Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
0.00% |
0 / 22 |
|
0.00% |
0 / 1 |
CRAP | |
0.00% |
0 / 1 |
| IsGroupMonitor | |
0.00% |
0 / 22 |
|
0.00% |
0 / 1 |
132 | |
0.00% |
0 / 1 |
| __invoke | |
0.00% |
0 / 22 |
|
0.00% |
0 / 1 |
132 | |||
| 1 | <?php |
| 2 | /** @noinspection PhpUnhandledExceptionInspection */ |
| 3 | declare(strict_types=1); |
| 4 | // TODO unit test |
| 5 | |
| 6 | use Slim\Exception\HttpBadRequestException; |
| 7 | use Slim\Exception\HttpForbiddenException; |
| 8 | use Slim\Exception\HttpNotFoundException; |
| 9 | use Slim\Http\ServerRequest as Request; |
| 10 | use Psr\Http\Message\ResponseInterface; |
| 11 | use Psr\Http\Server\RequestHandlerInterface as RequestHandler; |
| 12 | use Slim\Routing\RouteContext; |
| 13 | |
| 14 | class IsGroupMonitor { |
| 15 | function __invoke(Request $request, RequestHandler $handler): ResponseInterface { |
| 16 | /* @var $authToken AuthToken */ |
| 17 | $authToken = $request->getAttribute('AuthToken'); |
| 18 | $routeContext = RouteContext::fromRequest($request); |
| 19 | $route = $routeContext->getRoute(); |
| 20 | $params = $route->getArguments(); |
| 21 | |
| 22 | if (isset($params['ws_id'])) { |
| 23 | if ($authToken->getWorkspaceId() !== (int) $params['ws_id']) { |
| 24 | throw new HttpNotFoundException($request, "Workspace `{$params['ws_id']}` not found."); |
| 25 | } |
| 26 | if ((int) $params['ws_id'] < 1) { |
| 27 | throw new HttpNotFoundException($request, "No valid workspace: `{$params['ws_id']}`"); |
| 28 | } |
| 29 | } |
| 30 | |
| 31 | switch ($authToken->getMode()) { |
| 32 | default: |
| 33 | throw new HttpForbiddenException($request, "Access Denied: Not in Monitor Mode."); |
| 34 | case 'monitor-group': |
| 35 | if (isset($params['group']) and ($authToken->getGroup() !== $params['group'])) { // |
| 36 | throw new HttpForbiddenException($request, "Access Denied for Group: `{$params['group']}`"); |
| 37 | } |
| 38 | $groups = [$authToken->getGroup()]; |
| 39 | break; |
| 40 | case 'monitor-study': |
| 41 | $sessionDao = new SessionDAO(); |
| 42 | $groups = $sessionDao->getGroups($authToken->getWorkspaceId()); |
| 43 | if (isset($params['group']) and !array_key_exists($params['group'], $groups)) { |
| 44 | throw new HttpForbiddenException($request, "Access Denied for Group: `{$params['group']}`"); |
| 45 | } |
| 46 | } |
| 47 | |
| 48 | return $handler->handle($request->withAttribute('groups', $groups)); |
| 49 | } |
| 50 | } |