Elgg  Version master
WalledGarden.php
Go to the documentation of this file.
1 <?php
2 
3 namespace Elgg\Router\Middleware;
4 
6 use Elgg\Request;
7 
11 class WalledGarden {
12 
21  public function __invoke(Request $request) {
22  if ($request->elgg()->session_manager->isLoggedIn()) {
23  return;
24  }
25 
26  if (!$request->elgg()->config->walled_garden) {
27  return;
28  }
29 
30  $url = $request->getURL();
31 
32  if ($this->isPublicPage($url)) {
33  return;
34  }
35 
36  if (!$request->isXhr()) {
37  $request->elgg()->session->set('last_forward_from', $url);
38  }
39 
40  throw new WalledGardenException();
41  }
42 
53  protected function isPublicPage(string $url): bool {
54  $parts = parse_url($url);
55  unset($parts['query']);
56  unset($parts['fragment']);
57  $url = elgg_http_build_url($parts);
58  $url = rtrim($url, '/') . '/';
59 
60  $site_url = _elgg_services()->config->wwwroot;
61 
62  if ($url == $site_url) {
63  // always allow index page
64  return true;
65  }
66 
67  // default public pages
68  $defaults = [
69  'ajax/view/languages.js',
70  'css/.*',
71  'js/.*',
72  'cache/[0-9]+/\w+/.*',
73  'serve-file/.*',
74  ];
75 
76  $params = [
77  'url' => $url,
78  ];
79 
80  $public_routes = _elgg_services()->events->triggerResults('public_pages', 'walled_garden', $params, $defaults);
81 
82  $site_url = preg_quote($site_url);
83  foreach ($public_routes as $public_route) {
84  $pattern = "`^{$site_url}{$public_route}/*$`i";
85  if (preg_match($pattern, $url)) {
86  return true;
87  }
88  }
89 
90  // non-public page
91  return false;
92  }
93 }
getURL()
Get URL of the request.
Definition: Request.php:133
$params
Saves global plugin settings.
Definition: save.php:13
$defaults
Generic entity header upload helper.
Definition: header.php:6
$request
Definition: livesearch.php:12
__invoke(Request $request)
Gatekeeper.
isXhr()
Is the route access with XmlHttpRequest.
Definition: Request.php:149
elgg_http_build_url(array $parts, bool $html_encode=true)
Builds a URL from the a parts array like one returned by parse_url().
Definition: elgglib.php:131
elgg()
Get the DI container.
Definition: Request.php:125
Protects a route from non-authenticated users in a walled garden mode.
isPublicPage(string $url)
Checks if the page should be allowed to be served in a walled garden mode.
Thrown when walled garden gatekeeper prevents access.
Request container.
Definition: Request.php:12
$site_url
Definition: upgrade.php:3
foreach($plugin_guids as $guid) if(empty($deactivated_plugins)) $url
Definition: deactivate.php:39
_elgg_services()
Get the global service provider.
Definition: elgglib.php:351