49c8f28576146250cfa595dd8d98b34a35884174
[Packages/TYPO3.CMS.git] / typo3 / sysext / extbase / Classes / Mvc / Web / RequestBuilder.php
1 <?php
2 namespace TYPO3\CMS\Extbase\Mvc\Web;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use Psr\Http\Message\ServerRequestInterface;
18 use TYPO3\CMS\Core\Routing\PageArguments;
19 use TYPO3\CMS\Core\Utility\ArrayUtility;
20 use TYPO3\CMS\Core\Utility\Exception\MissingArrayPathException;
21 use TYPO3\CMS\Extbase\Configuration\ConfigurationManagerInterface;
22 use TYPO3\CMS\Extbase\Mvc\Exception as MvcException;
23
24 /**
25 * Builds a web request.
26 * @internal only to be used within Extbase, not part of TYPO3 Core API.
27 */
28 class RequestBuilder implements \TYPO3\CMS\Core\SingletonInterface
29 {
30 /**
31 * @var \TYPO3\CMS\Extbase\Object\ObjectManagerInterface
32 */
33 protected $objectManager;
34
35 /**
36 * This is a unique key for a plugin (not the extension key!)
37 *
38 * @var string
39 */
40 protected $pluginName = 'plugin';
41
42 /**
43 * The name of the extension (in UpperCamelCase)
44 *
45 * @var string
46 */
47 protected $extensionName;
48
49 /**
50 * The class name of the default controller
51 *
52 * @var string
53 */
54 private $defaultControllerClassName;
55
56 /**
57 * The default controller name
58 *
59 * @var string
60 */
61 protected $defaultControllerName = '';
62
63 /**
64 * The default format of the response object
65 *
66 * @var string
67 */
68 protected $defaultFormat = 'html';
69
70 /**
71 * The allowed actions of the controller. This actions can be called via $_GET and $_POST.
72 *
73 * @var array
74 */
75 protected $allowedControllerActions = [];
76
77 /**
78 * @var \TYPO3\CMS\Extbase\Configuration\ConfigurationManagerInterface
79 */
80 protected $configurationManager;
81
82 /**
83 * @var \TYPO3\CMS\Extbase\Service\ExtensionService
84 */
85 protected $extensionService;
86
87 /**
88 * @var \TYPO3\CMS\Extbase\Service\EnvironmentService
89 */
90 protected $environmentService;
91
92 /**
93 * @var array
94 */
95 private $controllerAliasToClassMapping = [];
96
97 /**
98 * @var array
99 */
100 private $controllerClassToAliasMapping = [];
101
102 /**
103 * @var array|string[]
104 */
105 private $allowedControllerAliases = [];
106
107 /**
108 * @param \TYPO3\CMS\Extbase\Object\ObjectManagerInterface $objectManager
109 */
110 public function injectObjectManager(\TYPO3\CMS\Extbase\Object\ObjectManagerInterface $objectManager)
111 {
112 $this->objectManager = $objectManager;
113 }
114
115 /**
116 * @param \TYPO3\CMS\Extbase\Configuration\ConfigurationManagerInterface $configurationManager
117 */
118 public function injectConfigurationManager(\TYPO3\CMS\Extbase\Configuration\ConfigurationManagerInterface $configurationManager)
119 {
120 $this->configurationManager = $configurationManager;
121 }
122
123 /**
124 * @param \TYPO3\CMS\Extbase\Service\ExtensionService $extensionService
125 */
126 public function injectExtensionService(\TYPO3\CMS\Extbase\Service\ExtensionService $extensionService)
127 {
128 $this->extensionService = $extensionService;
129 }
130
131 /**
132 * @param \TYPO3\CMS\Extbase\Service\EnvironmentService $environmentService
133 */
134 public function injectEnvironmentService(\TYPO3\CMS\Extbase\Service\EnvironmentService $environmentService)
135 {
136 $this->environmentService = $environmentService;
137 }
138
139 /**
140 * @throws MvcException
141 * @see \TYPO3\CMS\Extbase\Core\Bootstrap::initializeConfiguration
142 */
143 protected function loadDefaultValues()
144 {
145 // todo: See comment in \TYPO3\CMS\Extbase\Core\Bootstrap::initializeConfiguration for further explanation
146 // todo: on why we shouldn't use the configuration manager here.
147 $configuration = $this->configurationManager->getConfiguration(ConfigurationManagerInterface::CONFIGURATION_TYPE_FRAMEWORK);
148 if (empty($configuration['extensionName'])) {
149 throw new MvcException('"extensionName" is not properly configured. Request can\'t be dispatched!', 1289843275);
150 }
151 if (empty($configuration['pluginName'])) {
152 throw new MvcException('"pluginName" is not properly configured. Request can\'t be dispatched!', 1289843277);
153 }
154 $this->extensionName = $configuration['extensionName'];
155 $this->pluginName = $configuration['pluginName'];
156 $defaultControllerConfiguration = reset($configuration['controllerConfiguration']) ?? [];
157 $this->defaultControllerClassName = $defaultControllerConfiguration['className'] ?? null;
158 $this->defaultControllerName = $defaultControllerConfiguration['alias'] ?? null;
159 $this->allowedControllerActions = [];
160 foreach ($configuration['controllerConfiguration'] as $controllerClassName => $controllerConfiguration) {
161 $this->allowedControllerActions[$controllerClassName] = $controllerConfiguration['actions'] ?? null;
162 $this->controllerAliasToClassMapping[$controllerConfiguration['alias']] = $controllerConfiguration['className'];
163 $this->controllerClassToAliasMapping[$controllerConfiguration['className']] = $controllerConfiguration['alias'];
164 $this->allowedControllerAliases[] = $controllerConfiguration['alias'];
165 }
166 if (!empty($configuration['format'])) {
167 $this->defaultFormat = $configuration['format'];
168 }
169 }
170
171 /**
172 * Builds a web request object from the raw HTTP information and the configuration
173 *
174 * @return \TYPO3\CMS\Extbase\Mvc\Web\Request The web request as an object
175 */
176 public function build()
177 {
178 $this->loadDefaultValues();
179 $pluginNamespace = $this->extensionService->getPluginNamespace($this->extensionName, $this->pluginName);
180 /** @var \TYPO3\CMS\Core\Http\ServerRequest $typo3Request */
181 $typo3Request = $GLOBALS['TYPO3_REQUEST'] ?? null;
182 if ($typo3Request instanceof ServerRequestInterface) {
183 $queryArguments = $typo3Request->getAttribute('routing');
184 if ($queryArguments instanceof PageArguments) {
185 $getParameters = $queryArguments->get($pluginNamespace) ?? [];
186 } else {
187 $getParameters = $typo3Request->getQueryParams()[$pluginNamespace] ?? [];
188 }
189 $bodyParameters = $typo3Request->getParsedBody()[$pluginNamespace] ?? [];
190 $parameters = $getParameters;
191 ArrayUtility::mergeRecursiveWithOverrule($parameters, $bodyParameters);
192 } else {
193 $parameters = \TYPO3\CMS\Core\Utility\GeneralUtility::_GPmerged($pluginNamespace);
194 }
195
196 $files = $this->untangleFilesArray($_FILES);
197 if (is_array($files[$pluginNamespace] ?? null)) {
198 $parameters = array_replace_recursive($parameters, $files[$pluginNamespace]);
199 }
200
201 $controllerClassName = $this->resolveControllerClassName($parameters);
202 $actionName = $this->resolveActionName($controllerClassName, $parameters);
203
204 $baseUri = \TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_SITE_URL');
205 if ($this->environmentService->isEnvironmentInBackendMode()) {
206 $baseUri .= TYPO3_mainDir;
207 }
208
209 /** @var \TYPO3\CMS\Extbase\Mvc\Web\Request $request */
210 $request = $this->objectManager->get(\TYPO3\CMS\Extbase\Mvc\Web\Request::class);
211 $request->setPluginName($this->pluginName);
212 $request->setControllerExtensionName($this->extensionName);
213 $request->setControllerAliasToClassNameMapping($this->controllerAliasToClassMapping);
214 $request->setControllerName($this->controllerClassToAliasMapping[$controllerClassName]);
215 $request->setControllerActionName($actionName);
216 // @todo Use Environment
217 $request->setRequestUri(\TYPO3\CMS\Core\Utility\GeneralUtility::getIndpEnv('TYPO3_REQUEST_URL'));
218 $request->setBaseUri($baseUri);
219 $request->setMethod($this->environmentService->getServerRequestMethod());
220 if (isset($parameters['format']) && is_string($parameters['format']) && $parameters['format'] !== '') {
221 $request->setFormat(filter_var($parameters['format'], FILTER_SANITIZE_STRING));
222 } else {
223 $request->setFormat($this->defaultFormat);
224 }
225 foreach ($parameters as $argumentName => $argumentValue) {
226 $request->setArgument($argumentName, $argumentValue);
227 }
228 return $request;
229 }
230
231 /**
232 * Returns the current ControllerName extracted from given $parameters.
233 * If no controller is specified, the defaultControllerName will be returned.
234 * If that's not available, an exception is thrown.
235 *
236 * @param array $parameters
237 * @throws \TYPO3\CMS\Extbase\Mvc\Exception\InvalidControllerNameException
238 * @throws MvcException if the controller could not be resolved
239 * @throws \TYPO3\CMS\Core\Error\Http\PageNotFoundException
240 * @return string
241 */
242 protected function resolveControllerClassName(array $parameters)
243 {
244 if (!isset($parameters['controller']) || $parameters['controller'] === '') {
245 if (empty($this->defaultControllerClassName)) {
246 throw new MvcException('The default controller for extension "' . $this->extensionName . '" and plugin "' . $this->pluginName . '" can not be determined. Please check for TYPO3\\CMS\\Extbase\\Utility\\ExtensionUtility::configurePlugin() in your ext_localconf.php.', 1316104317);
247 }
248 return $this->defaultControllerClassName;
249 }
250 $controllerClassName = $this->controllerAliasToClassMapping[$parameters['controller']] ?? '';
251 if (!in_array($controllerClassName, array_keys($this->allowedControllerActions))) {
252 $configuration = $this->configurationManager->getConfiguration(ConfigurationManagerInterface::CONFIGURATION_TYPE_FRAMEWORK);
253 if (isset($configuration['mvc']['throwPageNotFoundExceptionIfActionCantBeResolved']) && (bool)$configuration['mvc']['throwPageNotFoundExceptionIfActionCantBeResolved']) {
254 throw new \TYPO3\CMS\Core\Error\Http\PageNotFoundException('The requested resource was not found', 1313857897);
255 }
256 if (isset($configuration['mvc']['callDefaultActionIfActionCantBeResolved']) && (bool)$configuration['mvc']['callDefaultActionIfActionCantBeResolved']) {
257 return $this->defaultControllerClassName;
258 }
259 throw new \TYPO3\CMS\Extbase\Mvc\Exception\InvalidControllerNameException(
260 'The controller "' . $parameters['controller'] . '" is not allowed by plugin "' . $this->pluginName . '". Please check for TYPO3\\CMS\\Extbase\\Utility\\ExtensionUtility::configurePlugin() in your ext_localconf.php.',
261 1313855173
262 );
263 }
264 return filter_var($controllerClassName, FILTER_SANITIZE_STRING);
265 }
266
267 /**
268 * Returns the current actionName extracted from given $parameters.
269 * If no action is specified, the defaultActionName will be returned.
270 * If that's not available or the specified action is not defined in the current plugin, an exception is thrown.
271 *
272 * @param string $controllerClassName
273 * @param array $parameters
274 * @throws \TYPO3\CMS\Extbase\Mvc\Exception\InvalidActionNameException
275 * @throws MvcException
276 * @throws \TYPO3\CMS\Core\Error\Http\PageNotFoundException
277 * @return string
278 */
279 protected function resolveActionName($controllerClassName, array $parameters)
280 {
281 $defaultActionName = is_array($this->allowedControllerActions[$controllerClassName]) ? current($this->allowedControllerActions[$controllerClassName]) : '';
282 if (!isset($parameters['action']) || $parameters['action'] === '') {
283 if ($defaultActionName === '') {
284 throw new MvcException('The default action can not be determined for controller "' . $controllerClassName . '". Please check TYPO3\\CMS\\Extbase\\Utility\\ExtensionUtility::configurePlugin() in your ext_localconf.php.', 1295479651);
285 }
286 return $defaultActionName;
287 }
288 $actionName = $parameters['action'];
289 $allowedActionNames = $this->allowedControllerActions[$controllerClassName];
290 if (!in_array($actionName, $allowedActionNames)) {
291 $configuration = $this->configurationManager->getConfiguration(ConfigurationManagerInterface::CONFIGURATION_TYPE_FRAMEWORK);
292 if (isset($configuration['mvc']['throwPageNotFoundExceptionIfActionCantBeResolved']) && (bool)$configuration['mvc']['throwPageNotFoundExceptionIfActionCantBeResolved']) {
293 throw new \TYPO3\CMS\Core\Error\Http\PageNotFoundException('The requested resource was not found', 1313857898);
294 }
295 if (isset($configuration['mvc']['callDefaultActionIfActionCantBeResolved']) && (bool)$configuration['mvc']['callDefaultActionIfActionCantBeResolved']) {
296 return $defaultActionName;
297 }
298 throw new \TYPO3\CMS\Extbase\Mvc\Exception\InvalidActionNameException('The action "' . $actionName . '" (controller "' . $controllerClassName . '") is not allowed by this plugin. Please check TYPO3\\CMS\\Extbase\\Utility\\ExtensionUtility::configurePlugin() in your ext_localconf.php.', 1313855175);
299 }
300 return filter_var($actionName, FILTER_SANITIZE_STRING);
301 }
302
303 /**
304 * Transforms the convoluted _FILES superglobal into a manageable form.
305 *
306 * @param array $convolutedFiles The _FILES superglobal
307 * @return array Untangled files
308 */
309 protected function untangleFilesArray(array $convolutedFiles)
310 {
311 $untangledFiles = [];
312 $fieldPaths = [[]];
313 foreach ($convolutedFiles as $firstLevelFieldName => $fieldInformation) {
314 if (!is_array($fieldInformation['error'])) {
315 $fieldPaths[] = [[$firstLevelFieldName]];
316 } else {
317 $newFieldPaths = $this->calculateFieldPaths($fieldInformation['error'], $firstLevelFieldName);
318 array_walk($newFieldPaths, function (&$value, $key) {
319 $value = explode('/', $value);
320 });
321 $fieldPaths[] = $newFieldPaths;
322 }
323 }
324 $fieldPaths = array_merge(...$fieldPaths);
325 foreach ($fieldPaths as $fieldPath) {
326 if (count($fieldPath) === 1) {
327 $fileInformation = $convolutedFiles[$fieldPath[0]];
328 } else {
329 $fileInformation = [];
330 foreach ($convolutedFiles[$fieldPath[0]] as $key => $subStructure) {
331 try {
332 $fileInformation[$key] = ArrayUtility::getValueByPath($subStructure, array_slice($fieldPath, 1));
333 } catch (MissingArrayPathException $e) {
334 // do nothing if the path is invalid
335 }
336 }
337 }
338 $untangledFiles = ArrayUtility::setValueByPath($untangledFiles, $fieldPath, $fileInformation);
339 }
340 return $untangledFiles;
341 }
342
343 /**
344 * Returns an array of all possibles "field paths" for the given array.
345 *
346 * @param array $structure The array to walk through
347 * @param string $firstLevelFieldName
348 * @return array An array of paths (as strings) in the format "key1/key2/key3" ...
349 */
350 protected function calculateFieldPaths(array $structure, $firstLevelFieldName = null)
351 {
352 $fieldPaths = [];
353 if (is_array($structure)) {
354 foreach ($structure as $key => $subStructure) {
355 $fieldPath = ($firstLevelFieldName !== null ? $firstLevelFieldName . '/' : '') . $key;
356 if (is_array($subStructure)) {
357 foreach ($this->calculateFieldPaths($subStructure) as $subFieldPath) {
358 $fieldPaths[] = $fieldPath . '/' . $subFieldPath;
359 }
360 } else {
361 $fieldPaths[] = $fieldPath;
362 }
363 }
364 }
365 return $fieldPaths;
366 }
367 }