aboutsummaryrefslogtreecommitdiffhomepage
path: root/application/front/controller/admin
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2020-08-13 11:08:13 +0200
committerArthurHoaro <arthur@hoa.ro>2020-08-13 11:08:13 +0200
commitbedbb845eec20363b928b424143787dbe988eefe (patch)
tree6b835ca247e39157b333323a539dde3c410c08f5 /application/front/controller/admin
parent1a68ae5a29bc33ab80c9cfbe043cb1213551533c (diff)
downloadShaarli-bedbb845eec20363b928b424143787dbe988eefe.tar.gz
Shaarli-bedbb845eec20363b928b424143787dbe988eefe.tar.zst
Shaarli-bedbb845eec20363b928b424143787dbe988eefe.zip
Move all admin controller into a dedicated group
Also handle authentication check in a new middleware for the admin group.
Diffstat (limited to 'application/front/controller/admin')
-rw-r--r--application/front/controller/admin/SessionFilterController.php13
-rw-r--r--application/front/controller/admin/ShaarliAdminController.php9
2 files changed, 1 insertions, 21 deletions
diff --git a/application/front/controller/admin/SessionFilterController.php b/application/front/controller/admin/SessionFilterController.php
index 081c0ba0..d9a7a2e0 100644
--- a/application/front/controller/admin/SessionFilterController.php
+++ b/application/front/controller/admin/SessionFilterController.php
@@ -17,7 +17,7 @@ use Slim\Http\Response;
17class SessionFilterController extends ShaarliAdminController 17class SessionFilterController extends ShaarliAdminController
18{ 18{
19 /** 19 /**
20 * GET /visibility: allows to display only public or only private bookmarks in linklist 20 * GET /admin/visibility: allows to display only public or only private bookmarks in linklist
21 */ 21 */
22 public function visibility(Request $request, Response $response, array $args): Response 22 public function visibility(Request $request, Response $response, array $args): Response
23 { 23 {
@@ -46,16 +46,5 @@ class SessionFilterController extends ShaarliAdminController
46 return $this->redirectFromReferer($request, $response, ['visibility']); 46 return $this->redirectFromReferer($request, $response, ['visibility']);
47 } 47 }
48 48
49 /**
50 * GET /untagged-only: allows to display only bookmarks without any tag
51 */
52 public function untaggedOnly(Request $request, Response $response): Response
53 {
54 $this->container->sessionManager->setSessionParameter(
55 SessionManager::KEY_UNTAGGED_ONLY,
56 empty($this->container->sessionManager->getSessionParameter(SessionManager::KEY_UNTAGGED_ONLY))
57 );
58 49
59 return $this->redirectFromReferer($request, $response, ['untaggedonly', 'untagged-only']);
60 }
61} 50}
diff --git a/application/front/controller/admin/ShaarliAdminController.php b/application/front/controller/admin/ShaarliAdminController.php
index 3bc5bb6b..3b5939bb 100644
--- a/application/front/controller/admin/ShaarliAdminController.php
+++ b/application/front/controller/admin/ShaarliAdminController.php
@@ -22,15 +22,6 @@ use Slim\Http\Request;
22 */ 22 */
23abstract class ShaarliAdminController extends ShaarliVisitorController 23abstract class ShaarliAdminController extends ShaarliVisitorController
24{ 24{
25 public function __construct(ShaarliContainer $container)
26 {
27 parent::__construct($container);
28
29 if (true !== $this->container->loginManager->isLoggedIn()) {
30 throw new UnauthorizedException();
31 }
32 }
33
34 /** 25 /**
35 * Any persistent action to the config or data store must check the XSRF token validity. 26 * Any persistent action to the config or data store must check the XSRF token validity.
36 */ 27 */