API Documentation
Back to top  

AdminAccessController

Extends \AdminHttpViewController

Class AdminAccessController

This class contains some helper methods for handling view requests. Be careful always when outputting raw user data to HTML or when handling POST requests because insufficient protection will lead to XSS and CSRF vulnerabilities.

category

System
package

AdminHttpViewControllers

Methods

__construct

__construct(\HttpContextReaderInterface $httpContextReader, \HttpResponseProcessorInterface $httpResponseProcessor, \ContentViewInterface $defaultContentView)
inherited

Arguments

$httpContextReader

\HttpContextReaderInterface

$httpResponseProcessor

\HttpResponseProcessorInterface

$defaultContentView

\ContentViewInterface

Appends group children to a given group array.

_appendGroupChildrenToGroupsArray(array $children, array &$groupsArray, integer $parentId)

Arguments

$children

array

$groupsArray

array

$parentId

integer

Invokes an action method by the given action name.

_callActionMethod(string $actionName) : \HttpControllerResponseInterface
inherited
Throws
\LogicException

If no action method of the given name exists.

Arguments

$actionName

string

Name of action method to call, without 'action'-Suffix.

Response

\HttpControllerResponseInterface

Response message.

Creates the content navigation object for the admin access pages.

_createContentNavigation(string $currentSection = '') : \ContentNavigationCollection

Arguments

$currentSection

string

Defines the current navigation item.

Response

\ContentNavigationCollection

Returns the db data for an admin by its given id.

_getAdminById(integer $adminId) : array

Arguments

$adminId

integer

Response

array

Returns the necessary information to provide the elements actions for the admin edit page.

_getAdminEditsListElementActions() : array

Response

array

Returns the necessary information of the admin roles for the admin edit page.

_getAdminEditsListItems( $adminId) : array

Arguments

$adminId

Response

array

Returns the necessary information to provide the elements actions for the admins overview listing.

_getAdminsOverviewsListElementActions() : array

Response

array

Returns the necessary information of all admins to generate the overview listing.

_getAdminsOverviewsListItems() : array

Response

array

Returns the assets for the admin access pages.

_getAssets() : \AssetCollection

Response

\AssetCollection

Returns the necessary information of all global role permissions to generate the overview listing, such as API access and Gambio Admin Web UI access

_getGlobalPermissonsOverviewListItems( $roleId) : array
Throws
\GroupNotFoundException

Arguments

$roleId

Response

array

Returns the necessary group collection with the right sorting to generate the permission overview listing.

_getPermissionOverviewsGroupCollection() : \AdminAccessGroupCollection

Response

\AdminAccessGroupCollection

Returns the necessary information of all role permissions to generate the overview listing.

_getPermissionsOverviewsListItems(integer $roleId) : array
Throws
\GroupNotFoundException

Arguments

$roleId

integer

Response

array

Returns the expected $_POST value by the given key name.

_getPostData(string $keyName) : string|null
inherited

This method is the object oriented layer for $_POST[$keyName].

Arguments

$keyName

string

Expected key of post parameter.

Response

string|null

Either the expected value or null, of not found.

Creates and returns a key value collection which represent the global $_POST array.

_getPostDataCollection() : \KeyValueCollection
inherited

Response

\KeyValueCollection

Returns the expected $_GET value by the given key name.

_getQueryParameter(string $keyName) : mixed|null
inherited

This method is the object oriented layer for $_GET[$keyName].

Arguments

$keyName

string

Expected key of query parameter.

Response

mixed|null

Either the expected value or null, of not found.

Creates and returns a key value collection which represent the global $_GET array.

_getQueryParametersCollection() : \KeyValueCollection
inherited

Response

\KeyValueCollection

Returns the db data for an role by its given id.

_getRoleById(integer $roleId) : array

Arguments

$roleId

integer

Response

array

Returns the necessary information to provide the action for the roles overview listing.

_getRolesOverviewsListAction() : array

Response

array

Returns the necessary information of all admin roles to generate the overview listing.

_getRolesOverviewsListItems() : array

Response

array

Returns the expected $_SERVER value by the given key name.

_getServerData(string $keyName) : string|null
inherited

This method is the object oriented layer for $_SERVER[$keyName].

Arguments

$keyName

string

Expected key of server parameter.

Response

string|null

Either the expected value or null, of not found.

Grants all permission to a given role.

_grantAllPermissionsForRole( $type,  $roleId)
Throws
\GroupNotFoundException

Arguments

$type

$roleId

Renders and returns a template file.

_render(string $templateFile, array $contentArray) : string
inherited

Arguments

$templateFile

string

Template file to render.

$contentArray

array

Content array which represent the variables of the template.

Response

string

Rendered template.

Creates and returns an AdminLayoutHttpControllerResponse.

_returnHttpResponse(string $title = '', string $template = 'overview.html', array $templateData = array(), string $currentSection = '') : \AdminLayoutHttpControllerResponse

Arguments

$title

string

$template

string

$templateData

array

$currentSection

string

Response

\AdminLayoutHttpControllerResponse

Saves the the given role assignments of an admin.

_updateAssignedRolesForAdmin( $adminId, array $assignedRoles)

Arguments

$adminId

$assignedRoles

array

Updates the given permissions of an admin.

_updatePermissionsForRole( $type,  $roleId, array $grantedGroups)
Throws
\GroupNotFoundException

Arguments

$type

$roleId

$grantedGroups

array

Updates the permission for unknown groups of a role by a given value.

_updateUnknownPermissionsForRole( $type,  $roleId,  $value)

Arguments

$type

$roleId

$value

Check if the $_POST['pageToken'] or $_GET['pageToken'] variable is provided and if it's valid.

_validatePageToken(string $customExceptionMessage = null)
inherited

Example: public function proceed(HttpContextInterface $httpContext) { parent::proceed($httpContext); // proceed http context from parent class if($_SERVER['REQUEST_METHOD'] === 'POST') { $this->_validatePageToken(); // CSRF Protection } }

Throws
\Exception

If the validation fails.

Arguments

$customExceptionMessage

string

(optional) You can specify a custom exception message.

Saves the assignment of the roles and redirects to the role assignment page.

actionAssignRoles() : \RedirectHttpControllerResponse

Response

\RedirectHttpControllerResponse

Default action method.

actionDefault() : \HttpControllerResponseInterface
inherited

Every controller child class requires at least the default action method, which is invoked when the ::_getQueryParameterData('do') value is not separated by a trailing slash.

Every action method have to return an instance which implements the http controller response interface.

Response

\HttpControllerResponseInterface

Renders the admin access to edit the admins.

actionEditAdmin() : \AdminLayoutHttpControllerResponse

Response

\AdminLayoutHttpControllerResponse

Renders the admin access to manage the admins.

actionManageAdmins() : \AdminLayoutHttpControllerResponse

Response

\AdminLayoutHttpControllerResponse

Renders the admin access to edit the roles.

actionManagePermissions() : \AdminLayoutHttpControllerResponse

Response

\AdminLayoutHttpControllerResponse

Renders the admin access to manage the admins.

actionManageRoles() : \AdminLayoutHttpControllerResponse

Response

\AdminLayoutHttpControllerResponse

Saves the granted and revoked permissions and redirects to the permission management page.

actionSavePermissions() : \RedirectHttpControllerResponse

Response

\RedirectHttpControllerResponse

Searches the GXModules directory and admin/html directory for a template file, wich can be useed inside the AdminLayoutHttpControllerResponse object for the template parameter.

getTemplateFile(string $templateFile) : \ExistingFile
inherited
Throws
\Exception

if the path or file is not found

Arguments

$templateFile

string

The relative path and filename to search for

Response

\ExistingFile

containing absolute file path to the given template file

Initialize Controller

init()

Processes a http response object which is get by invoking an action method.

proceed(\HttpContextInterface $httpContext)
inherited

The action method is determined by the http context reader instance and the current request context. Re-implement this method in child classes to enable XSS and CSRF protection on demand.

see \HttpResponseProcessorInterface::proceed \HttpContextReaderInterface::getActionName
Throws
\LogicException

When no action method is found by the http context reader.

Arguments

$httpContext

\HttpContextInterface

Http context object which hold the request variables.

Makes sure that the admin status is currently given in session

validateCurrentAdminStatus()
inherited
Throws
\LogicException

Properties

adminAccessService

adminAccessService : \AdminAccessService
var

Type(s)

\AdminAccessService

db

db : \CI_DB_query_builder
var

Type(s)

\CI_DB_query_builder

languageTextManager

languageTextManager : \LanguageTextManager
var

Type(s)

\LanguageTextManager

languageProvider

languageProvider : \LanguageProvider
var

Type(s)

\LanguageProvider

templatePath

templatePath : string
var

Type(s)

string

httpContextReader

httpContextReader : \HttpContextReaderInterface
inherited
var

Type(s)

\HttpContextReaderInterface

httpResponseProcessor

httpResponseProcessor : \HttpResponseProcessorInterface
inherited
var

Type(s)

\HttpResponseProcessorInterface

contentView

contentView : \ContentViewInterface
inherited
var

Type(s)

\ContentViewInterface

queryParametersArray

queryParametersArray : array
inherited
var

Type(s)

array

postDataArray

postDataArray : array
inherited
var

Type(s)

array

Contain the assets needed to be included in the view HTML.

assets : \AssetCollectionInterface
inherited
var

Contain the assets needed to be included in the view HTML.

Type(s)

\AssetCollectionInterface

Server data.

serverDataArray : array
inherited
var

Server data.

Type(s)

array