Proyectos de Subversion LeadersLinked - Services

Rev

Rev 95 | Rev 97 | Ir a la última revisión | | Comparar con el anterior | Ultima modificación | Ver Log |

Rev Autor Línea Nro. Línea
1 efrain 1
<?php
2
declare(strict_types=1);
3
 
4
namespace LeadersLinked;
5
 
6
use Laminas\Db\Adapter\AdapterInterface;
7
use Laminas\ModuleManager\ModuleEvent;
8
use Laminas\ModuleManager\ModuleManager;
9
use Laminas\Mvc\MvcEvent;
10
use Laminas\Config\Reader\Ini;
11
use Laminas\Permissions\Acl\Acl;
12
use Laminas\Permissions\Acl\Role\GenericRole;
13
use LeadersLinked\Plugin\CurrentUserPlugin;
14
use LeadersLinked\Mapper\UserMapper;
15
use LeadersLinked\Authentication\AuthTokenAdapter;
16
use Laminas\Authentication\AuthenticationService;
17
use Laminas\Permissions\Acl\Resource\GenericResource;
18
use LeadersLinked\Model\UserType;
19
use LeadersLinked\Plugin\CurrentNetworkPlugin;
20
use LeadersLinked\Model\Network;
21
use LeadersLinked\Model\User;
22
use LeadersLinked\Mapper\CompanyUserMapper;
23
use LeadersLinked\Model\CompanyUser;
24
use LeadersLinked\Mapper\CompanyMapper;
25
use LeadersLinked\Mapper\CompanyServiceMapper;
26
use LeadersLinked\Model\Service;
27
 
28
use LeadersLinked\Library\Functions;
29
use LeadersLinked\Mapper\DailyPulseMapper;
30
use LeadersLinked\Model\DailyPulse;
31
use LeadersLinked\Mapper\OrganizationPositionMapper;
32
use LeadersLinked\Mapper\KnowledgeAreaCategoryJobDescriptionMapper;
33
use LeadersLinked\Mapper\MyCoachCategoryJobDescriptionMapper;
34
use LeadersLinked\Mapper\KnowledgeAreaCategoryUserMapper;
35
use LeadersLinked\Mapper\MyCoachCategoryUserMapper;
23 efrain 36
use Firebase\JWT\JWT;
37
use Firebase\JWT\Key;
38
use LeadersLinked\Mapper\JwtTokenMapper;
39
use LeadersLinked\Authentication\AuthUserIdAdapter;
95 efrain 40
use LeadersLinked\Model\JwtToken;
1 efrain 41
 
42
class Module
43
{
44
    /**
45
     *
46
     * @var Acl
47
     */
48
    private $acl;
49
 
50
    /**
51
     *
52
     * @var AdapterInterface
53
     */
54
    private $adapter;
55
 
56
    /**
57
     *
58
     * @var CurrentUserPlugin
59
     */
60
    private $currentUserPlugin;
61
 
62
    /**
63
     *
64
     * @var CurrentNetworkPlugin
65
     */
66
    private $currentNetworkPlugin;
67
 
68
    /**
69
     *
70
     * @var array
71
     */
72
    private $routesAuthorized = [];
73
 
74
    /**
75
     *
76
     * @var boolean
77
     */
23 efrain 78
    private $authByOTP = false;
1 efrain 79
 
23 efrain 80
    /**
81
     *
82
     * @var boolean
83
     */
84
    private $authByJWT = false;
1 efrain 85
 
23 efrain 86
 
1 efrain 87
    /**
88
     *
95 efrain 89
     * @var JwtToken
90
     */
91
    private  $jwtToken;
92
 
93
 
94
    /**
95
     *
1 efrain 96
     * @var array
97
     */
98
    private $config;
99
 
100
 
101
 
102
    public function init(ModuleManager $moduleManager)
103
    {
104
        $events = $moduleManager->getEventManager();
105
        $events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array($this, 'onMergeConfig'));
106
    }
107
 
108
    public function onMergeConfig(ModuleEvent $event)
109
    {
110
        $configListener = $event->getConfigListener();
111
        $this->config   = $configListener->getMergedConfig(false);
112
 
113
        $reader = new Ini();
114
        $data = $reader->fromFile('config/leaderslinked.ini');
115
 
116
        $prefix = 'leaderslinked';
117
        foreach($data as $section => $pairs)
118
        {
119
            foreach($pairs as $key => $value)
120
            {
121
                $this->config[$prefix . '.' . $section . '.' . $key] = $value;
122
            }
123
        }
124
        $configListener->setMergedConfig($this->config);
125
    }
126
 
127
 
128
    public function getConfig() : array
129
    {
130
        return include __DIR__ . '/../config/module.config.php';
131
    }
132
 
133
    public function onBootstrap(MvcEvent $event)
134
    {
86 efrain 135
 
96 efrain 136
        $response = $event->getResponse();
137
        Functions::addCrossSiteToResponse($response);
138
        $event->setResponse($response);
139
 
68 efrain 140
        $serviceManager = $event->getApplication()->getServiceManager();
55 efrain 141
 
142
 
68 efrain 143
        $eventManager = $event->getApplication()->getEventManager();
144
        $eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this,'onDispatchError'], 0);
145
        $eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this,'onRenderError'], 0);
146
 
1 efrain 147
        $adapter = $serviceManager->get('leaders-linked-db');
148
 
149
        $session = $serviceManager->get('leaders-linked-session');
150
        $session->start();
151
 
152
 
153
        $translator = $serviceManager->get('MvcTranslator');
154
        $translator->addTranslationFile(
155
            'phpArray',
156
            __DIR__ . '/i18n/validate.php',
157
            'default'
158
            );
159
 
160
        $translator->addTranslationFile(
161
            'phpArray',
162
            __DIR__ . '/i18n/spanish.php',
163
            'default'
164
            );
165
 
86 efrain 166
 
1 efrain 167
        \Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);
168
 
169
 
170
        $headers  = $event->getRequest()->getHeaders();
171
        if($headers->has('token')) {
172
            $device_uuid = Functions::sanitizeFilterString($headers->get('token')->getFieldValue());
173
        } else {
174
            $device_uuid = '';
175
        }
176
        if($headers->has('secret')) {
177
            $password =  Functions::sanitizeFilterString($headers->get('secret')->getFieldValue());
178
        } else {
179
            $password = '';
180
        }
181
        if($headers->has('rand')) {
182
            $rand =  Functions::sanitizeFilterString($headers->get('rand')->getFieldValue());
183
        } else {
184
            $rand = 0;
185
        }
186
        if($headers->has('created')) {
187
            $timestamp =  Functions::sanitizeFilterString($headers->get('created')->getFieldValue());
188
        } else {
189
            $timestamp = 0;
190
        }
191
 
192
 
4 efrain 193
 
1 efrain 194
        $this->currentNetworkPlugin = new CurrentNetworkPlugin($adapter);
195
        if(!$this->currentNetworkPlugin->hasNetwork()) {
43 efrain 196
 
1 efrain 197
            $response = $event->getResponse();
45 efrain 198
            $code = 200;
199
            $content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - not found', 'fatal' => true]);
43 efrain 200
            $this->sendResponse($response, $code, $content);
201
 
1 efrain 202
        }
203
 
204
        if($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {
43 efrain 205
 
1 efrain 206
            $response = $event->getResponse();
45 efrain 207
            $code = 200;
208
            $content = json_encode(['success' => false, 'data' => '200 Unauthorized - Private network - inactive', 'fatal' => true]);
43 efrain 209
            $this->sendResponse($response, $code, $content);
210
 
1 efrain 211
        }
212
 
213
 
23 efrain 214
        $this->authByOTP = false;
1 efrain 215
        if($device_uuid && $password && $rand && $timestamp) {
23 efrain 216
            $this->authByOTP = true;
1 efrain 217
 
218
 
219
            $tokenAuthAdapter = new AuthTokenAdapter($adapter);
220
            $tokenAuthAdapter->setData($device_uuid, $password, $timestamp, $rand);
221
 
222
            $authService = new AuthenticationService();
223
            $result = $authService->authenticate($tokenAuthAdapter);
224
            if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {
43 efrain 225
 
1 efrain 226
                $response = $event->getResponse();
43 efrain 227
                $code = 200;
228
                $content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);
229
                $this->sendResponse($response, $code, $content);
230
 
1 efrain 231
            }
232
 
233
        }
23 efrain 234
 
235
        $this->authByJWT = false;
236
        $headers = getallheaders();
34 efrain 237
 
238
        if(!empty($headers['authorization']) || !empty($headers['Authorization'])) {
23 efrain 239
 
34 efrain 240
            $token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);
241
 
242
 
23 efrain 243
            if (substr($token, 0, 6 ) == 'Bearer') {
43 efrain 244
 
23 efrain 245
 
246
                $token = trim(substr($token, 7));
247
 
248
                if(!empty($this->config['leaderslinked.jwt.key'])) {
249
                    $key = $this->config['leaderslinked.jwt.key'];
250
 
251
 
252
                    try {
253
                        $payload = JWT::decode($token, new Key($key, 'HS256'));
254
 
255
 
256
                        if(empty($payload->iss) || $payload->iss != $_SERVER['HTTP_HOST']) {
43 efrain 257
 
23 efrain 258
                            $response = $event->getResponse();
45 efrain 259
                            $code = 200;
43 efrain 260
                            $content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong server', 'fatal' => true]);
261
                            $this->sendResponse($response, $code, $content);
23 efrain 262
 
43 efrain 263
 
264
 
23 efrain 265
                        }
266
 
267
                        $uuid = empty($payload->uuid) ? '' : $payload->uuid;
268
                        if($uuid) {
269
                            $jwtTokenMapper = JwtTokenMapper::getInstance($adapter);
95 efrain 270
                            $this->jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);
271
                            if($this->jwtToken) {
23 efrain 272
 
273
                                $_SESSION['aes'] = $jwtToken->aes;
274
 
275
                                if($jwtToken->user_id) {
276
                                    $authByUserId = new AuthUserIdAdapter($adapter);
277
                                    $authByUserId->setData($jwtToken->user_id);
278
 
279
                                    $authService = new AuthenticationService();
280
                                    $result = $authService->authenticate($authByUserId);
281
                                    if($result->getCode() != \Laminas\Authentication\Result::SUCCESS) {
43 efrain 282
 
23 efrain 283
                                        $response = $event->getResponse();
45 efrain 284
                                        $code = 200;
43 efrain 285
                                        $content = json_encode(['success' => false, 'data' => $result->getMessages()[0], 'fatal' => true]);
286
                                        $this->sendResponse($response, $code, $content);
23 efrain 287
 
288
                                    }
24 efrain 289
 
290
                                    $this->authByJWT = true;
23 efrain 291
                                }
292
 
293
 
294
                            } else {
295
                                $response = $event->getResponse();
45 efrain 296
                                $code = 200;
43 efrain 297
                                $content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Expired', 'fatal' => true]);
298
                                $this->sendResponse($response, $code, $content);
299
 
23 efrain 300
                            }
301
 
302
                        }
303
                    } catch(\Exception $e) {
43 efrain 304
 
23 efrain 305
                        $response = $event->getResponse();
45 efrain 306
                        $code = 200;
43 efrain 307
                        $content = json_encode(['success' => false, 'data' => 'Unauthorized - JWT - Wrong key', 'fatal' => true]);
308
                        $this->sendResponse($response, $code, $content);
309
 
23 efrain 310
                    }
311
                }
312
            }
313
        }
1 efrain 314
 
315
 
316
 
317
        if(empty($_SERVER['REDIRECT_URL'])) {
318
            if(empty($_SERVER['REQUEST_URI'])) {
319
                $routeName = '';
320
 
321
            } else {
322
                $routeName = $_SERVER['REQUEST_URI'];
323
            }
324
 
325
        } else {
326
            $routeName = $_SERVER['REDIRECT_URL'];
327
 
328
        }
329
 
330
 
331
        $routeName = strtolower(trim($routeName));
332
        if(strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {
333
            $routeName = substr($routeName, 1);
334
        }
335
 
336
        $this->currentUserPlugin = new CurrentUserPlugin($adapter);
337
 
338
 
23 efrain 339
        if($this->authByOTP && substr($routeName, 0, 8) == 'services') {
1 efrain 340
            $checkUserForNetwork = false;
341
        } else {
342
            if($this->currentUserPlugin->hasIdentity()) {
343
 
344
                $checkUserForNetwork = true;
345
            } else {
346
                $checkUserForNetwork = false;
347
            }
348
        }
349
 
350
        if($checkUserForNetwork) {
351
            if(!$routeName || in_array($routeName, ['signout', 'signin', 'home'])) {
352
                $checkUserForNetwork = false;
353
            }
354
        }
355
 
356
        if($checkUserForNetwork) {
357
 
358
 
359
 
360
            if($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {
361
                $response = $event->getResponse();
45 efrain 362
                $this->sendResponse($response, ['success' => false, 'data' => '200 Unauthorized - The user is not part of this private network', 'fatal' => true]);
1 efrain 363
                exit;
364
            }
365
        }
366
 
367
 
368
 
369
        $this->initAcl($event);
68 efrain 370
 
88 efrain 371
 
1 efrain 372
 
373
        $sharedManager = $eventManager->getSharedManager();
374
        $sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPreDispatch'], 100);
375
        $sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPosDispatch'], -100);
376
    }
377
 
378
    public function initAcl(MvcEvent $event)
379
    {
380
 
381
        $serviceManager = $event->getApplication()->getServiceManager();
382
        $adapter = $serviceManager->get('leaders-linked-db');
383
 
384
 
385
        require_once   (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');
386
 
387
 
388
        $this->acl = new Acl();
389
        $resources = getAclResources();
390
 
391
        foreach($resources as $resourceName)
392
        {
393
            $this->acl->addResource(new GenericResource($resourceName));
394
        }
395
 
396
        $usertypes = getAclUsertype();
397
        foreach($usertypes as $usertype => $resources)
398
        {
399
            $this->acl->addRole(new GenericRole($usertype));
400
            foreach ($resources as $resourceName)
401
            {
402
                $this->acl->allow($usertype, $resourceName);
403
            }
404
        }
405
 
406
 
407
 
408
        if($this->currentUserPlugin->hasIdentity() && $this->currentUserPlugin->getUser()->is_super_user == User::IS_SUPER_USER_YES) {
409
 
410
            $resources =  getAclSuperAdmin();
411
            foreach($resources as $resourceName)
412
            {
413
                $this->acl->allow(UserType::ADMIN, $resourceName);
414
            }
415
        }
416
 
417
 
418
 
419
        $allowMyCoach = false;
420
        $allowKnowledgeArea = false;
421
        $allowDailyPulse = false;
422
 
423
 
424
 
425
        $companyMapper = CompanyMapper::getInstance($adapter);
426
        $company = $companyMapper->fetchDefaultForNetworkByNetworkId($this->currentNetworkPlugin->getNetwork()->id);
427
 
428
 
429
        if($company) {
430
 
431
            $companyServiceMapper = CompanyServiceMapper::getInstance($adapter);
432
            $companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::DAILY_PULSE);
433
 
434
 
435
            $companyUserMapper = CompanyUserMapper::getInstance($adapter);
436
            $companyUser = $companyUserMapper->fetchOneAcceptedByCompanyIdAndUserId($company->id,  $this->currentUserPlugin->getUserId());
437
 
438
 
439
 
440
 
441
            if($companyService) {
442
 
443
                $dailyPulseMapper = DailyPulseMapper::getInstance($adapter);
444
                $dailyPulse = $dailyPulseMapper->fetchOneByCompanyId($company->id);
445
 
446
                if($dailyPulse) {
447
                    $privacy = $dailyPulse->privacy;
448
 
449
                } else {
450
                    $privacy = DailyPulse::PRIVACY_COMPANY;
451
                }
452
 
453
                if($privacy ==  DailyPulse::PRIVACY_PUBLIC) {
454
                    $allowDailyPulse = true;
455
                } else {
456
                    $allowDailyPulse = !empty($companyUser);
457
                }
458
 
459
 
460
            }
461
 
462
            $job_description_ids = [];
463
 
464
            $organizationPositionMapper = OrganizationPositionMapper::getInstance($adapter);
465
            $records = $organizationPositionMapper->fetchAllByCompanyIdAndEmployeeId($company->id,  $this->currentUserPlugin->getUserId());
466
            foreach($records as $record)
467
            {
468
                array_push($job_description_ids, $record->job_description_id);
469
            }
470
 
471
 
472
            $companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::KNOWLEDGE_AREA);
473
            if($companyService) {
474
                if($job_description_ids) {
475
 
476
 
477
                    $knowledgeAreaCategoryJobDescriptionMapper = KnowledgeAreaCategoryJobDescriptionMapper::getInstance($adapter);
478
                    $records = $knowledgeAreaCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);
479
 
480
                    if(!empty($records)) {
481
                        $allowKnowledgeArea = true;
482
                    }
483
 
484
                }
485
 
486
                if($companyUser && !$allowKnowledgeArea) {
487
                    $knowledgeAreaCategoryUserMapper = KnowledgeAreaCategoryUserMapper::getInstance($adapter);
488
                    $records = $knowledgeAreaCategoryUserMapper->fetchAllByUserId($companyUser->user_id);
489
                    if(!empty($records)) {
490
                        $allowKnowledgeArea = true;
491
                    }
492
                }
493
            }
494
 
495
            $companyService = $companyServiceMapper->fetchOneActiveByCompanyIdAndServiceId($company->id, Service::MY_COACH);
496
            if($companyService) {
497
 
498
 
499
                if($job_description_ids) {
500
 
501
 
502
                    $myCoachCategoryJobDescriptionMapper = MyCoachCategoryJobDescriptionMapper::getInstance($adapter);
503
                    $records = $myCoachCategoryJobDescriptionMapper->fetchAllByCompanyIdAndJobDescriptionIds($company->id, $job_description_ids);
504
 
505
                    if(!empty($records)) {
506
                        $allowKnowledgeArea = true;
507
                    }
508
 
509
                }
510
 
511
                if($companyUser && !$allowMyCoach) {
512
                    $myCoachCategoryUserMapper = MyCoachCategoryUserMapper::getInstance($adapter);
513
                    $records = $myCoachCategoryUserMapper->fetchAllByUserId($companyUser->user_id);
514
                    if(!empty($records)) {
515
                        $allowMyCoach = true;
516
                    }
517
 
518
 
519
                }
520
            }
521
 
522
        } else {
523
            $companyUser = '';
524
        }
525
 
526
 
527
        $usertype = $this->currentUserPlugin->getUserTypeId();
528
        if($allowDailyPulse) {
529
            $resources = getAclDailyPulse();
530
            foreach($resources as $resourceName)
531
            {
532
                $this->acl->allow($usertype, $resourceName);
533
            }
534
        }
535
 
536
        if($allowKnowledgeArea) {
537
            $resources = getAclKnowledgeArea();
538
            foreach($resources as $resourceName)
539
            {
540
                $this->acl->allow($usertype, $resourceName);
541
            }
542
        }
543
 
544
        if($allowMyCoach) {
545
            $resources = getAclMyCoach();
546
 
547
 
548
 
549
            foreach($resources as $resourceName)
550
            {
551
                $this->acl->allow($usertype, $resourceName);
552
            }
553
 
554
        }
555
 
556
 
557
 
558
        if($this->currentNetworkPlugin->getNetwork()->default == Network::DEFAULT_YES) {
559
 
560
            $usertypes = getAclUsertypeDefaultNetwork();
561
            foreach($usertypes as $usertype => $resources)
562
            {
563
 
564
 
565
 
566
                foreach ($resources as $resourceName)
567
                {
568
                    $this->acl->allow($usertype, $resourceName);
569
                }
570
            }
571
 
572
 
573
        } else {
574
 
575
            if($this->currentUserPlugin->hasIdentity()) {
576
 
577
 
578
                if($company) {
579
 
580
 
581
                    if($companyUser) {
582
                        $usertype = $this->currentUserPlugin->getUserTypeId();
583
 
584
                        if($companyUser->creator == CompanyUser::CREATOR_YES) {
585
 
586
                            $resources =  getAclUsertypeOtherNetworkCreator();
587
                            foreach($resources as $resourceName)
588
                            {
589
                                $this->acl->allow($usertype, $resourceName);
590
                            }
591
 
592
                        }
593
                        if($companyUser->creator == CompanyUser::CREATOR_NO) {
594
                            $resources =  getAclUsertypeOtherNetworkNonCreator();
595
                            foreach($resources as $resourceName)
596
                            {
597
                                $this->acl->allow($usertype, $resourceName);
598
                            }
599
                        }
600
                    }
601
                }
602
            }
603
        }
604
 
605
 
606
        $event->getViewModel()->setVariable('acl', $this->acl);
88 efrain 607
 
608
 
1 efrain 609
 
610
    }
611
 
612
    public function onDispatchError(MvcEvent $event)
613
    {
614
        $this->processError($event);
615
    }
616
 
617
    public function onRenderError(MvcEvent $event)
618
    {
619
        $this->processError($event);
620
    }
621
 
43 efrain 622
    /**
623
     *
624
     * @param \Laminas\Http\Response $response
625
     * @param int $code
626
     * @param string $content
627
     */
628
    public function sendResponse($response, $code, $content)
1 efrain 629
    {
94 efrain 630
 
43 efrain 631
 
44 efrain 632
 
1 efrain 633
        $headers = $response->getHeaders();
634
        $headers->clearHeaders();
635
        $headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');
636
 
43 efrain 637
        Functions::addCrossSiteToResponse($response);
638
 
639
        $response->setStatusCode($code);
640
        $response->setContent($content); //json_encode($data));
1 efrain 641
        $response->send();
642
        exit;
643
    }
644
 
645
    public function processError(MvcEvent $event)
646
    {
647
        $error = $event->getError();
648
        if (!$error) {
649
            return;
650
        }
651
 
652
        $response = $event->getResponse();
653
        if('error-exception' == $error) {
654
            $exception = $event->getParam('exception');
655
            error_log($exception->getCode() . ' ' . $exception->getMessage());
656
            error_log($exception->getTraceAsString());
43 efrain 657
 
1 efrain 658
            $response = $event->getResponse();
45 efrain 659
            $code = 200;
43 efrain 660
            $content = json_encode(['success' => false, 'data' => $exception->getCode() . ' ' . $exception->getMessage(), 'fatal' => true]);
661
            $this->sendResponse($response, $code, $content);
1 efrain 662
 
663
        } else if('error-router-no-match' == $error) {
43 efrain 664
 
1 efrain 665
            $response = $event->getResponse();
43 efrain 666
            $code = 404;
667
            $content = json_encode(['success' => false, 'data' => 'error-router-no-match', 'fatal' => true]);
668
            $this->sendResponse($response, $code, $content);
1 efrain 669
 
670
 
671
 
672
        } else if(' error-controller-not-found' == $error) {
43 efrain 673
 
1 efrain 674
            $response = $event->getResponse();
43 efrain 675
            $code = 404;
676
            $content = json_encode(['success' => false, 'data' => 'error-controller-not-found', 'fatal' => true]);
677
            $this->sendResponse($response, $code, $content);
1 efrain 678
 
43 efrain 679
 
1 efrain 680
        } else {
681
            $response = $event->getResponse();
45 efrain 682
            $code = 200;
43 efrain 683
            $content = json_encode(['success' => false, 'data' => $error, 'fatal' => true]);
684
            $this->sendResponse($response, $code, $content);
1 efrain 685
 
43 efrain 686
 
1 efrain 687
        }
688
 
689
        exit;
690
 
691
    }
692
 
693
 
694
    public function authPreDispatch(MvcEvent $event)
695
    {
696
 
697
 
92 efrain 698
 
1 efrain 699
 
700
        $serviceManager = $event->getApplication()->getServiceManager();
701
        $adapter = $serviceManager->get('leaders-linked-db');
702
 
703
        $routeName = $event->getRouteMatch()->getMatchedRouteName();
704
 
705
 
706
        $requestMethod = isset($_SERVER['REQUEST_METHOD']) ? trim(strtoupper($_SERVER['REQUEST_METHOD'])) : '';
707
 
95 efrain 708
        if($requestMethod == 'POST') {
1 efrain 709
 
710
 
23 efrain 711
            if($this->authByOTP && substr($routeName, 0, 8) == 'services') {
1 efrain 712
                $exclude = true;
713
            } else {
714
                $exclude = false;
715
 
716
                $usertypes = getAclUsertype();
717
 
718
 
719
                foreach($usertypes[UserType::GUEST] as $resourceName)
720
                {
721
                   if($routeName == $resourceName) {
722
                      $exclude = true;
723
                      break;
724
                    }
725
                }
726
            }
727
 
95 efrain 728
 
1 efrain 729
            if(!$exclude) {
95 efrain 730
 
1 efrain 731
                $httpToken = isset($_SERVER['HTTP_X_CSRF_TOKEN']) ? $_SERVER['HTTP_X_CSRF_TOKEN'] : '';
732
 
95 efrain 733
                if($this->jwtToken) {
734
                    $sessionToken = $this->jwtToken->csrf;
735
                    $this->jwtToken->csrf= '';
736
 
737
                    $jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);
738
                    $jwtTokenMapper->update($this->jwtToken);
739
 
740
 
741
                } else {
742
                    $sessionToken = '';
743
                }
744
 
745
 
1 efrain 746
                if ( $httpToken != $sessionToken) {
747
                    $response = $event->getResponse();
94 efrain 748
                    $this->sendResponse($response, 200, json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));
1 efrain 749
                }
750
 
751
            }
752
        }
95 efrain 753
 
1 efrain 754
 
755
 
756
 
757
        if($this->currentUserPlugin->hasIdentity())  {
758
            $user = $this->currentUserPlugin->getUser();
759
            $userTypeId = $user->usertype_id;
760
 
761
 
762
        }  else {
763
 
764
            $userTypeId = UserType::GUEST;
765
        }
766
 
767
 
768
        if($this->acl->isAllowed($userTypeId, $routeName)) {
769
            $user = $this->currentUserPlugin->getUser();
770
 
771
 
772
            if($user) {
773
 
774
                $updateLastActivity = true;
775
                if ('chat' == substr($routeName, 0, 4)) {
776
                    $updateLastActivity = false;
777
                }
778
                if ('inmail' == substr($routeName, 0, 6)) {
779
                    $updateLastActivity = false;
780
                }
781
                if ('check-session' == $routeName) {
782
                    $updateLastActivity = false;
783
                }
784
 
785
 
786
                if($updateLastActivity) {
787
                    $userMapper = UserMapper::getInstance($adapter);
788
                    $userMapper->updateLastActivity($user->id);
789
                }
790
            }
791
 
792
 
793
 
794
        } else {
795
            $response = $event->getResponse();
54 efrain 796
 
45 efrain 797
            $response->setStatusCode(200);
1 efrain 798
            $response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));
799
            $response->send();
800
            exit;
801
 
802
 
803
 
804
        }
90 efrain 805
 
91 efrain 806
 
90 efrain 807
 
1 efrain 808
 
809
 
810
    }
811
 
812
 
813
    public function authPosDispatch(MvcEvent $event)
814
    {
90 efrain 815
        //$response = $event->getResponse();
816
       // Functions::addCrossSiteToResponse($response);
1 efrain 817
    }
818
 
819
 
820
 
821
 
822
}