Elgg  Version 3.0
WalledGarden.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Router\Middleware;
4 
5 use Elgg\Request;
7 
11 class WalledGarden {
12 
21  public function __invoke(Request $request) {
22  if ($request->elgg()->session->isLoggedIn()) {
23  return;
24  }
25 
26  if (!$request->elgg()->config->walled_garden) {
27  return;
28  }
29 
30  $url = $request->getURL();
31 
32  if ($this->isPublicPage($url)) {
33  return;
34  }
35 
36  if (!$request->isXhr()) {
37  $request->elgg()->session->set('last_forward_from', $url);
38  }
39 
40  throw new WalledGardenException();
41  }
42 
54  public static function isPublicPage($url = '') {
55  if (empty($url)) {
57  }
58 
59  $parts = parse_url($url);
60  unset($parts['query']);
61  unset($parts['fragment']);
62  $url = elgg_http_build_url($parts);
63  $url = rtrim($url, '/') . '/';
64 
65  $site_url = elgg()->config->wwwroot;
66 
67  if ($url == $site_url) {
68  // always allow index page
69  return true;
70  }
71 
72  // default public pages
73  $defaults = [
74  'walled_garden/.*',
75  'action/.*',
76  'login',
77  'register',
78  'forgotpassword',
79  'changepassword',
80  'refresh_token',
81  'ajax/view/languages.js',
82  'upgrade\.php',
83  'css/.*',
84  'js/.*',
85  'cache/[0-9]+/\w+/.*',
86  'cron/.*',
87  'services/.*',
88  'serve-file/.*',
89  'robots.txt',
90  'favicon.ico',
91  ];
92 
93  $params = [
94  'url' => $url,
95  ];
96 
97  $public_routes = elgg()->hooks->trigger('public_pages', 'walled_garden', $params, $defaults);
98 
99  $site_url = preg_quote($site_url);
100  foreach ($public_routes as $public_route) {
101  $pattern = "`^{$site_url}{$public_route}/*$`i";
102  if (preg_match($pattern, $url)) {
103  return true;
104  }
105  }
106 
107  // non-public page
108  return false;
109  }
110 }
getURL()
Get URL of the request.
Definition: Request.php:154
$params
Saves global plugin settings.
Definition: save.php:13
$defaults
$request
Page handler for autocomplete endpoint.
Definition: livesearch.php:9
Thrown when walled garden gatekeeper prevents access.
__invoke(Request $request)
Gatekeeper.
current_page_url()
Returns the current page&#39;s complete URL.
Definition: input.php:94
elgg parse_url
Parse a URL into its parts.
Definition: elgglib.js:442
isXhr()
Is the route access with XmlHttpRequest.
Definition: Request.php:170
$url
Definition: default.php:33
elgg()
Get the DI container.
Definition: Request.php:146
Protects a route from non-authenticated users in a walled garden mode.
elgg_http_build_url(array $parts, $html_encode=true)
Builds a URL from the a parts array like one returned by parse_url().
Definition: elgglib.php:859
Request container.
Definition: Request.php:13
$site_url
Definition: upgrade.php:3
var elgg
Definition: elgglib.js:4
static isPublicPage($url= '')
Checks if the page should be allowed to be served in a walled garden mode.