WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
345	www	2	`declare(strict_types = 1);`
1	efrain	3	`namespace LeadersLinked;`
		4
		5	`use Laminas\Db\Adapter\AdapterInterface;`
		6	`use Laminas\ModuleManager\ModuleEvent;`
		7	`use Laminas\ModuleManager\ModuleManager;`
		8	`use Laminas\Mvc\MvcEvent;`
		9	`use Laminas\Config\Reader\Ini;`
		10	`use Laminas\Permissions\Acl\Acl;`
		11	`use Laminas\Permissions\Acl\Role\GenericRole;`
		12	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		13	`use LeadersLinked\Mapper\UserMapper;`
		14	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		15	`use Laminas\Authentication\AuthenticationService;`
		16	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		17	`use LeadersLinked\Model\UserType;`
		18	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		19	`use LeadersLinked\Model\Network;`
		20	`use LeadersLinked\Model\User;`
		21	`use LeadersLinked\Mapper\CompanyUserMapper;`
		22	`use LeadersLinked\Model\CompanyUser;`
		23	`use LeadersLinked\Mapper\CompanyMapper;`
		24	`use LeadersLinked\Mapper\CompanyServiceMapper;`
		25	`use LeadersLinked\Model\Service;`
		26	`use LeadersLinked\Library\Functions;`
		27	`use LeadersLinked\Mapper\DailyPulseMapper;`
		28	`use LeadersLinked\Model\DailyPulse;`
		29	`use LeadersLinked\Mapper\OrganizationPositionMapper;`
		30	`use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;`
		31	`use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;`
		32	`use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;`
		33	`use LeadersLinked\Mapper\MyCoachCategoryUserMapper;`
23	efrain	34	`use Firebase\JWT\JWT;`
		35	`use Firebase\JWT\Key;`
		36	`use LeadersLinked\Mapper\JwtTokenMapper;`
		37	`use LeadersLinked\Authentication\AuthUserIdAdapter;`
95	efrain	38	`use LeadersLinked\Model\JwtToken;`
627	stevensc	39	`use LeadersLinked\Mapper\MicrolearningTopicUserMapper;`
154	efrain	40	`use Laminas\Http\Response;`
627	stevensc	41
345	www	42	`class Module`
1	efrain	43	`{`
		44	`/**`
345	www	45	`*`
1	efrain	46	`* @var Acl`
		47	`*/`
		48	`private $acl;`
345	www	49
1	efrain	50	`/**`
345	www	51	`*`
1	efrain	52	`* @var AdapterInterface`
		53	`*/`
		54	`private $adapter;`
345	www	55
1	efrain	56	`/**`
345	www	57	`*`
1	efrain	58	`* @var CurrentUserPlugin`
		59	`*/`
		60	`private $currentUserPlugin;`
345	www	61
1	efrain	62	`/**`
		63	`*`
		64	`* @var CurrentNetworkPlugin`
		65	`*/`
		66	`private $currentNetworkPlugin;`
345	www	67
1	efrain	68	`/**`
345	www	69	`*`
1	efrain	70	`* @var array`
		71	`*/`
		72	`private $routesAuthorized = [];`
345	www	73
1	efrain	74	`/**`
345	www	75	`*`
1	efrain	76	`* @var boolean`
		77	`*/`
23	efrain	78	`private $authByOTP = false;`
345	www	79
23	efrain	80	`/**`
		81	`*`
		82	`* @var boolean`
		83	`*/`
		84	`private $authByJWT = false;`
345	www	85
102	efrain	86	`/**`
		87	`*`
		88	`* @var int`
		89	`*/`
		90	`private $jwtID = 0;`
345	www	91
1	efrain	92	`/**`
345	www	93	`*`
95	efrain	94	`* @var JwtToken`
		95	`*/`
345	www	96	`private $jwtToken;`
		97
95	efrain	98	`/**`
345	www	99	`*`
1	efrain	100	`* @var array`
		101	`*/`
		102	`private $config;`
345	www	103
1	efrain	104	`public function init(ModuleManager $moduleManager)`
		105	`{`
		106	`$events = $moduleManager->getEventManager();`
345	www	107	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array(`
		108	`$this,`
		109	`'onMergeConfig'`
		110	`));`
1	efrain	111	`}`
345	www	112
1	efrain	113	`public function onMergeConfig(ModuleEvent $event)`
		114	`{`
		115	`$configListener = $event->getConfigListener();`
345	www	116	`$this->config = $configListener->getMergedConfig(false);`
		117
1	efrain	118	`$reader = new Ini();`
		119	`$data = $reader->fromFile('config/leaderslinked.ini');`
345	www	120
1	efrain	121	`$prefix = 'leaderslinked';`
345	www	122	`foreach ($data as $section => $pairs) {`
		123	`foreach ($pairs as $key => $value) {`
1	efrain	124	`$this->config[$prefix . '.' . $section . '.' . $key] = $value;`
		125	`}`
		126	`}`
		127	`$configListener->setMergedConfig($this->config);`
		128	`}`
345	www	129
		130	`public function getConfig(): array`
1	efrain	131	`{`
		132	`return include __DIR__ . '/../config/module.config.php';`
		133	`}`
		134
		135	`public function onBootstrap(MvcEvent $event)`
		136	`{`
283	www	137	`$timezone = $this->config['leaderslinked.runmode.timezone'];`
		138	`date_default_timezone_set($timezone);`
195	efrain	139
748	stevensc	140	`$response = $event->getResponse();`
		141	`$request = $event->getRequest();`
		142	`$serviceManager = $event->getApplication()->getServiceManager();`
86	efrain	143
748	stevensc	144	`// --- Inicio de la lógica de la whitelist de CORS ---`
		145	`// Obtener los orígenes permitidos desde la configuración. Si no está definido, es una cadena vacía.`
		146	`$whitelistString = $this->config['leaderslinked.cors.allowed_origins'] ?? '';`
		147	`$allowedOrigins = array_map('trim', explode(',', $whitelistString));`
		148
753	stevensc	149	`$headers = $request->getHeaders();`
		150	`$originHeader = $headers->get('Origin');`
748	stevensc	151
		152	`if ($originHeader) {`
753	stevensc	153	`$origin = $originHeader->getFieldValue();`
748	stevensc	154
749	stevensc	155	`error_log("CORS Check - Origen de la solicitud: " . $origin);`
		156	`error_log("CORS Check - Whitelist cargada: " . implode(', ', $allowedOrigins));`
		157
748	stevensc	158	`if (in_array($origin, $allowedOrigins)) {`
		159	`$headers = $response->getHeaders();`
		160	`$headers->addHeaderLine('Access-Control-Allow-Origin', $origin);`
		161	`$headers->addHeaderLine('Access-Control-Allow-Credentials', 'true');`
754	stevensc	162	`$headers->addHeaderLine('Access-Control-Allow-Headers', 'Authorization, Content-Type, token, secret, rand, created, x-csrf-token');`
748	stevensc	163	`$headers->addHeaderLine('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, PUT, DELETE');`
		164	`$headers->addHeaderLine('Access-Control-Max-Age', '86400');`
754	stevensc	165
748	stevensc	166	`}`
		167	`// Si el origen no está en la lista blanca, no añadimos ninguna cabecera.`
		168	`// El navegador aplicará la política del mismo origen y bloqueará la solicitud.`
		169	`}`
		170
		171	`// Las solicitudes de pre-vuelo (pre-flight) usan el método OPTIONS.`
		172	`// Deben devolver las cabeceras CORS y una respuesta 200 OK inmediatamente.`
		173	`if ($request->isOptions() && $originHeader) {`
		174	`$response->setStatusCode(200);`
		175	`// Detenemos la ejecución para las solicitudes de pre-vuelo y devolvemos la respuesta.`
		176	`return $response;`
		177	`}`
		178	`// --- Fin de la lógica de la whitelist de CORS ---`
		179
96	efrain	180	`$event->setResponse($response);`
345	www	181
68	efrain	182	`$eventManager = $event->getApplication()->getEventManager();`
345	www	183	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [`
		184	`$this,`
		185	`'onDispatchError'`
		186	`], 0);`
		187	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [`
		188	`$this,`
		189	`'onRenderError'`
		190	`], 0);`
		191
1	efrain	192	`$adapter = $serviceManager->get('leaders-linked-db');`
345	www	193
283	www	194	`/*`
345	www	195	`* $session = $serviceManager->get('leaders-linked-session');`
		196	`* $session->start();`
		197	`* $session->regenerateId(true);`
		198	`*/`
1	efrain	199
		200	`$translator = $serviceManager->get('MvcTranslator');`
345	www	201	`$translator->addTranslationFile('phpArray', __DIR__ . '/i18n/validate.php', 'default');`
97	efrain	202
345	www	203	`$translator->addTranslationFile('phpArray', __DIR__ . '/i18n/spanish.php', 'default');`
		204
1	efrain	205	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
345	www	206
		207	`$headers = $event->getRequest()->getHeaders();`
		208	`if ($headers->has('token')) {`
1	efrain	209	`$device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());`
		210	`} else {`
		211	`$device_uuid = '';`
		212	`}`
345	www	213	`if ($headers->has('secret')) {`
		214	`$password = Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());`
1	efrain	215	`} else {`
		216	`$password = '';`
		217	`}`
345	www	218	`if ($headers->has('rand')) {`
		219	`$rand = Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());`
1	efrain	220	`} else {`
		221	`$rand = 0;`
		222	`}`
345	www	223	`if ($headers->has('created')) {`
		224	`$timestamp = Functions::sanitizeFilterString($headers->get('created')->getFieldValue());`
1	efrain	225	`} else {`
		226	`$timestamp = 0;`
		227	`}`
		228
283	www	229	`$this->currentNetworkPlugin = CurrentNetworkPlugin::getInstance($adapter);`
747	stevensc	230	`if (!$this->currentNetworkPlugin->hasNetwork()) {`
339	www	231	`$this->currentNetworkPlugin->fetchDefaultNetwork();`
		232	`}`
345	www	233
747	stevensc	234	`if (!$this->currentNetworkPlugin->hasNetwork()) {`
1	efrain	235	`$response = $event->getResponse();`
45	efrain	236	`$code = 200;`
345	www	237	`$content = json_encode([`
		238	`'success' => false,`
		239	`'data' => '200 Unauthorized - Private network - not found',`
		240	`'fatal' => true`
		241	`]);`
43	efrain	242	`$this->sendResponse($response, $code, $content);`
345	www	243	`}`
43	efrain	244
345	www	245	`if ($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
		246
1	efrain	247	`$response = $event->getResponse();`
45	efrain	248	`$code = 200;`
345	www	249	`$content = json_encode([`
		250	`'success' => false,`
		251	`'data' => '200 Unauthorized - Private network - inactive',`
		252	`'fatal' => true`
		253	`]);`
43	efrain	254	`$this->sendResponse($response, $code, $content);`
1	efrain	255	`}`
192	efrain	256
23	efrain	257	`$this->authByOTP = false;`
345	www	258	`if ($device_uuid && $password && $rand && $timestamp) {`
23	efrain	259	`$this->authByOTP = true;`
1	efrain	260
		261	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		262	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
345	www	263
1	efrain	264	`$authService = new AuthenticationService();`
		265	`$result = $authService->authenticate($tokenAuthAdapter);`
345	www	266	`if ($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
		267
1	efrain	268	`$response = $event->getResponse();`
43	efrain	269	`$code = 200;`
345	www	270	`$content = json_encode([`
		271	`'success' => false,`
		272	`'data' => $result->getMessages()[0],`
		273	`'fatal' => true`
		274	`]);`
43	efrain	275	`$this->sendResponse($response, $code, $content);`
1	efrain	276	`}`
		277	`}`
345	www	278
102	efrain	279	`$this->jwtID = 0;`
23	efrain	280	`$this->authByJWT = false;`
		281	`$headers = getallheaders();`
345	www	282
		283	`if (! empty($headers['authorization']) \|\| ! empty($headers['Authorization'])) {`
		284
34	efrain	285	`$token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);`
		286
345	www	287	`if (substr($token, 0, 6) == 'Bearer') {`
43	efrain	288
23	efrain	289	`$token = trim(substr($token, 7));`
345	www	290
		291	`if (! empty($this->config['leaderslinked.jwt.key'])) {`
23	efrain	292	`$key = $this->config['leaderslinked.jwt.key'];`
345	www	293
		294	`try {`
23	efrain	295	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
345	www	296	`if (empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
		297
23	efrain	298	`$response = $event->getResponse();`
45	efrain	299	`$code = 200;`
345	www	300	`$content = json_encode([`
		301	`'success' => false,`
		302	`'data' => 'Unauthorized - JWT - Wrong server',`
		303	`'fatal' => true`
		304	`]);`
43	efrain	305	`$this->sendResponse($response, $code, $content);`
345	www	306	`}`
43	efrain	307
23	efrain	308	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
345	www	309	`if ($uuid) {`
23	efrain	310	`$jwtTokenMapper = JwtTokenMapper::getInstance($adapter);`
100	efrain	311	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
345	www	312	`if ($jwtToken) {`
		313
102	efrain	314	`$this->jwtID = $jwtToken->id;`
345	www	315
100	efrain	316	`$_SESSION['aes'] = $jwtToken->aes;`
345	www	317
		318	`if ($jwtToken->user_id) {`
23	efrain	319	`$authByUserId = new AuthUserIdAdapter($adapter);`
100	efrain	320	`$authByUserId->setData($jwtToken->user_id);`
345	www	321
23	efrain	322	`$authService = new AuthenticationService();`
		323	`$result = $authService->authenticate($authByUserId);`
345	www	324	`if ($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
		325
23	efrain	326	`$response = $event->getResponse();`
45	efrain	327	`$code = 200;`
345	www	328	`$content = json_encode([`
		329	`'success' => false,`
		330	`'data' => $result->getMessages()[0],`
		331	`'fatal' => true`
		332	`]);`
43	efrain	333	`$this->sendResponse($response, $code, $content);`
23	efrain	334	`}`
		335	`}`
345	www	336	`}`
		337	`else {`
23	efrain	338	`$response = $event->getResponse();`
45	efrain	339	`$code = 200;`
345	www	340	`$content = json_encode([`
		341	`'success' => false,`
		342	`'data' => 'Unauthorized - JWT - Expired',`
		343	`'fatal' => true`
		344	`]);`
43	efrain	345	`$this->sendResponse($response, $code, $content);`
23	efrain	346	`}`
		347	`}`
345	www	348	`} catch (\Exception $e) {`
		349
23	efrain	350	`$response = $event->getResponse();`
45	efrain	351	`$code = 200;`
345	www	352	`$content = json_encode([`
		353	`'success' => false,`
		354	`'data' => 'Unauthorized - JWT - Wrong key',`
		355	`'fatal' => true`
		356	`]);`
43	efrain	357	`$this->sendResponse($response, $code, $content);`
23	efrain	358	`}`
		359	`}`
		360	`}`
		361	`}`
1	efrain	362
345	www	363	`if (empty($_SERVER['REDIRECT_URL'])) {`
		364	`if (empty($_SERVER['REQUEST_URI'])) {`
1	efrain	365	`$routeName = '';`
		366	`} else {`
		367	`$routeName = $_SERVER['REQUEST_URI'];`
		368	`}`
		369	`} else {`
		370	`$routeName = $_SERVER['REDIRECT_URL'];`
		371	`}`
		372
		373	`$routeName = strtolower(trim($routeName));`
345	www	374	`if (strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
1	efrain	375	`$routeName = substr($routeName, 1);`
		376	`}`
345	www	377
283	www	378	`$this->currentUserPlugin = CurrentUserPlugin::getInstance($adapter);`
345	www	379	`if ($this->currentUserPlugin->hasIdentity()) {`
		380
		381	`if (User::STATUS_BANNED == $this->currentUserPlugin->getUser()->status) {`
		382
192	efrain	383	`$code = 200;`
345	www	384	`$content = json_encode([`
		385	`'success' => false,`
		386	`'data' => '403 Forbidden - Banned',`
		387	`'fatal' => true`
		388	`]);`
192	efrain	389	`$this->sendResponse($response, $code, $content);`
		390	`}`
		391	`}`
345	www	392
		393	`if ($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	394	`$checkUserForNetwork = false;`
		395	`} else {`
345	www	396	`if ($this->currentUserPlugin->hasIdentity()) {`
		397
1	efrain	398	`$checkUserForNetwork = true;`
		399	`} else {`
		400	`$checkUserForNetwork = false;`
		401	`}`
		402	`}`
345	www	403
		404	`if ($checkUserForNetwork) {`
		405	`if (! $routeName \|\| in_array($routeName, [`
		406	`'signout',`
		407	`'signin',`
		408	`'home'`
		409	`])) {`
1	efrain	410	`$checkUserForNetwork = false;`
		411	`}`
		412	`}`
154	efrain	413
345	www	414	`if ($checkUserForNetwork) {`
		415
		416	`if ($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
		417
1	efrain	418	`$response = $event->getResponse();`
345	www	419	`$content = json_encode([`
		420	`'success' => false,`
		421	`'data' => '200 Unauthorized - The user is not part of this private network',`
		422	`'fatal' => true`
		423	`]);`
154	efrain	424	`$this->sendResponse($response, 200, $content);`
345	www	425	`exit();`
1	efrain	426	`}`
		427	`}`
345	www	428
1	efrain	429	`$this->initAcl($event);`
88	efrain	430
1	efrain	431	`$sharedManager = $eventManager->getSharedManager();`
345	www	432	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [`
		433	`$this,`
		434	`'authPreDispatch'`
		435	`], 100);`
		436	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [`
		437	`$this,`
		438	`'authPosDispatch'`
		439	`], - 100);`
1	efrain	440	`}`
345	www	441
1	efrain	442	`public function initAcl(MvcEvent $event)`
		443	`{`
		444	`$serviceManager = $event->getApplication()->getServiceManager();`
		445	`$adapter = $serviceManager->get('leaders-linked-db');`
345	www	446
		447	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		448
1	efrain	449	`$this->acl = new Acl();`
		450	`$resources = getAclResources();`
		451
345	www	452	`foreach ($resources as $resourceName) {`
1	efrain	453	`$this->acl->addResource(new GenericResource($resourceName));`
		454	`}`
345	www	455
1	efrain	456	`$usertypes = getAclUsertype();`
345	www	457	`foreach ($usertypes as $usertype => $resources) {`
1	efrain	458	`$this->acl->addRole(new GenericRole($usertype));`
345	www	459	`foreach ($resources as $resourceName) {`
1	efrain	460	`$this->acl->allow($usertype, $resourceName);`
		461	`}`
		462	`}`
		463
345	www	464	`if ($this->currentUserPlugin->hasIdentity()) {`
		465	`$user_id = $this->currentUserPlugin->getUserId();`
1	efrain	466
345	www	467	`if ($this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		468
		469	`$resources = getAclSuperAdmin();`
		470	`foreach ($resources as $resourceName) {`
167	efrain	471	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		472	`}`
1	efrain	473	`}`
167	efrain	474	`} else {`
		475	`$user_id = 0;`
1	efrain	476	`}`
345	www	477
1	efrain	478	`$allowMyCoach = false;`
		479	`$allowKnowledgeArea = false;`
		480	`$allowDailyPulse = false;`
345	www	481
		482	`if ($user_id) {`
167	efrain	483	`$allowMicrolearning = $this->isMicroLeargningAccessGranted($adapter, $user_id);`
302	www	484	`$allowHabit = $this->isHabitsAccessGranted($adapter, $user_id);`
167	efrain	485	`} else {`
		486	`$allowMicrolearning = false;`
345	www	487	`$allowHabit = false;`
167	efrain	488	`}`
		489
1	efrain	490	`$companyMapper = CompanyMapper::getInstance($adapter);`
		491	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
345	www	492
		493	`if ($company) {`
		494
1	efrain	495	`$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);`
		496	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);`
345	www	497
1	efrain	498	`$companyUserMapper = CompanyUserMapper::getInstance($adapter);`
345	www	499	`$companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id, $this->currentUserPlugin->getUserId());`
		500
		501	`if ($companyService) {`
		502
1	efrain	503	`$dailyPulseMapper = DailyPulseMapper::getInstance($adapter);`
		504	`$dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);`
345	www	505
		506	`if ($dailyPulse) {`
1	efrain	507	`$privacy = $dailyPulse->privacy;`
		508	`} else {`
		509	`$privacy = DailyPulse::PRIVACY_COMPANY;`
		510	`}`
345	www	511
		512	`if ($privacy == DailyPulse::PRIVACY_PUBLIC) {`
1	efrain	513	`$allowDailyPulse = true;`
		514	`} else {`
345	www	515	`$allowDailyPulse = ! empty($companyUser);`
1	efrain	516	`}`
		517	`}`
345	www	518
1	efrain	519	`$job_description_ids = [];`
345	www	520
1	efrain	521	`$organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);`
345	www	522	`$records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id, $this->currentUserPlugin->getUserId());`
		523	`foreach ($records as $record) {`
1	efrain	524	`array_push($job_description_ids, $record->job_description_id);`
		525	`}`
		526
		527	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);`
345	www	528	`if ($companyService) {`
		529	`if ($job_description_ids) {`
		530
1	efrain	531	`$knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);`
		532	`$records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
345	www	533
		534	`if (! empty($records)) {`
1	efrain	535	`$allowKnowledgeArea = true;`
		536	`}`
		537	`}`
345	www	538
		539	`if ($companyUser && ! $allowKnowledgeArea) {`
1	efrain	540	`$knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);`
		541	`$records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
345	www	542	`if (! empty($records)) {`
1	efrain	543	`$allowKnowledgeArea = true;`
		544	`}`
		545	`}`
		546	`}`
345	www	547
1	efrain	548	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);`
345	www	549	`if ($companyService) {`
		550
		551	`if ($job_description_ids) {`
		552
1	efrain	553	`$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);`
		554	`$records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
345	www	555
		556	`if (! empty($records)) {`
1	efrain	557	`$allowKnowledgeArea = true;`
		558	`}`
		559	`}`
345	www	560
		561	`if ($companyUser && ! $allowMyCoach) {`
1	efrain	562	`$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);`
		563	`$records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
345	www	564	`if (! empty($records)) {`
1	efrain	565	`$allowMyCoach = true;`
		566	`}`
		567	`}`
		568	`}`
		569	`} else {`
		570	`$companyUser = '';`
		571	`}`
345	www	572
1	efrain	573	`$usertype = $this->currentUserPlugin->getUserTypeId();`
345	www	574	`if ($allowDailyPulse) {`
1	efrain	575	`$resources = getAclDailyPulse();`
345	www	576	`foreach ($resources as $resourceName) {`
1	efrain	577	`$this->acl->allow($usertype, $resourceName);`
		578	`}`
		579	`}`
345	www	580
		581	`if ($allowMicrolearning) {`
167	efrain	582	`$resources = getAclMicrolearning();`
345	www	583	`foreach ($resources as $resourceName) {`
167	efrain	584	`$this->acl->allow($usertype, $resourceName);`
		585	`}`
		586	`}`
345	www	587
		588	`if ($allowHabit) {`
302	www	589	`$resources = getAclHabits();`
345	www	590	`foreach ($resources as $resourceName) {`
302	www	591	`$this->acl->allow($usertype, $resourceName);`
		592	`}`
		593	`}`
345	www	594
		595	`if ($allowKnowledgeArea) {`
1	efrain	596	`$resources = getAclKnowledgeArea();`
345	www	597	`foreach ($resources as $resourceName) {`
1	efrain	598	`$this->acl->allow($usertype, $resourceName);`
		599	`}`
		600	`}`
345	www	601
		602	`if ($allowMyCoach) {`
1	efrain	603	`$resources = getAclMyCoach();`
345	www	604
		605	`foreach ($resources as $resourceName) {`
1	efrain	606	`$this->acl->allow($usertype, $resourceName);`
		607	`}`
		608	`}`
345	www	609
		610	`if ($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		611
1	efrain	612	`$usertypes = getAclUsertypeDefaultNetwork();`
345	www	613	`foreach ($usertypes as $usertype => $resources) {`
1	efrain	614
345	www	615	`foreach ($resources as $resourceName) {`
1	efrain	616	`$this->acl->allow($usertype, $resourceName);`
		617	`}`
		618	`}`
		619	`} else {`
345	www	620
		621	`if ($this->currentUserPlugin->hasIdentity()) {`
		622
		623	`if ($company) {`
		624
		625	`if ($companyUser) {`
1	efrain	626	`$usertype = $this->currentUserPlugin->getUserTypeId();`
345	www	627
		628	`if ($companyUser->creator == CompanyUser::CREATOR_YES) {`
		629
		630	`$resources = getAclUsertypeOtherNetworkCreator();`
		631	`foreach ($resources as $resourceName) {`
1	efrain	632	`$this->acl->allow($usertype, $resourceName);`
		633	`}`
		634	`}`
345	www	635	`if ($companyUser->creator == CompanyUser::CREATOR_NO) {`
		636	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		637	`foreach ($resources as $resourceName) {`
1	efrain	638	`$this->acl->allow($usertype, $resourceName);`
		639	`}`
		640	`}`
		641	`}`
		642	`}`
		643	`}`
		644	`}`
345	www	645
1	efrain	646	`$event->getViewModel()->setVariable('acl', $this->acl);`
345	www	647	`}`
1	efrain	648
		649	`public function onDispatchError(MvcEvent $event)`
		650	`{`
		651	`$this->processError($event);`
		652	`}`
345	www	653
1	efrain	654	`public function onRenderError(MvcEvent $event)`
		655	`{`
		656	`$this->processError($event);`
		657	`}`
345	www	658
43	efrain	659	`/**`
345	www	660	`*`
43	efrain	661	`* @param \Laminas\Http\Response $response`
		662	`* @param int $code`
		663	`* @param string $content`
		664	`*/`
		665	`public function sendResponse($response, $code, $content)`
1	efrain	666	`{`
		667	`$headers = $response->getHeaders();`
		668	`$headers->clearHeaders();`
		669	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
345	www	670
43	efrain	671	`Functions::addCrossSiteToResponse($response);`
345	www	672
43	efrain	673	`$response->setStatusCode($code);`
345	www	674	`$response->setContent($content); // json_encode($data));`
1	efrain	675	`$response->send();`
345	www	676	`exit();`
1	efrain	677	`}`
345	www	678
1	efrain	679	`public function processError(MvcEvent $event)`
		680	`{`
		681	`$error = $event->getError();`
345	www	682	`if (! $error) {`
1	efrain	683	`return;`
		684	`}`
345	www	685
1	efrain	686	`$response = $event->getResponse();`
345	www	687	`if ('error-exception' == $error) {`
		688
1	efrain	689	`$exception = $event->getParam('exception');`
		690	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		691	`error_log($exception->getTraceAsString());`
345	www	692
1	efrain	693	`$response = $event->getResponse();`
45	efrain	694	`$code = 200;`
345	www	695	`$content = json_encode([`
		696	`'success' => false,`
		697	`'data' => $exception->getCode() . ' ' . $exception->getMessage(),`
		698	`'fatal' => true`
		699	`]);`
43	efrain	700	`$this->sendResponse($response, $code, $content);`
345	www	701	`} else if ('error-router-no-match' == $error) {`
		702
1	efrain	703	`$response = $event->getResponse();`
43	efrain	704	`$code = 404;`
345	www	705	`$content = json_encode([`
		706	`'success' => false,`
		707	`'data' => 'error-router-no-match',`
		708	`'fatal' => true`
		709	`]);`
43	efrain	710	`$this->sendResponse($response, $code, $content);`
345	www	711	`} else if (' error-controller-not-found' == $error) {`
1	efrain	712
		713	`$response = $event->getResponse();`
43	efrain	714	`$code = 404;`
345	www	715	`$content = json_encode([`
		716	`'success' => false,`
		717	`'data' => 'error-controller-not-found',`
		718	`'fatal' => true`
		719	`]);`
43	efrain	720	`$this->sendResponse($response, $code, $content);`
1	efrain	721	`} else {`
		722	`$response = $event->getResponse();`
45	efrain	723	`$code = 200;`
345	www	724	`$content = json_encode([`
		725	`'success' => false,`
		726	`'data' => $error,`
		727	`'fatal' => true`
		728	`]);`
43	efrain	729	`$this->sendResponse($response, $code, $content);`
1	efrain	730	`}`
		731
345	www	732	`exit();`
1	efrain	733	`}`
		734
		735	`public function authPreDispatch(MvcEvent $event)`
		736	`{`
		737	`$serviceManager = $event->getApplication()->getServiceManager();`
		738	`$adapter = $serviceManager->get('leaders-linked-db');`
345	www	739
1	efrain	740	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		741
		742	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
345	www	743
		744	`if ($requestMethod == 'POST') {`
		745
		746	`if ($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	747	`$exclude = true;`
		748	`} else {`
		749	`$exclude = false;`
345	www	750
1	efrain	751	`$usertypes = getAclUsertype();`
345	www	752
		753	`foreach ($usertypes[UserType::GUEST] as $resourceName) {`
		754	`if ($routeName == $resourceName) {`
		755	`$exclude = true;`
		756	`break;`
1	efrain	757	`}`
		758	`}`
		759	`}`
		760
345	www	761	`if (! $exclude) {`
95	efrain	762
1	efrain	763	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
103	efrain	764
345	www	765	`if ($this->jwtID) {`
		766
95	efrain	767	`$jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);`
102	efrain	768	`$jwtToken = $jwtTokenMapper->fetchOne($this->jwtID);`
345	www	769	`if ($jwtToken) {`
		770
100	efrain	771	`$sessionToken = $jwtToken->csrf;`
345	www	772	`// $jwtToken->csrf= '';`
		773
		774	`// $jwtTokenMapper->update($jwtToken);`
100	efrain	775	`} else {`
		776	`$sessionToken = '';`
		777	`}`
95	efrain	778	`} else {`
		779	`$sessionToken = '';`
		780	`}`
		781
345	www	782	`// error_log('$this->jwtID = ' . $this->jwtID . ' $httpToken = ' . $httpToken . ' $sessionToken = ' . $sessionToken);`
95	efrain	783
345	www	784	`// if ( $httpToken != $sessionToken) {`
		785	`// $response = $event->getResponse();`
		786	`// $this->sendResponse($response, 200, json_encode(['success' => false, 'data' => 'Unauthorized - CSRF fail', 'fatal' => true]));`
		787	`// }`
1	efrain	788	`}`
		789	`}`
95	efrain	790
345	www	791	`if ($this->currentUserPlugin->hasIdentity()) {`
		792	`$user = $this->currentUserPlugin->getUser();`
167	efrain	793	`$user_id = $user->id;`
1	efrain	794	`$userTypeId = $user->usertype_id;`
345	www	795	`} else {`
		796
1	efrain	797	`$userTypeId = UserType::GUEST;`
167	efrain	798	`$user_id = 0;`
345	www	799	`}`
167	efrain	800
345	www	801	`if ($this->acl->isAllowed($userTypeId, $routeName)) {`
1	efrain	802	`$user = $this->currentUserPlugin->getUser();`
		803
345	www	804	`if ($user) {`
		805
1	efrain	806	`$updateLastActivity = true;`
		807	`if ('chat' == substr($routeName, 0, 4)) {`
		808	`$updateLastActivity = false;`
345	www	809	`}`
1	efrain	810	`if ('inmail' == substr($routeName, 0, 6)) {`
		811	`$updateLastActivity = false;`
345	www	812	`}`
1	efrain	813	`if ('check-session' == $routeName) {`
		814	`$updateLastActivity = false;`
345	www	815	`}`
		816
		817	`if ($updateLastActivity) {`
1	efrain	818	`$userMapper = UserMapper::getInstance($adapter);`
		819	`$userMapper->updateLastActivity($user->id);`
		820	`}`
		821	`}`
		822	`} else {`
		823	`$response = $event->getResponse();`
54	efrain	824
45	efrain	825	`$response->setStatusCode(200);`
345	www	826	`$response->setContent(json_encode([`
		827	`'success' => false,`
		828	`'data' => 'Unauthorized - Does not have permission',`
		829	`'fatal' => true`
		830	`]));`
1	efrain	831	`$response->send();`
345	www	832	`exit();`
1	efrain	833	`}`
		834	`}`
		835
		836	`public function authPosDispatch(MvcEvent $event)`
		837	`{`
345	www	838	`// $response = $event->getResponse();`
		839	`// Functions::addCrossSiteToResponse($response);`
1	efrain	840	`}`
345	www	841
167	efrain	842	`/**`
345	www	843	`*`
167	efrain	844	`* @param \Laminas\Db\Adapter\AdapterInterface $adapter`
		845	`* @param int $user_id`
		846	`* @return boolean`
		847	`*/`
		848	`private function isMicroLeargningAccessGranted($adapter, $user_id)`
		849	`{`
		850	`$accessGranted = false;`
626	stevensc	851	`$topicUserMapper = \LeadersLinked\Mapper\MicrolearningTopicUserMapper::getInstance($adapter);`
		852	`$now = $topicUserMapper->getDatebaseNow();`
345	www	853
626	stevensc	854	`$records = $topicUserMapper->fetchAllActiveByUserId($user_id);`
167	efrain	855
345	www	856	`foreach ($records as $record) {`
626	stevensc	857	`if ($record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_UNLIMITED && $record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
167	efrain	858	`continue;`
		859	`}`
626	stevensc	860	`if ($record->access == \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
345	www	861	`if ($now < $record->paid_from \|\| $now > $record->paid_to) {`
167	efrain	862	`continue;`
		863	`}`
		864	`}`
		865	`$accessGranted = true;`
		866	`break;`
		867	`}`
345	www	868
167	efrain	869	`return $accessGranted;`
		870	`}`
345	www	871
302	www	872	`/**`
		873	`*`
		874	`* @param \Laminas\Db\Adapter\AdapterInterface $adapter`
		875	`* @param int $user_id`
		876	`* @return boolean`
		877	`*/`
		878	`private function isHabitsAccessGranted($adapter, $user_id)`
		879	`{`
		880	`$accessGranted = false;`
627	stevensc	881	`$habitUserMapper = \LeadersLinked\Mapper\HabitUserMapper::getInstance($adapter);`
302	www	882	`$now = $habitUserMapper->getDatebaseNow();`
345	www	883
302	www	884	`$records = $habitUserMapper->fetchAllActiveByUserId($user_id);`
345	www	885
		886	`foreach ($records as $record) {`
627	stevensc	887	`if ($record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_UNLIMITED && $record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
302	www	888	`continue;`
		889	`}`
345	www	890
627	stevensc	891	`if ($record->access == \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
345	www	892	`if ($now < $record->paid_from \|\| $now > $record->paid_to) {`
302	www	893	`continue;`
		894	`}`
		895	`}`
345	www	896
302	www	897	`$accessGranted = true;`
		898	`break;`
		899	`}`
345	www	900
302	www	901	`return $accessGranted;`
		902	`}`
1	efrain	903	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Module.php – Rev 754