WebSVN – LeadersLinked - Services – Autoría – /module/LeadersLinked/src/Module.php

Rev	Autor	Línea Nro.	Línea
1	efrain	1	`<?php`
345	www	2	`declare(strict_types = 1);`
1	efrain	3	`namespace LeadersLinked;`
		4
		5	`use Laminas\Db\Adapter\AdapterInterface;`
		6	`use Laminas\ModuleManager\ModuleEvent;`
		7	`use Laminas\ModuleManager\ModuleManager;`
		8	`use Laminas\Mvc\MvcEvent;`
		9	`use Laminas\Config\Reader\Ini;`
		10	`use Laminas\Permissions\Acl\Acl;`
		11	`use Laminas\Permissions\Acl\Role\GenericRole;`
		12	`use LeadersLinked\Plugin\CurrentUserPlugin;`
		13	`use LeadersLinked\Mapper\UserMapper;`
		14	`use LeadersLinked\Authentication\AuthTokenAdapter;`
		15	`use Laminas\Authentication\AuthenticationService;`
		16	`use Laminas\Permissions\Acl\Resource\GenericResource;`
		17	`use LeadersLinked\Model\UserType;`
		18	`use LeadersLinked\Plugin\CurrentNetworkPlugin;`
		19	`use LeadersLinked\Model\Network;`
		20	`use LeadersLinked\Model\User;`
		21	`use LeadersLinked\Mapper\CompanyUserMapper;`
		22	`use LeadersLinked\Model\CompanyUser;`
		23	`use LeadersLinked\Mapper\CompanyMapper;`
		24	`use LeadersLinked\Mapper\CompanyServiceMapper;`
		25	`use LeadersLinked\Model\Service;`
		26	`use LeadersLinked\Library\Functions;`
		27	`use LeadersLinked\Mapper\DailyPulseMapper;`
		28	`use LeadersLinked\Model\DailyPulse;`
		29	`use LeadersLinked\Mapper\OrganizationPositionMapper;`
		30	`use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;`
		31	`use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;`
		32	`use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;`
		33	`use LeadersLinked\Mapper\MyCoachCategoryUserMapper;`
23	efrain	34	`use Firebase\JWT\JWT;`
		35	`use Firebase\JWT\Key;`
		36	`use LeadersLinked\Mapper\JwtTokenMapper;`
		37	`use LeadersLinked\Authentication\AuthUserIdAdapter;`
95	efrain	38	`use LeadersLinked\Model\JwtToken;`
627	stevensc	39	`use LeadersLinked\Mapper\MicrolearningTopicUserMapper;`
154	efrain	40	`use Laminas\Http\Response;`
627	stevensc	41
345	www	42	`class Module`
1	efrain	43	`{`
		44	`/**`
345	www	45	`*`
1	efrain	46	`* @var Acl`
		47	`*/`
		48	`private $acl;`
345	www	49
1	efrain	50	`/**`
345	www	51	`*`
1	efrain	52	`* @var AdapterInterface`
		53	`*/`
		54	`private $adapter;`
345	www	55
1	efrain	56	`/**`
345	www	57	`*`
1	efrain	58	`* @var CurrentUserPlugin`
		59	`*/`
		60	`private $currentUserPlugin;`
345	www	61
1	efrain	62	`/**`
		63	`*`
		64	`* @var CurrentNetworkPlugin`
		65	`*/`
		66	`private $currentNetworkPlugin;`
345	www	67
1	efrain	68	`/**`
345	www	69	`*`
1	efrain	70	`* @var array`
		71	`*/`
		72	`private $routesAuthorized = [];`
345	www	73
1	efrain	74	`/**`
345	www	75	`*`
1	efrain	76	`* @var boolean`
		77	`*/`
23	efrain	78	`private $authByOTP = false;`
345	www	79
23	efrain	80	`/**`
		81	`*`
		82	`* @var boolean`
		83	`*/`
		84	`private $authByJWT = false;`
345	www	85
102	efrain	86	`/**`
		87	`*`
		88	`* @var int`
		89	`*/`
		90	`private $jwtID = 0;`
345	www	91
1	efrain	92	`/**`
345	www	93	`*`
95	efrain	94	`* @var JwtToken`
		95	`*/`
345	www	96	`private $jwtToken;`
		97
95	efrain	98	`/**`
345	www	99	`*`
1	efrain	100	`* @var array`
		101	`*/`
		102	`private $config;`
345	www	103
1	efrain	104	`public function init(ModuleManager $moduleManager)`
		105	`{`
		106	`$events = $moduleManager->getEventManager();`
345	www	107	`$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array(`
		108	`$this,`
		109	`'onMergeConfig'`
		110	`));`
1	efrain	111	`}`
345	www	112
1	efrain	113	`public function onMergeConfig(ModuleEvent $event)`
		114	`{`
		115	`$configListener = $event->getConfigListener();`
345	www	116	`$this->config = $configListener->getMergedConfig(false);`
		117
1	efrain	118	`$reader = new Ini();`
		119	`$data = $reader->fromFile('config/leaderslinked.ini');`
345	www	120
1	efrain	121	`$prefix = 'leaderslinked';`
345	www	122	`foreach ($data as $section => $pairs) {`
		123	`foreach ($pairs as $key => $value) {`
1	efrain	124	`$this->config[$prefix . '.' . $section . '.' . $key] = $value;`
		125	`}`
		126	`}`
		127	`$configListener->setMergedConfig($this->config);`
		128	`}`
345	www	129
		130	`public function getConfig(): array`
1	efrain	131	`{`
		132	`return include __DIR__ . '/../config/module.config.php';`
		133	`}`
		134
		135	`public function onBootstrap(MvcEvent $event)`
		136	`{`
283	www	137	`$timezone = $this->config['leaderslinked.runmode.timezone'];`
		138	`date_default_timezone_set($timezone);`
195	efrain	139
748	stevensc	140	`$response = $event->getResponse();`
		141	`$request = $event->getRequest();`
		142	`$serviceManager = $event->getApplication()->getServiceManager();`
86	efrain	143
748	stevensc	144	`$whitelistString = $this->config['leaderslinked.cors.allowed_origins'] ?? '';`
		145	`$allowedOrigins = array_map('trim', explode(',', $whitelistString));`
		146
753	stevensc	147	`$headers = $request->getHeaders();`
		148	`$originHeader = $headers->get('Origin');`
748	stevensc	149
		150	`if ($originHeader) {`
753	stevensc	151	`$origin = $originHeader->getFieldValue();`
748	stevensc	152
749	stevensc	153	`error_log("CORS Check - Origen de la solicitud: " . $origin);`
		154	`error_log("CORS Check - Whitelist cargada: " . implode(', ', $allowedOrigins));`
		155
748	stevensc	156	`if (in_array($origin, $allowedOrigins)) {`
		157	`$headers = $response->getHeaders();`
		158	`$headers->addHeaderLine('Access-Control-Allow-Origin', $origin);`
		159	`$headers->addHeaderLine('Access-Control-Allow-Credentials', 'true');`
754	stevensc	160	`$headers->addHeaderLine('Access-Control-Allow-Headers', 'Authorization, Content-Type, token, secret, rand, created, x-csrf-token');`
748	stevensc	161	`$headers->addHeaderLine('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, PUT, DELETE');`
		162	`$headers->addHeaderLine('Access-Control-Max-Age', '86400');`
754	stevensc	163
748	stevensc	164	`}`
		165	`}`
		166
96	efrain	167	`$event->setResponse($response);`
345	www	168
68	efrain	169	`$eventManager = $event->getApplication()->getEventManager();`
345	www	170	`$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [`
		171	`$this,`
		172	`'onDispatchError'`
		173	`], 0);`
		174	`$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [`
		175	`$this,`
		176	`'onRenderError'`
		177	`], 0);`
		178
1	efrain	179	`$adapter = $serviceManager->get('leaders-linked-db');`
345	www	180
283	www	181	`/*`
345	www	182	`* $session = $serviceManager->get('leaders-linked-session');`
		183	`* $session->start();`
		184	`* $session->regenerateId(true);`
		185	`*/`
1	efrain	186
		187	`$translator = $serviceManager->get('MvcTranslator');`
345	www	188	`$translator->addTranslationFile('phpArray', __DIR__ . '/i18n/validate.php', 'default');`
97	efrain	189
345	www	190	`$translator->addTranslationFile('phpArray', __DIR__ . '/i18n/spanish.php', 'default');`
		191
1	efrain	192	`\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);`
345	www	193
		194	`$headers = $event->getRequest()->getHeaders();`
		195	`if ($headers->has('token')) {`
1	efrain	196	`$device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());`
		197	`} else {`
		198	`$device_uuid = '';`
		199	`}`
345	www	200	`if ($headers->has('secret')) {`
		201	`$password = Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());`
1	efrain	202	`} else {`
		203	`$password = '';`
		204	`}`
345	www	205	`if ($headers->has('rand')) {`
		206	`$rand = Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());`
1	efrain	207	`} else {`
		208	`$rand = 0;`
		209	`}`
345	www	210	`if ($headers->has('created')) {`
		211	`$timestamp = Functions::sanitizeFilterString($headers->get('created')->getFieldValue());`
1	efrain	212	`} else {`
		213	`$timestamp = 0;`
		214	`}`
		215
283	www	216	`$this->currentNetworkPlugin = CurrentNetworkPlugin::getInstance($adapter);`
747	stevensc	217	`if (!$this->currentNetworkPlugin->hasNetwork()) {`
339	www	218	`$this->currentNetworkPlugin->fetchDefaultNetwork();`
		219	`}`
345	www	220
747	stevensc	221	`if (!$this->currentNetworkPlugin->hasNetwork()) {`
1	efrain	222	`$response = $event->getResponse();`
45	efrain	223	`$code = 200;`
345	www	224	`$content = json_encode([`
		225	`'success' => false,`
		226	`'data' => '200 Unauthorized - Private network - not found',`
		227	`'fatal' => true`
		228	`]);`
43	efrain	229	`$this->sendResponse($response, $code, $content);`
345	www	230	`}`
43	efrain	231
345	www	232	`if ($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {`
		233
1	efrain	234	`$response = $event->getResponse();`
45	efrain	235	`$code = 200;`
345	www	236	`$content = json_encode([`
		237	`'success' => false,`
		238	`'data' => '200 Unauthorized - Private network - inactive',`
		239	`'fatal' => true`
		240	`]);`
43	efrain	241	`$this->sendResponse($response, $code, $content);`
1	efrain	242	`}`
192	efrain	243
23	efrain	244	`$this->authByOTP = false;`
345	www	245	`if ($device_uuid && $password && $rand && $timestamp) {`
23	efrain	246	`$this->authByOTP = true;`
1	efrain	247
		248	`$tokenAuthAdapter = new AuthTokenAdapter($adapter);`
		249	`$tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);`
345	www	250
1	efrain	251	`$authService = new AuthenticationService();`
		252	`$result = $authService->authenticate($tokenAuthAdapter);`
345	www	253	`if ($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
		254
1	efrain	255	`$response = $event->getResponse();`
43	efrain	256	`$code = 200;`
345	www	257	`$content = json_encode([`
		258	`'success' => false,`
		259	`'data' => $result->getMessages()[0],`
		260	`'fatal' => true`
		261	`]);`
43	efrain	262	`$this->sendResponse($response, $code, $content);`
1	efrain	263	`}`
		264	`}`
345	www	265
102	efrain	266	`$this->jwtID = 0;`
23	efrain	267	`$this->authByJWT = false;`
		268	`$headers = getallheaders();`
345	www	269
		270	`if (! empty($headers['authorization']) \|\| ! empty($headers['Authorization'])) {`
		271
34	efrain	272	`$token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);`
		273
345	www	274	`if (substr($token, 0, 6) == 'Bearer') {`
43	efrain	275
23	efrain	276	`$token = trim(substr($token, 7));`
345	www	277
		278	`if (! empty($this->config['leaderslinked.jwt.key'])) {`
23	efrain	279	`$key = $this->config['leaderslinked.jwt.key'];`
345	www	280
		281	`try {`
23	efrain	282	`$payload = JWT::decode($token, new Key($key, 'HS256'));`
345	www	283	`if (empty($payload->iss) \|\| $payload->iss != $_SERVER['HTTP_HOST']) {`
		284
23	efrain	285	`$response = $event->getResponse();`
45	efrain	286	`$code = 200;`
345	www	287	`$content = json_encode([`
		288	`'success' => false,`
		289	`'data' => 'Unauthorized - JWT - Wrong server',`
		290	`'fatal' => true`
		291	`]);`
43	efrain	292	`$this->sendResponse($response, $code, $content);`
345	www	293	`}`
43	efrain	294
23	efrain	295	`$uuid = empty($payload->uuid) ? '' : $payload->uuid;`
345	www	296	`if ($uuid) {`
23	efrain	297	`$jwtTokenMapper = JwtTokenMapper::getInstance($adapter);`
100	efrain	298	`$jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);`
345	www	299	`if ($jwtToken) {`
		300
102	efrain	301	`$this->jwtID = $jwtToken->id;`
345	www	302
100	efrain	303	`$_SESSION['aes'] = $jwtToken->aes;`
345	www	304
		305	`if ($jwtToken->user_id) {`
23	efrain	306	`$authByUserId = new AuthUserIdAdapter($adapter);`
100	efrain	307	`$authByUserId->setData($jwtToken->user_id);`
345	www	308
23	efrain	309	`$authService = new AuthenticationService();`
		310	`$result = $authService->authenticate($authByUserId);`
345	www	311	`if ($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {`
		312
23	efrain	313	`$response = $event->getResponse();`
45	efrain	314	`$code = 200;`
345	www	315	`$content = json_encode([`
		316	`'success' => false,`
		317	`'data' => $result->getMessages()[0],`
		318	`'fatal' => true`
		319	`]);`
43	efrain	320	`$this->sendResponse($response, $code, $content);`
23	efrain	321	`}`
		322	`}`
345	www	323	`}`
		324	`else {`
23	efrain	325	`$response = $event->getResponse();`
45	efrain	326	`$code = 200;`
345	www	327	`$content = json_encode([`
		328	`'success' => false,`
		329	`'data' => 'Unauthorized - JWT - Expired',`
		330	`'fatal' => true`
		331	`]);`
43	efrain	332	`$this->sendResponse($response, $code, $content);`
23	efrain	333	`}`
		334	`}`
345	www	335	`} catch (\Exception $e) {`
		336
23	efrain	337	`$response = $event->getResponse();`
45	efrain	338	`$code = 200;`
345	www	339	`$content = json_encode([`
		340	`'success' => false,`
		341	`'data' => 'Unauthorized - JWT - Wrong key',`
		342	`'fatal' => true`
		343	`]);`
43	efrain	344	`$this->sendResponse($response, $code, $content);`
23	efrain	345	`}`
		346	`}`
		347	`}`
		348	`}`
1	efrain	349
345	www	350	`if (empty($_SERVER['REDIRECT_URL'])) {`
		351	`if (empty($_SERVER['REQUEST_URI'])) {`
1	efrain	352	`$routeName = '';`
		353	`} else {`
		354	`$routeName = $_SERVER['REQUEST_URI'];`
		355	`}`
		356	`} else {`
		357	`$routeName = $_SERVER['REDIRECT_URL'];`
		358	`}`
		359
		360	`$routeName = strtolower(trim($routeName));`
345	www	361	`if (strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {`
1	efrain	362	`$routeName = substr($routeName, 1);`
		363	`}`
345	www	364
283	www	365	`$this->currentUserPlugin = CurrentUserPlugin::getInstance($adapter);`
345	www	366	`if ($this->currentUserPlugin->hasIdentity()) {`
		367
		368	`if (User::STATUS_BANNED == $this->currentUserPlugin->getUser()->status) {`
		369
192	efrain	370	`$code = 200;`
345	www	371	`$content = json_encode([`
		372	`'success' => false,`
		373	`'data' => '403 Forbidden - Banned',`
		374	`'fatal' => true`
		375	`]);`
192	efrain	376	`$this->sendResponse($response, $code, $content);`
		377	`}`
		378	`}`
345	www	379
		380	`if ($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	381	`$checkUserForNetwork = false;`
		382	`} else {`
345	www	383	`if ($this->currentUserPlugin->hasIdentity()) {`
		384
1	efrain	385	`$checkUserForNetwork = true;`
		386	`} else {`
		387	`$checkUserForNetwork = false;`
		388	`}`
		389	`}`
345	www	390
		391	`if ($checkUserForNetwork) {`
		392	`if (! $routeName \|\| in_array($routeName, [`
		393	`'signout',`
		394	`'signin',`
		395	`'home'`
		396	`])) {`
1	efrain	397	`$checkUserForNetwork = false;`
		398	`}`
		399	`}`
154	efrain	400
345	www	401	`if ($checkUserForNetwork) {`
		402
		403	`if ($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {`
		404
1	efrain	405	`$response = $event->getResponse();`
345	www	406	`$content = json_encode([`
		407	`'success' => false,`
		408	`'data' => '200 Unauthorized - The user is not part of this private network',`
		409	`'fatal' => true`
		410	`]);`
154	efrain	411	`$this->sendResponse($response, 200, $content);`
345	www	412	`exit();`
1	efrain	413	`}`
		414	`}`
345	www	415
1	efrain	416	`$this->initAcl($event);`
88	efrain	417
1	efrain	418	`$sharedManager = $eventManager->getSharedManager();`
345	www	419	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [`
		420	`$this,`
		421	`'authPreDispatch'`
		422	`], 100);`
		423	`$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [`
		424	`$this,`
		425	`'authPosDispatch'`
		426	`], - 100);`
1	efrain	427	`}`
345	www	428
1	efrain	429	`public function initAcl(MvcEvent $event)`
		430	`{`
		431	`$serviceManager = $event->getApplication()->getServiceManager();`
		432	`$adapter = $serviceManager->get('leaders-linked-db');`
345	www	433
		434	`require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');`
		435
1	efrain	436	`$this->acl = new Acl();`
		437	`$resources = getAclResources();`
		438
345	www	439	`foreach ($resources as $resourceName) {`
1	efrain	440	`$this->acl->addResource(new GenericResource($resourceName));`
		441	`}`
345	www	442
1	efrain	443	`$usertypes = getAclUsertype();`
345	www	444	`foreach ($usertypes as $usertype => $resources) {`
1	efrain	445	`$this->acl->addRole(new GenericRole($usertype));`
345	www	446	`foreach ($resources as $resourceName) {`
1	efrain	447	`$this->acl->allow($usertype, $resourceName);`
		448	`}`
		449	`}`
		450
345	www	451	`if ($this->currentUserPlugin->hasIdentity()) {`
		452	`$user_id = $this->currentUserPlugin->getUserId();`
1	efrain	453
345	www	454	`if ($this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {`
		455
		456	`$resources = getAclSuperAdmin();`
		457	`foreach ($resources as $resourceName) {`
167	efrain	458	`$this->acl->allow(UserType::ADMIN, $resourceName);`
		459	`}`
1	efrain	460	`}`
167	efrain	461	`} else {`
		462	`$user_id = 0;`
1	efrain	463	`}`
345	www	464
1	efrain	465	`$allowMyCoach = false;`
		466	`$allowKnowledgeArea = false;`
		467	`$allowDailyPulse = false;`
345	www	468
		469	`if ($user_id) {`
167	efrain	470	`$allowMicrolearning = $this->isMicroLeargningAccessGranted($adapter, $user_id);`
302	www	471	`$allowHabit = $this->isHabitsAccessGranted($adapter, $user_id);`
167	efrain	472	`} else {`
		473	`$allowMicrolearning = false;`
345	www	474	`$allowHabit = false;`
167	efrain	475	`}`
		476
1	efrain	477	`$companyMapper = CompanyMapper::getInstance($adapter);`
		478	`$company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);`
345	www	479
		480	`if ($company) {`
		481
1	efrain	482	`$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);`
		483	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);`
345	www	484
1	efrain	485	`$companyUserMapper = CompanyUserMapper::getInstance($adapter);`
345	www	486	`$companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id, $this->currentUserPlugin->getUserId());`
		487
		488	`if ($companyService) {`
		489
1	efrain	490	`$dailyPulseMapper = DailyPulseMapper::getInstance($adapter);`
		491	`$dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);`
345	www	492
		493	`if ($dailyPulse) {`
1	efrain	494	`$privacy = $dailyPulse->privacy;`
		495	`} else {`
		496	`$privacy = DailyPulse::PRIVACY_COMPANY;`
		497	`}`
345	www	498
		499	`if ($privacy == DailyPulse::PRIVACY_PUBLIC) {`
1	efrain	500	`$allowDailyPulse = true;`
		501	`} else {`
345	www	502	`$allowDailyPulse = ! empty($companyUser);`
1	efrain	503	`}`
		504	`}`
345	www	505
1	efrain	506	`$job_description_ids = [];`
345	www	507
1	efrain	508	`$organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);`
345	www	509	`$records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id, $this->currentUserPlugin->getUserId());`
		510	`foreach ($records as $record) {`
1	efrain	511	`array_push($job_description_ids, $record->job_description_id);`
		512	`}`
		513
		514	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);`
345	www	515	`if ($companyService) {`
		516	`if ($job_description_ids) {`
		517
1	efrain	518	`$knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);`
		519	`$records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
345	www	520
		521	`if (! empty($records)) {`
1	efrain	522	`$allowKnowledgeArea = true;`
		523	`}`
		524	`}`
345	www	525
		526	`if ($companyUser && ! $allowKnowledgeArea) {`
1	efrain	527	`$knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);`
		528	`$records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
345	www	529	`if (! empty($records)) {`
1	efrain	530	`$allowKnowledgeArea = true;`
		531	`}`
		532	`}`
		533	`}`
345	www	534
1	efrain	535	`$companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);`
345	www	536	`if ($companyService) {`
		537
		538	`if ($job_description_ids) {`
		539
1	efrain	540	`$myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);`
		541	`$records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);`
345	www	542
		543	`if (! empty($records)) {`
1	efrain	544	`$allowKnowledgeArea = true;`
		545	`}`
		546	`}`
345	www	547
		548	`if ($companyUser && ! $allowMyCoach) {`
1	efrain	549	`$myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);`
		550	`$records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);`
345	www	551	`if (! empty($records)) {`
1	efrain	552	`$allowMyCoach = true;`
		553	`}`
		554	`}`
		555	`}`
		556	`} else {`
		557	`$companyUser = '';`
		558	`}`
345	www	559
1	efrain	560	`$usertype = $this->currentUserPlugin->getUserTypeId();`
345	www	561	`if ($allowDailyPulse) {`
1	efrain	562	`$resources = getAclDailyPulse();`
345	www	563	`foreach ($resources as $resourceName) {`
1	efrain	564	`$this->acl->allow($usertype, $resourceName);`
		565	`}`
		566	`}`
345	www	567
		568	`if ($allowMicrolearning) {`
167	efrain	569	`$resources = getAclMicrolearning();`
345	www	570	`foreach ($resources as $resourceName) {`
167	efrain	571	`$this->acl->allow($usertype, $resourceName);`
		572	`}`
		573	`}`
345	www	574
		575	`if ($allowHabit) {`
302	www	576	`$resources = getAclHabits();`
345	www	577	`foreach ($resources as $resourceName) {`
302	www	578	`$this->acl->allow($usertype, $resourceName);`
		579	`}`
		580	`}`
345	www	581
		582	`if ($allowKnowledgeArea) {`
1	efrain	583	`$resources = getAclKnowledgeArea();`
345	www	584	`foreach ($resources as $resourceName) {`
1	efrain	585	`$this->acl->allow($usertype, $resourceName);`
		586	`}`
		587	`}`
345	www	588
		589	`if ($allowMyCoach) {`
1	efrain	590	`$resources = getAclMyCoach();`
345	www	591
		592	`foreach ($resources as $resourceName) {`
1	efrain	593	`$this->acl->allow($usertype, $resourceName);`
		594	`}`
		595	`}`
345	www	596
		597	`if ($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {`
		598
1	efrain	599	`$usertypes = getAclUsertypeDefaultNetwork();`
345	www	600	`foreach ($usertypes as $usertype => $resources) {`
1	efrain	601
345	www	602	`foreach ($resources as $resourceName) {`
1	efrain	603	`$this->acl->allow($usertype, $resourceName);`
		604	`}`
		605	`}`
		606	`} else {`
345	www	607
		608	`if ($this->currentUserPlugin->hasIdentity()) {`
		609
		610	`if ($company) {`
		611
		612	`if ($companyUser) {`
1	efrain	613	`$usertype = $this->currentUserPlugin->getUserTypeId();`
345	www	614
		615	`if ($companyUser->creator == CompanyUser::CREATOR_YES) {`
		616
		617	`$resources = getAclUsertypeOtherNetworkCreator();`
		618	`foreach ($resources as $resourceName) {`
1	efrain	619	`$this->acl->allow($usertype, $resourceName);`
		620	`}`
		621	`}`
345	www	622	`if ($companyUser->creator == CompanyUser::CREATOR_NO) {`
		623	`$resources = getAclUsertypeOtherNetworkNonCreator();`
		624	`foreach ($resources as $resourceName) {`
1	efrain	625	`$this->acl->allow($usertype, $resourceName);`
		626	`}`
		627	`}`
		628	`}`
		629	`}`
		630	`}`
		631	`}`
345	www	632
1	efrain	633	`$event->getViewModel()->setVariable('acl', $this->acl);`
345	www	634	`}`
1	efrain	635
		636	`public function onDispatchError(MvcEvent $event)`
		637	`{`
		638	`$this->processError($event);`
		639	`}`
345	www	640
1	efrain	641	`public function onRenderError(MvcEvent $event)`
		642	`{`
		643	`$this->processError($event);`
		644	`}`
345	www	645
43	efrain	646	`/**`
345	www	647	`*`
43	efrain	648	`* @param \Laminas\Http\Response $response`
		649	`* @param int $code`
		650	`* @param string $content`
		651	`*/`
		652	`public function sendResponse($response, $code, $content)`
1	efrain	653	`{`
		654	`$headers = $response->getHeaders();`
		655	`$headers->clearHeaders();`
		656	`$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');`
345	www	657
43	efrain	658	`Functions::addCrossSiteToResponse($response);`
345	www	659
43	efrain	660	`$response->setStatusCode($code);`
345	www	661	`$response->setContent($content); // json_encode($data));`
1	efrain	662	`$response->send();`
345	www	663	`exit();`
1	efrain	664	`}`
345	www	665
1	efrain	666	`public function processError(MvcEvent $event)`
		667	`{`
		668	`$error = $event->getError();`
345	www	669	`if (! $error) {`
1	efrain	670	`return;`
		671	`}`
345	www	672
1	efrain	673	`$response = $event->getResponse();`
345	www	674	`if ('error-exception' == $error) {`
		675
1	efrain	676	`$exception = $event->getParam('exception');`
		677	`error_log($exception->getCode() . ' ' . $exception->getMessage());`
		678	`error_log($exception->getTraceAsString());`
345	www	679
1	efrain	680	`$response = $event->getResponse();`
45	efrain	681	`$code = 200;`
345	www	682	`$content = json_encode([`
		683	`'success' => false,`
		684	`'data' => $exception->getCode() . ' ' . $exception->getMessage(),`
		685	`'fatal' => true`
		686	`]);`
43	efrain	687	`$this->sendResponse($response, $code, $content);`
345	www	688	`} else if ('error-router-no-match' == $error) {`
		689
1	efrain	690	`$response = $event->getResponse();`
43	efrain	691	`$code = 404;`
345	www	692	`$content = json_encode([`
		693	`'success' => false,`
		694	`'data' => 'error-router-no-match',`
		695	`'fatal' => true`
		696	`]);`
43	efrain	697	`$this->sendResponse($response, $code, $content);`
345	www	698	`} else if (' error-controller-not-found' == $error) {`
1	efrain	699
		700	`$response = $event->getResponse();`
43	efrain	701	`$code = 404;`
345	www	702	`$content = json_encode([`
		703	`'success' => false,`
		704	`'data' => 'error-controller-not-found',`
		705	`'fatal' => true`
		706	`]);`
43	efrain	707	`$this->sendResponse($response, $code, $content);`
1	efrain	708	`} else {`
		709	`$response = $event->getResponse();`
45	efrain	710	`$code = 200;`
345	www	711	`$content = json_encode([`
		712	`'success' => false,`
		713	`'data' => $error,`
		714	`'fatal' => true`
		715	`]);`
43	efrain	716	`$this->sendResponse($response, $code, $content);`
1	efrain	717	`}`
		718
345	www	719	`exit();`
1	efrain	720	`}`
		721
		722	`public function authPreDispatch(MvcEvent $event)`
		723	`{`
		724	`$serviceManager = $event->getApplication()->getServiceManager();`
		725	`$adapter = $serviceManager->get('leaders-linked-db');`
345	www	726
1	efrain	727	`$routeName = $event->getRouteMatch()->getMatchedRouteName();`
		728
		729	`$requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';`
345	www	730
		731	`if ($requestMethod == 'POST') {`
		732
		733	`if ($this->authByOTP && substr($routeName, 0, 8) == 'services') {`
1	efrain	734	`$exclude = true;`
		735	`} else {`
		736	`$exclude = false;`
345	www	737
1	efrain	738	`$usertypes = getAclUsertype();`
345	www	739
		740	`foreach ($usertypes[UserType::GUEST] as $resourceName) {`
		741	`if ($routeName == $resourceName) {`
		742	`$exclude = true;`
		743	`break;`
1	efrain	744	`}`
		745	`}`
		746	`}`
		747
345	www	748	`if (! $exclude) {`
95	efrain	749
1	efrain	750	`$httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';`
103	efrain	751
345	www	752	`if ($this->jwtID) {`
		753
95	efrain	754	`$jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);`
102	efrain	755	`$jwtToken = $jwtTokenMapper->fetchOne($this->jwtID);`
345	www	756	`if ($jwtToken) {`
		757
100	efrain	758	`$sessionToken = $jwtToken->csrf;`
345	www	759	`// $jwtToken->csrf= '';`
		760
		761	`// $jwtTokenMapper->update($jwtToken);`
100	efrain	762	`} else {`
		763	`$sessionToken = '';`
		764	`}`
95	efrain	765	`} else {`
		766	`$sessionToken = '';`
		767	`}`
		768
345	www	769	`// error_log('$this->jwtID = ' . $this->jwtID . ' $httpToken = ' . $httpToken . ' $sessionToken = ' . $sessionToken);`
95	efrain	770
345	www	771	`// if ( $httpToken != $sessionToken) {`
		772	`// $response = $event->getResponse();`
		773	`// $this->sendResponse($response, 200, json_encode(['success' => false, 'data' => 'Unauthorized - CSRF fail', 'fatal' => true]));`
		774	`// }`
1	efrain	775	`}`
		776	`}`
95	efrain	777
345	www	778	`if ($this->currentUserPlugin->hasIdentity()) {`
		779	`$user = $this->currentUserPlugin->getUser();`
167	efrain	780	`$user_id = $user->id;`
1	efrain	781	`$userTypeId = $user->usertype_id;`
345	www	782	`} else {`
		783
1	efrain	784	`$userTypeId = UserType::GUEST;`
167	efrain	785	`$user_id = 0;`
345	www	786	`}`
167	efrain	787
345	www	788	`if ($this->acl->isAllowed($userTypeId, $routeName)) {`
1	efrain	789	`$user = $this->currentUserPlugin->getUser();`
		790
345	www	791	`if ($user) {`
		792
1	efrain	793	`$updateLastActivity = true;`
		794	`if ('chat' == substr($routeName, 0, 4)) {`
		795	`$updateLastActivity = false;`
345	www	796	`}`
1	efrain	797	`if ('inmail' == substr($routeName, 0, 6)) {`
		798	`$updateLastActivity = false;`
345	www	799	`}`
1	efrain	800	`if ('check-session' == $routeName) {`
		801	`$updateLastActivity = false;`
345	www	802	`}`
		803
		804	`if ($updateLastActivity) {`
1	efrain	805	`$userMapper = UserMapper::getInstance($adapter);`
		806	`$userMapper->updateLastActivity($user->id);`
		807	`}`
		808	`}`
		809	`} else {`
		810	`$response = $event->getResponse();`
54	efrain	811
45	efrain	812	`$response->setStatusCode(200);`
345	www	813	`$response->setContent(json_encode([`
		814	`'success' => false,`
		815	`'data' => 'Unauthorized - Does not have permission',`
		816	`'fatal' => true`
		817	`]));`
1	efrain	818	`$response->send();`
345	www	819	`exit();`
1	efrain	820	`}`
		821	`}`
		822
		823	`public function authPosDispatch(MvcEvent $event)`
		824	`{`
345	www	825	`// $response = $event->getResponse();`
		826	`// Functions::addCrossSiteToResponse($response);`
1	efrain	827	`}`
345	www	828
167	efrain	829	`/**`
345	www	830	`*`
167	efrain	831	`* @param \Laminas\Db\Adapter\AdapterInterface $adapter`
		832	`* @param int $user_id`
		833	`* @return boolean`
		834	`*/`
		835	`private function isMicroLeargningAccessGranted($adapter, $user_id)`
		836	`{`
		837	`$accessGranted = false;`
626	stevensc	838	`$topicUserMapper = \LeadersLinked\Mapper\MicrolearningTopicUserMapper::getInstance($adapter);`
		839	`$now = $topicUserMapper->getDatebaseNow();`
345	www	840
626	stevensc	841	`$records = $topicUserMapper->fetchAllActiveByUserId($user_id);`
167	efrain	842
345	www	843	`foreach ($records as $record) {`
626	stevensc	844	`if ($record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_UNLIMITED && $record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
167	efrain	845	`continue;`
		846	`}`
626	stevensc	847	`if ($record->access == \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
345	www	848	`if ($now < $record->paid_from \|\| $now > $record->paid_to) {`
167	efrain	849	`continue;`
		850	`}`
		851	`}`
		852	`$accessGranted = true;`
		853	`break;`
		854	`}`
345	www	855
167	efrain	856	`return $accessGranted;`
		857	`}`
345	www	858
302	www	859	`/**`
		860	`*`
		861	`* @param \Laminas\Db\Adapter\AdapterInterface $adapter`
		862	`* @param int $user_id`
		863	`* @return boolean`
		864	`*/`
		865	`private function isHabitsAccessGranted($adapter, $user_id)`
		866	`{`
		867	`$accessGranted = false;`
627	stevensc	868	`$habitUserMapper = \LeadersLinked\Mapper\HabitUserMapper::getInstance($adapter);`
302	www	869	`$now = $habitUserMapper->getDatebaseNow();`
345	www	870
302	www	871	`$records = $habitUserMapper->fetchAllActiveByUserId($user_id);`
345	www	872
		873	`foreach ($records as $record) {`
627	stevensc	874	`if ($record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_UNLIMITED && $record->access != \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
302	www	875	`continue;`
		876	`}`
345	www	877
627	stevensc	878	`if ($record->access == \LeadersLinked\Model\MicrolearningTopicUser::ACCESS_PAY_PERIOD) {`
345	www	879	`if ($now < $record->paid_from \|\| $now > $record->paid_to) {`
302	www	880	`continue;`
		881	`}`
		882	`}`
345	www	883
302	www	884	`$accessGranted = true;`
		885	`break;`
		886	`}`
345	www	887
302	www	888	`return $accessGranted;`
		889	`}`
1	efrain	890	`}`

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Module.php – Rev 769