-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathModule.php
executable file
·134 lines (114 loc) · 4.07 KB
/
Module.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<?php
/**
* @link https://github.com/monarc-project for the canonical source repository
* @copyright Copyright (c) 2016-2023 Luxembourg House of Cybersecurity LHC.lu - Licensed under GNU Affero GPL v3
* @license MONARC is licensed under GNU Affero General Public License version 3
*/
namespace Monarc\Core;
use Laminas\ServiceManager\ServiceLocatorInterface;
use Monarc\Core\Service\AuthenticationService;
use Laminas\Http\Request;
use Laminas\Mvc\MvcEvent;
use Laminas\View\Model\JsonModel;
use Laminas\Router\RouteMatch;
use Monarc\Core\Validator\FieldValidator\UniqueEmail;
use Monarc\Core\Validator\FieldValidator\UniqueDeliveryModel;
class Module
{
public function onBootstrap(MvcEvent $e)
{
if ($e->getRequest() instanceof Request) {
$eventManager = $e->getApplication()->getEventManager();
$eventManager->attach(MvcEvent::EVENT_ROUTE, [$this, 'MCEventRoute'], -100);
$eventManager->attach(MvcEvent::EVENT_DISPATCH_ERROR, [$this, 'onDispatchError'], 0);
$eventManager->attach(MvcEvent::EVENT_RENDER_ERROR, [$this, 'onRenderError'], 0);
}
}
public function getConfig()
{
return include __DIR__ . '/config/module.config.php';
}
public function getDefaultLanguage(ServiceLocatorInterface $sm)
{
return $sm->get('Config')['defaultLanguageIndex'];
}
public function getValidatorConfig()
{
return [
'invokables' => [
UniqueEmail::class => UniqueEmail::class,
UniqueDeliveryModel::class => UniqueDeliveryModel::class,
],
];
}
public function onDispatchError(MvcEvent $e)
{
return $this->getJsonModelError($e);
}
public function onRenderError(MvcEvent $e)
{
return $this->getJsonModelError($e);
}
public function getJsonModelError(MvcEvent $e)
{
$error = $e->getError();
if (!$error) {
return;
}
/** @var \Exception $exception */
$exception = $e->getParam('exception');
$exceptionJson = [];
if ($exception !== null) {
$exceptionJson = [
'class' => get_class($exception),
'file' => $exception->getFile(),
'line' => $exception->getLine(),
'message' => $exception->getMessage(),
'stacktrace' => $exception->getTraceAsString(),
];
}
$errorJson = [
'message' => 'An error occurred during execution; please try again later.',
'error' => $error,
'exception' => $exceptionJson,
];
if ($error === 'error-router-no-match') {
$errorJson['message'] = 'Resource not found.';
}
if ($exception !== null && $exception->getCode() === 400) {
$model = new JsonModel([
'errors' => [json_decode($exception->getMessage(), true, 512, JSON_THROW_ON_ERROR)],
]);
} else {
$model = new JsonModel(['errors' => [$errorJson]]);
}
$e->setResult($model);
return $model;
}
public function MCEventRoute(MvcEvent $event)
{
/** @var AuthenticationService $authenticationService */
$authenticationService = $event->getApplication()
->getServiceManager()
->get(AuthenticationService::class);
$match = $event->getRouteMatch();
// No route match, this is a 404
if (!$match instanceof RouteMatch) {
return;
}
// Route is whitelisted
$config = $event->getApplication()->getServiceManager()->get('Config');
$permissions = $config['permissions'];
$name = $match->getMatchedRouteName();
if (in_array($name, $permissions)) {
return;
}
$token = $event->getRequest()->getHeader('token');
if (!empty($token)) {
if ($authenticationService->checkConnect(['token' => $token->getFieldValue()])) {
return;
}
}
return $event->getResponse()->setStatusCode(401);
}
}