Skip to content

P
projet-cdaw
Switch branch/tag
Find file
Normal viewHistoryPermalink
Controller.class.php 2.44 KB
Newer Older
Zohten's avatar
duplicated TP4
25c654f9
 
Zohten committed
1 2 3 4 5 6 7 8 9 10 11 12 13 
<?php

/*
* A Controller is dedicated to process a request
* its responsabilities are:
* - analyses the action to be done
* - analyses the parameters
* - act on the model objects to perform the action
* - process the data
* - call the view and passes it the data
* - return the response
*/
Zohten's avatar
prettier fix
e66ffa47
 
Zohten committed
14 15 
abstract class Controller
{
Zohten's avatar
duplicated TP4
25c654f9
 
Zohten committed
16 17 18 
    protected $name;
    protected $request;
Zohten's avatar
prettier fix
e66ffa47
 
Zohten committed
19 20 
    public function __construct($name, $request)
    {
Zohten's avatar
duplicated TP4
25c654f9
 
Zohten committed
21 22 23 24 
        $this->request = $request;
        $this->name = $name;
    }
Zohten's avatar
prettier fix
e66ffa47
 
Zohten committed
25 
    abstract public function processRequest();
Zohten's avatar
duplicated TP4
25c654f9
 
Zohten committed
26
Zohten's avatar
prettier fix
e66ffa47
 
Zohten committed
27 28 
    public function execute()
    {
Zohten's avatar
ip blacklist filter
0358f501
 
Zohten committed
29 30 31 32 33 34 35 
        // Filtering with IP blacklist
        $ip_adress=$this->request->getIpAddr();
        if(Blacklist::isBannedIP($ip_adress)){
            $message = json_encode(["message" => "Your IP is banned!"]);
            return Response::unauthorizedResponse($message);
        };
Zohten's avatar
duplicated TP4
25c654f9
 
Zohten committed
36 
        $response = $this->processRequest();
Zohten's avatar
prettier fix
e66ffa47
 
Zohten committed
37 
        if (empty($response)) {
Zohten's avatar
duplicated TP4
25c654f9
 
Zohten committed
38 39 40 41 42 
            // $response = Response::serverErrorResponse("error processing request in ". self::class); // Oh my PHP!
            $response = Response::serverErrorResponse("error processing request in ". static::class);
        }
        return $response;
    }
Zohten's avatar
refactoring
309e903b
 
Zohten committed
43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 

    /**
    * Authentificate a user if he has the same id as the one in token, bypassed by admin
    *
    * @param    int    $id    id of the User
    * @return    Response
    */
    public function authUser($id, $perm='user&admin'){
        // Token phase
        $verifyArray = $this->request->verifyJwtToken();
        if ($verifyArray['message']!=="Valid token.") {
            $message = json_encode($verifyArray['error']);
            return Response::unauthorizedResponse($message);
        }

        // Auth phase
        $data = $verifyArray['decodedJWT']->data;
        switch ($perm) {
            case 'user&admin':
                if (($data->id != $id) && ($data->role != 2)) {
                    $message = json_encode(["message" => "You don't have access to this ressource."]);
                    return Response::unauthorizedResponse($message);
                }
            case 'admin':
                if (($data->role != 2)) {
                    $message = json_encode(["message" => "You are not admin."]);
                    return Response::unauthorizedResponse($message);
                }
            case 'validtoken':
                break;
        }
        $message = json_encode(["message" => "Authentified."]);
        return Response::okResponse($message);
    }
Zohten's avatar
prettier fix
e66ffa47
 
Zohten committed
77 
}