Immanuel
/
skouter
1
0
Fork 0
Code Issues 0 Pull-Requests 0 Releases 0 Wiki Aktivität
Skouter mortgage estimates. Web application with view written in PHP and Vue, but controller and models in Go.
Du kannst nicht mehr als 25 Themen auswählen Themen müssen entweder mit einem Buchstaben oder einer Ziffer beginnen. Sie können Bindestriche („-“) enthalten und bis zu 35 Zeichen lang sein.
148 Commits
1 Branch
11 MiB
Struktur: 53ebad02ae
Branches Tags
${ item.name }
Erstelle Branch ${ searchTerm }
von „53ebad02ae“
${ noResults }
skouter/grav-admin/user/plugins/admin/classes/plugin/Controllers/AbstractController.php

AbstractController.php 11 KiB
Originalformat Normale Ansicht Verlauf

Setup grav Store only files relevant to the project by tracking only the user/ directory.
vor 1 Jahr
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414 
  1. <?php

  2. 

  3. /**

  4.  * @package    Grav\Plugin\Admin

  5.  *

  6.  * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.

  7.  * @license    MIT License; see LICENSE file for details.

  8.  */

  9. 

  10. declare(strict_types=1);

  11. 

  12. namespace Grav\Plugin\Admin\Controllers;

  13. 

  14. use Grav\Common\Debugger;

  15. use Grav\Common\Grav;

  16. use Grav\Common\Inflector;

  17. use Grav\Common\Language\Language;

  18. use Grav\Common\Utils;

  19. use Grav\Framework\Flex\Interfaces\FlexObjectInterface;

  20. use Grav\Framework\Form\Interfaces\FormInterface;

  21. use Grav\Framework\Psr7\Response;

  22. use Grav\Framework\RequestHandler\Exception\NotFoundException;

  23. use Grav\Framework\RequestHandler\Exception\PageExpiredException;

  24. use Grav\Framework\RequestHandler\Exception\RequestException;

  25. use Grav\Framework\Route\Route;

  26. use Grav\Framework\Session\SessionInterface;

  27. use Psr\Http\Message\ResponseInterface;

  28. use Psr\Http\Message\ServerRequestInterface;

  29. use Psr\Http\Server\RequestHandlerInterface;

  30. use RocketTheme\Toolbox\Event\Event;

  31. use RocketTheme\Toolbox\Session\Message;

  32. 

  33. abstract class AbstractController implements RequestHandlerInterface

  34. {

  35.     /** @var string */

  36.     protected $nonce_action = 'admin-form';

  37. 

  38.     /** @var string */

  39.     protected $nonce_name = 'admin-nonce';

  40. 

  41.     /** @var ServerRequestInterface */

  42.     protected $request;

  43. 

  44.     /** @var Grav */

  45.     protected $grav;

  46. 

  47.     /** @var string */

  48.     protected $type;

  49. 

  50.     /** @var string */

  51.     protected $key;

  52. 

  53.     /**

  54.      * Handle request.

  55.      *

  56.      * Fires event: admin.[directory].[task|action].[command]

  57.      *

  58.      * @param ServerRequestInterface $request

  59.      * @return Response

  60.      */

  61.     public function handle(ServerRequestInterface $request): ResponseInterface

  62.     {

  63.         $attributes = $request->getAttributes();

  64.         $this->request = $request;

  65.         $this->grav = $attributes['grav'] ?? Grav::instance();

  66.         $this->type =  $attributes['type'] ?? null;

  67.         $this->key =  $attributes['key'] ?? null;

  68. 

  69.         /** @var Route $route */

  70.         $route = $attributes['route'];

  71.         $post = $this->getPost();

  72. 

  73.         if ($this->isFormSubmit()) {

  74.             $form = $this->getForm();

  75.             $this->nonce_name = $attributes['nonce_name'] ?? $form->getNonceName();

  76.             $this->nonce_action = $attributes['nonce_action'] ?? $form->getNonceAction();

  77.         }

  78. 

  79.         try {

  80.             $task = $request->getAttribute('task') ?? $post['task'] ?? $route->getParam('task');

  81.             if ($task) {

  82.                 if (empty($attributes['forwarded'])) {

  83.                     $this->checkNonce($task);

  84.                 }

  85.                 $type = 'task';

  86.                 $command = $task;

  87.             } else {

  88.                 $type = 'action';

  89.                 $command = $request->getAttribute('action') ?? $post['action'] ?? $route->getParam('action') ?? 'display';

  90.             }

  91.             $command = strtolower($command);

  92. 

  93.             $event = new Event(

  94.                 [

  95.                     'controller' => $this,

  96.                     'response' => null

  97.                 ]

  98.             );

  99. 

  100.             $this->grav->fireEvent("admin.{$this->type}.{$type}.{$command}", $event);

  101. 

  102.             $response = $event['response'];

  103.             if (!$response) {

  104.                 /** @var Inflector $inflector */

  105.                 $inflector = $this->grav['inflector'];

  106.                 $method = $type . $inflector::camelize($command);

  107.                 if ($method && method_exists($this, $method)) {

  108.                     $response = $this->{$method}($request);

  109.                 } else {

  110.                     throw new NotFoundException($request);

  111.                 }

  112.             }

  113.         } catch (\Exception $e) {

  114.             /** @var Debugger $debugger */

  115.             $debugger = $this->grav['debugger'];

  116.             $debugger->addException($e);

  117. 

  118.             $response = $this->createErrorResponse($e);

  119.         }

  120. 

  121.         if ($response instanceof Response) {

  122.             return $response;

  123.         }

  124. 

  125.         return $this->createJsonResponse($response);

  126.     }

  127. 

  128.     /**

  129.      * Get request.

  130.      *

  131.      * @return ServerRequestInterface

  132.      */

  133.     public function getRequest(): ServerRequestInterface

  134.     {

  135.         return $this->request;

  136.     }

  137. 

  138.     /**

  139.      * @param string|null $name

  140.      * @param mixed $default

  141.      * @return mixed

  142.      */

  143.     public function getPost(string $name = null, $default = null)

  144.     {

  145.         $body = $this->request->getParsedBody();

  146. 

  147.         if ($name) {

  148.             return $body[$name] ?? $default;

  149.         }

  150. 

  151.         return $body;

  152.     }

  153. 

  154.     /**

  155.      * Check if a form has been submitted.

  156.      *

  157.      * @return bool

  158.      */

  159.     public function isFormSubmit(): bool

  160.     {

  161.         return (bool)$this->getPost('__form-name__');

  162.     }

  163. 

  164.     /**

  165.      * Get form.

  166.      *

  167.      * @param string|null $type

  168.      * @return FormInterface

  169.      */

  170.     public function getForm(string $type = null): FormInterface

  171.     {

  172.         $object = $this->getObject();

  173.         if (!$object) {

  174.             throw new \RuntimeException('Not Found', 404);

  175.         }

  176. 

  177.         $formName = $this->getPost('__form-name__');

  178.         $uniqueId = $this->getPost('__unique_form_id__') ?: $formName;

  179. 

  180.         $form = $object->getForm($type ?? 'edit');

  181.         if ($uniqueId) {

  182.             $form->setUniqueId($uniqueId);

  183.         }

  184. 

  185.         return $form;

  186.     }

  187. 

  188.     /**

  189.      * @return FlexObjectInterface

  190.      */

  191.     abstract public function getObject();

  192. 

  193.     /**

  194.      * Get Grav instance.

  195.      *

  196.      * @return Grav

  197.      */

  198.     public function getGrav(): Grav

  199.     {

  200.         return $this->grav;

  201.     }

  202. 

  203.     /**

  204.      * Get session.

  205.      *

  206.      * @return SessionInterface

  207.      */

  208.     public function getSession(): SessionInterface

  209.     {

  210.         return $this->getGrav()['session'];

  211.     }

  212. 

  213.     /**

  214.      * Display the current admin page.

  215.      *

  216.      * @return Response

  217.      */

  218.     public function createDisplayResponse(): ResponseInterface

  219.     {

  220.         return new Response(418);

  221.     }

  222. 

  223.     /**

  224.      * Create custom HTML response.

  225.      *

  226.      * @param string $content

  227.      * @param int $code

  228.      * @return Response

  229.      */

  230.     public function createHtmlResponse(string $content, int $code = null): ResponseInterface

  231.     {

  232.         return new Response($code ?: 200, [], $content);

  233.     }

  234. 

  235.     /**

  236.      * Create JSON response.

  237.      *

  238.      * @param array $content

  239.      * @return Response

  240.      */

  241.     public function createJsonResponse(array $content): ResponseInterface

  242.     {

  243.         $code = $content['code'] ?? 200;

  244.         if ($code >= 301 && $code <= 307) {

  245.             $code = 200;

  246.         }

  247. 

  248.         return new Response($code, ['Content-Type' => 'application/json'], json_encode($content));

  249.     }

  250. 

  251.     /**

  252.      * Create redirect response.

  253.      *

  254.      * @param string $url

  255.      * @param int $code

  256.      * @return Response

  257.      */

  258.     public function createRedirectResponse(string $url, int $code = null): ResponseInterface

  259.     {

  260.         if (null === $code || $code < 301 || $code > 307) {

  261.             $code = $this->grav['config']->get('system.pages.redirect_default_code', 302);

  262.         }

  263. 

  264.         $accept = $this->getAccept(['application/json', 'text/html']);

  265. 

  266.         if ($accept === 'application/json') {

  267.             return $this->createJsonResponse(['code' => $code, 'status' => 'redirect', 'redirect' => $url]);

  268.         }

  269. 

  270.         return new Response($code, ['Location' => $url]);

  271.     }

  272. 

  273.     /**

  274.      * Create error response.

  275.      *

  276.      * @param  \Exception $exception

  277.      * @return Response

  278.      */

  279.     public function createErrorResponse(\Exception $exception): ResponseInterface

  280.     {

  281.         $validCodes = [

  282.             400, 401, 402, 403, 404, 405, 406, 407, 408, 409, 410, 411, 412, 413, 414, 415, 416, 417, 418,

  283.             422, 423, 424, 425, 426, 428, 429, 431, 451, 500, 501, 502, 503, 504, 505, 506, 507, 508, 511

  284.         ];

  285. 

  286.         if ($exception instanceof RequestException) {

  287.             $code = $exception->getHttpCode();

  288.             $reason = $exception->getHttpReason();

  289.         } else {

  290.             $code = $exception->getCode();

  291.             $reason = null;

  292.         }

  293. 

  294.         if (!in_array($code, $validCodes, true)) {

  295.             $code = 500;

  296.         }

  297. 

  298.         $message = $exception->getMessage();

  299.         $response = [

  300.             'code' => $code,

  301.             'status' => 'error',

  302.             'message' => htmlspecialchars($message, ENT_QUOTES | ENT_HTML5, 'UTF-8')

  303.         ];

  304. 

  305.         $accept = $this->getAccept(['application/json', 'text/html']);

  306. 

  307.         if ($accept === 'text/html') {

  308.             $method = $this->getRequest()->getMethod();

  309. 

  310.             // On POST etc, redirect back to the previous page.

  311.             if ($method !== 'GET' && $method !== 'HEAD') {

  312.                 $this->setMessage($message, 'error');

  313.                 $referer = $this->request->getHeaderLine('Referer');

  314.                 return $this->createRedirectResponse($referer, 303);

  315.             }

  316. 

  317.             // TODO: improve error page

  318.             return $this->createHtmlResponse($response['message']);

  319.         }

  320. 

  321.         return new Response($code, ['Content-Type' => 'application/json'], json_encode($response), '1.1', $reason);

  322.     }

  323. 

  324.     /**

  325.      * Translate a string.

  326.      *

  327.      * @param  string $string

  328.      * @return string

  329.      */

  330.     public function translate(string $string): string

  331.     {

  332.         /** @var Language $language */

  333.         $language = $this->grav['language'];

  334. 

  335.         return $language->translate($string);

  336.     }

  337. 

  338.     /**

  339.      * Set message to be shown in the admin.

  340.      *

  341.      * @param  string $message

  342.      * @param  string $type

  343.      * @return $this

  344.      */

  345.     public function setMessage($message, $type = 'info')

  346.     {

  347.         /** @var Message $messages */

  348.         $messages = $this->grav['messages'];

  349.         $messages->add($message, $type);

  350. 

  351.         return $this;

  352.     }

  353. 

  354.     /**

  355.      * Check if request nonce is valid.

  356.      *

  357.      * @param  string $task

  358.      * @throws PageExpiredException  If nonce is not valid.

  359.      */

  360.     protected function checkNonce(string $task): void

  361.     {

  362.         $nonce = null;

  363. 

  364.         if (\in_array(strtoupper($this->request->getMethod()), ['POST', 'PUT', 'PATCH', 'DELETE'])) {

  365.             $nonce = $this->getPost($this->nonce_name);

  366.         }

  367. 

  368.         if (!$nonce) {

  369.             $nonce = $this->grav['uri']->param($this->nonce_name);

  370.         }

  371. 

  372.         if (!$nonce) {

  373.             $nonce = $this->grav['uri']->query($this->nonce_name);

  374.         }

  375. 

  376.         if (!$nonce || !Utils::verifyNonce($nonce, $this->nonce_action)) {

  377.             throw new PageExpiredException($this->request);

  378.         }

  379.     }

  380. 

  381.     /**

  382.      * Return the best matching mime type for the request.

  383.      *

  384.      * @param  string[] $compare

  385.      * @return string|null

  386.      */

  387.     protected function getAccept(array $compare): ?string

  388.     {

  389.         $accepted = [];

  390.         foreach ($this->request->getHeader('Accept') as $accept) {

  391.             foreach (explode(',', $accept) as $item) {

  392.                 if (!$item) {

  393.                     continue;

  394.                 }

  395. 

  396.                 $split = explode(';q=', $item);

  397.                 $mime = array_shift($split);

  398.                 $priority = array_shift($split) ?? 1.0;

  399. 

  400.                 $accepted[$mime] = $priority;

  401.             }

  402.         }

  403. 

  404.         arsort($accepted);

  405. 

  406.         // TODO: add support for image/* etc

  407.         $list = array_intersect($compare, array_keys($accepted));

  408.         if (!$list && (isset($accepted['*/*']) || isset($accepted['*']))) {

  409.             return reset($compare) ?: null;

  410.         }

  411. 

  412.         return reset($list) ?: null;

  413.     }

  414. }