]>
Commit | Line | Data |
---|---|---|
6c50a6cc A |
1 | <?php |
2 | ||
3 | namespace Shaarli\Front; | |
4 | ||
5 | use Shaarli\Container\ShaarliContainer; | |
2899ebb5 A |
6 | use Shaarli\Front\Exception\ShaarliFrontException; |
7 | use Shaarli\Front\Exception\UnauthorizedException; | |
6c50a6cc A |
8 | use Slim\Http\Request; |
9 | use Slim\Http\Response; | |
10 | ||
11 | /** | |
12 | * Class ShaarliMiddleware | |
13 | * | |
14 | * This will be called before accessing any Shaarli controller. | |
15 | */ | |
16 | class ShaarliMiddleware | |
17 | { | |
18 | /** @var ShaarliContainer contains all Shaarli DI */ | |
19 | protected $container; | |
20 | ||
21 | public function __construct(ShaarliContainer $container) | |
22 | { | |
23 | $this->container = $container; | |
24 | } | |
25 | ||
26 | /** | |
27 | * Middleware execution: | |
1a8ac737 A |
28 | * - run updates |
29 | * - if not logged in open shaarli, redirect to login | |
6c50a6cc A |
30 | * - execute the controller |
31 | * - return the response | |
32 | * | |
33 | * In case of error, the error template will be displayed with the exception message. | |
34 | * | |
35 | * @param Request $request Slim request | |
36 | * @param Response $response Slim response | |
37 | * @param callable $next Next action | |
38 | * | |
39 | * @return Response response. | |
40 | */ | |
1a8ac737 | 41 | public function __invoke(Request $request, Response $response, callable $next): Response |
6c50a6cc | 42 | { |
9c75f877 | 43 | $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); |
818b3193 | 44 | |
9c75f877 | 45 | try { |
c4ad3d4f A |
46 | if (!is_file($this->container->conf->getConfigFileExt()) |
47 | && !in_array($next->getName(), ['displayInstall', 'saveInstall'], true) | |
48 | ) { | |
49 | return $response->withRedirect($this->container->basePath . '/install'); | |
50 | } | |
51 | ||
1a8ac737 A |
52 | $this->runUpdates(); |
53 | $this->checkOpenShaarli($request, $response, $next); | |
54 | ||
55 | return $next($request, $response); | |
2899ebb5 | 56 | } catch (ShaarliFrontException $e) { |
1a8ac737 A |
57 | // Possible functional error |
58 | $this->container->pageBuilder->reset(); | |
3ee8351e | 59 | $this->container->pageBuilder->assign('message', nl2br($e->getMessage())); |
1a8ac737 A |
60 | |
61 | $response = $response->withStatus($e->getCode()); | |
62 | ||
9fbc4229 | 63 | return $response->write($this->container->pageBuilder->render('error', $this->container->basePath)); |
1a8ac737 | 64 | } catch (UnauthorizedException $e) { |
a8c11451 A |
65 | $returnUrl = urlencode($this->container->environment['REQUEST_URI']); |
66 | ||
67 | return $response->withRedirect($this->container->basePath . '/login?returnurl=' . $returnUrl); | |
1a8ac737 A |
68 | } catch (\Throwable $e) { |
69 | // Unknown error encountered | |
70 | $this->container->pageBuilder->reset(); | |
6c50a6cc | 71 | if ($this->container->conf->get('dev.debug', false)) { |
1a8ac737 | 72 | $this->container->pageBuilder->assign('message', $e->getMessage()); |
6c50a6cc A |
73 | $this->container->pageBuilder->assign( |
74 | 'stacktrace', | |
1a8ac737 | 75 | nl2br(get_class($e) .': '. PHP_EOL . $e->getTraceAsString()) |
6c50a6cc | 76 | ); |
1a8ac737 A |
77 | } else { |
78 | $this->container->pageBuilder->assign('message', t('An unexpected error occurred.')); | |
6c50a6cc A |
79 | } |
80 | ||
1a8ac737 A |
81 | $response = $response->withStatus(500); |
82 | ||
9fbc4229 | 83 | return $response->write($this->container->pageBuilder->render('error', $this->container->basePath)); |
1a8ac737 A |
84 | } |
85 | } | |
86 | ||
87 | /** | |
88 | * Run the updater for every requests processed while logged in. | |
89 | */ | |
90 | protected function runUpdates(): void | |
91 | { | |
92 | if ($this->container->loginManager->isLoggedIn() !== true) { | |
93 | return; | |
94 | } | |
95 | ||
f7f08cee | 96 | $this->container->updater->setBasePath($this->container->basePath); |
1a8ac737 A |
97 | $newUpdates = $this->container->updater->update(); |
98 | if (!empty($newUpdates)) { | |
99 | $this->container->updater->writeUpdates( | |
100 | $this->container->conf->get('resource.updates'), | |
101 | $this->container->updater->getDoneUpdates() | |
102 | ); | |
103 | ||
104 | $this->container->pageCacheManager->invalidateCaches(); | |
105 | } | |
106 | } | |
107 | ||
108 | /** | |
109 | * Access is denied to most pages with `hide_public_links` + `force_login` settings. | |
110 | */ | |
111 | protected function checkOpenShaarli(Request $request, Response $response, callable $next): bool | |
112 | { | |
113 | if (// if the user isn't logged in | |
114 | !$this->container->loginManager->isLoggedIn() | |
115 | // and Shaarli doesn't have public content... | |
116 | && $this->container->conf->get('privacy.hide_public_links') | |
117 | // and is configured to enforce the login | |
118 | && $this->container->conf->get('privacy.force_login') | |
119 | // and the current page isn't already the login page | |
120 | // and the user is not requesting a feed (which would lead to a different content-type as expected) | |
121 | && !in_array($next->getName(), ['login', 'atom', 'rss'], true) | |
122 | ) { | |
123 | throw new UnauthorizedException(); | |
6c50a6cc A |
124 | } |
125 | ||
1a8ac737 | 126 | return true; |
6c50a6cc A |
127 | } |
128 | } |