[TASK] Fetch folder and environment status through AJAX
[Packages/TYPO3.CMS.git] / typo3 / sysext / install / Classes / Controller / AjaxController.php
1 <?php
2 namespace TYPO3\CMS\Install\Controller;
3
4 /***************************************************************
5 * Copyright notice
6 *
7 * (c) 2013 Susanne Moog <typo3@susannemoog.de>
8 * All rights reserved
9 *
10 * This script is part of the TYPO3 project. The TYPO3 project is
11 * free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
15 *
16 * The GNU General Public License can be found at
17 * http://www.gnu.org/copyleft/gpl.html.
18 * A copy is found in the text file GPL.txt and important notices to the license
19 * from the author is found in LICENSE.txt distributed with these scripts.
20 *
21 *
22 * This script is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
26 *
27 * This copyright notice MUST APPEAR in all copies of the script!
28 ***************************************************************/
29
30 /**
31 * Install tool ajax controller, handles ajax requests
32 *
33 */
34 class AjaxController extends AbstractController {
35
36 /**
37 * @var string
38 */
39 protected $unauthorized = 'unauthorized';
40
41 /**
42 * @var array List of valid action names that need authentication
43 */
44 protected $authenticationActions = array(
45 'extensionCompatibilityTester',
46 'uninstallExtension',
47 'clearCache',
48 'coreUpdateUpdateVersionMatrix',
49 'coreUpdateIsUpdateAvailable',
50 'coreUpdateCheckPreConditions',
51 'coreUpdateDownload',
52 'coreUpdateVerifyChecksum',
53 'coreUpdateUnpack',
54 'coreUpdateMove',
55 'coreUpdateActivate',
56 'folderStatus',
57 'environmentStatus'
58 );
59
60 /**
61 * Main entry point
62 *
63 * @return void
64 */
65 public function execute() {
66 $this->loadBaseExtensions();
67 $this->initializeObjectManager();
68 // Warning: Order of these methods is security relevant and interferes with different access
69 // conditions (new/existing installation). See the single method comments for details.
70 $this->outputInstallToolNotEnabledMessageIfNeeded();
71 $this->checkInstallToolPasswordNotSet();
72 $this->initializeSession();
73 $this->checkSessionToken();
74 $this->checkSessionLifetime();
75 $this->checkLogin();
76 $this->dispatchAuthenticationActions();
77 }
78
79 /**
80 * Check whether the install tool is enabled
81 *
82 * @return void
83 */
84 protected function outputInstallToolNotEnabledMessageIfNeeded() {
85 if (!$this->isInstallToolAvailable()) {
86 $this->output($this->unauthorized);
87 }
88 }
89
90 /**
91 * Check if the install tool password is set
92 *
93 * @return void
94 */
95 protected function checkInstallToolPasswordNotSet() {
96 if (empty($GLOBALS['TYPO3_CONF_VARS']['BE']['installToolPassword'])) {
97 $this->output($this->unauthorized);
98 }
99 }
100
101 /**
102 * Check login status
103 *
104 * @return void
105 */
106 protected function checkLogin() {
107 if (!$this->session->isAuthorized()) {
108 $this->output($this->unauthorized);
109 } else {
110 $this->session->refreshSession();
111 }
112 }
113
114 /**
115 * Overwrites abstract method
116 * In contrast to abstract method, a response "you are not authorized is outputted"
117 *
118 * @param boolean $tokenOk
119 * @return void
120 */
121 protected function handleSessionTokenCheck($tokenOk) {
122 if (!$tokenOk) {
123 $this->output($this->unauthorized);
124 }
125 }
126
127 /**
128 * Overwrites abstract method
129 * In contrast to abstract method, a response "you are not authorized is outputted"
130 *
131 * @return void
132 */
133 protected function handleSessionLifeTimeExpired() {
134 $this->output($this->unauthorized);
135 }
136
137 /**
138 * Call an action that needs authentication
139 *
140 * @throws Exception
141 * @return string Rendered content
142 */
143 protected function dispatchAuthenticationActions() {
144 $action = $this->getAction();
145 if ($action === '') {
146 $this->output('noAction');
147 }
148 $this->validateAuthenticationAction($action);
149 $actionClass = ucfirst($action);
150 /** @var \TYPO3\CMS\Install\Controller\Action\ActionInterface $toolAction */
151 $toolAction = $this->objectManager->get('TYPO3\\CMS\\Install\\Controller\\Action\\Ajax\\' . $actionClass);
152 if (!($toolAction instanceof Action\ActionInterface)) {
153 throw new Exception(
154 $action . ' does not implement ActionInterface',
155 1369474308
156 );
157 }
158 $toolAction->setController('ajax');
159 $toolAction->setAction($action);
160 $toolAction->setToken($this->generateTokenForAction($action));
161 $toolAction->setPostValues($this->getPostValues());
162 $this->output($toolAction->handle());
163 }
164
165 /**
166 * Output content.
167 * WARNING: This exits the script execution!
168 *
169 * @param string $content JSON encoded content to output
170 */
171 protected function output($content = '') {
172 ob_clean();
173 header('Content-Type: application/json; charset=utf-8');
174 header('Cache-Control: no-cache, must-revalidate');
175 header('Pragma: no-cache');
176 echo $content;
177 die;
178 }
179 }