openrat-cms

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README

UI.class.php (3814B)


      1 <?php
      2 
      3 namespace cms\ui;
      4 
      5 use BadMethodCallException;
      6 use cms\action\RequestParams;
      7 use cms\base\Language as L;
      8 use cms\Dispatcher;
      9 use Exception;
     10 use template_engine\engine\TemplateRunner;
     11 use util\Http;
     12 use logger\Logger;
     13 use LogicException;
     14 use \util\exception\ObjectNotFoundException;
     15 use util\exception\UIException;
     16 use util\exception\SecurityException;
     17 use template_engine\engine\TemplateEngine;
     18 use util\text\TextMessage;
     19 
     20 
     21 /**
     22  * Executing the Openrat CMS User Interface.
     23  * The request is executed by a dispatcher and the output is displayed with a template.
     24  *
     25  * @package cms\ui
     26  */
     27 class UI
     28 {
     29     /**
     30      * Shows the complete UI.
     31      */
     32     public static function execute()
     33     {
     34         $request = new RequestParams();
     35 
     36         try
     37         {
     38             define('COOKIE_PATH',dirname($_SERVER['SCRIPT_NAME']).'/');
     39 
     40             // Everything is UTF-8.
     41             header('Content-Type: text/html; charset=UTF-8');
     42 
     43             // Sending the Content-Security-Policy.
     44             self::setContentSecurityPolicy();
     45 
     46 			if   ( @$_REQUEST['scope']=='openid' ) {
     47 			    $request->action = 'login';
     48 			    $request->method = 'oidc';
     49 			}
     50 			elseif (empty($request->action)) {
     51                 $request->action = 'index';
     52                 $request->method = 'show';
     53 			}
     54 
     55             if   ( $request->isAction )
     56             	throw new \RuntimeException('The UI does not accept POST requests');
     57 
     58             if   ( in_array( $request->action,['index','tree','title','usergroup']) )
     59 				$request->isUIAction = true;
     60 
     61             UI::executeAction($request);
     62 
     63         } catch (BadMethodCallException $e) {
     64             // Action-Method does not exist.
     65             Logger::debug( $e );
     66             Http::noContent();
     67         } catch (ObjectNotFoundException $e) {
     68             Logger::debug( $e ); // only debug, because this may happen on links to deleted objects.
     69             Http::noContent();
     70         } catch (UIException $e) {
     71             Logger::warn( $e );
     72             throw new LogicException(L::lang($e->key,$e->params),0, $e);
     73         } catch (SecurityException $e) {
     74             Logger::info($e);
     75             Http::noContent();
     76 
     77             // this is not good at all, because the user may have signed off.
     78             //Http::notAuthorized("You are not allowed to execute this action.");
     79         } catch (Exception $e) {
     80             Logger::warn( $e );
     81             throw new LogicException("Internal CMS error",0, $e);
     82         }
     83     }
     84 
     85 
     86     private static function executeAction($request)
     87     {
     88         $dispatcher = new Dispatcher();
     89         $dispatcher->request = $request;
     90 
     91         $data = $dispatcher->doAction();
     92 
     93 
     94         // The action is able to change its method and action name.
     95         $subaction = $dispatcher->request->method;
     96         $action    = $dispatcher->request->action;
     97 
     98         UI::outputTemplate($request,$action, $subaction, $data['output']);
     99     }
    100 
    101 
    102 	/**
    103 	 * Executes and outputs a HTML template.
    104 	 *
    105 	 * @param $request RequestParams
    106 	 * @param $action string action
    107 	 * @param $subaction string method
    108 	 * @param $outputData array Output data
    109 	 */
    110     private static function outputTemplate($request, $action, $subaction, $outputData)
    111     {
    112         $templateFile = __DIR__ . '/themes/default/html/views/' . $action.'/'.$subaction . '.php';
    113 
    114         if   ( DEVELOPMENT )
    115             header('X-OR-Template: '.$templateFile);
    116 
    117         $engine = new TemplateRunner();
    118         $engine->request = $request;
    119         $engine->executeTemplate( $templateFile, $outputData );
    120     }
    121 
    122 
    123     /**
    124      * Content-Security-Policy.
    125      */
    126     private static function setContentSecurityPolicy()
    127     {
    128         // config is not loaded yet. Allow nothing...
    129         header('Content-Security-Policy: default-src \'none\'' );
    130 
    131         // This will be overwritten by the index action
    132     }
    133     
    134     
    135 }