Immanuel
/
skouter
1
0
Atdalīts 0
Kods Problēmas 0 Izmaiņu pieprasījumi 0 Laidieni 0 Vikivietne Aktivitāte
Skouter mortgage estimates. Web application with view written in PHP and Vue, but controller and models in Go.
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
172 Revīzijas
1 Atzars
11 MiB
Koks: bb7b9fdbe0
Atzari Tagi
${ item.name }
Izveidot atzaru ${ searchTerm }
no 'bb7b9fdbe0'
${ noResults }
skouter/grav-admin/user/plugins/admin/classes/plugin/Controllers/AdminController.php

AdminController.php 9.0 KiB
Neapstrādāts Parastais skats Vēsture

Setup grav Store only files relevant to the project by tracking only the user/ directory.
pirms 1 gada
Pass user current user to grav in header A seperate header is used instead of relying only on current cookie because the current cookie is difficult to modify before being forwarded, and would make removing invalid cookies in responses complicated.
pirms 11 mēnešiem
Setup grav Store only files relevant to the project by tracking only the user/ directory.
pirms 1 gada
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359 
  1. <?php

  2. 

  3. /**

  4.  * @package    Grav\Plugin\Admin

  5.  *

  6.  * @copyright  Copyright (c) 2015 - 2024 Trilby Media, LLC. All rights reserved.

  7.  * @license    MIT License; see LICENSE file for details.

  8.  */

  9. 

  10. declare(strict_types=1);

  11. 

  12. namespace Grav\Plugin\Admin\Controllers;

  13. 

  14. use Grav\Common\Config\Config;

  15. use Grav\Common\Data\Blueprint;

  16. use Grav\Common\Grav;

  17. use Grav\Common\Language\Language;

  18. use Grav\Common\Page\Interfaces\PageInterface;

  19. use Grav\Common\Page\Page;

  20. use Grav\Common\Page\Pages;

  21. use Grav\Common\Uri;

  22. use Grav\Common\User\Interfaces\UserInterface;

  23. use Grav\Common\Utils;

  24. use Grav\Framework\Controller\Traits\ControllerResponseTrait;

  25. use Grav\Framework\RequestHandler\Exception\PageExpiredException;

  26. use Grav\Framework\Session\SessionInterface;

  27. use Grav\Plugin\Admin\Admin;

  28. use Grav\Plugin\Admin\AdminForm;

  29. use Psr\Http\Message\ResponseInterface;

  30. use Psr\Http\Message\ServerRequestInterface;

  31. use RocketTheme\Toolbox\Session\Message;

  32. 

  33. abstract class AdminController

  34. {

  35.     use ControllerResponseTrait {

  36.         createRedirectResponse as traitCreateRedirectResponse;

  37.         getErrorJson as traitGetErrorJson;

  38.     }

  39. 

  40.     /** @var string */

  41.     protected $nonce_action = 'admin-form';

  42.     /** @var string */

  43.     protected $nonce_name = 'admin-nonce';

  44.     /** @var Grav */

  45.     protected $grav;

  46.     /** @var PageInterface */

  47.     protected $page;

  48.     /** @var AdminForm|null */

  49.     protected $form;

  50. 

  51.     public function __construct(Grav $grav)

  52.     {

  53.         $this->grav = $grav;

  54.     }

  55. 

  56.     /**

  57.      * @return PageInterface|null

  58.      */

  59.     public function getPage(): ?PageInterface

  60.     {

  61.         return $this->page;

  62.     }

  63. 

  64.     /**

  65.      * Get currently active form.

  66.      *

  67.      * @return AdminForm|null

  68.      */

  69.     public function getActiveForm(): ?AdminForm

  70.     {

  71.         if (null === $this->form) {

  72.             $post = $this->getPost();

  73. 

  74.             $active = $post['__form-name__'] ?? null;

  75. 

  76.             $this->form = $active ? $this->getForm($active) : null;

  77.         }

  78. 

  79.         return $this->form;

  80.     }

  81. 

  82.     /**

  83.      * Get a form.

  84.      *

  85.      * @param string $name

  86.      * @param array $options

  87.      * @return AdminForm|null

  88.      */

  89.     public function getForm(string $name, array $options = []): ?AdminForm

  90.     {

  91.         $post = $this->getPost();

  92.         $page = $this->getPage();

  93.         $forms = $page ? $page->forms() : [];

  94.         $blueprint = $forms[$name] ?? null;

  95.         if (null === $blueprint) {

  96.             return null;

  97.         }

  98. 

  99.         $active = $post['__form-name__'] ?? null;

  100.         $unique_id = $active && $active === $name ? ($post['__unique_form_id__'] ?? null) : null;

  101. 

  102.         $options += [

  103.             'unique_id' => $unique_id,

  104.             'blueprint' => new Blueprint(null, ['form' => $blueprint]),

  105.             'submit_method' => $this->getFormSubmitMethod($name),

  106.             'nonce_name' => $this->nonce_name,

  107.             'nonce_action' => $this->nonce_action,

  108.         ];

  109. 

  110.         return new AdminForm($name, $options);

  111.     }

  112. 

  113.     abstract protected function getFormSubmitMethod(string $name): callable;

  114. 

  115.     /**

  116.      * @param string $route

  117.      * @param string|null $lang

  118.      * @return string

  119.      */

  120.     public function getAdminUrl(string $route, string $lang = null): string

  121.     {

  122.         /** @var Pages $pages */

  123.         $pages = $this->grav['pages'];

  124.         $admin = $this->getAdmin();

  125. 

  126.         return $pages->baseUrl($lang) . $admin->base . $route;

  127.     }

  128. 

  129.     /**

  130.      * @param string $route

  131.      * @param string|null $lang

  132.      * @return string

  133.      */

  134.     public function getAbsoluteAdminUrl(string $route, string $lang = null): string

  135.     {

  136.         /** @var Pages $pages */

  137.         $pages = $this->grav['pages'];

  138.         $admin = $this->getAdmin();

  139. 

  140.         return $pages->baseUrl($lang, true) . $admin->base . $route;

  141.     }

  142. 

  143.     /**

  144.      * Get session.

  145.      *

  146.      * @return SessionInterface

  147.      */

  148.     public function getSession(): SessionInterface

  149.     {

  150.         return $this->grav['session'];

  151.     }

  152. 

  153.     /**

  154.      * @return Admin

  155.      */

  156.     protected function getAdmin(): Admin

  157.     {

  158.         return $this->grav['admin'];

  159.     }

  160. 

  161.     /**

  162.      * @return UserInterface

  163.      */

  164.     protected function getUser(): UserInterface

  165.     {

  166.         return $this->getAdmin()->user;

  167.     }

  168. 

  169.     /**

  170.      * @return ServerRequestInterface

  171.      */

  172.     public function getRequest(): ServerRequestInterface

  173.     {

  174.         return $this->getAdmin()->request;

  175.     }

  176. 

  177.     /**

  178.      * @return array

  179.      */

  180.     public function getPost(): array

  181.     {

  182.         return (array)($this->getRequest()->getParsedBody() ?? []);

  183.     }

  184. 

  185.     /**

  186.      * Translate a string.

  187.      *

  188.      * @param string $string

  189.      * @param mixed ...$args

  190.      * @return string

  191.      */

  192.     public function translate(string $string, ...$args): string

  193.     {

  194.         /** @var Language $language */

  195.         $language = $this->grav['language'];

  196. 

  197.         array_unshift($args, $string);

  198. 

  199.         return $language->translate($args);

  200.     }

  201. 

  202.     /**

  203.      * Set message to be shown in the admin.

  204.      *

  205.      * @param string $message

  206.      * @param string $type

  207.      * @return $this

  208.      */

  209.     public function setMessage(string $message, string $type = 'info'): AdminController

  210.     {

  211.         /** @var Message $messages */

  212.         $messages = $this->grav['messages'];

  213.         $messages->add($message, $type);

  214. 

  215.         return $this;

  216.     }

  217. 

  218.     /**

  219.      * @return Config

  220.      */

  221.     protected function getConfig(): Config

  222.     {

  223.         return $this->grav['config'];

  224.     }

  225. 

  226.     /**

  227.      * Check if request nonce is valid.

  228.      *

  229.      * @return void

  230.      * @throws PageExpiredException  If nonce is not valid.

  231.      */

  232.     protected function checkNonce(): void

  233.     {

  234.         $nonce = null;

  235. 

  236.         $nonce_name = $this->form ? $this->form->getNonceName() : $this->nonce_name;

  237.         $nonce_action = $this->form ? $this->form->getNonceAction() : $this->nonce_action;

  238. 

  239.         if (\in_array(strtoupper($this->getRequest()->getMethod()), ['POST', 'PUT', 'PATCH', 'DELETE'])) {

  240.             $post = $this->getPost();

  241.             $nonce = $post[$nonce_name] ?? null;

  242.         }

  243. 

  244.         /** @var Uri $uri */

  245.         $uri = $this->grav['uri'];

  246.         if (!$nonce) {

  247.             $nonce = $uri->param($nonce_name);

  248.         }

  249. 

  250.         if (!$nonce) {

  251.             $nonce = $uri->query($nonce_name);

  252.         }

  253. 

  254.         if (!$nonce || !Utils::verifyNonce($nonce, $nonce_action)) {

  255.             throw new PageExpiredException($this->getRequest());

  256.         }

  257.     }

  258. 

  259.     /**

  260.      * Return the best matching mime type for the request.

  261.      *

  262.      * @param  string[] $compare

  263.      * @return string|null

  264.      */

  265.     protected function getAccept(array $compare): ?string

  266.     {

  267.         $accepted = [];

  268.         foreach ($this->getRequest()->getHeader('Accept') as $accept) {

  269.             foreach (explode(',', $accept) as $item) {

  270.                 if (!$item) {

  271.                     continue;

  272.                 }

  273. 

  274.                 $split = explode(';q=', $item);

  275.                 $mime = array_shift($split);

  276.                 $priority = array_shift($split) ?? 1.0;

  277. 

  278.                 $accepted[$mime] = $priority;

  279.             }

  280.         }

  281. 

  282.         arsort($accepted);

  283. 

  284.         // TODO: add support for image/* etc

  285.         $list = array_intersect($compare, array_keys($accepted));

  286.         if (!$list && (isset($accepted['*/*']) || isset($accepted['*']))) {

  287.             return reset($compare) ?: null;

  288.         }

  289. 

  290.         return reset($list) ?: null;

  291.     }

  292. 

  293.     /**

  294.      * @param string $template

  295.      * @return PageInterface

  296.      */

  297.     protected function createPage(string $template): PageInterface

  298.     {

  299.         $page = new Page();

  300. 

  301.         // Plugins may not have the correct Cache-Control header set, force no-store for the proxies.

  302.         $page->expires(0);

  303. 

  304.         $filename = "plugin://admin/pages/admin/{$template}.md";

  305.         if (!file_exists($filename)) {

  306.             throw new \RuntimeException(sprintf('Creating admin page %s failed: not found', $template));

  307.         }

  308. 

  309.         Admin::DEBUG && Admin::addDebugMessage("Admin page: {$template}");

  310. 

  311.         $page->init(new \SplFileInfo($filename));

  312.         $page->slug($template);

  313. 

  314.         return $page;

  315.     }

  316. 

  317.     /**

  318.      * @param string|null $url

  319.      * @param int|null $code

  320.      * @return ResponseInterface

  321.      */

  322.     protected function createRedirectResponse(string $url = null, int $code = null): ResponseInterface

  323.     {

  324.         $request = $this->getRequest();

  325. 

  326.         if (null === $url || '' === $url) {

  327.             $url = (string)$request->getUri();

  328.         } elseif (mb_strpos($url, '/') === 0) {

  329.             $url = $this->getAbsoluteAdminUrl($url);

  330.         }

  331. 

  332.         if (null === $code) {

  333.             if (in_array($request->getMethod(), ['GET', 'HEAD'])) {

  334.                 $code = 302;

  335.             } else {

  336.                 $code = 303;

  337.             }

  338.         }

  339. 

  340.         return $this->traitCreateRedirectResponse($url, $code);

  341.     }

  342. 

  343.     /**

  344.      * @param \Throwable $e

  345.      * @return array

  346.      */

  347.     protected function getErrorJson(\Throwable $e): array

  348.     {

  349.         $json = $this->traitGetErrorJson($e);

  350.         $code = $e->getCode();

  351.         if ($code === 401) {

  352.             $json['redirect'] = $this->getAbsoluteAdminUrl('/');

  353.         }

  354. 

  355.         return $json;

  356.     }

  357. 

  358. 

  359. }