Controller.php

Go to the documentation of this file.

<?php

namespace Rsi\Fred;

class Controller extends Component{

  const TOTAL_COUNT = 'count';
  const TOTAL_SUM = 'sum';
  const TOTAL_AVG = 'avg';
  const TOTAL_MAX = 'max';
  const TOTAL_MIN = 'min';
  const TOTAL_UNIQUE = 'unique';
  const TOTAL_NULL = 'null';
  const TOTAL_NOT_NULL = 'not_null';

  public $domainRedir = []; //!< Prefered domain notation (key = domain mask regex, value = prefered domain, incl. protocol).
  public $domainRedirPermanent = false; //!< True to make a redirection permanent (HTTP status code = 301; defaults to 302).
  public $defaultWidgetNamespace = __CLASS__ . '\\Widget';
  public $defaultViewNamespace = __CLASS__ . '\\View';
  public $defaultViewType = 'html';
  public $viewClassName = null; //!< Fix the view to a certain View or Controller class (empty = same as called class).
  public $fragmentId = null;

  public $display = Controller\Widget::DISPLAY_WRITEABLE; //!< Default display mode for widgets.
  public $defaultCaption = null; //!< An asterisk will be replaced with widget ID.
  public $defaultHint = null; //!< An asterisk will be replaced with the widget ID or type.
  public $helpCaption = 'Help';
  public $errorStr = '[caption]{[!caption]{[id]}}: [error]';

  public $inactiveMessage = '[@inactiveMessage]'; //!< Message for inactive user who is redirected to login controller.

  public $clientErrorPrio = null; //!< Log client errors with this prio (empty = do not log).
  public $clientErrorBanDelay = 10; //!< Ban delay for the first error in a new session (prevent flooding via multiple
    // sessions).
  public $clientErrorMax = 25; //!< Maximum number of client errors to log in one session.

  protected $_securityChecksIgnore = []; //!< Security checks to ignore (key = action, null = default; value = array with
    // checks to ignore, true = all).
  protected $_authSets = []; //!< Possible sets of necessary authentication (array of arrays of authentication checks).
  protected $_rights = []; //!< Necessary right needed per action (key = action, null = default; value = right, optionally
    // completed with a minimal level in 'right:level' notation, or only a level relative to the default right in ':level'
    // notation).
  protected $_checkWidgets = ['default' => false,'fragment' => false,'pingAlive' => false,'clientError' => false,'featureHint' => false,'requestSocket' => false];
    //!< Widgets to check per action (key = action; value = array with ID's of widget to check; null = default, otherwise all).

  protected $_action = null;
  protected $_widgets = null;
  protected $_constraints = null;
  protected $_view = null;

  protected function init(){
    parent::init();
    $this->publish('authSets',self::READWRITE);
    if($this->action == 'default') $this->domainRedir();
  }

  protected function domainRedir(){
    if($this->domainRedir && !in_array($domain = \Rsi\Http::host(true),$this->domainRedir))
      foreach($this->domainRedir as $mask => $redir) if(preg_match($mask,$domain)){
        \Rsi\Http::redirHeader($redir . \Rsi\Record::get($_SERVER,'REQUEST_URI'),$this->domainRedirPermanent);
        $this->_fred->halt();
      }
  }

  public function clientConfig(){
    $widgets = $constraints = [];
    foreach($this->widgets as $id => $widget) $widgets[$id] = array_filter($widget->clientConfig());
    foreach($this->constraints as $constraint) $constraints[] = array_filter($constraint);
    return array_merge(parent::clientConfig(),[
      'route' => $this->route('*'),
      'widgets' => $widgets,
      'checkWidgets' => $this->_checkWidgets,
      'constraints' => $constraints
    ]);
  }
  /**
   * Add an authentication check to all sets, or create a new one if none exists.
   * @param string $name  Authentication check name.
   */
  protected function addAuth($name){
    if(!$this->_authSets) $this->_authSets[] = [$name];
    else foreach($this->_authSets as &$set) if(!in_array($name,$set)) $set[] = $name;
    unset($set);
  }
  /**
   * Remove an authentication check from all sets.
   * @param string $name  Authentication check name.
   */
  protected function removeAuth($name){
    $sets = [];
    foreach($this->_authSets as $key => $set) $sets[$key] = array_diff($set,[$name]);
    $this->_authSets = array_filter($sets);
  }
  /**
   * Add a single widget.
   * @param string $id  Widget ID.
   * @param Rsi\Fred\Controller\Widget $widget
   */
  protected function addWidget($id,$widget){
    $widget->controller = $this;
    $this->_widgets[$id] = $widget;
  }
  /**
   * Add multiple widgets.
   * @param array $widgets  Key = ID, value = widget.
   */
  protected function addWidgets($widgets){
    foreach($widgets as $id => $widget) $this->addWidget($id,$widget);
  }
  /**
   * Create a widget by type.
   * @param string $type  Widget type (class name).
   * @param string $config  Configuration.
   * @return Widget
   */
  protected function widgetByType($type,$config){
    $class_name = (substr($type,0,1) == '\\' ? '' : $this->defaultWidgetNamespace . '\\') . ucfirst($type);
    return new $class_name($config);
  }
  /**
   * Add a widget by type.
   * @param string $id  Widget ID.
   * @param string $type  Widget type (class name).
   * @param string $config  Configuration.
   */
  protected function addByType($id,$type,$config){
    $this->addWidget($id,$this->widgetByType($type,$config));
  }
  /**
   * Create a widget from a database definition.
   * @param string $table  Name of the table.
   * @param string $column  Column name.
   * @param array $extra  Extra configuration to add to the definition.
   * @return Widget
   */
  protected function widgetFromDef($table,$column,$extra = null){
    $def = $this->component('def')->column($table,$column,$extra);
    return $this->widgetByType($def['type'],$def);
  }
  /**
   * Add widgets from a database definition.
   * @param string $table  Name of the table.
   * @param string|array $columns  One or more column names (all table columns when empty).
   * @param array $extra  Extra configuration to add to the definition.
   * @param string $prefix  Prefix to add to the column name for the widget ID.
   */
  protected function addFromDef($table,$columns = null,$extra = null,$prefix = null){
    if(!$columns) $columns = array_keys($this->component('def')->table($table));
    elseif(!is_array($columns)) $columns = [$columns];
    foreach($columns as $column) $this->addWidget($prefix . $column,$this->widgetFromDef($table,$column,$extra));
  }
  /**
   * Add widgets from a definition record.
   * @param Rsi\Fred\Def\Record $record  Definition record.
   * @param string $prefix  Prefix to add to the column name for the widget ID.
   */
  protected function addFromRecord($record,$prefix = null){
    foreach($record->columns as $column => $config) $this->addByType($prefix . $column,$config['type'],$config);
  }
  /**
   * Copy data from a definition record to the request.
   * @param Rsi\Fred\Def\Record $record  Definition record.
   * @param string $prefix  Prefix to add to the column name for the widget ID.
   */
  protected function dataFromRecord($record,$prefix = null){
    $request = $this->component('request');
    foreach($record->columns as $column => $config) $request->data[$prefix . $column] = $record->get($column);
  }
  /**
   * Copy data from the request to a definition record.
   * @param Rsi\Fred\Def\Record $record  Definition record.
   * @param string $prefix  Prefix to add to the column name for the widget ID.
   */
  protected function dataToRecord($record,$prefix = null){
    $request = $this->component('request');
    foreach($record->columns as $column => $config) $record->set($column,$request->data[$prefix . $column]);
  }
  /**
   * Remove one or more widget(s).
   * @param string $ids,...  Widget ID('s).
   */
  protected function deleteWidget(...$ids){
    $this->getWidgets();
    foreach($ids as $id) unset($this->_widgets[$id]);
  }
  /**
   * Add a constraint.
   * @param array $ids  Widgets involved (an asterisk will be replaced with the current index during checking, '*--' with the
   *   previous index, '*++' with the next). Widgets that are empty (nothing) are ignored.
   * @param string $operator  Like used with \\Rsi\\Str::operator().
   * @param string $group  Group widget values (use TOTAL_* constants), rather than checking them one-by-one.
   * @param number $total  Grouping reference value. Set to true to make this equal to the number of values.
   */
  protected function addConstraint($ids,$operator,$group = null,$total = null){
    $this->_constraints[] = compact('ids','operator','group','total');
  }
  /**
   * Initialize the widgets.
   * Called by the widget getter.
   */
  protected function initWidgets(){
  }
  /**
   * Reset the controller.
   * Called when the same controller is used for both the handling of the request ('post') and the view. Use this to perform
   * actions between those two events.
   */
  public function reset(){
    $this->_action = null;
  }
  /**
   * Note if an action is expected.
   * @param string $id  Widget ID.
   * @param string $action
   */
  public function expect($id,$action){
    $expected = $this->session->expected ?: [];
    \Rsi\Record::set($expected,[$id,$action],true);
    $this->session->expected = $expected;
  }
  /**
   * Was the action expected?
   * @param string $id  Widget ID.
   * @param string $action
   * @return bool
   */
  public function expected($id,$action){
    if($result = \Rsi\Record::get($expected = $this->session->expected,[$id,$action = $this->action])){
      unset($expected[$id][$action]);
      $this->session->expected = $expected;
    }
    return $result;
  }
  /**
   * Parameters for the route to this controller.
   * @return array
   */
  public function routeParams(){
    return [];
  }
  /**
   * Route to this controller.
   * @param string $type
   * @param array $params  Extra params.
   * @return string
   */
  public function route($type = null,$params = null){
    $router = $this->component('router');
    if(($type === null) && (($type = $router->viewType) == $this->defaultViewType)) $type = null;
    return $router->reverse($this->name,$type,($params ?: []) + $this->routeParams());
  }
  /**
   * Navigate to another controller.
   * @param int $levels  Number of levels to go up.
   * @param string $suffix  Suffix to add.
   * @param bool|array $params  Parameters for the controller (set to false to only change the view controller name).
   */
  public function redir($levels = 1,$suffix = null,$params = null){
    $request = $this->component('request');
    $name = \Rsi\File::dirname($this->name,$levels) . $suffix;
    if($params === false) $request->viewControllerName = $name;
    else $request->redir = $this->component('router')->reverse($name,null,$params);
  }
  /**
   * Default caption for a widget.
   * @param string $id  Widget ID.
   * @return string
   */
  public function caption($id){
    return str_replace('*',$id,$this->defaultCaption);
  }
  /**
   * Default hint for a widget.
   * @param string $id  Widget ID or type.
   * @return string
   */
  public function hint($id){
    return str_replace('*',$id,$this->defaultHint);
  }
  /**
   * Unknwon action called.
   */
  protected function unkownAction(){
    $this->_fred->externalError('Unknown controller action',['class' => get_called_class(),'action' => $this->action]);
  }
  /**
   * Default action (if no action specified).
   */
  protected function actionDefault(){
  }
  /**
   * Return a fragment from the view.
   */
  protected function actionFragment(){
    $this->fragmentId = $this->_fred->request->fragmentId;
  }
  /**
   * Ping to keep the session alive.
   */
  protected function actionPingAlive(){
    $alive = $this->component('alive');
    if($this->component('request')->redir = $alive->ping()){
      $message = $this->component('message');
      $local = $this->component('local');
      $message->warning($this->inactiveMessage,[
        'maxSessionTime' => $alive->maxSessionTime ? $local->formatNumber($alive->maxSessionTime,1,0) : null,
        'maxInactiveTime' => $alive->maxInactiveTime ? $local->formatNumber($alive->maxInactiveTime,1,0) : null,
        'sessionStart' => $local->formatDateTime($alive->session->start),
        'sessionAlive' => $local->formatDateTime($alive->session->alive)
      ]);
    }
  }
  /**
   * Log client-side errors.
   */
  protected function actionClientError(){
    if($this->clientErrorPrio){
      $security = $this->component('security');
      $request = $this->component('request');
      if(
        (count($errors = $security->session->clientErrors ?: []) < $this->clientErrorMax) &&
        !in_array($hash = md5($request->message . $request->url . $request->lineNo),$errors)
      ){
        $this->component('log')->add(
          $this->clientErrorPrio,
          'Client error: ' . $request->message,
          $request->url,
          $request->lineNo,
          array_filter(['column' => $request->column,'trace' => $request->trace,'journal' => $request->journal])
        );
        if(!$errors) $security->addBan('clientError',$this->clientErrorBanDelay);
        $errors[] = $hash;
        $security->session->clientErrors = $errors;
      }
    }
  }
  /**
   * Return a feature hint translation.
   */
  protected function actionFeatureHint(){
    $request = $this->component('request');
    $request->result = $this->component('hint')->trans($request->id,$request->count);
  }
  /**
   * Request a socket.
   */
  protected function actionRequestSocket(){
    $socket = $this->component('socket');
    $this->component('request')->result = [
      'host' => $socket->clientHost,
      'port' => $socket->clientPort,
      'prefix' => $socket->clientPrefix,
      'token' => $socket->token()
    ];
  }
  /**
   * Add an error to the request.
   * @param string $id  ID of the widget involved.
   * @param string $error  Error type.
   */
  protected function addError($id,$error){
    $this->component('request')->errors[$id] = $this->component('trans')->str($this->errorStr,[
      'id' => $id,
      'error' => $error,
      'caption' => strip_tags($this->widgets[$id]->caption($id))
    ]);
  }
  /**
   * Calculate the total for an array.
   * @param array $values  Array with values (string or numeric).
   * @param string $type  Type of total (see TOTAL_* constants).
   * @return mixed  Calculated value for array.
   */
  public function arrayTotal($values,$type){
    if($values) switch($type){
      case self::TOTAL_SUM: return array_sum($values);
      case self::TOTAL_COUNT: return count($values);
      case self::TOTAL_AVG: return array_sum($values) / count($values);
      case self::TOTAL_MAX: return max($values);
      case self::TOTAL_MIN: return min($values);
      case self::TOTAL_UNIQUE: return count(array_unique($values));
    }
    return null;
  }
  /**
   * Check a constraint.
   * @param array $widget_ids  Widgets in the action.
   * @param array $ids  Widgets involved.
   * @param string $operator  Like used with \\Rsi\\Str::operator().
   * @param string $group  Group widget values (use TOTAL_* constants), rather than checking them one-by-one.
   * @param number $total  Grouping reference value.
   */
  protected function checkConstraint($widget_ids,$ids,$operator,$group = null,$total = null){
    $request = $this->component('request');
    $indexes = null;
    $sub_ids = [];
    foreach($ids as $id){
      $id = explode(Controller\Widget::CHILD_ID_SEPARATOR,$id);
      if(
        in_array($widget_id = array_shift($id),$widget_ids) &&
        !$this->widgets[$widget_id]->nothing($value = $request->data[$widget_id])
      ){
        $sub_ids[] = [$widget_id,$id];
        if($indexes === null) while($id) switch($sub = array_shift($id)){
          case '*':
            $indexes = $value ? array_keys($value) : [];
            break 2; //exit while
          default:
            $value = \Rsi\Record::get($value,$sub);
        }
      }
    }
    if($indexes === null) $indexes = [null];
    foreach($indexes as $i => $index){
      $init = $prev = false;
      $values = [];
      foreach($sub_ids as list($widget_id,$id)){
        $value = $request->data[$widget_id];
        while($id){
          switch($sub = array_shift($id)){
            case '*':
              $sub = $index;
              break;
            case '*--':
              if(!$i) break 3; //exit sub_ids, next index
              $sub = $indexes[$i - 1];
              break;
            case '*++':
              if($i + 1 >= count($indexes)) break 3; //exit sub_ids, next index
              $sub = $indexes[$i + 1];
              break;
          }
          $value = \Rsi\Record::get($value,$sub);
          if(!is_numeric($sub) && $this->widgets[$widget_id]->widgets[$sub]->nothing($value)) continue 2; //next sub_id
        }
        if($group) $values[] = $value;
        elseif(!$init) $init = true;
        elseif(!\Rsi\Str::operator($prev,$operator,$value)) $this->addError($widget_id,'constraint');
        $prev = $value;
      }
      if($group && $values && !\Rsi\Str::operator(
        $this->arrayTotal($values,$group),
        $operator,
        $total === true ? count($values) : $total
      )) foreach($sub_ids as list($widget_id,$id)) $this->addError($widget_id,'group');
    }
  }
  /**
   * Check widget values.
   * Widget data is taken from the request data array. Errors are added to the request.
   * @param array $ids  Widgets to check (empty = all).
   * @return bool  True if everything is OK.
   */
  protected function checkWidgets($ids = null){
    $request = $this->component('request');
    if(!$ids) $ids = array_keys($this->widgets);
    foreach($ids as $id){
      $widget = $this->widgets[$id];
      if($widget->writeable && ($error = $widget->check($request->data[$id] ?? null))) $this->addError($id,$error);
    }
    if(!$request->errors) foreach($this->constraints as $constraint)
      $this->checkConstraint($ids,$constraint['ids'],$constraint['operator'],$constraint['group'],$constraint['total']);
    return !$request->errors;
  }
  /**
   * Execute the action (if specified) on the controller.
   * Security checks are executed before. All input and output is handled through the request component. An action can only
   * trust the values from the data array. If the value is not present, the user is not authorized to modify it. All other
   * values must be checked.
   */
  public function execute(){
    $request = $this->component('request');
    if($id = \Rsi\Str::part($request->widgetId,Controller\Widget::CHILD_ID_SEPARATOR)){
      if(!array_key_exists($id,$this->widgets))
        $this->_fred->externalError('Unknown widget',['class' => get_called_class(),'id' => $id]);
      else{
        $widget = $this->widgets[$id];
        if(!$widget->readable) $this->_fred->externalError(
          'User not authorized for widget',
          ['class' => get_called_class(),'id' => $id,'action' => $this->action]
        );
        else $widget->execute();
      }
    }
    elseif(!method_exists($this,$method = 'action' . ucfirst($this->action))) $this->unkownAction();
    else{ //action on this controller
      if(!$this->component('security')->check($this->securityChecksIgnore))
        $this->_fred->externalError('Suspicious controller call',['class' => get_called_class()]);
      $convert = $this->view->convert;
      if(($widgets = $this->widgets) && ($ids = array_key_exists($this->action,$this->_checkWidgets) && ($this->_checkWidgets[$this->action] !== null)
        ? $this->_checkWidgets[$this->action]
        : (array_key_exists(null,$this->_checkWidgets) ? $this->_checkWidgets[null] : array_keys($widgets))
      )){
        foreach($ids as $id){
          $request->data[$id] = null;
          $widget = $widgets[$id];
          if($widget->writeable){
            $value = $widget->purge($request->complex(['widget',$id]));
            $value = $convert ? $widget->convert($value) : $widget->clientConvert($value);
            if($error = $widget->check($value)) $this->addError($id,$error);
            else $request->data[$id] = $widget->dataConvert($value);
          }
        }
        if(!$request->errors) foreach($this->constraints as $constraint)
          $this->checkConstraint($ids,$constraint['ids'],$constraint['operator'],$constraint['group'],$constraint['total']);
      }
      foreach($widgets as $id => $widget) if(!$ids || !in_array($id,$ids)) $request->data[$id] = $widget->defaultValue;
      if(!$request->errors) call_user_func([$this,$method]);
    }
  }
  /**
   * Necessary right for an action.
   * @param string $action
   * @return string  Necessary right.
   */
  protected function actionRight($action){
    $right = null;
    if(array_key_exists($action ?: null,$this->_rights)){
      $right = $this->_rights[$action];
      if(substr($right,0,1) == User::RIGHT_LEVEL_SEPARATOR)
        $right = \Rsi\Str::part($this->_rights[null],User::RIGHT_LEVEL_SEPARATOR) . $right;
    }
    elseif(array_key_exists(null,$this->_rights)) $right = $this->_rights[null];
    return $right;
  }
  /**
   * Available actions for current user.
   * @param string $prefix  Prefix where the action name has to start with.
   * @return array  Array with action names.
   */
  public function actions($prefix = null){
    $actions = [];
    $prefix = 'action' . ucfirst($prefix);
    foreach(get_class_methods($this) as $method) if(
      \Rsi\Str::startsWith($method,$prefix) &&
      $this->component('user')->authorized($this->actionRight($action = lcfirst(substr($method,6))))
    ) $actions[] = $action;
    return $actions;
  }

  protected function getAction(){
    if($this->_action === null) $this->_action = $this->component('request')->action ?: 'default';
    return $this->_action;
  }

  protected function setCheckWidgets($check_widgets){
    foreach($check_widgets as $action => $ids) $this->_checkWidgets[$action] = $ids ? array_values($ids) : $ids;
  }

  protected function getConstraints(){
    if($this->_constraints === null) $this->getWidgets();
    return $this->_constraints;
  }

  protected function getName(){
    foreach($this->component('front')->controllerNamespaces + [null => null] as $namespace => $prefix)
      if(\Rsi\Str::startsWith(get_called_class(),$namespace)) break;
    return str_replace('\\','/',$prefix . substr(get_called_class(),strlen($namespace) + ($prefix ? 0 : 1)));
  }

  protected function getRight(){
    return $this->actionRight($this->action);
  }

  protected function setRights($rights){
    $this->_rights = array_merge($this->_rights,$rights);
  }

  protected function getSecurityChecksIgnore(){
    if($this->action && array_key_exists($this->action,$this->_securityChecksIgnore)) return $this->_securityChecksIgnore[$this->action];
    if(array_key_exists(null,$this->_securityChecksIgnore)) return $this->_securityChecksIgnore[null];
    return null;
  }

  protected function setSecurityChecksIgnore($security_checks_ignore){
    $this->_securityChecksIgnore = array_merge($this->_securityChecksIgnore,$security_checks_ignore);
  }

  protected function getView(){
    if($this->_view === null){
      $type = $this->component('router')->viewType ?: $this->defaultViewType;
      if(
        !class_exists($class_name = str_replace('Controller','View',$this->viewClassName ?: get_called_class()) . '\\' . ucfirst($type)) && //specific view for this type
        !class_exists($class_name = $this->defaultViewNamespace . '\\' . ucfirst($type)) && //general view for this type
        !class_exists($class_name = str_replace('Controller','View',$this->viewClassName ?: get_called_class()) . '\\' . ucfirst($type = $this->defaultViewType)) //specific view for default type
      ) $class_name = $this->defaultViewNamespace . '\\' . ucfirst($type); //default view for default type
      $this->_view = new $class_name($this->_fred,array_replace_recursive(
        $this->config('view',[]),
        $this->config(['view',$type],[]),
        ['controller' => $this]
      ));
    }
    return $this->_view;
  }

  protected function getWidgets(){
    if($this->_widgets === null){
      $this->_widgets = $this->_constraints = [];
      $this->initWidgets();
    }
    return $this->_widgets;
  }

  protected function setWidgets($value){
    if($value === false) $this->_widgets = [];
    else $this->addWidgets($value);
  }

  protected function _get($key){
    return $this->widgets[$key];
  }

  protected function _set($key,$value){
    $this->addWidget($key,$value);
  }

}