1 files changed, 71 insertions, 0 deletions
diff --git a/application/front/controller/admin/ShaarliAdminController.php b/application/front/controller/admin/ShaarliAdminController.php
new file mode 100644
index 00000000..c26c9cbe
--- /dev/null
+++ b/application/front/controller/admin/ShaarliAdminController.php
@@ -0,0 +1,71 @@
+<?php
+declare(strict_types=1);
+namespace Shaarli\Front\Controller\Admin;
+use Shaarli\Front\Controller\Visitor\ShaarliVisitorController;
+use Shaarli\Front\Exception\WrongTokenException;
+use Shaarli\Security\SessionManager;
+use Slim\Http\Request;
+/**
+ * Class ShaarliAdminController
+ *
+ * All admin controllers (for logged in users) MUST extend this abstract class.
+ * It makes sure that the user is properly logged in, and otherwise throw an exception
+ * which will redirect to the login page.
+ *
+ * @package Shaarli\Front\Controller\Admin
+ */
+abstract class ShaarliAdminController extends ShaarliVisitorController
+{
+    /**
+     * Any persistent action to the config or data store must check the XSRF token validity.
+     */
+    protected function checkToken(Request $request): bool
+    {
+        if (!$this->container->sessionManager->checkToken($request->getParam('token'))) {
+            throw new WrongTokenException();
+        }
+        return true;
+    }
+    /**
+     * Save a SUCCESS message in user session, which will be displayed on any template page.
+     */
+    protected function saveSuccessMessage(string $message): void
+    {
+        $this->saveMessage(SessionManager::KEY_SUCCESS_MESSAGES, $message);
+    }
+    /**
+     * Save a WARNING message in user session, which will be displayed on any template page.
+     */
+    protected function saveWarningMessage(string $message): void
+    {
+        $this->saveMessage(SessionManager::KEY_WARNING_MESSAGES, $message);
+    }
+    /**
+     * Save an ERROR message in user session, which will be displayed on any template page.
+     */
+    protected function saveErrorMessage(string $message): void
+    {
+        $this->saveMessage(SessionManager::KEY_ERROR_MESSAGES, $message);
+    }
+    /**
+     * Use the sessionManager to save the provided message using the proper type.
+     *
+     * @param string $type successed/warnings/errors
+     */
+    protected function saveMessage(string $type, string $message): void
+    {
+        $messages = $this->container->sessionManager->getSessionParameter($type) ?? [];
+        $messages[] = $message;
+        $this->container->sessionManager->setSessionParameter($type, $messages);
+    }
+}

diff --git a/application/front/controller/admin/ShaarliAdminController.php b/application/front/controller/admin/ShaarliAdminController.php new file mode 100644 index 00000000..c26c9cbe --- /dev/null +++ b/application/front/controller/admin/ShaarliAdminController.php
@@ -0,0 +1,71 @@
	1	<?php
	2
	3	declare(strict_types=1);
	4
	5	namespace Shaarli\Front\Controller\Admin;
	6
	7	use Shaarli\Front\Controller\Visitor\ShaarliVisitorController;
	8	use Shaarli\Front\Exception\WrongTokenException;
	9	use Shaarli\Security\SessionManager;
	10	use Slim\Http\Request;
	11
	12	/**
	13	* Class ShaarliAdminController
	14	*
	15	* All admin controllers (for logged in users) MUST extend this abstract class.
	16	* It makes sure that the user is properly logged in, and otherwise throw an exception
	17	* which will redirect to the login page.
	18	*
	19	* @package Shaarli\Front\Controller\Admin
	20	*/
	21	abstract class ShaarliAdminController extends ShaarliVisitorController
	22	{
	23	/**
	24	* Any persistent action to the config or data store must check the XSRF token validity.
	25	*/
	26	protected function checkToken(Request $request): bool
	27	{
	28	if (!$this->container->sessionManager->checkToken($request->getParam('token'))) {
	29	throw new WrongTokenException();
	30	}
	31
	32	return true;
	33	}
	34
	35	/**
	36	* Save a SUCCESS message in user session, which will be displayed on any template page.
	37	*/
	38	protected function saveSuccessMessage(string $message): void
	39	{
	40	$this->saveMessage(SessionManager::KEY_SUCCESS_MESSAGES, $message);
	41	}
	42
	43	/**
	44	* Save a WARNING message in user session, which will be displayed on any template page.
	45	*/
	46	protected function saveWarningMessage(string $message): void
	47	{
	48	$this->saveMessage(SessionManager::KEY_WARNING_MESSAGES, $message);
	49	}
	50
	51	/**
	52	* Save an ERROR message in user session, which will be displayed on any template page.
	53	*/
	54	protected function saveErrorMessage(string $message): void
	55	{
	56	$this->saveMessage(SessionManager::KEY_ERROR_MESSAGES, $message);
	57	}
	58
	59	/**
	60	* Use the sessionManager to save the provided message using the proper type.
	61	*
	62	* @param string $type successed/warnings/errors
	63	*/
	64	protected function saveMessage(string $type, string $message): void
	65	{
	66	$messages = $this->container->sessionManager->getSessionParameter($type) ?? [];
	67	$messages[] = $message;
	68
	69	$this->container->sessionManager->setSessionParameter($type, $messages);
	70	}
	71	}