- $response = $response->withStatus($e->getCode());
- $response = $response->write($this->container->pageBuilder->render('error'));
- } catch (UnauthorizedException $e) {
- return $response->withRedirect($this->container->basePath . '/login');
+ $response = $response->withStatus(500);
+
+ return $response->write($this->container->pageBuilder->render('error', $this->container->basePath));
+ }
+ }
+
+ /**
+ * Run the updater for every requests processed while logged in.
+ */
+ protected function runUpdates(): void
+ {
+ if ($this->container->loginManager->isLoggedIn() !== true) {
+ return;
+ }
+
+ $this->container->updater->setBasePath($this->container->basePath);
+ $newUpdates = $this->container->updater->update();
+ if (!empty($newUpdates)) {
+ $this->container->updater->writeUpdates(
+ $this->container->conf->get('resource.updates'),
+ $this->container->updater->getDoneUpdates()
+ );
+
+ $this->container->pageCacheManager->invalidateCaches();
+ }
+ }
+
+ /**
+ * Access is denied to most pages with `hide_public_links` + `force_login` settings.
+ */
+ protected function checkOpenShaarli(Request $request, Response $response, callable $next): bool
+ {
+ if (// if the user isn't logged in
+ !$this->container->loginManager->isLoggedIn()
+ // and Shaarli doesn't have public content...
+ && $this->container->conf->get('privacy.hide_public_links')
+ // and is configured to enforce the login
+ && $this->container->conf->get('privacy.force_login')
+ // and the current page isn't already the login page
+ // and the user is not requesting a feed (which would lead to a different content-type as expected)
+ && !in_array($next->getName(), ['login', 'atom', 'rss'], true)
+ ) {
+ throw new UnauthorizedException();