Elgg  Version 3.0
ActionsService.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg;
4 
9 use Elgg\Router\Middleware\Gatekeeper as MiddlewareGateKeeper;
11 
21 
25  private static $access_levels = ['public', 'logged_in', 'admin'];
26 
31  private static $bypass_csrf = [
32  'logout',
33  ];
34 
38  protected $routes;
39 
43  protected $handlers;
44 
51  public function __construct(RouteRegistrationService $routes, HandlersService $handlers) {
52  $this->routes = $routes;
53  $this->handlers = $handlers;
54  }
55 
70  public function register($action, $handler = "", $access = 'logged_in') {
71  // plugins are encouraged to call actions with a trailing / to prevent 301
72  // redirects but we store the actions without it
73  $action = trim($action, '/');
74 
75  if (empty($handler)) {
76  $path = Paths::elgg() . 'actions';
77  $handler = Paths::sanitize("$path/$action.php", false);
78  }
79 
80  $file = null;
81  $controller = null;
82 
83  if (is_string($handler) && substr($handler, -4) === '.php') {
84  $file = $handler;
85  } else {
86  $controller = $handler;
87  }
88 
89  if (!in_array($access, self::$access_levels)) {
90  _elgg_services()->logger->error("Unrecognized value '$access' for \$access in " . __METHOD__);
91  $access = 'admin';
92  }
93 
94  $middleware = [];
95 
96  if (!in_array($action, self::$bypass_csrf)) {
97  $middleware[] = CsrfFirewall::class;
98  }
99 
100  if ($access == 'admin') {
101  $middleware[] = AdminGatekeeper::class;
102  } else if ($access == 'logged_in') {
103  $middleware[] = MiddlewareGateKeeper::class;
104  }
105 
106  $middleware[] = ActionMiddleware::class;
107 
108  $this->routes->register("action:$action", [
109  'path' => "/action/$action",
110  'file' => $file,
111  'controller' => $controller,
112  'middleware' => $middleware,
113  'walled' => false,
114  ]);
115 
116  return true;
117  }
118 
128  public function unregister($action) {
129  $action = trim($action, '/');
130 
131  $route = $this->routes->get("action:$action");
132  if (!$route) {
133  return false;
134  }
135 
136  $this->routes->unregister("action:$action");
137  return true;
138  }
139 
149  public function exists($action) {
150  $action = trim($action, '/');
151  $route = $this->routes->get("action:$action");
152  if (!$route) {
153  return false;
154  }
155 
156  $file = $route->getDefault('_file');
157  $controller = $route->getDefault('_controller');
158 
159  if (!$file && !$controller) {
160  return false;
161  }
162 
163  if ($file && !file_exists($file)) {
164  return false;
165  }
166 
167  if ($controller && !$this->handlers->isCallable($controller)) {
168  return false;
169  }
170 
171  return true;
172  }
173 
179  public function getAllActions() {
180  $actions = [];
181  $routes = $this->routes->all();
182  foreach ($routes as $name => $route) {
183  if (strpos($name, 'action:') !== 0) {
184  continue;
185  }
186 
187  $action = substr($name, 7);
188 
189  $access = 'public';
190  $middleware = $route->getDefault('_middleware');
191  if (in_array(MiddlewareGateKeeper::class, $middleware)) {
192  $access = 'logged_in';
193  } else if (in_array(AdminGatekeeper::class, $middleware)) {
194  $access = 'admin';
195  }
196 
197  $actions[$action] = array_filter([
198  'file' => $route->getDefault('_file'),
199  'controller' => $route->getDefault('_controller'),
200  'access' => $access,
201  ]);
202  }
203 
204  return $actions;
205  }
206 }
$action
Definition: full.php:111
if(!$user||!$user->canDelete()) $name
Definition: delete.php:22
if(!array_key_exists($filename, $text_files)) $file
Helpers for providing callable-based APIs.
__construct(RouteRegistrationService $routes, HandlersService $handlers)
Constructor.
$path
Definition: details.php:89
getAllActions()
Get all actions.
Configuration exception.
Protects a route from non-authenticated users.
Definition: Gatekeeper.php:11
if(!$menu instanceof\Elgg\Menu\PreparedMenu) $actions
Definition: user_hover.php:16
unregister($action)
Unregisters an action.
WARNING: API IN FLUX.
class
Definition: placeholder.php:21
_elgg_services()
Get the global service provider.
Definition: elgglib.php:1292
$handler
Definition: add.php:7
exists($action)
Check if an action is registered and its script exists.
var elgg
Definition: elgglib.js:4
$access
Definition: save.php:18