]>
Commit | Line | Data |
---|---|---|
6c50a6cc A |
1 | <?php |
2 | ||
3 | namespace Shaarli\Front; | |
4 | ||
5 | use Shaarli\Container\ShaarliContainer; | |
2899ebb5 A |
6 | use Shaarli\Front\Exception\ShaarliFrontException; |
7 | use Shaarli\Front\Exception\UnauthorizedException; | |
6c50a6cc A |
8 | use Slim\Http\Request; |
9 | use Slim\Http\Response; | |
10 | ||
11 | /** | |
12 | * Class ShaarliMiddleware | |
13 | * | |
14 | * This will be called before accessing any Shaarli controller. | |
15 | */ | |
16 | class ShaarliMiddleware | |
17 | { | |
18 | /** @var ShaarliContainer contains all Shaarli DI */ | |
19 | protected $container; | |
20 | ||
21 | public function __construct(ShaarliContainer $container) | |
22 | { | |
23 | $this->container = $container; | |
24 | } | |
25 | ||
26 | /** | |
27 | * Middleware execution: | |
1a8ac737 A |
28 | * - run updates |
29 | * - if not logged in open shaarli, redirect to login | |
6c50a6cc A |
30 | * - execute the controller |
31 | * - return the response | |
32 | * | |
33 | * In case of error, the error template will be displayed with the exception message. | |
34 | * | |
35 | * @param Request $request Slim request | |
36 | * @param Response $response Slim response | |
37 | * @param callable $next Next action | |
38 | * | |
39 | * @return Response response. | |
40 | */ | |
1a8ac737 | 41 | public function __invoke(Request $request, Response $response, callable $next): Response |
6c50a6cc | 42 | { |
9c75f877 | 43 | $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); |
818b3193 | 44 | |
9c75f877 | 45 | try { |
c4ad3d4f A |
46 | if (!is_file($this->container->conf->getConfigFileExt()) |
47 | && !in_array($next->getName(), ['displayInstall', 'saveInstall'], true) | |
48 | ) { | |
49 | return $response->withRedirect($this->container->basePath . '/install'); | |
50 | } | |
51 | ||
1a8ac737 A |
52 | $this->runUpdates(); |
53 | $this->checkOpenShaarli($request, $response, $next); | |
54 | ||
55 | return $next($request, $response); | |
2899ebb5 | 56 | } catch (ShaarliFrontException $e) { |
1a8ac737 A |
57 | // Possible functional error |
58 | $this->container->pageBuilder->reset(); | |
6c50a6cc | 59 | $this->container->pageBuilder->assign('message', $e->getMessage()); |
1a8ac737 A |
60 | |
61 | $response = $response->withStatus($e->getCode()); | |
62 | ||
63 | return $response->write($this->container->pageBuilder->render('error')); | |
64 | } catch (UnauthorizedException $e) { | |
65 | return $response->withRedirect($this->container->basePath . '/login'); | |
66 | } catch (\Throwable $e) { | |
67 | // Unknown error encountered | |
68 | $this->container->pageBuilder->reset(); | |
6c50a6cc | 69 | if ($this->container->conf->get('dev.debug', false)) { |
1a8ac737 | 70 | $this->container->pageBuilder->assign('message', $e->getMessage()); |
6c50a6cc A |
71 | $this->container->pageBuilder->assign( |
72 | 'stacktrace', | |
1a8ac737 | 73 | nl2br(get_class($e) .': '. PHP_EOL . $e->getTraceAsString()) |
6c50a6cc | 74 | ); |
1a8ac737 A |
75 | } else { |
76 | $this->container->pageBuilder->assign('message', t('An unexpected error occurred.')); | |
6c50a6cc A |
77 | } |
78 | ||
1a8ac737 A |
79 | $response = $response->withStatus(500); |
80 | ||
81 | return $response->write($this->container->pageBuilder->render('error')); | |
82 | } | |
83 | } | |
84 | ||
85 | /** | |
86 | * Run the updater for every requests processed while logged in. | |
87 | */ | |
88 | protected function runUpdates(): void | |
89 | { | |
90 | if ($this->container->loginManager->isLoggedIn() !== true) { | |
91 | return; | |
92 | } | |
93 | ||
94 | $newUpdates = $this->container->updater->update(); | |
95 | if (!empty($newUpdates)) { | |
96 | $this->container->updater->writeUpdates( | |
97 | $this->container->conf->get('resource.updates'), | |
98 | $this->container->updater->getDoneUpdates() | |
99 | ); | |
100 | ||
101 | $this->container->pageCacheManager->invalidateCaches(); | |
102 | } | |
103 | } | |
104 | ||
105 | /** | |
106 | * Access is denied to most pages with `hide_public_links` + `force_login` settings. | |
107 | */ | |
108 | protected function checkOpenShaarli(Request $request, Response $response, callable $next): bool | |
109 | { | |
110 | if (// if the user isn't logged in | |
111 | !$this->container->loginManager->isLoggedIn() | |
112 | // and Shaarli doesn't have public content... | |
113 | && $this->container->conf->get('privacy.hide_public_links') | |
114 | // and is configured to enforce the login | |
115 | && $this->container->conf->get('privacy.force_login') | |
116 | // and the current page isn't already the login page | |
117 | // and the user is not requesting a feed (which would lead to a different content-type as expected) | |
118 | && !in_array($next->getName(), ['login', 'atom', 'rss'], true) | |
119 | ) { | |
120 | throw new UnauthorizedException(); | |
6c50a6cc A |
121 | } |
122 | ||
1a8ac737 | 123 | return true; |
6c50a6cc A |
124 | } |
125 | } |