2020-05-22 13:20:31 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
|
|
namespace Shaarli\Front\Controller\Admin;
|
|
|
|
|
|
|
|
use Shaarli\Front\Controller\Visitor\ShaarliVisitorController;
|
2020-05-27 13:35:48 +02:00
|
|
|
use Shaarli\Front\Exception\WrongTokenException;
|
|
|
|
use Shaarli\Security\SessionManager;
|
|
|
|
use Slim\Http\Request;
|
2020-05-22 13:20:31 +02:00
|
|
|
|
2020-05-27 13:35:48 +02:00
|
|
|
/**
|
|
|
|
* Class ShaarliAdminController
|
|
|
|
*
|
|
|
|
* All admin controllers (for logged in users) MUST extend this abstract class.
|
|
|
|
* It makes sure that the user is properly logged in, and otherwise throw an exception
|
|
|
|
* which will redirect to the login page.
|
|
|
|
*
|
|
|
|
* @package Shaarli\Front\Controller\Admin
|
|
|
|
*/
|
2020-05-22 13:20:31 +02:00
|
|
|
abstract class ShaarliAdminController extends ShaarliVisitorController
|
|
|
|
{
|
2020-05-27 13:35:48 +02:00
|
|
|
/**
|
|
|
|
* Any persistent action to the config or data store must check the XSRF token validity.
|
|
|
|
*/
|
2020-05-27 14:13:49 +02:00
|
|
|
protected function checkToken(Request $request): bool
|
2020-05-27 13:35:48 +02:00
|
|
|
{
|
|
|
|
if (!$this->container->sessionManager->checkToken($request->getParam('token'))) {
|
|
|
|
throw new WrongTokenException();
|
|
|
|
}
|
2020-05-27 14:13:49 +02:00
|
|
|
|
|
|
|
return true;
|
2020-05-27 13:35:48 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Save a SUCCESS message in user session, which will be displayed on any template page.
|
|
|
|
*/
|
|
|
|
protected function saveSuccessMessage(string $message): void
|
|
|
|
{
|
|
|
|
$this->saveMessage(SessionManager::KEY_SUCCESS_MESSAGES, $message);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Save a WARNING message in user session, which will be displayed on any template page.
|
|
|
|
*/
|
|
|
|
protected function saveWarningMessage(string $message): void
|
|
|
|
{
|
|
|
|
$this->saveMessage(SessionManager::KEY_WARNING_MESSAGES, $message);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Save an ERROR message in user session, which will be displayed on any template page.
|
|
|
|
*/
|
|
|
|
protected function saveErrorMessage(string $message): void
|
|
|
|
{
|
|
|
|
$this->saveMessage(SessionManager::KEY_ERROR_MESSAGES, $message);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Use the sessionManager to save the provided message using the proper type.
|
|
|
|
*
|
2021-08-22 15:32:05 +02:00
|
|
|
* @param string $type successes/warnings/errors
|
2020-05-27 13:35:48 +02:00
|
|
|
*/
|
|
|
|
protected function saveMessage(string $type, string $message): void
|
|
|
|
{
|
|
|
|
$messages = $this->container->sessionManager->getSessionParameter($type) ?? [];
|
|
|
|
$messages[] = $message;
|
|
|
|
|
|
|
|
$this->container->sessionManager->setSessionParameter($type, $messages);
|
|
|
|
}
|
2020-05-22 13:20:31 +02:00
|
|
|
}
|