22 protected const ACCESS_LEVELS = [
'public',
'logged_in',
'logged_out',
'admin'];
27 protected const UNPROTECTED_ACTIONS = [
'logout'];
54 if (!in_array(
$access, self::ACCESS_LEVELS)) {
55 throw new DomainException(
"Unrecognized value '{$access}' for \$access in " . __METHOD__);
66 if (str_ends_with(
$handler,
'.php')) {
76 if (!in_array(
$action, self::UNPROTECTED_ACTIONS)) {
77 $middleware[] = CsrfFirewall::class;
81 $middleware[] = AdminGatekeeper::class;
83 $middleware[] = MiddlewareGateKeeper::class;
85 $middleware[] = LoggedOutGatekeeper::class;
88 $middleware[] = ActionMiddleware::class;
91 $middleware = array_merge($middleware, $additional_middleware);
93 $this->routes->register(
"action:{$action}", [
94 'path' =>
"/action/{$action}",
96 'controller' => $controller,
97 'middleware' => $middleware,
115 $this->routes->unregister(
"action:{$action}");
129 $route = $this->routes->get(
"action:$action");
134 $file = $route->getDefault(
'_file');
135 $controller = $route->getDefault(
'_controller');
137 if (!$file && !$controller) {
141 if ($file && !file_exists($file)) {
145 if ($controller && !$this->handlers->isCallable($controller)) {
159 $routes = $this->routes->all();
160 foreach ($routes as
$name => $route) {
161 if (!str_starts_with(
$name,
'action:')) {
168 $middleware = (array) $route->getDefault(
'_middleware');
169 if (in_array(MiddlewareGateKeeper::class, $middleware)) {
171 }
elseif (in_array(LoggedOutGatekeeper::class, $middleware)) {
173 }
elseif (in_array(AdminGatekeeper::class, $middleware)) {
178 'file' => $route->getDefault(
'_file'),
179 'controller' => $route->getDefault(
'_controller'),
if(! $user||! $user->canDelete()) $name
$params
Saves global plugin settings.
getAllActions()
Get all actions.
unregister(string $action)
Unregisters an action.
exists(string $action)
Check if an action is registered and its script exists.
__construct(protected RouteRegistrationService $routes, protected HandlersService $handlers)
Constructor.
Exception thrown if a value does not adhere to a defined valid data domain.
Helpers for providing callable-based APIs.
Find Elgg and project paths.
Some logic implemented before action is executed.
Protects a route from non-admin users.
Middleware for validating CSRF tokens.
Protects a route from non-authenticated users.
Protects a route from logged in users.
Route registration service.
if($item instanceof \ElggEntity) elseif($item instanceof \ElggRiverItem) elseif($item instanceof \ElggRelationship) elseif(is_callable([ $item, 'getType']))
elgg()
Bootstrapping and helper procedural code available for use in Elgg core and plugins.
elgg_extract($key, $array, $default=null, bool $strict=true)
Checks for $array[$key] and returns its value if it exists, else returns $default.
if(! $menu instanceof \Elgg\Menu\PreparedMenu) $actions