102	efrain	738	`$jwtToken = $jwtTokenMapper->fetchOne($this->jwtID);`
345	www	739	`if ($jwtToken) {`
		740
100	efrain	741	`$sessionToken = $jwtToken->csrf;`
345	www	742	`// $jwtToken->csrf= '';`
		743
		744	`// $jwtTokenMapper->update($jwtToken);`
100	efrain	745	`} else {`
		746	`$sessionToken = '';`
		747	`}`
95	efrain	748	`} else {`
		749	`$sessionToken = '';`
		750	`}`
		751
345	www	752	`// error_log('$this->jwtID = ' . $this->jwtID . ' $httpToken = ' . $httpToken . ' $sessionToken = ' . $sessionToken);`
95	efrain	753
345	www	754	`// if ( $httpToken != $sessionToken) {`
		755	`// $response = $event->getResponse();`
		756	`// $this->sendResponse($response, 200, json_encode(['success' => false, 'data' => 'Unauthorized - CSRF fail', 'fatal' => true]));`
		757	`// }`
1	efrain	758	`}`
		759	`}`
95	efrain	760
345	www	761	`if ($this->currentUserPlugin->hasIdentity()) {`
		762	`$user = $this->currentUserPlugin->getUser();`
167	efrain	763	`$user_id = $user->id;`
1	efrain	764	`$userTypeId = $user->usertype_id;`
345	www	765	`} else {`
		766
1	efrain	767	`$userTypeId = UserType::GUEST;`
167	efrain	768	`$user_id = 0;`
345	www	769	`}`
167	efrain	770
345	www	771	`if ($this->acl->isAllowed($userTypeId, $routeName)) {`
1	efrain	772	`$user = $this->currentUserPlugin->getUser();`
		773
345	www	774	`if ($user) {`
		775
1	efrain	776	`$updateLastActivity = true;`
		777	`if ('chat' == substr($routeName, 0, 4)) {`
		778	`$updateLastActivity = false;`
345	www	779	`}`
1	efrain	780	`if ('inmail' == substr($routeName, 0, 6)) {`
		781	`$updateLastActivity = false;`
345	www	782	`}`
1	efrain	783	`if ('check-session' == $routeName) {`
		784	`$updateLastActivity = false;`
345	www	785	`}`
		786
		787	`if ($updateLastActivity) {`
1	efrain	788	`$userMapper = UserMapper::getInstance($adapter);`
		789	`$userMapper->updateLastActivity($user->id);`
		790	`}`
		791	`}`
		792	`} else {`
		793	`$response = $event->getResponse();`
54	efrain	794
45	efrain	795	`$response->setStatusCode(200);`
345	www	796	`$response->setContent(json_encode([`
		797	`'success' => false,`
		798	`'data' => 'Unauthorized - Does not have permission',`
		799	`'fatal' => true`
		800	`]));`
1	efrain	801	`$response->send();`
345	www	802	`exit();`
1	efrain	803	`}`
		804	`}`
		805
		806	`public function authPosDispatch(MvcEvent $event)`
		807	`{`
345	www	808	`// $response = $event->getResponse();`
		809	`// Functions::addCrossSiteToResponse($response);`
1	efrain	810	`}`
345	www	811
167	efrain	812	`/**`
345	www	813	`*`
167	efrain	814	`* @param \Laminas\Db\Adapter\AdapterInterface $adapter`
		815	`* @param int $user_id`
		816	`* @return boolean`
		817	`*/`
		818	`private function isMicroLeargningAccessGranted($adapter, $user_id)`
		819	`{`
		820	`$accessGranted = false;`
626	stevensc	821	`$topicUserMapper = \LeadersLinked\Mapper\MicrolearningTopicUserMapper::getInstance($adapter);`
		822	`$now = $topicUserMapper->getDatebaseNow();`
345	www	823
626	stevensc	824	`$records = $topicUserMapper->fetchAllActiveByUserId($user_id);`
167	efrain	825
345	www	826	`foreach ($records as $record) {`
626	stevensc	827	`if ($record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_UNLIMITED && $record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
167	efrain	828	`continue;`
		829	`}`
626	stevensc	830	`if ($record->access == \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
345	www	831	`if ($now < $record->paid_from \|\| $now > $record->paid_to) {`
167	efrain	832	`continue;`
		833	`}`
		834	`}`
		835	`$accessGranted = true;`
		836	`break;`
		837	`}`
345	www	838
167	efrain	839	`return $accessGranted;`
		840	`}`
345	www	841
302	www	842	`/**`
		843	`*`
		844	`* @param \Laminas\Db\Adapter\AdapterInterface $adapter`
		845	`* @param int $user_id`
		846	`* @return boolean`
		847	`*/`
		848	`private function isHabitsAccessGranted($adapter, $user_id)`
		849	`{`
		850	`$accessGranted = false;`
627	stevensc	851	`$habitUserMapper = \LeadersLinked\Mapper\HabitUserMapper::getInstance($adapter);`
302	www	852	`$now = $habitUserMapper->getDatebaseNow();`
345	www	853
302	www	854	`$records = $habitUserMapper->fetchAllActiveByUserId($user_id);`
345	www	855
		856	`foreach ($records as $record) {`
627	stevensc	857	`if ($record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_UNLIMITED && $record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
302	www	858	`continue;`
		859	`}`
345	www	860
627	stevensc	861	`if ($record->access == \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
345	www	862	`if ($now < $record->paid_from \|\| $now > $record->paid_to) {`
302	www	863	`continue;`
		864	`}`
		865	`}`
345	www	866
302	www	867	`$accessGranted = true;`
		868	`break;`
		869	`}`
345	www	870
302	www	871	`return $accessGranted;`
		872	`}`
1	efrain	873	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Module.php – Rev 747