27 private static $access_levels = [
'public',
'logged_in',
'logged_out',
'admin'];
33 private static $bypass_csrf = [
54 $this->routes = $routes;
55 $this->handlers = $handlers;
74 $action =
trim($action,
'/');
76 if (empty($handler)) {
78 $handler = Paths::sanitize(
"$path/$action.php",
false);
84 if (is_string($handler) &&
substr($handler, -4) ===
'.php') {
90 if (!in_array($access, self::$access_levels)) {
91 $this->
getLogger()->error(
"Unrecognized value '{$access}' for \$access in " . __METHOD__);
97 if (!in_array($action, self::$bypass_csrf)) {
98 $middleware[] = CsrfFirewall::class;
101 if ($access ==
'admin') {
102 $middleware[] = AdminGatekeeper::class;
103 }
elseif ($access ==
'logged_in') {
104 $middleware[] = MiddlewareGateKeeper::class;
105 }
elseif ($access ==
'logged_out') {
106 $middleware[] = LoggedOutGatekeeper::class;
109 $middleware[] = ActionMiddleware::class;
111 $this->routes->register(
"action:$action", [
112 'path' =>
"/action/$action",
114 'controller' => $controller,
115 'middleware' => $middleware,
132 $action =
trim($action,
'/');
134 $route = $this->routes->get(
"action:$action");
139 $this->routes->unregister(
"action:$action");
153 $action =
trim($action,
'/');
154 $route = $this->routes->get(
"action:$action");
159 $file = $route->getDefault(
'_file');
160 $controller = $route->getDefault(
'_controller');
162 if (!$file && !$controller) {
166 if ($file && !file_exists($file)) {
170 if ($controller && !$this->handlers->isCallable($controller)) {
184 $routes = $this->routes->all();
185 foreach ($routes as
$name => $route) {
193 $middleware = (array) $route->getDefault(
'_middleware');
194 if (in_array(MiddlewareGateKeeper::class, $middleware)) {
195 $access =
'logged_in';
196 }
elseif (in_array(LoggedOutGatekeeper::class, $middleware)) {
197 $access =
'logged_out';
198 }
elseif (in_array(AdminGatekeeper::class, $middleware)) {
203 'file' => $route->getDefault(
'_file'),
204 'controller' => $route->getDefault(
'_controller'),
Helpers for providing callable-based APIs.
if(!$user||!$user->canDelete()) $name
__construct(RouteRegistrationService $routes, HandlersService $handlers)
Constructor.
exists(string $action)
Check if an action is registered and its script exists.
getAllActions()
Get all actions.
trait Loggable
Enables adding a logger.
Protects a route from non-authenticated users.
if(!$menu instanceof\Elgg\Menu\PreparedMenu) $actions
unregister(string $action)
Unregisters an action.
getLogger()
Returns logger.
if($item instanceof\ElggEntity) elseif($item instanceof\ElggRiverItem) elseif($item instanceof ElggRelationship) elseif(is_callable([$item, 'getType']))
Route registration service.