3 declare(strict_types
=1);
5 namespace Shaarli\Front\Controller\Admin
;
7 use Shaarli\Container\ShaarliContainer
;
8 use Shaarli\Front\Controller\Visitor\ShaarliVisitorController
;
9 use Shaarli\Front\Exception\UnauthorizedException
;
10 use Shaarli\Front\Exception\WrongTokenException
;
11 use Shaarli\Security\SessionManager
;
12 use Slim\Http\Request
;
15 * Class ShaarliAdminController
17 * All admin controllers (for logged in users) MUST extend this abstract class.
18 * It makes sure that the user is properly logged in, and otherwise throw an exception
19 * which will redirect to the login page.
21 * @package Shaarli\Front\Controller\Admin
23 abstract class ShaarliAdminController
extends ShaarliVisitorController
26 * Any persistent action to the config or data store must check the XSRF token validity.
28 protected function checkToken(Request
$request): bool
30 if (!$this->container
->sessionManager
->checkToken($request->getParam('token'))) {
31 throw new WrongTokenException();
38 * Save a SUCCESS message in user session, which will be displayed on any template page.
40 protected function saveSuccessMessage(string $message): void
42 $this->saveMessage(SessionManager
::KEY_SUCCESS_MESSAGES
, $message);
46 * Save a WARNING message in user session, which will be displayed on any template page.
48 protected function saveWarningMessage(string $message): void
50 $this->saveMessage(SessionManager
::KEY_WARNING_MESSAGES
, $message);
54 * Save an ERROR message in user session, which will be displayed on any template page.
56 protected function saveErrorMessage(string $message): void
58 $this->saveMessage(SessionManager
::KEY_ERROR_MESSAGES
, $message);
62 * Use the sessionManager to save the provided message using the proper type.
64 * @param string $type successed/warnings/errors
66 protected function saveMessage(string $type, string $message): void
68 $messages = $this->container
->sessionManager
->getSessionParameter($type) ?? [];
69 $messages[] = $message;
71 $this->container
->sessionManager
->setSessionParameter($type, $messages);