This class contains some helper methods for handling view requests. Be careful
always when outputting raw user data to HTML or when handling POST requests because
insufficient protection will lead to XSS and CSRF vulnerabilities.
|
category
|
System
|
|
package
|
AdminHttpViewControllers
|
Methods
__construct
__construct(\HttpContextReaderInterface $httpContextReader, \HttpResponseProcessorInterface $httpResponseProcessor, \ContentViewInterface $defaultContentView)
inherited
Appends group children to a given group array.
_appendGroupChildrenToGroupsArray(array $children, array &$groupsArray, integer $parentId)
Invokes an action method by the given action name.
_callActionMethod(string $actionName) : \HttpControllerResponseInterface
inherited
| Throws |
- \LogicException
If no action method of the given name exists.
|
Arguments
$actionName
stringName of action method to call, without 'action'-Suffix.
Response
\HttpControllerResponseInterfaceResponse message.
Creates the content navigation object for the admin access pages.
_createContentNavigation(string $currentSection = '') : \ContentNavigationCollection
Returns the db data for an admin by its given id.
_getAdminById(integer $adminId) : array
Returns the necessary information to provide the elements actions for the admin edit page.
_getAdminEditsListElementActions() : array
Returns the necessary information of the admin roles for the admin edit page.
_getAdminEditsListItems( $adminId) : array
Returns the necessary information to provide the elements actions for the admins overview listing.
_getAdminsOverviewsListElementActions() : array
Returns the necessary information of all admins to generate the overview listing.
_getAdminsOverviewsListItems() : array
Returns the assets for the admin access pages.
_getAssets() : \AssetCollection
Returns the necessary information of all global role permissions to generate the overview listing, such as API
access and Gambio Admin Web UI access
_getGlobalPermissonsOverviewListItems( $roleId) : array
| Throws |
- \GroupNotFoundException
|
Arguments
Response
array
Returns the necessary group collection with the right sorting to generate the permission overview listing.
_getPermissionOverviewsGroupCollection() : \AdminAccessGroupCollection
Returns the necessary information of all role permissions to generate the overview listing.
_getPermissionsOverviewsListItems(integer $roleId) : array
| Throws |
- \GroupNotFoundException
|
Arguments
Response
array
Returns the expected $_POST value by the given key name.
_getPostData(string $keyName) : string|null
inherited
This method is the object oriented layer for $_POST[$keyName].
Arguments
$keyName
stringExpected key of post parameter.
Response
string|nullEither the expected value or null, of not found.
Creates and returns a key value collection which represent the global $_POST array.
_getPostDataCollection() : \KeyValueCollection
inherited
Returns the expected $_GET value by the given key name.
_getQueryParameter(string $keyName) : mixed|null
inherited
This method is the object oriented layer for $_GET[$keyName].
Arguments
$keyName
stringExpected key of query parameter.
Response
mixed|nullEither the expected value or null, of not found.
Creates and returns a key value collection which represent the global $_GET array.
_getQueryParametersCollection() : \KeyValueCollection
inherited
Returns the db data for an role by its given id.
_getRoleById(integer $roleId) : array
Returns the necessary information to provide the action for the roles overview listing.
_getRolesOverviewsListAction() : array
Returns the necessary information of all admin roles to generate the overview listing.
_getRolesOverviewsListItems() : array
Returns the expected $_SERVER value by the given key name.
_getServerData(string $keyName) : string|null
inherited
This method is the object oriented layer for $_SERVER[$keyName].
Arguments
$keyName
stringExpected key of server parameter.
Response
string|nullEither the expected value or null, of not found.
Grants all permission to a given role.
_grantAllPermissionsForRole( $type, $roleId)
|
|
|
| Throws |
- \GroupNotFoundException
|
Arguments
Renders and returns a template file.
_render(string $templateFile, array $contentArray) : string
inherited
Arguments
$templateFile
stringTemplate file to render.
$contentArray
arrayContent array which represent the variables of the template.
Response
stringRendered template.
Creates and returns an AdminLayoutHttpControllerResponse.
_returnHttpResponse(string $title = '', string $template = 'overview.html', array $templateData = array(), string $currentSection = '') : \AdminLayoutHttpControllerResponse
Saves the the given role assignments of an admin.
_updateAssignedRolesForAdmin( $adminId, array $assignedRoles)
Updates the given permissions of an admin.
_updatePermissionsForRole( $type, $roleId, array $grantedGroups)
|
|
|
| Throws |
- \GroupNotFoundException
|
Arguments
Updates the permission for unknown groups of a role by a given value.
_updateUnknownPermissionsForRole( $type, $roleId, $value)
Check if the $_POST['pageToken'] or $_GET['pageToken'] variable is provided and if it's valid.
_validatePageToken(string $customExceptionMessage = null)
inherited
Example:
public function proceed(HttpContextInterface $httpContext)
{
parent::proceed($httpContext); // proceed http context from parent class
if($_SERVER['REQUEST_METHOD'] === 'POST')
{
$this->_validatePageToken(); // CSRF Protection
}
}
|
|
|
| Throws |
- \Exception
If the validation fails.
|
Arguments
$customExceptionMessage
string(optional) You can specify a custom exception message.
Saves the assignment of the roles and redirects to the role assignment page.
actionAssignRoles() : \RedirectHttpControllerResponse
Default action method.
actionDefault() : \HttpControllerResponseInterface
inherited
Every controller child class requires at least the default action method, which is invoked when
the ::_getQueryParameterData('do') value is not separated by a trailing slash.
Every action method have to return an instance which implements the http controller response interface.
Response
\HttpControllerResponseInterface
Renders the admin access to edit the admins.
actionEditAdmin() : \AdminLayoutHttpControllerResponse
Renders the admin access to manage the admins.
actionManageAdmins() : \AdminLayoutHttpControllerResponse
Renders the admin access to edit the roles.
actionManagePermissions() : \AdminLayoutHttpControllerResponse
Renders the admin access to manage the admins.
actionManageRoles() : \AdminLayoutHttpControllerResponse
Saves the granted and revoked permissions and redirects to the permission management page.
actionSavePermissions() : \RedirectHttpControllerResponse
Searches the GXModules directory and admin/html directory for a template file,
wich can be useed inside the AdminLayoutHttpControllerResponse object for the template parameter.
getTemplateFile(string $templateFile) : \ExistingFile
inherited
| Throws |
- \Exception
if the path or file is not found
|
Arguments
$templateFile
stringThe relative path and filename to search for
Response
\ExistingFilecontaining absolute file path to the given template file
Initialize Controller
init()
Processes a http response object which is get by invoking an action method.
proceed(\HttpContextInterface $httpContext)
inherited
The action method is determined by the http context reader instance and the current request context.
Re-implement this method in child classes to enable XSS and CSRF protection on demand.
|
see
|
\HttpContextReaderInterface::getActionName
\HttpResponseProcessorInterface::proceed
|
|
|
|
| Throws |
- \LogicException
When no action method is found by the http context reader.
|
Arguments
Makes sure that the admin status is currently given in session
validateCurrentAdminStatus()
inherited
Properties
adminAccessService
adminAccessService : \AdminAccessService
db
db : \CI_DB_query_builder
Type(s)
\CI_DB_query_builder
languageTextManager
languageTextManager : \LanguageTextManager
Type(s)
\LanguageTextManager
languageProvider
languageProvider : \LanguageProvider
templatePath
templatePath : string
httpContextReader
httpContextReader : \HttpContextReaderInterface
inherited
httpResponseProcessor
httpResponseProcessor : \HttpResponseProcessorInterface
inherited
contentView
contentView : \ContentViewInterface
inherited
queryParametersArray
queryParametersArray : array
inherited
postDataArray
postDataArray : array
inherited
Contain the assets needed to be included in the view HTML.
assets : \AssetCollectionInterface
inherited
Server data.
serverDataArray : array
inherited