Elgg  Version 6.0
MaintenanceGatekeeper.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Router\Middleware;
4 
5 use Elgg\Request;
6 
11 
19  public function __invoke(Request $request) {
20  if ($request->elgg()->session_manager->isAdminLoggedIn()) {
21  return;
22  }
23 
24  if (!$request->elgg()->config->elgg_maintenance_mode) {
25  return;
26  }
27 
28  // check event
29  if (self::allowCurrentUrl($request)) {
30  return;
31  }
32 
33  if (str_starts_with($request->getRoute(), 'action:')) {
34  if ($this->isAllowedAction($request)) {
35  return;
36  }
37 
38  return elgg_error_response(elgg_echo('actionunauthorized'));
39  }
40 
42 
43  _elgg_services()->responseFactory->respondFromContent($response);
44 
45  return $response;
46  }
47 
55  protected function isAllowedAction(Request $request): bool {
56  $route = $request->getRoute();
57  if ($route !== 'action:login') {
58  return false;
59  }
60 
61  $user = elgg_get_user_by_username((string) $request->getParam('username'), true);
62  if ($user instanceof \ElggUser && $user->isAdmin()) {
63  return true;
64  }
65 
66  return false;
67  }
68 
76  protected static function allowCurrentUrl(Request $request): bool {
77  $current_url = $request->getURL();
78  $site_path = preg_replace('/^https?/', '', elgg_get_site_url());
79  $current_path = preg_replace('/^https?/', '', $current_url);
80  if (elgg_strpos($current_path, $site_path) === 0) {
81  $current_path = ($current_path === $site_path) ? '' : elgg_substr($current_path, elgg_strlen($site_path));
82  } else {
83  $current_path = false;
84  }
85 
86  // allow plugins to control access for specific URLs/paths
87  $params = [
88  'request' => $request,
89  'current_path' => $current_path,
90  'current_url' => $current_url,
91  ];
92 
93  return (bool) elgg_trigger_event_results('maintenance:allow', 'url', $params, false);
94  }
95 }
getURL()
Get URL of the request.
Definition: Request.php:133
$params
Saves global plugin settings.
Definition: save.php:13
elgg_ok_response($content= '', string|array $message= '', string $forward_url=null, int $status_code=ELGG_HTTP_OK)
Prepares a successful response to be returned by a page or an action handler.
$response
Definition: content.php:10
elgg_get_user_by_username(string $username, bool $try_email=false)
Get a user by username.
Definition: users.php:39
$request
Definition: livesearch.php:12
elgg_echo(string $message_key, array $args=[], string $language= '')
Elgg language module Functions to manage language and translations.
Definition: languages.php:17
elgg_trigger_event_results(string $event, string $type, array $params=[], $returnvalue=null)
Triggers an event where it is expected that the mixed return value could be manipulated by event call...
Definition: events.php:117
getParam($key, $default=null, $filter=true)
Get an element of the params array.
Definition: Request.php:67
elgg_view_resource(string $name, array $vars=[])
Render a resource view.
Definition: views.php:307
elgg_strlen()
Wrapper function for mb_strlen().
Definition: mb_wrapper.php:53
elgg_error_response(string|array $message= '', string $forward_url=REFERRER, int $status_code=ELGG_HTTP_BAD_REQUEST)
Prepare an error response to be returned by a page or an action handler.
const ELGG_HTTP_SERVICE_UNAVAILABLE
Definition: constants.php:94
elgg_strpos()
Wrapper function for mb_strpos().
Definition: mb_wrapper.php:71
$user
Definition: ban.php:7
elgg()
Get the DI container.
Definition: Request.php:125
elgg_get_site_url()
Get the URL for the current (or specified) site, ending with "/".
Protects a route if site is in maintenance mode.
static allowCurrentUrl(Request $request)
When in maintenance mode, should the current URL be handled normally?
elgg_substr()
Wrapper function for mb_substr().
Definition: mb_wrapper.php:195
isAllowedAction(Request $request)
Checks if current action is allowed.
getRoute()
Get the name of the route.
Definition: Request.php:42
Request container.
Definition: Request.php:12
_elgg_services()
Get the global service provider.
Definition: elgglib.php:351
$site_path
Definition: details.php:69