application/front/controller/admin/ShaarliAdminController.php

   1 <?php
   2
   3 declare(strict_types=1);
   4
   5 namespace Shaarli\Front\Controller\Admin;
   6
   7 use Shaarli\Container\ShaarliContainer;
   8 use Shaarli\Front\Controller\Visitor\ShaarliVisitorController;
   9 use Shaarli\Front\Exception\UnauthorizedException;
  10 use Shaarli\Front\Exception\WrongTokenException;
  11 use Shaarli\Security\SessionManager;
  12 use Slim\Http\Request;
  13
  14 /**
  15  * Class ShaarliAdminController
  16  *
  17  * All admin controllers (for logged in users) MUST extend this abstract class.
  18  * It makes sure that the user is properly logged in, and otherwise throw an exception
  19  * which will redirect to the login page.
  20  *
  21  * @package Shaarli\Front\Controller\Admin
  22  */
  23 abstract class ShaarliAdminController extends ShaarliVisitorController
  24 {
  25     public function __construct(ShaarliContainer $container)
  26     {
  27         parent::__construct($container);
  28
  29         if (true !== $this->container->loginManager->isLoggedIn()) {
  30             throw new UnauthorizedException();
  31         }
  32     }
  33
  34     /**
  35      * Any persistent action to the config or data store must check the XSRF token validity.
  36      */
  37     protected function checkToken(Request $request): bool
  38     {
  39         if (!$this->container->sessionManager->checkToken($request->getParam('token'))) {
  40             throw new WrongTokenException();
  41         }
  42
  43         return true;
  44     }
  45
  46     /**
  47      * Save a SUCCESS message in user session, which will be displayed on any template page.
  48      */
  49     protected function saveSuccessMessage(string $message): void
  50     {
  51         $this->saveMessage(SessionManager::KEY_SUCCESS_MESSAGES, $message);
  52     }
  53
  54     /**
  55      * Save a WARNING message in user session, which will be displayed on any template page.
  56      */
  57     protected function saveWarningMessage(string $message): void
  58     {
  59         $this->saveMessage(SessionManager::KEY_WARNING_MESSAGES, $message);
  60     }
  61
  62     /**
  63      * Save an ERROR message in user session, which will be displayed on any template page.
  64      */
  65     protected function saveErrorMessage(string $message): void
  66     {
  67         $this->saveMessage(SessionManager::KEY_ERROR_MESSAGES, $message);
  68     }
  69
  70     /**
  71      * Use the sessionManager to save the provided message using the proper type.
  72      *
  73      * @param string $type successed/warnings/errors
  74      */
  75     protected function saveMessage(string $type, string $message): void
  76     {
  77         $messages = $this->container->sessionManager->getSessionParameter($type) ?? [];
  78         $messages[] = $message;
  79
  80         $this->container->sessionManager->setSessionParameter($type, $messages);
  81     }
  82 }