aboutsummaryrefslogtreecommitdiffhomepage
path: root/application
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2020-08-13 11:08:13 +0200
committerArthurHoaro <arthur@hoa.ro>2020-08-13 11:08:13 +0200
commitbedbb845eec20363b928b424143787dbe988eefe (patch)
tree6b835ca247e39157b333323a539dde3c410c08f5 /application
parent1a68ae5a29bc33ab80c9cfbe043cb1213551533c (diff)
downloadShaarli-bedbb845eec20363b928b424143787dbe988eefe.tar.gz
Shaarli-bedbb845eec20363b928b424143787dbe988eefe.tar.zst
Shaarli-bedbb845eec20363b928b424143787dbe988eefe.zip
Move all admin controller into a dedicated group
Also handle authentication check in a new middleware for the admin group.
Diffstat (limited to 'application')
-rw-r--r--application/front/ShaarliAdminMiddleware.php27
-rw-r--r--application/front/ShaarliMiddleware.php12
-rw-r--r--application/front/controller/admin/SessionFilterController.php13
-rw-r--r--application/front/controller/admin/ShaarliAdminController.php9
-rw-r--r--application/front/controller/visitor/PublicSessionFilterController.php13
-rw-r--r--application/legacy/LegacyController.php2
6 files changed, 53 insertions, 23 deletions
diff --git a/application/front/ShaarliAdminMiddleware.php b/application/front/ShaarliAdminMiddleware.php
new file mode 100644
index 00000000..35ce4a3b
--- /dev/null
+++ b/application/front/ShaarliAdminMiddleware.php
@@ -0,0 +1,27 @@
1<?php
2
3namespace Shaarli\Front;
4
5use Slim\Http\Request;
6use Slim\Http\Response;
7
8/**
9 * Middleware used for controller requiring to be authenticated.
10 * It extends ShaarliMiddleware, and just make sure that the user is authenticated.
11 * Otherwise, it redirects to the login page.
12 */
13class ShaarliAdminMiddleware extends ShaarliMiddleware
14{
15 public function __invoke(Request $request, Response $response, callable $next): Response
16 {
17 $this->initBasePath($request);
18
19 if (true !== $this->container->loginManager->isLoggedIn()) {
20 $returnUrl = urlencode($this->container->environment['REQUEST_URI']);
21
22 return $response->withRedirect($this->container->basePath . '/login?returnurl=' . $returnUrl);
23 }
24
25 return parent::__invoke($request, $response, $next);
26 }
27}
diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php
index 707489d0..a2a3837b 100644
--- a/application/front/ShaarliMiddleware.php
+++ b/application/front/ShaarliMiddleware.php
@@ -40,7 +40,7 @@ class ShaarliMiddleware
40 */ 40 */
41 public function __invoke(Request $request, Response $response, callable $next): Response 41 public function __invoke(Request $request, Response $response, callable $next): Response
42 { 42 {
43 $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); 43 $this->initBasePath($request);
44 44
45 try { 45 try {
46 if (!is_file($this->container->conf->getConfigFileExt()) 46 if (!is_file($this->container->conf->getConfigFileExt())
@@ -125,4 +125,14 @@ class ShaarliMiddleware
125 125
126 return true; 126 return true;
127 } 127 }
128
129 /**
130 * Initialize the URL base path if it hasn't been defined yet.
131 */
132 protected function initBasePath(Request $request): void
133 {
134 if (null === $this->container->basePath) {
135 $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/');
136 }
137 }
128} 138}
diff --git a/application/front/controller/admin/SessionFilterController.php b/application/front/controller/admin/SessionFilterController.php
index 081c0ba0..d9a7a2e0 100644
--- a/application/front/controller/admin/SessionFilterController.php
+++ b/application/front/controller/admin/SessionFilterController.php
@@ -17,7 +17,7 @@ use Slim\Http\Response;
17class SessionFilterController extends ShaarliAdminController 17class SessionFilterController extends ShaarliAdminController
18{ 18{
19 /** 19 /**
20 * GET /visibility: allows to display only public or only private bookmarks in linklist 20 * GET /admin/visibility: allows to display only public or only private bookmarks in linklist
21 */ 21 */
22 public function visibility(Request $request, Response $response, array $args): Response 22 public function visibility(Request $request, Response $response, array $args): Response
23 { 23 {
@@ -46,16 +46,5 @@ class SessionFilterController extends ShaarliAdminController
46 return $this->redirectFromReferer($request, $response, ['visibility']); 46 return $this->redirectFromReferer($request, $response, ['visibility']);
47 } 47 }
48 48
49 /**
50 * GET /untagged-only: allows to display only bookmarks without any tag
51 */
52 public function untaggedOnly(Request $request, Response $response): Response
53 {
54 $this->container->sessionManager->setSessionParameter(
55 SessionManager::KEY_UNTAGGED_ONLY,
56 empty($this->container->sessionManager->getSessionParameter(SessionManager::KEY_UNTAGGED_ONLY))
57 );
58 49
59 return $this->redirectFromReferer($request, $response, ['untaggedonly', 'untagged-only']);
60 }
61} 50}
diff --git a/application/front/controller/admin/ShaarliAdminController.php b/application/front/controller/admin/ShaarliAdminController.php
index 3bc5bb6b..3b5939bb 100644
--- a/application/front/controller/admin/ShaarliAdminController.php
+++ b/application/front/controller/admin/ShaarliAdminController.php
@@ -22,15 +22,6 @@ use Slim\Http\Request;
22 */ 22 */
23abstract class ShaarliAdminController extends ShaarliVisitorController 23abstract class ShaarliAdminController extends ShaarliVisitorController
24{ 24{
25 public function __construct(ShaarliContainer $container)
26 {
27 parent::__construct($container);
28
29 if (true !== $this->container->loginManager->isLoggedIn()) {
30 throw new UnauthorizedException();
31 }
32 }
33
34 /** 25 /**
35 * Any persistent action to the config or data store must check the XSRF token validity. 26 * Any persistent action to the config or data store must check the XSRF token validity.
36 */ 27 */
diff --git a/application/front/controller/visitor/PublicSessionFilterController.php b/application/front/controller/visitor/PublicSessionFilterController.php
index 35da0c5f..1a66362d 100644
--- a/application/front/controller/visitor/PublicSessionFilterController.php
+++ b/application/front/controller/visitor/PublicSessionFilterController.php
@@ -30,4 +30,17 @@ class PublicSessionFilterController extends ShaarliVisitorController
30 30
31 return $this->redirectFromReferer($request, $response, ['linksperpage'], ['nb']); 31 return $this->redirectFromReferer($request, $response, ['linksperpage'], ['nb']);
32 } 32 }
33
34 /**
35 * GET /untagged-only: allows to display only bookmarks without any tag
36 */
37 public function untaggedOnly(Request $request, Response $response): Response
38 {
39 $this->container->sessionManager->setSessionParameter(
40 SessionManager::KEY_UNTAGGED_ONLY,
41 empty($this->container->sessionManager->getSessionParameter(SessionManager::KEY_UNTAGGED_ONLY))
42 );
43
44 return $this->redirectFromReferer($request, $response, ['untaggedonly', 'untagged-only']);
45 }
33} 46}
diff --git a/application/legacy/LegacyController.php b/application/legacy/LegacyController.php
index a97b07b1..26465d2c 100644
--- a/application/legacy/LegacyController.php
+++ b/application/legacy/LegacyController.php
@@ -67,7 +67,7 @@ class LegacyController extends ShaarliVisitorController
67 /** Legacy route: ?do=logout */ 67 /** Legacy route: ?do=logout */
68 protected function logout(Request $request, Response $response): Response 68 protected function logout(Request $request, Response $response): Response
69 { 69 {
70 return $this->redirect($response, '/logout'); 70 return $this->redirect($response, '/admin/logout');
71 } 71 }
72 72
73 /** Legacy route: ?do=picwall */ 73 /** Legacy route: ?do=picwall */