X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=application%2Ffront%2FShaarliMiddleware.php;h=164217f4f27b83b45754cfcec8d33871a553a26b;hb=8f423eb11c6642d96b5144f56e4698652591ad6b;hp=7ad610c7db4984d6c8b923ac95c56b2351297627;hpb=9c75f877935fa6adec951a4d8d32b328aaab314f;p=github%2Fshaarli%2FShaarli.git diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index 7ad610c7..164217f4 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -3,7 +3,6 @@ namespace Shaarli\Front; use Shaarli\Container\ShaarliContainer; -use Shaarli\Front\Exception\ShaarliFrontException; use Shaarli\Front\Exception\UnauthorizedException; use Slim\Http\Request; use Slim\Http\Response; @@ -25,6 +24,8 @@ class ShaarliMiddleware /** * Middleware execution: + * - run updates + * - if not logged in open shaarli, redirect to login * - execute the controller * - return the response * @@ -36,27 +37,80 @@ class ShaarliMiddleware * * @return Response response. */ - public function __invoke(Request $request, Response $response, callable $next) + public function __invoke(Request $request, Response $response, callable $next): Response { - $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); + $this->initBasePath($request); try { - $response = $next($request, $response); - } catch (ShaarliFrontException $e) { - $this->container->pageBuilder->assign('message', $e->getMessage()); - if ($this->container->conf->get('dev.debug', false)) { - $this->container->pageBuilder->assign( - 'stacktrace', - nl2br(get_class($this) .': '. $e->getTraceAsString()) - ); + if ( + !is_file($this->container->conf->getConfigFileExt()) + && !in_array($next->getName(), ['displayInstall', 'saveInstall'], true) + ) { + return $response->withRedirect($this->container->basePath . '/install'); } - $response = $response->withStatus($e->getCode()); - $response = $response->write($this->container->pageBuilder->render('error')); + $this->runUpdates(); + $this->checkOpenShaarli($request, $response, $next); + + return $next($request, $response); } catch (UnauthorizedException $e) { - return $response->withRedirect($this->container->basePath . '/login'); + $returnUrl = urlencode($this->container->environment['REQUEST_URI']); + + return $response->withRedirect($this->container->basePath . '/login?returnurl=' . $returnUrl); + } + // Other exceptions are handled by ErrorController + } + + /** + * Run the updater for every requests processed while logged in. + */ + protected function runUpdates(): void + { + if ($this->container->loginManager->isLoggedIn() !== true) { + return; + } + + $this->container->updater->setBasePath($this->container->basePath); + $newUpdates = $this->container->updater->update(); + if (!empty($newUpdates)) { + $this->container->updater->writeUpdates( + $this->container->conf->get('resource.updates'), + $this->container->updater->getDoneUpdates() + ); + + $this->container->pageCacheManager->invalidateCaches(); } + } - return $response; + /** + * Access is denied to most pages with `hide_public_links` + `force_login` settings. + */ + protected function checkOpenShaarli(Request $request, Response $response, callable $next): bool + { + if ( +// if the user isn't logged in + !$this->container->loginManager->isLoggedIn() + // and Shaarli doesn't have public content... + && $this->container->conf->get('privacy.hide_public_links') + // and is configured to enforce the login + && $this->container->conf->get('privacy.force_login') + // and the current page isn't already the login page + // and the user is not requesting a feed (which would lead to a different content-type as expected) + && !in_array($next->getName(), ['login', 'processLogin', 'atom', 'rss'], true) + ) { + throw new UnauthorizedException(); + } + + return true; + } + + /** + * Initialize the URL base path if it hasn't been defined yet. + */ + protected function initBasePath(Request $request): void + { + if (null === $this->container->basePath) { + $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); + } } }