Rev 15371 | Rev 16770 | Ir a la última revisión | Autoría | Comparar con el anterior | Ultima modificación | Ver Log |
<?phpdeclare(strict_types=1);namespace LeadersLinked;use Laminas\Db\Adapter\AdapterInterface;use Laminas\Cache\Storage\Adapter\AbstractAdapter as CacheAdapter;use Laminas\ModuleManager\ModuleEvent;use Laminas\ModuleManager\ModuleManager;use Laminas\Mvc\MvcEvent;use Laminas\Config\Reader\Ini;use Laminas\Permissions\Acl\Acl;use LeadersLinked\Plugin\CurrentNetworkPlugin;use LeadersLinked\Plugin\CurrentUserPlugin;use LeadersLinked\Model\Company;use LeadersLinked\Mapper\UserMapper;use Laminas\Permissions\Acl\Resource\GenericResource;use Laminas\Permissions\Acl\Role\GenericRole;use LeadersLinked\Mapper\CompanyUserMapper;use LeadersLinked\Mapper\CompanyUserRoleMapper;use LeadersLinked\Mapper\RoleMapper;use LeadersLinked\Mapper\CompanyServiceMapper;use LeadersLinked\Model\Network;use LeadersLinked\Model\Service;use LeadersLinked\Model\User;use LeadersLinked\Model\UserType;use LeadersLinked\Model\CompanyService;use LeadersLinked\Model\CompanyUser;use LeadersLinked\Mapper\CompanyMapper;use LeadersLinked\Mapper\ApplicationVariantMapper;class Module{/**** @var boolean*/private $isJson;/**** @var boolean*/private $isHtml;/**** @var Acl*/private $acl;/**** @var Company*/private $company;/**** @var AdapterInterface*/private $adapter;/**** @var CacheAdapter*/private $cache;/**** @var CurrentUserPlugin*/private $currentUserPlugin;/**** @var CurrentNetworkPlugin*/private $currentNetworkPlugin;/**** @var array*/private $routesAuthorized = [];/**** @var boolean*/private $authByHeaders = false;public function init(ModuleManager $moduleManager){$events = $moduleManager->getEventManager();$events->attach(ModuleEvent::EVENT_MERGE_CONFIG, array($this, 'onMergeConfig'));}public function onMergeConfig(ModuleEvent $event){$configListener = $event->getConfigListener();$config = $configListener->getMergedConfig(false);$reader = new Ini();$data = $reader->fromFile('config/leaderslinked.ini');$prefix = 'leaderslinked';foreach($data as $section => $pairs){foreach($pairs as $key => $value){$config[$prefix . '.' . $section . '.' . $key] = $value;}}$configListener->setMergedConfig($config);}public function getConfig() : array{return include __DIR__ . '/../config/module.config.php';}public function onBootstrap(MvcEvent $event){$serviceManager = $event->getApplication()->getServiceManager();$adapter = $serviceManager->get('leaders-linked-db');// $logger = $serviceManager->get('Zend\Log\Logger');$session = $serviceManager->get('leaders-linked-session');$session->start();$translator = $serviceManager->get('MvcTranslator');$translator->addTranslationFile('phpArray',__DIR__ . '/i18n/validate.php','default');$translator->addTranslationFile('phpArray',__DIR__ . '/i18n/spanish.php','default');\Laminas\Validator\AbstractValidator::setDefaultTranslator($translator);$this->currentNetworkPlugin = new CurrentNetworkPlugin($adapter);if(!$this->currentNetworkPlugin->hasNetwork()) {header("HTTP/1.1 401 Unauthorized - Private network - not found");exit;}if($this->currentNetworkPlugin->getNetwork()->status == Network::STATUS_INACTIVE) {header("HTTP/1.1 401 Unauthorized - Private network - inactive");exit;}if(empty($_SERVER['REDIRECT_URL'])) {if(empty($_SERVER['REQUEST_URI'])) {$routeName = '';} else {$routeName = $_SERVER['REQUEST_URI'];}} else {$routeName = $_SERVER['REDIRECT_URL'];}$routeName = strtolower(trim($routeName));if(strlen($routeName) > 0 && substr($routeName, 0, 1) == '/') {$routeName = substr($routeName, 1);}$this->isHtml = $this->isJson ? false : true;$this->currentUserPlugin = new CurrentUserPlugin($adapter);if($this->currentUserPlugin->hasIdentity()) {if(in_array($routeName, ['signout', 'signin-admin', 'signin-company', 'home'])) {$checkUserForNetwork = false;} else {$checkUserForNetwork = true;}} else {$checkUserForNetwork = false;}if($checkUserForNetwork) {if($this->currentUserPlugin->getUser()->network_id != $this->currentNetworkPlugin->getNetworkId()) {header("HTTP/1.1 401 Unauthorized - The user is not part of this private network");exit;}}$this->initAcl($event);$eventManager = $event->getApplication()->getEventManager();$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this,'onDispatchError'], 0);$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this,'onRenderError'], 0);$sharedManager = $eventManager->getSharedManager();$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPreDispatch'], 100);$sharedManager->attach(__NAMESPACE__, MvcEvent::EVENT_DISPATCH, [$this, 'authPosDispatch'], -100);}public function initAcl(MvcEvent $event){$serviceManager = $event->getApplication()->getServiceManager();$adapter = $serviceManager->get('leaders-linked-db');require_once (dirname(__DIR__) . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'acl.config.php');//header('Content-type: text/plain');$this->acl = new Acl();$resources = getAclResources();foreach($resources as $resourceName){//echo $resourceName . PHP_EOL;$this->acl->addResource(new GenericResource($resourceName));}$rolesForUsertype = getAclRolesForUsertype();$user = $this->currentUserPlugin->getUser();$company = $this->currentUserPlugin->getCompany();$network = $this->currentNetworkPlugin->getNetwork();if($company) {$resources = [];$this->acl->addRole(new GenericRole($user->usertype_id));foreach($rolesForUsertype[UserType::USER] as $resourceName){if(!in_array($resourceName, $resources)) {array_push($resources, $resourceName);}}$servicesActive = [];$now = date('Y-m-d');$companyServiceMapper = CompanyServiceMapper::getInstance($adapter);$companyServices = $companyServiceMapper->fetchAllByCompanyId($company->id);foreach($companyServices as $companyService){if($companyService->status == CompanyService::ACTIVE) {$paid_from = trim(substr($companyService->paid_from, 0, 10));$paid_to = trim(substr($companyService->paid_to, 0, 10));if($now >= $paid_from && $now <= $paid_to) {if(!in_array($companyService->id, $servicesActive)) {array_push($servicesActive, $companyService->service_id);}}}}$rolesForCompany = getAclRolesCompany();$companyUserMapper = CompanyUserMapper::getInstance($adapter);$companyUser = $companyUserMapper->fetchOneByCompanyIdAndUserId($company->id, $user->id);$roleMapper = RoleMapper::getInstance($adapter);if($companyUser) {if($companyUser->creator == CompanyUser::CREATOR_YES) {$applicationVariantMapper = ApplicationVariantMapper::getInstance($adapter);$total = $applicationVariantMapper->fetchCountActiveByCompanyId($company->id);if($total > 0) {$resourceNames = getAclPermissionPushTemplatesForCustomApps();foreach($resourceNames as $resourceName){if(!in_array($resourceName, $resources)) {array_push($resources, $resourceName);}}}$roles = $roleMapper->fetchAllForCreator();if($roles) {foreach($roles as $role){if(!empty($rolesForCompany[$role->code])) {foreach($rolesForCompany[$role->code] as $resourceName) {if(!in_array($resourceName, $resources)) {array_push($resources, $resourceName);}}}}}foreach ($servicesActive as $service_id) {$roles = $roleMapper->fetchAllByServiceId($service_id);foreach($roles as $role) {if(!empty($rolesForCompany[$role->code])) {foreach($rolesForCompany[$role->code] as $resourceName) {if(!in_array($resourceName, $resources)) {array_push($resources, $resourceName);}}}}}} else {$companyUserRoleMapper = CompanyUserRoleMapper::getInstance($adapter);$companyUserRoles = $companyUserRoleMapper->fetchAllByCompanyIdAndUserId($company->id, $user->id);foreach($companyUserRoles as $companyUserRole){$role = $roleMapper->fetchOne($companyUserRole->role_id);if($role) {if($role->service_id) {if(!in_array($role->service_id, $servicesActive)) {continue;}}if(isset($rolesForCompany[ $role->code ] )) {foreach($rolesForCompany[ $role->code ] as $resourceName){if(!in_array($resourceName, $resources)) {array_push($resources, $resourceName);}}}}}}}foreach($resources as $resourceName){$this->acl->allow($user->usertype_id, $resourceName);}} else {foreach($rolesForUsertype as $usertype => $resources){$this->acl->addRole(new GenericRole($usertype));foreach ($resources as $resourceName){// echo $resourceName . PHP_EOL;$this->acl->allow($usertype, $resourceName);}}if($this->currentUserPlugin->hasIdentity()) {$user = $this->currentUserPlugin->getUser();if($user->is_super_user == User::IS_SUPER_USER_YES) {$resources = getAclPermissionSuperAdmin();foreach ($resources as $resourceName){$this->acl->allow(UserType::ADMIN, $resourceName);}}}if($this->company == null) {if($network->default == Network::DEFAULT_YES) {$resources = getAclPermissionAdminForDefaultNetwork();foreach ($resources as $resourceName){$this->acl->allow(UserType::ADMIN, $resourceName);}} else {$companyMapper = CompanyMapper::getInstance($adapter);$company = $companyMapper->fetchDefaultForNetworkByNetworkId($network->id);if($company) {$companyUserMapper = CompanyUserMapper::getInstance($adapter);$companyUser = $companyUserMapper->fetchCreatorByCompanyId($company->id);if($companyUser && $companyUser->user_id == $this->currentUserPlugin->getUserId()) {$resources = getAclPermissionAdminForNonDefaultNetwork();foreach ($resources as $resourceName){$this->acl->allow(UserType::ADMIN, $resourceName);}}}}}}$event->getViewModel()->setVariable('acl', $this->acl);}public function onDispatchError(MvcEvent $event){$this->processError($event);}public function onRenderError(MvcEvent $event){$this->processError($event);}public function sendResponse(\Laminas\Http\Response $response, $data){if($this->isJson) {$headers = $response->getHeaders();$headers->clearHeaders();$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');$response->setStatusCode(200);$response->setContent(json_encode($data));$response->send();} else {// print_r($data); exit;throw new \Exception($data['data']);}exit;}public function processError(MvcEvent $event){$request = $event->getRequest();if((method_exists($request, 'isXmlHttpRequest') && $request->isXmlHttpRequest()) || ($this->isJson && !$this->isHtml)) {$error = $event->getError();if (!$error) {return;}$response = $event->getResponse();if('error-exception' == $error) {$exception = $event->getParam('exception');error_log($exception->getCode() . ' ' . $exception->getMessage());//error_log($exception->getTraceAsString());$data = ['success' => false,'data' => 'An error occurred during execution; please try again later.'];} else if('error-router-no-match' == $error) {$data = ['success' => false,'data' => 'Resource not found.'];} else if(' error-controller-not-found' == $error) {$data = ['success' => false,'data' => 'Controller not found.'];} else {$data = ['success' => false,'data' => 'Unknow error.' , 'error' => $error];}$this->sendResponse($response, $data);}$this->initAcl($event);}public function authPreDispatch(MvcEvent $event){$serviceManager = $event->getApplication()->getServiceManager();$adapter = $serviceManager->get('leaders-linked-db');$userTypeId = $this->currentUserPlugin->getUserTypeId();$routeName = $event->getRouteMatch()->getMatchedRouteName();if($this->acl->isAllowed($userTypeId, $routeName)) {$user = $this->currentUserPlugin->getUser();if($user) {$updateLastActivity = true;if ('chat' == substr($routeName, 0, 4)) {$updateLastActivity = false;}if ('inmail' == substr($routeName, 0, 6)) {$updateLastActivity = false;}if ('check-session' == $routeName) {$updateLastActivity = false;}if($updateLastActivity) {$userMapper = UserMapper::getInstance($adapter);$userMapper->updateLastActivity($user->id);}}} else {echo "userTypeId = $userTypeId routeName = $routeName";exit;$this->currentUserPlugin->clearIdentity();if($this->isJson) {$response = $event->getResponse();$headers = $response->getHeaders();$headers->clearHeaders();$headers->addHeaderLine('Content-type', 'application/json; charset=UTF-8');$response->setStatusCode(200);$response->setContent(json_encode(['success' => false, 'data' => 'Unauthorized.', 'fatal' => true]));$response->send();} else {$url = $event->getRouter()->assemble([], ['name' => 'signout']);$response = $event->getResponse();$headers = $response->getHeaders();$headers->clearHeaders();$headers->addHeaderLine('Location', $url);$response->setStatusCode(302);$response->send();}exit;}}public function authPosDispatch(MvcEvent $event){}}