-
-
Notifications
You must be signed in to change notification settings - Fork 188
/
RequestFilter.php
85 lines (77 loc) · 2.42 KB
/
RequestFilter.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<?php
namespace Neos\Flow\Security\Authorization;
/*
* This file is part of the Neos.Flow package.
*
* (c) Contributors of the Neos Project - www.neos.io
*
* This package is Open Source Software. For the full copyright and license
* information, please view the LICENSE file which was distributed with this
* source code.
*/
use Neos\Flow\Mvc\ActionRequest;
use Neos\Flow\Security\Exception\AccessDeniedException;
use Neos\Flow\Security\Exception\AuthenticationRequiredException;
use Neos\Flow\Security\Exception\NoTokensAuthenticatedException;
use Neos\Flow\Security\RequestPatternInterface;
/**
* A RequestFilter is configured to match specific ActionRequests and call
* a InterceptorInterface if needed.
*
*/
class RequestFilter
{
/**
* @var RequestPatternInterface
*/
protected $pattern = null;
/**
* @var InterceptorInterface
*/
protected $securityInterceptor = null;
/**
* Constructor.
*
* @param RequestPatternInterface $pattern The pattern this filter matches
* @param InterceptorInterface $securityInterceptor The interceptor called on pattern match
*/
public function __construct(RequestPatternInterface $pattern, InterceptorInterface $securityInterceptor)
{
$this->pattern = $pattern;
$this->securityInterceptor = $securityInterceptor;
}
/**
* Returns the set request pattern
*
* @return RequestPatternInterface The set request pattern
*/
public function getRequestPattern(): RequestPatternInterface
{
return $this->pattern;
}
/**
* Returns the set security interceptor
*
* @return InterceptorInterface The set security interceptor
*/
public function getSecurityInterceptor(): InterceptorInterface
{
return $this->securityInterceptor;
}
/**
* Tries to match the given request against this filter and calls the set security interceptor on success.
*
* @param ActionRequest $request The request to be matched
* @return boolean Returns true if the filter matched, false otherwise
* @throws AccessDeniedException
* @throws AuthenticationRequiredException
* @throws NoTokensAuthenticatedException
*/
public function filterRequest(ActionRequest $request): bool
{
if ($this->pattern->matchRequest($request)) {
return $this->securityInterceptor->invoke() !== false;
}
return false;
}
}