Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 27 |
|
0.00% |
0 / 8 |
CRAP | |
0.00% |
0 / 1 |
| Embed | |
0.00% |
0 / 27 |
|
0.00% |
0 / 8 |
182 | |
0.00% |
0 / 1 |
| __construct | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| node | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| create | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| bootstrap | |
0.00% |
0 / 16 |
|
0.00% |
0 / 1 |
30 | |||
| redirect | |
0.00% |
0 / 5 |
|
0.00% |
0 / 1 |
6 | |||
| panelBasePath | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| embedPath | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| embedCreatePath | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
| 1 | <?php |
| 2 | |
| 3 | declare(strict_types=1); |
| 4 | |
| 5 | namespace Cosray\Controller; |
| 6 | |
| 7 | use Celemas\Core\Exception\HttpForbidden; |
| 8 | use Celemas\Core\Exception\HttpUnauthorized; |
| 9 | use Celemas\Core\Factory\Factory; |
| 10 | use Celemas\Core\Request; |
| 11 | use Celemas\Core\Response; |
| 12 | use Cosray\Auth; |
| 13 | use Cosray\Config; |
| 14 | use Cosray\Users; |
| 15 | use SensitiveParameter; |
| 16 | |
| 17 | class Embed |
| 18 | { |
| 19 | private const string PANEL_PATH = '/panel'; |
| 20 | |
| 21 | public function __construct( |
| 22 | protected readonly Request $request, |
| 23 | protected readonly Config $config, |
| 24 | protected readonly Factory $factory, |
| 25 | protected readonly Users $users, |
| 26 | ) {} |
| 27 | |
| 28 | public function node(#[SensitiveParameter] string $token, string $type, string $node): Response |
| 29 | { |
| 30 | return $this->bootstrap($token, $this->embedPath($type, $node)); |
| 31 | } |
| 32 | |
| 33 | public function create(#[SensitiveParameter] string $token, string $type): Response |
| 34 | { |
| 35 | return $this->bootstrap($token, $this->embedCreatePath($type)); |
| 36 | } |
| 37 | |
| 38 | protected function bootstrap(#[SensitiveParameter] string $token, string $path): Response |
| 39 | { |
| 40 | $auth = new Auth( |
| 41 | $this->request->unwrap(), |
| 42 | $this->users, |
| 43 | $this->config, |
| 44 | $this->request->get('session', null), |
| 45 | ); |
| 46 | $user = $auth->user(); |
| 47 | |
| 48 | if ($user && $user->hasPermission('panel')) { |
| 49 | $auth->invalidateOneTimeToken($token); |
| 50 | |
| 51 | return $this->redirect($path); |
| 52 | } |
| 53 | |
| 54 | $user = $auth->authenticateByOneTimeToken($token, true); |
| 55 | |
| 56 | if (!$user) { |
| 57 | throw new HttpUnauthorized($this->request); |
| 58 | } |
| 59 | |
| 60 | if (!$user->hasPermission('panel')) { |
| 61 | throw new HttpForbidden($this->request); |
| 62 | } |
| 63 | |
| 64 | return $this->redirect($path); |
| 65 | } |
| 66 | |
| 67 | protected function redirect(string $path): Response |
| 68 | { |
| 69 | $url = $this->panelBasePath() . $path; |
| 70 | $query = $this->request->uri()->getQuery(); |
| 71 | |
| 72 | if ($query !== '') { |
| 73 | $url .= '?' . $query; |
| 74 | } |
| 75 | |
| 76 | return Response::create($this->factory)->redirect($url); |
| 77 | } |
| 78 | |
| 79 | protected function panelBasePath(): string |
| 80 | { |
| 81 | return self::PANEL_PATH; |
| 82 | } |
| 83 | |
| 84 | protected function embedPath(string $type, string $node): string |
| 85 | { |
| 86 | return '/embed/node/' . rawurlencode($type) . '/' . rawurlencode($node); |
| 87 | } |
| 88 | |
| 89 | protected function embedCreatePath(string $type): string |
| 90 | { |
| 91 | return '/embed/node/' . rawurlencode($type) . '/create'; |
| 92 | } |
| 93 | } |