From 2899ebb5b5e82890c877151f5c02045266ac9973 Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Fri, 22 May 2020 13:20:31 +0200 Subject: Initialize admin Slim controllers - Reorganize visitor controllers - Fix redirection with Slim's requests base path - Fix daily links --- application/front/ShaarliMiddleware.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index fa6c6467..f8992e0b 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -3,7 +3,8 @@ namespace Shaarli\Front; use Shaarli\Container\ShaarliContainer; -use Shaarli\Front\Exception\ShaarliException; +use Shaarli\Front\Exception\ShaarliFrontException; +use Shaarli\Front\Exception\UnauthorizedException; use Slim\Http\Request; use Slim\Http\Response; @@ -39,7 +40,7 @@ class ShaarliMiddleware { try { $response = $next($request, $response); - } catch (ShaarliException $e) { + } catch (ShaarliFrontException $e) { $this->container->pageBuilder->assign('message', $e->getMessage()); if ($this->container->conf->get('dev.debug', false)) { $this->container->pageBuilder->assign( @@ -50,6 +51,8 @@ class ShaarliMiddleware $response = $response->withStatus($e->getCode()); $response = $response->write($this->container->pageBuilder->render('error')); + } catch (UnauthorizedException $e) { + return $response->withRedirect($request->getUri()->getBasePath() . '/login'); } return $response; -- cgit v1.2.3 From 818b3193ffabec57501e3bdfa997206e3c0671ef Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Sat, 13 Jun 2020 11:22:14 +0200 Subject: Explicitly define base and asset path in templates With the new routes, all pages are not all at the same folder level anymore (e.g. /shaare and /shaare/123), so we can't just use './' everywhere. The most consistent way to handle this is to prefix all path with the proper variable, and handle the actual path in controllers. --- application/front/ShaarliMiddleware.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index f8992e0b..47aa61bb 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -39,6 +39,8 @@ class ShaarliMiddleware public function __invoke(Request $request, Response $response, callable $next) { try { + $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); + $response = $next($request, $response); } catch (ShaarliFrontException $e) { $this->container->pageBuilder->assign('message', $e->getMessage()); -- cgit v1.2.3 From 9c75f877935fa6adec951a4d8d32b328aaab314f Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Sat, 13 Jun 2020 13:08:01 +0200 Subject: Use multi-level routes for existing controllers instead of 1 level everywhere Also prefix most admin routes with /admin/ --- application/front/ShaarliMiddleware.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index 47aa61bb..7ad610c7 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -38,9 +38,9 @@ class ShaarliMiddleware */ public function __invoke(Request $request, Response $response, callable $next) { - try { - $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); + $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); + try { $response = $next($request, $response); } catch (ShaarliFrontException $e) { $this->container->pageBuilder->assign('message', $e->getMessage()); @@ -54,7 +54,7 @@ class ShaarliMiddleware $response = $response->withStatus($e->getCode()); $response = $response->write($this->container->pageBuilder->render('error')); } catch (UnauthorizedException $e) { - return $response->withRedirect($request->getUri()->getBasePath() . '/login'); + return $response->withRedirect($this->container->basePath . '/login'); } return $response; -- cgit v1.2.3 From 1a8ac737e52cb25a5c346232ee398f5908cee7d7 Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Mon, 6 Jul 2020 08:04:35 +0200 Subject: Process main page (linklist) through Slim controller Including a bunch of improvements on the container, and helper used across new controllers. --- application/front/ShaarliMiddleware.php | 73 +++++++++++++++++++++++++++++---- 1 file changed, 65 insertions(+), 8 deletions(-) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index 7ad610c7..baea6ef2 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -25,6 +25,8 @@ class ShaarliMiddleware /** * Middleware execution: + * - run updates + * - if not logged in open shaarli, redirect to login * - execute the controller * - return the response * @@ -36,27 +38,82 @@ class ShaarliMiddleware * * @return Response response. */ - public function __invoke(Request $request, Response $response, callable $next) + public function __invoke(Request $request, Response $response, callable $next): Response { $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); try { - $response = $next($request, $response); + $this->runUpdates(); + $this->checkOpenShaarli($request, $response, $next); + + return $next($request, $response); } catch (ShaarliFrontException $e) { + // Possible functional error + $this->container->pageBuilder->reset(); $this->container->pageBuilder->assign('message', $e->getMessage()); + + $response = $response->withStatus($e->getCode()); + + return $response->write($this->container->pageBuilder->render('error')); + } catch (UnauthorizedException $e) { + return $response->withRedirect($this->container->basePath . '/login'); + } catch (\Throwable $e) { + // Unknown error encountered + $this->container->pageBuilder->reset(); if ($this->container->conf->get('dev.debug', false)) { + $this->container->pageBuilder->assign('message', $e->getMessage()); $this->container->pageBuilder->assign( 'stacktrace', - nl2br(get_class($this) .': '. $e->getTraceAsString()) + nl2br(get_class($e) .': '. PHP_EOL . $e->getTraceAsString()) ); + } else { + $this->container->pageBuilder->assign('message', t('An unexpected error occurred.')); } - $response = $response->withStatus($e->getCode()); - $response = $response->write($this->container->pageBuilder->render('error')); - } catch (UnauthorizedException $e) { - return $response->withRedirect($this->container->basePath . '/login'); + $response = $response->withStatus(500); + + return $response->write($this->container->pageBuilder->render('error')); + } + } + + /** + * Run the updater for every requests processed while logged in. + */ + protected function runUpdates(): void + { + if ($this->container->loginManager->isLoggedIn() !== true) { + return; + } + + $newUpdates = $this->container->updater->update(); + if (!empty($newUpdates)) { + $this->container->updater->writeUpdates( + $this->container->conf->get('resource.updates'), + $this->container->updater->getDoneUpdates() + ); + + $this->container->pageCacheManager->invalidateCaches(); + } + } + + /** + * Access is denied to most pages with `hide_public_links` + `force_login` settings. + */ + protected function checkOpenShaarli(Request $request, Response $response, callable $next): bool + { + if (// if the user isn't logged in + !$this->container->loginManager->isLoggedIn() + // and Shaarli doesn't have public content... + && $this->container->conf->get('privacy.hide_public_links') + // and is configured to enforce the login + && $this->container->conf->get('privacy.force_login') + // and the current page isn't already the login page + // and the user is not requesting a feed (which would lead to a different content-type as expected) + && !in_array($next->getName(), ['login', 'atom', 'rss'], true) + ) { + throw new UnauthorizedException(); } - return $response; + return true; } } -- cgit v1.2.3 From c4ad3d4f061d05a01db25aa54dda830ba776792d Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Tue, 7 Jul 2020 10:15:56 +0200 Subject: Process Shaarli install through Slim controller --- application/front/ShaarliMiddleware.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index baea6ef2..595182ac 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -43,6 +43,12 @@ class ShaarliMiddleware $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); try { + if (!is_file($this->container->conf->getConfigFileExt()) + && !in_array($next->getName(), ['displayInstall', 'saveInstall'], true) + ) { + return $response->withRedirect($this->container->basePath . '/install'); + } + $this->runUpdates(); $this->checkOpenShaarli($request, $response, $next); -- cgit v1.2.3 From a8c11451e8d885a243c1ad52012093ba8d121e2c Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Tue, 21 Jul 2020 20:33:33 +0200 Subject: Process login through Slim controller --- application/front/ShaarliMiddleware.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index 595182ac..e9f5552d 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -62,7 +62,9 @@ class ShaarliMiddleware return $response->write($this->container->pageBuilder->render('error')); } catch (UnauthorizedException $e) { - return $response->withRedirect($this->container->basePath . '/login'); + $returnUrl = urlencode($this->container->environment['REQUEST_URI']); + + return $response->withRedirect($this->container->basePath . '/login?returnurl=' . $returnUrl); } catch (\Throwable $e) { // Unknown error encountered $this->container->pageBuilder->reset(); -- cgit v1.2.3 From 3ee8351e438f13ccf36062ce956e0b4a4d5f4a29 Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Thu, 23 Jul 2020 16:41:32 +0200 Subject: Multiple small fixes --- application/front/ShaarliMiddleware.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index e9f5552d..fd978e99 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -56,7 +56,7 @@ class ShaarliMiddleware } catch (ShaarliFrontException $e) { // Possible functional error $this->container->pageBuilder->reset(); - $this->container->pageBuilder->assign('message', $e->getMessage()); + $this->container->pageBuilder->assign('message', nl2br($e->getMessage())); $response = $response->withStatus($e->getCode()); -- cgit v1.2.3 From 9fbc42294e7667c5ef19cafa0d1fcfbc1c0f36a9 Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Sun, 26 Jul 2020 14:43:10 +0200 Subject: New basePath: fix officiel plugin paths and vintage template --- application/front/ShaarliMiddleware.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index fd978e99..92c0e911 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -60,7 +60,7 @@ class ShaarliMiddleware $response = $response->withStatus($e->getCode()); - return $response->write($this->container->pageBuilder->render('error')); + return $response->write($this->container->pageBuilder->render('error', $this->container->basePath)); } catch (UnauthorizedException $e) { $returnUrl = urlencode($this->container->environment['REQUEST_URI']); @@ -80,7 +80,7 @@ class ShaarliMiddleware $response = $response->withStatus(500); - return $response->write($this->container->pageBuilder->render('error')); + return $response->write($this->container->pageBuilder->render('error', $this->container->basePath)); } } -- cgit v1.2.3 From f7f08ceec1b218e1525153e8bd3d0199f2fb1c9d Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Tue, 28 Jul 2020 22:24:41 +0200 Subject: Fix basePath in unit tests reference DB --- application/front/ShaarliMiddleware.php | 1 + 1 file changed, 1 insertion(+) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index 92c0e911..707489d0 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -93,6 +93,7 @@ class ShaarliMiddleware return; } + $this->container->updater->setBasePath($this->container->basePath); $newUpdates = $this->container->updater->update(); if (!empty($newUpdates)) { $this->container->updater->writeUpdates( -- cgit v1.2.3 From bedbb845eec20363b928b424143787dbe988eefe Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Thu, 13 Aug 2020 11:08:13 +0200 Subject: Move all admin controller into a dedicated group Also handle authentication check in a new middleware for the admin group. --- application/front/ShaarliMiddleware.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index 707489d0..a2a3837b 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -40,7 +40,7 @@ class ShaarliMiddleware */ public function __invoke(Request $request, Response $response, callable $next): Response { - $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); + $this->initBasePath($request); try { if (!is_file($this->container->conf->getConfigFileExt()) @@ -125,4 +125,14 @@ class ShaarliMiddleware return true; } + + /** + * Initialize the URL base path if it hasn't been defined yet. + */ + protected function initBasePath(Request $request): void + { + if (null === $this->container->basePath) { + $this->container->basePath = rtrim($request->getUri()->getBasePath(), '/'); + } + } } -- cgit v1.2.3 From 0c6fdbe12bbbb336348666b14b82096f24d5858b Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Fri, 21 Aug 2020 10:50:44 +0200 Subject: Move error handling to dedicated controller instead of middleware --- application/front/ShaarliMiddleware.php | 26 +------------------------- 1 file changed, 1 insertion(+), 25 deletions(-) (limited to 'application/front/ShaarliMiddleware.php') diff --git a/application/front/ShaarliMiddleware.php b/application/front/ShaarliMiddleware.php index a2a3837b..c015c0c6 100644 --- a/application/front/ShaarliMiddleware.php +++ b/application/front/ShaarliMiddleware.php @@ -3,7 +3,6 @@ namespace Shaarli\Front; use Shaarli\Container\ShaarliContainer; -use Shaarli\Front\Exception\ShaarliFrontException; use Shaarli\Front\Exception\UnauthorizedException; use Slim\Http\Request; use Slim\Http\Response; @@ -53,35 +52,12 @@ class ShaarliMiddleware $this->checkOpenShaarli($request, $response, $next); return $next($request, $response); - } catch (ShaarliFrontException $e) { - // Possible functional error - $this->container->pageBuilder->reset(); - $this->container->pageBuilder->assign('message', nl2br($e->getMessage())); - - $response = $response->withStatus($e->getCode()); - - return $response->write($this->container->pageBuilder->render('error', $this->container->basePath)); } catch (UnauthorizedException $e) { $returnUrl = urlencode($this->container->environment['REQUEST_URI']); return $response->withRedirect($this->container->basePath . '/login?returnurl=' . $returnUrl); - } catch (\Throwable $e) { - // Unknown error encountered - $this->container->pageBuilder->reset(); - if ($this->container->conf->get('dev.debug', false)) { - $this->container->pageBuilder->assign('message', $e->getMessage()); - $this->container->pageBuilder->assign( - 'stacktrace', - nl2br(get_class($e) .': '. PHP_EOL . $e->getTraceAsString()) - ); - } else { - $this->container->pageBuilder->assign('message', t('An unexpected error occurred.')); - } - - $response = $response->withStatus(500); - - return $response->write($this->container->pageBuilder->render('error', $this->container->basePath)); } + // Other exceptions are handled by ErrorController } /** -- cgit v1.2.3