Elgg  Version 4.3
MaintenanceGatekeeper.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Router\Middleware;
4 
5 use Elgg\Request;
6 
11 
19  public function __invoke(Request $request) {
20  if ($request->elgg()->session->isAdminLoggedIn()) {
21  return;
22  }
23 
24  if (!$request->elgg()->config->elgg_maintenance_mode) {
25  return;
26  }
27 
28  // check hook
29  if (self::allowCurrentUrl($request)) {
30  return;
31  }
32 
33  if (strpos($request->getRoute(), 'action:') === 0) {
34  if ($this->isAllowedAction($request)) {
35  return;
36  }
37 
38  return elgg_error_response(elgg_echo('actionunauthorized'));
39  }
40 
42 
43  _elgg_services()->responseFactory->respondFromContent($response);
44 
45  return $response;
46  }
47 
55  protected function isAllowedAction(Request $request): bool {
56  $route = $request->getRoute();
57  if ($route !== 'action:login') {
58  return false;
59  }
60 
61  $username = $request->getParam('username');
62 
64 
65  if (!$user) {
67  if (!empty($users)) {
68  $user = $users[0];
69  }
70  }
71 
72  if ($user instanceof \ElggUser && $user->isAdmin()) {
73  return true;
74  }
75 
76  return false;
77  }
78 
86  protected static function allowCurrentUrl(Request $request): bool {
87  $current_url = $request->getURL();
88  $site_path = preg_replace('/^https?/', '', elgg_get_site_url());
89  $current_path = preg_replace('/^https?/', '', $current_url);
90  if (0 === elgg_strpos($current_path, $site_path)) {
91  $current_path = ($current_path === $site_path) ? '' : elgg_substr($current_path, elgg_strlen($site_path));
92  } else {
93  $current_path = false;
94  }
95 
96  // allow plugins to control access for specific URLs/paths
97  $params = [
98  'request' => $request,
99  'current_path' => $current_path,
100  'current_url' => $current_url,
101  ];
102 
103  return (bool) elgg_trigger_plugin_hook('maintenance:allow', 'url', $params, false);
104  }
105 }
getURL()
Get URL of the request.
Definition: Request.php:153
$params
Saves global plugin settings.
Definition: save.php:13
get_user_by_email($email)
Get an array of users from an email address.
Definition: users.php:52
if(empty($user_guids)) $users
Definition: ban.php:12
elgg_view_resource($name, array $vars=[])
Render a resource view.
Definition: views.php:335
$request
Definition: livesearch.php:11
$username
Definition: delete.php:23
getParam($key, $default=null, $filter=true)
Get an element of the params array.
Definition: Request.php:79
elgg_echo($message_key, array $args=[], $language="")
Elgg language module Functions to manage language and translations.
Definition: languages.php:18
elgg_strlen()
Wrapper function for mb_strlen().
Definition: mb_wrapper.php:52
get_user_by_username($username)
Get user by username.
Definition: users.php:41
const ELGG_HTTP_SERVICE_UNAVAILABLE
Definition: constants.php:109
elgg_strpos()
Wrapper function for mb_strpos().
Definition: mb_wrapper.php:69
$user
Definition: ban.php:7
elgg_trigger_plugin_hook($hook, $type, $params=null, $returnvalue=null)
Definition: elgglib.php:380
elgg()
Get the DI container.
Definition: Request.php:145
elgg_get_site_url()
Get the URL for the current (or specified) site, ending with "/".
Protects a route if site is in maintenance mode.
static allowCurrentUrl(Request $request)
When in maintenance mode, should the current URL be handled normally?
elgg_substr()
Wrapper function for mb_substr().
Definition: mb_wrapper.php:219
isAllowedAction(Request $request)
Checks if current action is allowed.
getRoute()
Get the name of the route.
Definition: Request.php:54
elgg_error_response($message= '', $forward_url=REFERRER, int $status_code=ELGG_HTTP_BAD_REQUEST)
Prepare an error response to be returned by a page or an action handler.
Request container.
Definition: Request.php:12
elgg_ok_response($content= '', $message= '', $forward_url=null, int $status_code=ELGG_HTTP_OK)
Prepares a successful response to be returned by a page or an action handler.
_elgg_services()
Get the global service provider.
Definition: elgglib.php:638
$site_path
Definition: details.php:67