5c6c90be9f49d023e0df3e8824e95f0c204ee575
[Packages/TYPO3.CMS.git] / t3lib / extjs / class.t3lib_extjs_extdirectrouter.php
1 <?php
2 /***************************************************************
3 * Copyright notice
4 *
5 * (c) 2010-2011 Sebastian Kurfürst <sebastian@typo3.org>
6 * (c) 2010-2011 Stefan Galinski <stefan.galinski@gmail.com>
7 * All rights reserved
8 *
9 * This script is part of the TYPO3 project. The TYPO3 project is
10 * free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * The GNU General Public License can be found at
16 * http://www.gnu.org/copyleft/gpl.html.
17 * A copy is found in the textfile GPL.txt and important notices to the license
18 * from the author is found in LICENSE.txt distributed with these scripts.
19 *
20 *
21 * This script is distributed in the hope that it will be useful,
22 * but WITHOUT ANY WARRANTY; without even the implied warranty of
23 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 * GNU General Public License for more details.
25 *
26 * This copyright notice MUST APPEAR in all copies of the script!
27 ***************************************************************/
28
29 /**
30 * Ext Direct Router
31 *
32 * @author Sebastian Kurfürst <sebastian@typo3.org>
33 * @author Stefan Galinski <stefan.galinski@gmail.com>
34 * @package TYPO3
35 */
36 class t3lib_extjs_ExtDirectRouter {
37 /**
38 * Dispatches the incoming calls to methods about the ExtDirect API.
39 *
40 * @param aray $ajaxParams ajax parameters
41 * @param TYPO3AJAX $ajaxObj typo3ajax instance
42 * @return void
43 */
44 public function route($ajaxParams, TYPO3AJAX $ajaxObj) {
45 $GLOBALS['error'] = t3lib_div::makeInstance('t3lib_extjs_ExtDirectDebug');
46
47 $isForm = FALSE;
48 $isUpload = FALSE;
49 $rawPostData = file_get_contents('php://input');
50 $postParameters = t3lib_div::_POST();
51 $namespace = t3lib_div::_GET('namespace');
52 $response = array();
53 $request = NULL;
54
55 if (!empty($postParameters['extAction'])) {
56 $isForm = TRUE;
57 $isUpload = $postParameters['extUpload'] === 'true';
58
59 $request = new stdClass;
60 $request->action = $postParameters['extAction'];
61 $request->method = $postParameters['extMethod'];
62 $request->tid = $postParameters['extTID'];
63
64 unset($_POST['securityToken']);
65 $request->data = array($_POST + $_FILES);
66 $request->data[] = $postParameters['securityToken'];
67 } elseif (!empty($rawPostData)) {
68 $request = json_decode($rawPostData);
69 } else {
70 $response[] = array(
71 'type' => 'exception',
72 'message' => 'Something went wrong with an ExtDirect call!'
73 );
74 }
75
76 if (!is_array($request)) {
77 $request = array($request);
78 }
79
80 $backendUserExists = is_object($GLOBALS['BE_USER']);
81 $validToken = !$backendUserExists;
82 $firstCall = TRUE;
83 foreach ($request as $index => $singleRequest) {
84 $response[$index] = array(
85 'tid' => $singleRequest->tid,
86 'action' => $singleRequest->action,
87 'method' => $singleRequest->method
88 );
89
90 $token = array_pop($singleRequest->data);
91 if ($firstCall && $backendUserExists) {
92 $firstCall = FALSE;
93 $formprotection = t3lib_formprotection_Factory::get('t3lib_formprotection_BackendFormProtection');
94 $validToken = $formprotection->validateToken($token, 'extDirect');
95 }
96
97 try {
98 if (!$validToken) {
99 throw new t3lib_formprotection_InvalidTokenException('ExtDirect: Invalid Security Token!');
100 }
101
102 $response[$index]['type'] = 'rpc';
103 $response[$index]['result'] = $this->processRpc($singleRequest, $namespace);
104 $response[$index]['debug'] = $GLOBALS['error']->toString();
105
106 } catch (Exception $exception) {
107 $response[$index]['type'] = 'exception';
108 $response[$index]['message'] = $exception->getMessage();
109 $response[$index]['where'] = $exception->getTraceAsString();
110 }
111 }
112
113 if ($isForm && $isUpload) {
114 $ajaxObj->setContentFormat('plain');
115 $response = json_encode($response);
116 $response = preg_replace('/&quot;/', '\\&quot;', $response);
117
118 $response = array(
119 '<html><body><textarea>' .
120 $response .
121 '</textarea></body></html>'
122 );
123 } else {
124 $ajaxObj->setContentFormat('jsonbody');
125 }
126
127 $ajaxObj->setContent($response);
128 }
129
130
131 /**
132 * Processes an incoming extDirect call by executing the defined method. The configuration
133 * array "$GLOBALS['TYPO3_CONF_VARS']['BE']['ExtDirect']" is taken to find the class/method
134 * information.
135 *
136 * @param object $singleRequest request object from extJS
137 * @param string $namespace namespace like TYPO3.Backend
138 * @throws UnexpectedValueException if the remote method couldn't be found
139 * @return mixed return value of the called method
140 */
141 protected function processRpc($singleRequest, $namespace) {
142 $endpointName = $namespace . '.' . $singleRequest->action;
143
144 // theoretically this can never happen, because of an javascript error on
145 // the client side due the missing namespace/endpoint
146 if (!isset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect'][$endpointName])) {
147 throw new UnexpectedValueException('ExtDirect: Call to undefined endpoint: ' . $endpointName);
148 }
149
150 $endpointObject = t3lib_div::getUserObj(
151 $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ExtDirect'][$endpointName],
152 FALSE
153 );
154
155 return call_user_func_array(
156 array($endpointObject, $singleRequest->method),
157 is_array($singleRequest->data) ? $singleRequest->data : array()
158 );
159 }
160 }
161
162 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/extjs/class.t3lib_extjs_extdirectrouter.php'])) {
163 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['t3lib/extjs/class.t3lib_extjs_extdirectrouter.php']);
164 }
165
166 ?>