1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
<?php
/**
* ownCloud - News app
*
* @author Bernhard Posselt
* Copyright (c) 2012 - Bernhard Posselt <nukeawhale@gmail.com>
*
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file
*
*/
namespace OCA\News;
/**
* Used for mapping controllers and doing security checks
* @param Controller $controller: a new instance of the controller
* @param string $method: the name of the controller method that should be called
* @param bool $csrfCheck: if false, there wont be a csrf check. enable this on
* sites that are called with ajax
* @param bool $userLoggedIn: if false, there wont be a logged in check
*/
function serve($controller, $method, $csrfCheck=true, $userLoggedInCheck=true){
\OCP\App::setActiveNavigationEntry('news');
if(!\OC_App::isEnabled('news')){
\OCP\Util::writeLog('news', 'App news is not enabled!', \OCP\Util::ERROR);
exit();
}
if($userLoggedInCheck){
if(!\OC_User::isLoggedIn()){
\OCP\Util::writeLog('news', 'User is not logged in!', \OCP\Util::ERROR);
exit();
}
}
if($csrfCheck){
if(!\OC_Util::isCallRegistered()){
\OCP\Util::writeLog('news', 'CSRF check failed', \OCP\Util::ERROR);
exit();
}
}
$controller->$method(new Request());
}
/**
* This class is used to wrap $_GET and $_POST to improve testability of apps
*/
class Request {
public $get;
public $post;
public $user = null;
private $userId;
/**
* All parameters default to the built in $_GET, $_POST and \OCP\USER::getUser()
* @param array $get: an array with all get variables
* @param array $post: an array with all post variables
* @param string $userId: the id fo the user
*/
public function __construct($get=null, $post=null, $userId=null){
if($get === null){
$get = $_GET;
}
if($post === null){
$post = $_POST;
}
if($userId === null){
$userId = \OCP\USER::getUser();
}
$this->get = $get;
$this->post = $post;
$this->userId = $userId;
}
/**
* This is used to do lazy fetching for user data
*/
public function __get($name){
if($name === 'user' && $this->user === null){
// FIXME: get a new user instance
}
return $this->$name;
}
}
|