123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543 |
- <?php
- declare(strict_types=1);
- namespace Grav\Plugin\FlexObjects\Controllers;
- use Grav\Common\Grav;
- use Grav\Framework\Flex\FlexForm;
- use Grav\Framework\Flex\FlexObject;
- use Grav\Framework\Flex\Interfaces\FlexAuthorizeInterface;
- use Grav\Framework\Route\Route;
- use Grav\Plugin\FlexObjects\Events\FlexTaskEvent;
- use Nyholm\Psr7\ServerRequest;
- use Psr\Http\Message\ResponseInterface;
- use Psr\Http\Message\ServerRequestInterface;
- use RocketTheme\Toolbox\Event\Event;
- use RuntimeException;
- /**
- * Object controller is for the frontend.
- *
- * Currently following tasks are supported:
- *
- * - save (create or update)
- * - create
- * - update
- * - delete
- * - reset
- * - preview
- */
- class ObjectController extends AbstractController
- {
- /**
- * Save object.
- *
- * Forwards call to either create or update task.
- *
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskSave(ServerRequestInterface $request): ResponseInterface
- {
- $form = $this->getForm();
- $object = $form->getObject();
- return $object->exists() ? $this->taskUpdate($request) : $this->taskCreate($request);
- }
- /**
- * Create object.
- *
- * Task fails if object exists.
- *
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskCreate(ServerRequestInterface $request): ResponseInterface
- {
- $this->checkAuthorization('create');
- $form = $this->getForm();
- $callable = function (array $data, array $files, FlexObject $object) {
- if (method_exists($object, 'storeOriginal')) {
- $object->storeOriginal();
- }
- $object->update($data, $files);
- if (\is_callable([$object, 'check'])) {
- $object->check($this->user);
- }
- $event = new FlexTaskEvent($this, $object, 'create');
- $this->grav->dispatchEvent($event);
- $object->save();
- };
- $form->setSubmitMethod($callable);
- $form->handleRequest($request);
- if (!$form->isValid()) {
- $error = $form->getError();
- if ($error) {
- $this->setMessage($error, 'error');
- }
- $errors = $form->getErrors();
- foreach ($errors as $field) {
- foreach ($field as $error) {
- $this->setMessage($error, 'error');
- }
- }
- $data = $form->getData();
- if (null !== $data) {
- $object = $form->getObject();
- $flash = $form->getFlash();
- $flash->setObject($object);
- $flash->setData($data->toArray());
- $flash->save();
- }
- return $this->createDisplayResponse();
- }
- // FIXME: make it conditional
- $grav = $this->grav;
- $grav->fireEvent('gitsync');
- $this->object = $form->getObject();
- $event = new Event(
- [
- 'task' => 'create',
- 'controller' => $this,
- 'object' => $this->object,
- 'response' => null,
- 'message' => null,
- ]
- );
- $this->grav->fireEvent("flex.{$this->type}.task.create.after", $event);
- $this->setMessage($event['message'] ?? $this->translate('PLUGIN_FLEX_OBJECTS.STATE.CREATED_SUCCESSFULLY'), 'info');
- if ($event['response']) {
- return $event['response'];
- }
- $redirect = $request->getAttribute('redirect', (string)$request->getUri());
- return $this->createRedirectResponse($redirect, 303);
- }
- /**
- * Update object.
- *
- * Task fails if object does not exist.
- *
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskUpdate(ServerRequestInterface $request): ResponseInterface
- {
- $this->checkAuthorization('update');
- $form = $this->getForm();
- $callable = function (array $data, array $files, FlexObject $object) {
- if (method_exists($object, 'storeOriginal')) {
- $object->storeOriginal();
- }
- $object->update($data, $files);
- if (\is_callable([$object, 'check'])) {
- $object->check($this->user);
- }
- $event = new FlexTaskEvent($this, $object, 'update');
- $this->grav->dispatchEvent($event);
- $object->save();
- };
- $form->setSubmitMethod($callable);
- $form->handleRequest($request);
- if (!$form->isValid()) {
- $error = $form->getError();
- if ($error) {
- $this->setMessage($error, 'error');
- }
- $errors = $form->getErrors();
- foreach ($errors as $field) {
- foreach ($field as $error) {
- $this->setMessage($error, 'error');
- }
- }
- $data = $form->getData();
- if (null !== $data) {
- $object = $form->getObject();
- $flash = $form->getFlash();
- $flash->setObject($object);
- $flash->setData($data->toArray());
- $flash->save();
- }
- return $this->createDisplayResponse();
- }
- // FIXME: make it conditional
- $grav = $this->grav;
- $grav->fireEvent('gitsync');
- $this->object = $form->getObject();
- $event = new Event(
- [
- 'task' => 'update',
- 'controller' => $this,
- 'object' => $this->object,
- 'response' => null,
- 'message' => null,
- ]
- );
- $this->grav->fireEvent("flex.{$this->type}.task.update.after", $event);
- $this->setMessage($event['message'] ?? $this->translate('PLUGIN_FLEX_OBJECTS.STATE.UPDATED_SUCCESSFULLY'), 'info');
- if ($event['response']) {
- return $event['response'];
- }
- $redirect = $request->getAttribute('redirect', (string)$request->getUri()->getPath());
- return $this->createRedirectResponse($redirect, 303);
- }
- /**
- * Delete object.
- *
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskDelete(ServerRequestInterface $request): ResponseInterface
- {
- $this->checkAuthorization('delete');
- $object = $this->getObject();
- if (!$object) {
- throw new RuntimeException('Not Found', 404);
- }
- $event = new FlexTaskEvent($this, $object, 'delete');
- $this->grav->dispatchEvent($event);
- $object->delete();
- // FIXME: make it conditional
- $grav = $this->grav;
- $grav->fireEvent('gitsync');
- $event = new Event(
- [
- 'task' => 'delete',
- 'controller' => $this,
- 'object' => $object,
- 'response' => null,
- 'message' => null,
- ]
- );
- $this->grav->fireEvent("flex.{$this->type}.task.delete.after", $event);
- $this->setMessage($this->translate($event['message'] ?? 'PLUGIN_FLEX_OBJECTS.STATE.DELETED_SUCCESSFULLY'), 'info');
- if ($event['response']) {
- return $event['response'];
- }
- $redirect = $request->getAttribute('redirect', (string)$request->getUri()->getPath());
- return $this->createRedirectResponse($redirect, 303);
- }
- /**
- * Reset form to original values.
- *
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskReset(ServerRequestInterface $request): ResponseInterface
- {
- $this->checkAuthorization('save');
- $flash = $this->getForm()->getFlash();
- $flash->delete();
- $redirect = $request->getAttribute('redirect', (string)$request->getUri()->getPath());
- return $this->createRedirectResponse($redirect, 303);
- }
- /**
- * Preview object.
- *
- * Takes a form input and converts it to visible presentation of the object.
- *
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskPreview(ServerRequestInterface $request): ResponseInterface
- {
- $this->checkAuthorization('save');
- /** @var FlexForm $form */
- $form = $this->getForm('edit');
- $form->setRequest($request);
- if (!$form->validate()) {
- $error = $form->getError();
- if ($error) {
- $this->setMessage($error, 'error');
- }
- $errors = $form->getErrors();
- foreach ($errors as $field) {
- foreach ($field as $error) {
- $this->setMessage($error, 'error');
- }
- }
- return $this->createRedirectResponse((string)$request->getUri(), 303);
- }
- $this->object = $form->updateObject();
- return $this->actionDisplayPreview();
- }
- /**
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskMediaList(ServerRequestInterface $request): ResponseInterface
- {
- $directory = $this->getDirectory();
- if (!$directory) {
- throw new RuntimeException('Not Found', 404);
- }
- return $this->forwardMediaTask('action', 'media.list');
- }
- /**
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskMediaUpload(ServerRequestInterface $request): ResponseInterface
- {
- $directory = $this->getDirectory();
- if (!$directory) {
- throw new RuntimeException('Not Found', 404);
- }
- return $this->forwardMediaTask('task', 'media.upload');
- }
- /**
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskMediaUploadMeta(ServerRequestInterface $request): ResponseInterface
- {
- $directory = $this->getDirectory();
- if (!$directory) {
- throw new RuntimeException('Not Found', 404);
- }
- return $this->forwardMediaTask('task', 'media.upload.meta');
- }
- /**
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskMediaReorder(ServerRequestInterface $request): ResponseInterface
- {
- $directory = $this->getDirectory();
- if (!$directory) {
- throw new RuntimeException('Not Found', 404);
- }
- return $this->forwardMediaTask('task', 'media.reorder');
- }
- /**
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskMediaDelete(ServerRequestInterface $request): ResponseInterface
- {
- $directory = $this->getDirectory();
- if (!$directory) {
- throw new RuntimeException('Not Found', 404);
- }
- return $this->forwardMediaTask('task', 'media.delete');
- }
- /**
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- */
- public function taskGetFilesInFolder(ServerRequestInterface $request): ResponseInterface
- {
- $directory = $this->getDirectory();
- if (!$directory) {
- throw new RuntimeException('Not Found', 404);
- }
- return $this->forwardMediaTask('action', 'media.picker');
- }
- /**
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- * @deprecated Do not use
- */
- public function taskFilesUpload(ServerRequestInterface $request): ResponseInterface
- {
- /** @var Route $route */
- $route = $this->grav['route'];
- if ($route->getParam('task') === 'media.upload') {
- return $this->taskMediaUpload($request);
- }
- throw new RuntimeException('Task filesUpload should not be called, please update form plugin!', 400);
- }
- /**
- * @param ServerRequestInterface $request
- * @return ResponseInterface
- * @deprecated Do not use
- */
- public function taskRemoveMedia(ServerRequestInterface $request): ResponseInterface
- {
- /** @var Route $route */
- $route = $this->grav['route'];
- if ($route->getParam('task') === 'media.delete') {
- return $this->taskMediaDelete($request);
- }
- throw new RuntimeException('Task removeMedia should not be called, please update form plugin!', 400);
- }
- /**
- * Display object preview.
- *
- * @return ResponseInterface
- */
- public function actionDisplayPreview(): ResponseInterface
- {
- $this->checkAuthorization('save');
- $this->checkAuthorization('read');
- $object = $this->getObject();
- if (!$object) {
- throw new RuntimeException('No object found!', 404);
- }
- $grav = Grav::instance();
- $grav['twig']->init();
- $grav['theme'];
- $content = [
- 'code' => 200,
- 'id' => $object->getKey(),
- 'exists' => $object->exists(),
- 'html' => (string)$object->render('preview', ['nocache' => []])
- ];
- $accept = $this->getAccept(['application/json', 'text/html']);
- if ($accept === 'text/html') {
- return $this->createHtmlResponse($content['html']);
- }
- if ($accept === 'application/json') {
- return $this->createJsonResponse($content);
- }
- throw new RuntimeException('Not found', 404);
- }
- /**
- * @param string $action
- * @param string|null $scope
- * @return void
- * @throws RuntimeException
- */
- public function checkAuthorization(string $action, string $scope = null): void
- {
- $object = $this->getObject();
- if (!$object) {
- throw new RuntimeException('Not Found', 404);
- }
- if ($object instanceof FlexAuthorizeInterface) {
- if (!$object->isAuthorized($action, $scope, $this->user)) {
- throw new RuntimeException('Forbidden', 403);
- }
- }
- }
- /**
- * @param string[] $actions
- * @return void
- * @throws RuntimeException
- */
- public function checkAuthorizations(array $actions): void
- {
- $object = $this->getObject();
- if (!$object) {
- throw new RuntimeException('Not Found', 404);
- }
- if ($object instanceof FlexAuthorizeInterface) {
- $test = false;
- foreach ($actions as $action) {
- $test |= $object->isAuthorized($action, null, $this->user);
- }
- if (!$test) {
- throw new RuntimeException('Forbidden', 403);
- }
- }
- }
- /**
- * @param string $type
- * @param string $name
- * @return ResponseInterface
- */
- protected function forwardMediaTask(string $type, string $name): ResponseInterface
- {
- /** @var Route $route */
- $route = $this->grav['route']->withGravParam('task', null)->withGravParam($type, $name);
- $object = $this->getObject();
- /** @var ServerRequest $request */
- $request = $this->grav['request'];
- $request = $request
- ->withAttribute($type, $name)
- ->withAttribute('type', $this->type)
- ->withAttribute('key', $this->key)
- ->withAttribute('storage_key', $object && $object->exists() ? $object->getStorageKey() : null)
- ->withAttribute('route', $route)
- ->withAttribute('forwarded', true)
- ->withAttribute('object', $object);
- $controller = new MediaController();
- if ($this->user) {
- $controller->setUser($this->user);
- }
- return $controller->handle($request);
- }
- }
|