Permalink
Browse files

Split down middlewares and servers again.

  • Loading branch information...
1 parent 4aba2d4 commit b06aa8ee4cb72ebeca0aa929665e5fb42093c0e3 @cdujeu cdujeu committed May 24, 2016
@@ -0,0 +1,36 @@
+<?php
+/*
+ * Copyright 2007-2015 Abstrium <contact (at) pydio.com>
+ * This file is part of Pydio.
+ *
+ * Pydio is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Pydio is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with Pydio. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * The latest code can be found at <http://pyd.io/>.
+ */
+
+namespace Pydio\Core\Http\Cli;
+
+defined('AJXP_EXEC') or die('Access not allowed');
+
+
+class CliServer extends \Pydio\Core\Http\Server
+{
+ protected function stackMiddleWares()
+ {
+ $this->middleWares->push(array("Pydio\\Core\\Controller\\Controller", "registryActionMiddleware"));
+ $this->middleWares->push(array("Pydio\\Core\\Http\\Cli\\AuthCliMiddleware", "handleRequest"));
+ $this->topMiddleware = new CliMiddleware();
+ $this->middleWares->push(array($this->topMiddleware, "handleRequest"));
+ }
+}
@@ -21,7 +21,6 @@
namespace Pydio\Core\Http\Cli;
defined('AJXP_EXEC') or die('Access not allowed');
-use Pydio\Core\Http\Server;
use Symfony;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
@@ -82,7 +81,7 @@ protected function configure()
protected function execute(InputInterface $input, OutputInterface $output)
{
- $server = new Server(Server::MODE_CLI);
+ $server = new CliServer();
$server->registerCatchAll();
$definitionsKeys = array_keys($this->getDefinition()->getOptions());
@@ -22,6 +22,7 @@
use Psr\Http\Message\ServerRequestInterface;
use Pydio\Authfront\Core\AbstractAuthFrontend;
+use Pydio\Authfront\Core\FrontendsLoader;
use Pydio\Core\Exception\AuthRequiredException;
use Pydio\Core\Exception\NoActiveWorkspaceException;
use Pydio\Core\Exception\PydioException;
@@ -47,50 +48,25 @@ class AuthMiddleware
*/
public static function handleRequest(\Psr\Http\Message\ServerRequestInterface &$requestInterface, \Psr\Http\Message\ResponseInterface &$responseInterface, callable $next = null){
- if(AuthService::usersEnabled()){
-
- PluginsService::getInstance()->initActivePlugins();
- $frontends = PluginsService::getInstance()->getActivePluginsForType("authfront");
- $index = 0;
- /**
- * @var AbstractAuthFrontend $frontendPlugin
- */
- foreach($frontends as $frontendPlugin){
- if(!$frontendPlugin->isEnabled()) continue;
- if(!method_exists($frontendPlugin, "tryToLogUser")){
- AJXP_Logger::error(__CLASS__, __FUNCTION__, "Trying to use an authfront plugin without tryToLogUser method. Wrongly initialized?");
- continue;
- }
- //$res = $frontendPlugin->tryToLogUser($httpVars, ($index == count($frontends)-1));
- $isLast = ($index == count($frontends)-1);
- $res = $frontendPlugin->tryToLogUser($requestInterface, $responseInterface, $isLast);
- $index ++;
- if($res) {
- if($responseInterface->getBody()->getSize() > 0 || $responseInterface->getStatusCode() != 200){
- // Do not go to the other middleware, return directly.
- return $responseInterface;
- }
- break;
- }
- }
-
+ $response = FrontendsLoader::frontendsAsAuthMiddlewares($requestInterface, $responseInterface);
+ if($response != null){
+ return $response;
}
- if(Server::$mode == Server::MODE_SESSION){
- self::bootSessionServer($requestInterface);
- }else{
- self::bootRestServer($requestInterface);
- }
+ self::bootSessionServer($requestInterface);
try{
+
ConfService::reloadServicesAndActivePlugins();
+
}catch (NoActiveWorkspaceException $ex){
- if(Server::$mode != Server::MODE_SESSION) throw $ex;
+
$logged = AuthService::getLoggedUser();
if($logged !== null) $lock = $logged->getLock();
if(empty($lock)){
throw new AuthRequiredException();
}
+
}
return Server::callNextMiddleWare($requestInterface, $responseInterface, $next);
@@ -108,8 +84,7 @@ protected static function bootSessionServer(ServerRequestInterface $request){
ConfService::switchRootDir($_SESSION["SWITCH_BACK_REPO_ID"]);
unset($_SESSION["SWITCH_BACK_REPO_ID"]);
}
-
-
+
if (AuthService::usersEnabled()) {
$loggedUser = AuthService::getLoggedUser();
if ($loggedUser != null) {
@@ -127,32 +102,4 @@ protected static function bootSessionServer(ServerRequestInterface $request){
}
- protected static function bootRestServer(ServerRequestInterface $request){
-
- if(AuthService::getLoggedUser() == null){
- header('HTTP/1.0 401 Unauthorized');
- echo 'You are not authorized to access this API.';
- exit;
- }
-
- $repoID = $request->getAttribute("repository_id");
- if($repoID == 'pydio'){
- ConfService::switchRootDir();
- $repo = ConfService::getRepository();
- }else{
- $repo = ConfService::findRepositoryByIdOrAlias($repoID);
- if ($repo == null) {
- throw new WorkspaceNotFoundException($repoID);
- }
- if(!ConfService::repositoryIsAccessible($repo->getId(), $repo, AuthService::getLoggedUser(), false, true)){
- header('HTTP/1.0 401 Unauthorized');
- echo 'You are not authorized to access this workspace.';
- exit;
- }
- ConfService::switchRootDir($repo->getId());
- }
-
- }
-
-
}
@@ -23,7 +23,7 @@
use \Psr\Http\Message\ServerRequestInterface;
use \Psr\Http\Message\ResponseInterface;
use Pydio\Core\Exception\PydioException;
-use Pydio\Core\Http\ApiRouter;
+use Pydio\Core\Http\Rest\ApiRouter;
use Pydio\Core\Http\Response\SerializableResponseStream;
use Pydio\Core\Http\Server;
use Pydio\Core\Utils\Utils;
@@ -58,31 +58,7 @@ public function handleRequest(ServerRequestInterface $request, ResponseInterface
}
}
- $serverData = $request->getServerParams();
- if(Server::$mode == Server::MODE_REST){
-
- $router = new ApiRouter([]);
- if(!$router->route($request, $response)){
- throw new PydioException("Could not find any endpoint for this URI");
- }
-
- }else{
-
- if(isSet($params["get_action"])){
- $action = $params["get_action"];
- }else if(isSet($params["action"])){
- $action = $params["action"];
- }else if (preg_match('/MSIE 7/',$serverData['HTTP_USER_AGENT']) || preg_match('/MSIE 8/',$serverData['HTTP_USER_AGENT'])) {
- $action = "get_boot_gui";
- } else {
- $action = (strpos($serverData["HTTP_ACCEPT"], "text/html") !== false ? "get_boot_gui" : "ping");
- }
- $request = $request
- ->withAttribute("action", Utils::sanitize($action, AJXP_SANITIZE_EMAILCHARS))
- ->withAttribute("api", "session")
- ;
-
- }
+ $this->parseRequestRouteAndParams($request, $response);
$response = Server::callNextMiddleWare($request, $response, $next);
@@ -92,6 +68,26 @@ public function handleRequest(ServerRequestInterface $request, ResponseInterface
$this->emitResponse($request, $response);
}
+ protected function parseRequestRouteAndParams(ServerRequestInterface &$request, ResponseInterface &$responseInterface){
+
+ $serverData = $request->getServerParams();
+ $params = $request->getParsedBody();
+ if(isSet($params["get_action"])){
+ $action = $params["get_action"];
+ }else if(isSet($params["action"])){
+ $action = $params["action"];
+ }else if (preg_match('/MSIE 7/',$serverData['HTTP_USER_AGENT']) || preg_match('/MSIE 8/',$serverData['HTTP_USER_AGENT'])) {
+ $action = "get_boot_gui";
+ } else {
+ $action = (strpos($serverData["HTTP_ACCEPT"], "text/html") !== false ? "get_boot_gui" : "ping");
+ }
+ $request = $request
+ ->withAttribute("action", Utils::sanitize($action, AJXP_SANITIZE_EMAILCHARS))
+ ->withAttribute("api", "session")
+ ;
+
+ }
+
public function emitResponse(ServerRequestInterface $request, ResponseInterface $response){
if($response !== false && $response->getBody() && $response->getBody() instanceof SerializableResponseStream){
/**
@@ -18,7 +18,7 @@
*
* The latest code can be found at <http://pyd.io/>.
*/
-namespace Pydio\Core\Http;
+namespace Pydio\Core\Http\Rest;
use Psr\Http\Message\ResponseInterface;
use Psr\Http\Message\ServerRequestInterface;
@@ -0,0 +1,42 @@
+<?php
+/*
+ * Copyright 2007-2015 Abstrium <contact (at) pydio.com>
+ * This file is part of Pydio.
+ *
+ * Pydio is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Pydio is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with Pydio. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * The latest code can be found at <http://pyd.io/>.
+ */
+namespace Pydio\Core\Http\Rest;
+
+use \Psr\Http\Message\ServerRequestInterface;
+use \Psr\Http\Message\ResponseInterface;
+use Pydio\Core\Exception\PydioException;
+
+defined('AJXP_EXEC') or die('Access not allowed');
+
+
+class RestApiMiddleware extends \Pydio\Core\Http\Middleware\SapiMiddleware
+{
+
+ protected function parseRequestRouteAndParams(ServerRequestInterface &$request, ResponseInterface &$response){
+
+ $router = new ApiRouter([]);
+ if(!$router->route($request, $response)){
+ throw new PydioException("Could not find any endpoint for this URI");
+ }
+
+ }
+
+}
@@ -0,0 +1,81 @@
+<?php
+/*
+ * Copyright 2007-2015 Abstrium <contact (at) pydio.com>
+ * This file is part of Pydio.
+ *
+ * Pydio is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Pydio is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with Pydio. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * The latest code can be found at <http://pyd.io/>.
+ */
+namespace Pydio\Core\Http\Rest;
+
+use Psr\Http\Message\ServerRequestInterface;
+use Pydio\Authfront\Core\FrontendsLoader;
+use Pydio\Core\Exception\PydioException;
+use Pydio\Core\Exception\WorkspaceNotFoundException;
+use Pydio\Core\Http\Rest\RestServer;
+use Pydio\Core\Services\AuthService;
+use Pydio\Core\Services\ConfService;
+
+defined('AJXP_EXEC') or die('Access not allowed');
+
+
+class RestAuthMiddleware
+{
+
+ /**
+ * @param ServerRequestInterface $requestInterface
+ * @param \Psr\Http\Message\ResponseInterface $responseInterface
+ * @return \Psr\Http\Message\ResponseInterface
+ * @param callable|null $next
+ * @throws PydioException
+ */
+ public static function handleRequest(\Psr\Http\Message\ServerRequestInterface &$requestInterface, \Psr\Http\Message\ResponseInterface &$responseInterface, callable $next = null){
+
+ $response = FrontendsLoader::frontendsAsAuthMiddlewares($requestInterface, $responseInterface);
+ if($response != null){
+ return $response;
+ }
+
+ if(AuthService::getLoggedUser() == null){
+ header('HTTP/1.0 401 Unauthorized');
+ echo 'You are not authorized to access this API.';
+ exit;
+ }
+
+ $repoID = $requestInterface->getAttribute("repository_id");
+ if($repoID == 'pydio'){
+ ConfService::switchRootDir();
+ ConfService::getRepository();
+ }else{
+ $repo = ConfService::findRepositoryByIdOrAlias($repoID);
+ if ($repo == null) {
+ throw new WorkspaceNotFoundException($repoID);
+ }
+ if(!ConfService::repositoryIsAccessible($repo->getId(), $repo, AuthService::getLoggedUser(), false, true)){
+ header('HTTP/1.0 401 Unauthorized');
+ echo 'You are not authorized to access this workspace.';
+ exit;
+ }
+ ConfService::switchRootDir($repo->getId());
+ }
+
+ ConfService::reloadServicesAndActivePlugins();
+
+ return RestServer::callNextMiddleWare($requestInterface, $responseInterface, $next);
+
+ }
+
+
+}
Oops, something went wrong.

0 comments on commit b06aa8e

Please sign in to comment.