mirror of
https://github.com/FH-Complete/FHC-Core.git
synced 2026-06-01 20:29:29 +00:00
FHCAPI_Controller extends Auth_Controller + auth error handling in FhcApi
This commit is contained in:
cgfhtw
@@ -5,7 +5,7 @@ if (!defined('BASEPATH')) exit('No direct script access allowed');
|
||||
/**
|
||||
* Controller using JSON
|
||||
*/
|
||||
class FHCAPI_Controller extends FHC_Controller
|
||||
class FHCAPI_Controller extends Auth_Controller
|
||||
{
|
||||
|
||||
/**
|
||||
@@ -19,12 +19,13 @@ class FHCAPI_Controller extends FHC_Controller
|
||||
/**
|
||||
* Error types
|
||||
*/
|
||||
const ERROR_TYPE_PHP = 'php'; // TODO(chris): php types from severity?
|
||||
const ERROR_TYPE_PHP = 'php';
|
||||
const ERROR_TYPE_EXCEPTION = 'exception';
|
||||
const ERROR_TYPE_GENERAL = 'general';
|
||||
const ERROR_TYPE_404 = '404';
|
||||
const ERROR_TYPE_DB = 'db';
|
||||
const ERROR_TYPE_VALIDATION = 'validation';
|
||||
const ERROR_TYPE_AUTH = 'auth';
|
||||
|
||||
/**
|
||||
* Return Object
|
||||
@@ -45,10 +46,6 @@ class FHCAPI_Controller extends FHC_Controller
|
||||
if (is_cli())
|
||||
show_404();
|
||||
|
||||
parent::__construct();
|
||||
|
||||
$this->config->set_item('error_views_path', VIEWPATH.'errors'.DIRECTORY_SEPARATOR.'json'.DIRECTORY_SEPARATOR);
|
||||
|
||||
global $g_result;
|
||||
$g_result = $this;
|
||||
|
||||
@@ -74,18 +71,14 @@ class FHCAPI_Controller extends FHC_Controller
|
||||
}
|
||||
}
|
||||
|
||||
#$this->returnObj['test'] = implode('/n', headers_list());
|
||||
|
||||
return json_encode($this->returnObj);
|
||||
});
|
||||
|
||||
// Load libraries
|
||||
$this->load->library('AuthLib');
|
||||
$this->load->library('PermissionLib');
|
||||
|
||||
// Checks if the caller is allowed to access to this content
|
||||
$this->_isAllowed($requiredPermissions);
|
||||
// NOTE(chris): overwrite error_views_path before constructor
|
||||
load_class('Config')->set_item('error_views_path', VIEWPATH.'errors'.DIRECTORY_SEPARATOR.'json'.DIRECTORY_SEPARATOR);
|
||||
|
||||
parent::__construct($requiredPermissions);
|
||||
|
||||
// For JSON Requests (as opposed to multipart/form-data) get the $_POST variable from the input stream instead
|
||||
if ($this->input->get_request_header('Content-Type', true) == 'application/json')
|
||||
$_POST = json_decode($this->security->xss_clean($this->input->raw_input_stream), true);
|
||||
@@ -136,15 +129,25 @@ class FHCAPI_Controller extends FHC_Controller
|
||||
$this->returnObj['data'] = $data;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $key
|
||||
* @param mixed $value
|
||||
* @return void
|
||||
*/
|
||||
public function addMeta($key, $value)
|
||||
{
|
||||
if (!isset($this->returnObj['meta']))
|
||||
$this->returnObj['meta'] = [];
|
||||
$this->returnObj['meta'][$key] = $value;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $status
|
||||
* @return void
|
||||
*/
|
||||
public function setStatus($status)
|
||||
{
|
||||
if (!isset($this->returnObj['meta']))
|
||||
$this->returnObj['meta'] = [];
|
||||
$this->returnObj['meta']['status'] = $status;
|
||||
$this->addMeta('status', $status);
|
||||
}
|
||||
|
||||
|
||||
@@ -152,6 +155,17 @@ class FHCAPI_Controller extends FHC_Controller
|
||||
// Handle Output object - Shortcut functions
|
||||
// ---------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* @param mixed $data (optional)
|
||||
* @return void
|
||||
*/
|
||||
protected function terminateWithSuccess($data = null)
|
||||
{
|
||||
$this->setData($data);
|
||||
$this->setStatus(self::STATUS_SUCCESS);
|
||||
exit;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $errors
|
||||
* @return void
|
||||
@@ -164,17 +178,6 @@ class FHCAPI_Controller extends FHC_Controller
|
||||
exit(EXIT_ERROR);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param mixed $data (optional)
|
||||
* @return void
|
||||
*/
|
||||
protected function terminateWithSuccess($data = null)
|
||||
{
|
||||
$this->setData($data);
|
||||
$this->setStatus(self::STATUS_SUCCESS);
|
||||
exit;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $error
|
||||
* @param string $type (optional)
|
||||
@@ -193,63 +196,35 @@ class FHCAPI_Controller extends FHC_Controller
|
||||
* @param string $errortype
|
||||
* @return void
|
||||
*/
|
||||
protected function checkForErrors($result, $errortype = self::ERROR_TYPE_GENERAL)
|
||||
protected function getDataOrTerminateWithError($result, $errortype = self::ERROR_TYPE_GENERAL)
|
||||
{
|
||||
// TODO(chris): IMPLEMENT!
|
||||
if (isError($result)) {
|
||||
$this->terminateWithError(getError($result), $errortype);
|
||||
}
|
||||
return $result->retval;
|
||||
}
|
||||
|
||||
// TODO(chris): complete list
|
||||
|
||||
|
||||
// ---------------------------------------------------------------
|
||||
// Security
|
||||
// ---------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Checks if the caller is allowed to access to this content with the given permissions
|
||||
* If it is not allowed will set the HTTP header with code 401
|
||||
* Wrapper for permissionlib->isEntitled
|
||||
* Outputs an error message and sets the HTTP Header.
|
||||
* This overwrites the default behaviour to output a json object.
|
||||
*
|
||||
* @param array $requiredPermissions
|
||||
* @return void
|
||||
*/
|
||||
protected function _isAllowed($requiredPermissions)
|
||||
protected function _outputAuthError($requiredPermissions)
|
||||
{
|
||||
// Checks if this user is entitled to access to this content
|
||||
if (!$this->permissionlib->isEntitled($requiredPermissions, $this->router->method))
|
||||
{
|
||||
$this->output->set_status_header(isLogged() ? REST_Controller::HTTP_FORBIDDEN : REST_Controller::HTTP_UNAUTHORIZED);
|
||||
$this->output->set_status_header(isLogged() ? REST_Controller::HTTP_FORBIDDEN : REST_Controller::HTTP_UNAUTHORIZED);
|
||||
|
||||
$this->addError([
|
||||
'message' => 'You are not allowed to access to this content',
|
||||
'controller' => $this->router->class,
|
||||
'method' => $this->router->method,
|
||||
'required_permissions' => $this->_rpsToString($requiredPermissions, $this->router->method)
|
||||
]);
|
||||
exit; // immediately terminate the execution
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Converts an array of permissions to a string that contains them as a comma separated list
|
||||
* Ex: "<permission 1>, <permission 2>, <permission 3>"
|
||||
*
|
||||
* @param array $requiredPermissions
|
||||
* @param string $method
|
||||
* @return void
|
||||
*/
|
||||
protected function _rpsToString($requiredPermissions, $method)
|
||||
{
|
||||
if (!isset($requiredPermissions[$method]))
|
||||
return '';
|
||||
|
||||
if (!is_array($requiredPermissions[$method]))
|
||||
return $requiredPermissions[$method];
|
||||
|
||||
return implode(', ', $requiredPermissions[$method]);
|
||||
$this->addError([
|
||||
'message' => 'You are not allowed to access to this content',
|
||||
'controller' => $this->router->class,
|
||||
'method' => $this->router->method,
|
||||
'required_permissions' => $this->_rpsToString($requiredPermissions, $this->router->method)
|
||||
], self::ERROR_TYPE_AUTH);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -250,6 +250,16 @@ export default {
|
||||
message += 'Line Number: ' + error.line + '\n';
|
||||
|
||||
$fhcAlert.alertSystemError(message);
|
||||
},
|
||||
auth(error) {
|
||||
const $fhcAlert = app.config.globalProperties.$fhcAlert;
|
||||
|
||||
|
||||
var message = '';
|
||||
message += 'Controller name: ' + error.controller + '\n';
|
||||
message += 'Method name: ' + error.method + '\n';
|
||||
message += 'Required permissions: ' + error.required_permissions
|
||||
$fhcAlert.alertDefault('error', error.message, message);
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user