diff options
| author | ArthurHoaro <arthur@hoa.ro> | 2020-10-13 12:05:08 +0200 |
|---|---|---|
| committer | ArthurHoaro <arthur@hoa.ro> | 2020-10-13 12:05:08 +0200 |
| commit | b6f678a5a1d15acf284ebcec16c905e976671ce1 (patch) | |
| tree | 33c7da831482ed79c44896ef19c73c72ada84f2e /application/front/controller/admin/ShaarliAdminController.php | |
| parent | b14687036b9b800681197f51fdc47e62f0c88e2e (diff) | |
| parent | 1c1520b6b98ab20201bfe15577782a52320339df (diff) | |
| download | Shaarli-b6f678a5a1d15acf284ebcec16c905e976671ce1.tar.gz Shaarli-b6f678a5a1d15acf284ebcec16c905e976671ce1.tar.zst Shaarli-b6f678a5a1d15acf284ebcec16c905e976671ce1.zip | |
Merge branch 'v0.12' into latest
Diffstat (limited to 'application/front/controller/admin/ShaarliAdminController.php')
| -rw-r--r-- | application/front/controller/admin/ShaarliAdminController.php | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/application/front/controller/admin/ShaarliAdminController.php b/application/front/controller/admin/ShaarliAdminController.php new file mode 100644 index 00000000..c26c9cbe --- /dev/null +++ b/application/front/controller/admin/ShaarliAdminController.php | |||
| @@ -0,0 +1,71 @@ | |||
| 1 | <?php | ||
| 2 | |||
| 3 | declare(strict_types=1); | ||
| 4 | |||
| 5 | namespace Shaarli\Front\Controller\Admin; | ||
| 6 | |||
| 7 | use Shaarli\Front\Controller\Visitor\ShaarliVisitorController; | ||
| 8 | use Shaarli\Front\Exception\WrongTokenException; | ||
| 9 | use Shaarli\Security\SessionManager; | ||
| 10 | use Slim\Http\Request; | ||
| 11 | |||
| 12 | /** | ||
| 13 | * Class ShaarliAdminController | ||
| 14 | * | ||
| 15 | * All admin controllers (for logged in users) MUST extend this abstract class. | ||
| 16 | * It makes sure that the user is properly logged in, and otherwise throw an exception | ||
| 17 | * which will redirect to the login page. | ||
| 18 | * | ||
| 19 | * @package Shaarli\Front\Controller\Admin | ||
| 20 | */ | ||
| 21 | abstract class ShaarliAdminController extends ShaarliVisitorController | ||
| 22 | { | ||
| 23 | /** | ||
| 24 | * Any persistent action to the config or data store must check the XSRF token validity. | ||
| 25 | */ | ||
| 26 | protected function checkToken(Request $request): bool | ||
| 27 | { | ||
| 28 | if (!$this->container->sessionManager->checkToken($request->getParam('token'))) { | ||
| 29 | throw new WrongTokenException(); | ||
| 30 | } | ||
| 31 | |||
| 32 | return true; | ||
| 33 | } | ||
| 34 | |||
| 35 | /** | ||
| 36 | * Save a SUCCESS message in user session, which will be displayed on any template page. | ||
| 37 | */ | ||
| 38 | protected function saveSuccessMessage(string $message): void | ||
| 39 | { | ||
| 40 | $this->saveMessage(SessionManager::KEY_SUCCESS_MESSAGES, $message); | ||
| 41 | } | ||
| 42 | |||
| 43 | /** | ||
| 44 | * Save a WARNING message in user session, which will be displayed on any template page. | ||
| 45 | */ | ||
| 46 | protected function saveWarningMessage(string $message): void | ||
| 47 | { | ||
| 48 | $this->saveMessage(SessionManager::KEY_WARNING_MESSAGES, $message); | ||
| 49 | } | ||
| 50 | |||
| 51 | /** | ||
| 52 | * Save an ERROR message in user session, which will be displayed on any template page. | ||
| 53 | */ | ||
| 54 | protected function saveErrorMessage(string $message): void | ||
| 55 | { | ||
| 56 | $this->saveMessage(SessionManager::KEY_ERROR_MESSAGES, $message); | ||
| 57 | } | ||
| 58 | |||
| 59 | /** | ||
| 60 | * Use the sessionManager to save the provided message using the proper type. | ||
| 61 | * | ||
| 62 | * @param string $type successed/warnings/errors | ||
| 63 | */ | ||
| 64 | protected function saveMessage(string $type, string $message): void | ||
| 65 | { | ||
| 66 | $messages = $this->container->sessionManager->getSessionParameter($type) ?? []; | ||
| 67 | $messages[] = $message; | ||
| 68 | |||
| 69 | $this->container->sessionManager->setSessionParameter($type, $messages); | ||
| 70 | } | ||
| 71 | } | ||