]>
Commit | Line | Data |
---|---|---|
2899ebb5 A |
1 | <?php |
2 | ||
3 | declare(strict_types=1); | |
4 | ||
5 | namespace Shaarli\Front\Controller\Admin; | |
6 | ||
7 | use Shaarli\Container\ShaarliContainer; | |
8 | use Shaarli\Front\Controller\Visitor\ShaarliVisitorController; | |
9 | use Shaarli\Front\Exception\UnauthorizedException; | |
ef00f9d2 A |
10 | use Shaarli\Front\Exception\WrongTokenException; |
11 | use Shaarli\Security\SessionManager; | |
12 | use Slim\Http\Request; | |
2899ebb5 | 13 | |
ef00f9d2 A |
14 | /** |
15 | * Class ShaarliAdminController | |
16 | * | |
17 | * All admin controllers (for logged in users) MUST extend this abstract class. | |
18 | * It makes sure that the user is properly logged in, and otherwise throw an exception | |
19 | * which will redirect to the login page. | |
20 | * | |
21 | * @package Shaarli\Front\Controller\Admin | |
22 | */ | |
2899ebb5 A |
23 | abstract class ShaarliAdminController extends ShaarliVisitorController |
24 | { | |
25 | public function __construct(ShaarliContainer $container) | |
26 | { | |
27 | parent::__construct($container); | |
28 | ||
29 | if (true !== $this->container->loginManager->isLoggedIn()) { | |
30 | throw new UnauthorizedException(); | |
31 | } | |
32 | } | |
ef00f9d2 A |
33 | |
34 | /** | |
35 | * Any persistent action to the config or data store must check the XSRF token validity. | |
36 | */ | |
37 | protected function checkToken(Request $request): void | |
38 | { | |
39 | if (!$this->container->sessionManager->checkToken($request->getParam('token'))) { | |
40 | throw new WrongTokenException(); | |
41 | } | |
42 | } | |
43 | ||
44 | /** | |
45 | * Save a SUCCESS message in user session, which will be displayed on any template page. | |
46 | */ | |
47 | protected function saveSuccessMessage(string $message): void | |
48 | { | |
49 | $this->saveMessage(SessionManager::KEY_SUCCESS_MESSAGES, $message); | |
50 | } | |
51 | ||
52 | /** | |
53 | * Save a WARNING message in user session, which will be displayed on any template page. | |
54 | */ | |
55 | protected function saveWarningMessage(string $message): void | |
56 | { | |
57 | $this->saveMessage(SessionManager::KEY_WARNING_MESSAGES, $message); | |
58 | } | |
59 | ||
60 | /** | |
61 | * Save an ERROR message in user session, which will be displayed on any template page. | |
62 | */ | |
63 | protected function saveErrorMessage(string $message): void | |
64 | { | |
65 | $this->saveMessage(SessionManager::KEY_ERROR_MESSAGES, $message); | |
66 | } | |
67 | ||
68 | /** | |
69 | * Use the sessionManager to save the provided message using the proper type. | |
70 | * | |
71 | * @param string $type successed/warnings/errors | |
72 | */ | |
73 | protected function saveMessage(string $type, string $message): void | |
74 | { | |
75 | $messages = $this->container->sessionManager->getSessionParameter($type) ?? []; | |
76 | $messages[] = $message; | |
77 | ||
78 | $this->container->sessionManager->setSessionParameter($type, $messages); | |
79 | } | |
2899ebb5 | 80 | } |