[TASK] Re-work/simplify copyright header in PHP files - Part 2
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Classes / ExtDirect / ExtDirectRouter.php
1 <?php
2 namespace TYPO3\CMS\Core\ExtDirect;
3
4 /**
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16 /**
17 * Ext Direct Router
18 *
19 * @author Sebastian Kurf├╝rst <sebastian@typo3.org>
20 * @author Stefan Galinski <stefan.galinski@gmail.com>
21 */
22 class ExtDirectRouter {
23
24 /**
25 * Dispatches the incoming calls to methods about the ExtDirect API.
26 *
27 * @param aray $ajaxParams Ajax parameters
28 * @param \TYPO3\CMS\Core\Http\AjaxRequestHandler $ajaxObj Ajax object
29 * @return void
30 */
31 public function route($ajaxParams, \TYPO3\CMS\Core\Http\AjaxRequestHandler $ajaxObj) {
32 $GLOBALS['error'] = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\ExtDirect\\ExtDirectDebug');
33 $isForm = FALSE;
34 $isUpload = FALSE;
35 $rawPostData = file_get_contents('php://input');
36 $postParameters = \TYPO3\CMS\Core\Utility\GeneralUtility::_POST();
37 $namespace = \TYPO3\CMS\Core\Utility\GeneralUtility::_GET('namespace');
38 $response = array();
39 $request = NULL;
40 $isValidRequest = TRUE;
41 if (!empty($postParameters['extAction'])) {
42 $isForm = TRUE;
43 $isUpload = $postParameters['extUpload'] === 'true';
44 $request = new \stdClass();
45 $request->action = $postParameters['extAction'];
46 $request->method = $postParameters['extMethod'];
47 $request->tid = $postParameters['extTID'];
48 unset($_POST['securityToken']);
49 $request->data = array($_POST + $_FILES);
50 $request->data[] = $postParameters['securityToken'];
51 } elseif (!empty($rawPostData)) {
52 $request = json_decode($rawPostData);
53 } else {
54 $response[] = array(
55 'type' => 'exception',
56 'message' => 'Something went wrong with an ExtDirect call!',
57 'code' => 'router'
58 );
59 $isValidRequest = FALSE;
60 }
61 if (!is_array($request)) {
62 $request = array($request);
63 }
64 if ($isValidRequest) {
65 $validToken = FALSE;
66 $firstCall = TRUE;
67 foreach ($request as $index => $singleRequest) {
68 $response[$index] = array(
69 'tid' => $singleRequest->tid,
70 'action' => $singleRequest->action,
71 'method' => $singleRequest->method
72 );
73 $token = array_pop($singleRequest->data);
74 if ($firstCall) {
75 $firstCall = FALSE;
76 $formprotection = \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::get();
77 $validToken = $formprotection->validateToken($token, 'extDirect');
78 }
79 try {
80 if (!$validToken) {
81 throw new \TYPO3\CMS\Core\FormProtection\Exception('ExtDirect: Invalid Security Token!');
82 }
83 $response[$index]['type'] = 'rpc';
84 $response[$index]['result'] = $this->processRpc($singleRequest, $namespace);
85 $response[$index]['debug'] = $GLOBALS['error']->toString();
86 } catch (\Exception $exception) {
87 $response[$index]['type'] = 'exception';
88 $response[$index]['message'] = $exception->getMessage();
89 $response[$index]['code'] = 'router';
90 }
91 }
92 }
93 if ($isForm && $isUpload) {
94 $ajaxObj->setContentFormat('plain');
95 $response = json_encode($response);
96 $response = preg_replace('/&quot;/', '\\&quot;', $response);
97 $response = array(
98 '<html><body><textarea>' . $response . '</textarea></body></html>'
99 );
100 } else {
101 $ajaxObj->setContentFormat('jsonbody');
102 }
103 $ajaxObj->setContent($response);
104 }
105
106 /**
107 * Processes an incoming extDirect call by executing the defined method. The configuration
108 * array "$GLOBALS['TYPO3_CONF_VARS']['BE']['ExtDirect']" is taken to find the class/method
109 * information.
110 *
111 * @param object $singleRequest request object from extJS
112 * @param string $namespace namespace like TYPO3.Backend
113 * @return mixed return value of the called method
114 * @throws UnexpectedValueException if the remote method couldn't be found
115 */
116 protected function processRpc($singleRequest, $namespace) {
117 $endpointName = $namespace . '.' . $singleRequest->action;
118 if (!isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect'][$endpointName])) {
119 throw new \UnexpectedValueException('ExtDirect: Call to undefined endpoint: ' . $endpointName, 1294586450);
120 }
121 if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect'][$endpointName])) {
122 if (!isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect'][$endpointName]['callbackClass'])) {
123 throw new \UnexpectedValueException('ExtDirect: Call to undefined endpoint: ' . $endpointName, 1294586451);
124 }
125 $callbackClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect'][$endpointName]['callbackClass'];
126 $configuration = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect'][$endpointName];
127 if (!is_null($configuration['moduleName']) && !is_null($configuration['accessLevel'])) {
128 $GLOBALS['BE_USER']->modAccess(array(
129 'name' => $configuration['moduleName'],
130 'access' => $configuration['accessLevel']
131 ), TRUE);
132 }
133 }
134 $endpointObject = \TYPO3\CMS\Core\Utility\GeneralUtility::getUserObj($callbackClass, FALSE);
135 return call_user_func_array(array($endpointObject, $singleRequest->method), is_array($singleRequest->data) ? $singleRequest->data : array());
136 }
137
138 }