mirror of
https://github.com/flarum/framework.git
synced 2025-02-21 08:39:25 +08:00
Introduce RequestUtil to encapsulate getting/setting actor on requests(#2449)
This commit is contained in:
Alexander Skvortsov
GitHub
parent
da598db376
commit
94d69fe15f
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Admin\Middleware;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Http\Server\MiddlewareInterface as Middleware;
|
||||
@ -18,7 +19,7 @@ class RequireAdministrateAbility implements Middleware
|
||||
{
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
{
|
||||
$request->getAttribute('actor')->assertAdmin();
|
||||
RequestUtil::getActor($request)->assertAdmin();
|
||||
|
||||
return $handler->handle($request);
|
||||
}
|
||||
|
||||
@ -12,6 +12,7 @@ namespace Flarum\Api;
|
||||
use Exception;
|
||||
use Flarum\Foundation\ErrorHandling\JsonApiFormatter;
|
||||
use Flarum\Foundation\ErrorHandling\Registry;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\User;
|
||||
use Illuminate\Contracts\Container\Container;
|
||||
use InvalidArgumentException;
|
||||
@ -56,7 +57,7 @@ class Client
|
||||
{
|
||||
$request = ServerRequestFactory::fromGlobals(null, $queryParams, $body);
|
||||
|
||||
$request = $request->withAttribute('actor', $actor);
|
||||
$request = RequestUtil::withActor($request, $actor);
|
||||
|
||||
if (is_string($controller)) {
|
||||
$controller = $this->container->make($controller);
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Foundation\Console\CacheClearCommand;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Laminas\Diactoros\Response\EmptyResponse;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
use Symfony\Component\Console\Input\ArrayInput;
|
||||
@ -35,7 +36,7 @@ class ClearCacheController extends AbstractDeleteController
|
||||
*/
|
||||
protected function delete(ServerRequestInterface $request)
|
||||
{
|
||||
$request->getAttribute('actor')->assertAdmin();
|
||||
RequestUtil::getActor($request)->assertAdmin();
|
||||
|
||||
$this->command->run(
|
||||
new ArrayInput([]),
|
||||
|
||||
@ -12,6 +12,7 @@ namespace Flarum\Api\Controller;
|
||||
use Flarum\Api\Serializer\DiscussionSerializer;
|
||||
use Flarum\Discussion\Command\ReadDiscussion;
|
||||
use Flarum\Discussion\Command\StartDiscussion;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -53,7 +54,7 @@ class CreateDiscussionController extends AbstractCreateController
|
||||
*/
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$ipAddress = $request->getAttribute('ipAddress');
|
||||
|
||||
$discussion = $this->bus->dispatch(
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\GroupSerializer;
|
||||
use Flarum\Group\Command\CreateGroup;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -42,7 +43,7 @@ class CreateGroupController extends AbstractCreateController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
return $this->bus->dispatch(
|
||||
new CreateGroup($request->getAttribute('actor'), Arr::get($request->getParsedBody(), 'data', []))
|
||||
new CreateGroup(RequestUtil::getActor($request), Arr::get($request->getParsedBody(), 'data', []))
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\PostSerializer;
|
||||
use Flarum\Discussion\Command\ReadDiscussion;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Post\Command\PostReply;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
@ -52,7 +53,7 @@ class CreatePostController extends AbstractCreateController
|
||||
*/
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$data = Arr::get($request->getParsedBody(), 'data', []);
|
||||
$discussionId = Arr::get($data, 'relationships.discussion.data.id');
|
||||
$ipAddress = $request->getAttribute('ipAddress');
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\CurrentUserSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\Command\RegisterUser;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
@ -42,7 +43,7 @@ class CreateUserController extends AbstractCreateController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
return $this->bus->dispatch(
|
||||
new RegisterUser($request->getAttribute('actor'), Arr::get($request->getParsedBody(), 'data', []))
|
||||
new RegisterUser(RequestUtil::getActor($request), Arr::get($request->getParsedBody(), 'data', []))
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\UserSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\Command\DeleteAvatar;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
@ -42,7 +43,7 @@ class DeleteAvatarController extends AbstractShowController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
return $this->bus->dispatch(
|
||||
new DeleteAvatar(Arr::get($request->getQueryParams(), 'id'), $request->getAttribute('actor'))
|
||||
new DeleteAvatar(Arr::get($request->getQueryParams(), 'id'), RequestUtil::getActor($request))
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Discussion\Command\DeleteDiscussion;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -35,7 +36,7 @@ class DeleteDiscussionController extends AbstractDeleteController
|
||||
protected function delete(ServerRequestInterface $request)
|
||||
{
|
||||
$id = Arr::get($request->getQueryParams(), 'id');
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$input = $request->getParsedBody();
|
||||
|
||||
$this->bus->dispatch(
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Settings\SettingsRepositoryInterface;
|
||||
use Laminas\Diactoros\Response\EmptyResponse;
|
||||
use League\Flysystem\FilesystemInterface;
|
||||
@ -41,7 +42,7 @@ class DeleteFaviconController extends AbstractDeleteController
|
||||
*/
|
||||
protected function delete(ServerRequestInterface $request)
|
||||
{
|
||||
$request->getAttribute('actor')->assertAdmin();
|
||||
RequestUtil::getActor($request)->assertAdmin();
|
||||
|
||||
$path = $this->settings->get('favicon_path');
|
||||
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Group\Command\DeleteGroup;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -35,7 +36,7 @@ class DeleteGroupController extends AbstractDeleteController
|
||||
protected function delete(ServerRequestInterface $request)
|
||||
{
|
||||
$this->bus->dispatch(
|
||||
new DeleteGroup(Arr::get($request->getQueryParams(), 'id'), $request->getAttribute('actor'))
|
||||
new DeleteGroup(Arr::get($request->getQueryParams(), 'id'), RequestUtil::getActor($request))
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Settings\SettingsRepositoryInterface;
|
||||
use Laminas\Diactoros\Response\EmptyResponse;
|
||||
use League\Flysystem\FilesystemInterface;
|
||||
@ -41,7 +42,7 @@ class DeleteLogoController extends AbstractDeleteController
|
||||
*/
|
||||
protected function delete(ServerRequestInterface $request)
|
||||
{
|
||||
$request->getAttribute('actor')->assertAdmin();
|
||||
RequestUtil::getActor($request)->assertAdmin();
|
||||
|
||||
$path = $this->settings->get('logo_path');
|
||||
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Post\Command\DeletePost;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
@ -35,7 +36,7 @@ class DeletePostController extends AbstractDeleteController
|
||||
protected function delete(ServerRequestInterface $request)
|
||||
{
|
||||
$this->bus->dispatch(
|
||||
new DeletePost(Arr::get($request->getQueryParams(), 'id'), $request->getAttribute('actor'))
|
||||
new DeletePost(Arr::get($request->getQueryParams(), 'id'), RequestUtil::getActor($request))
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\Command\DeleteUser;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
@ -35,7 +36,7 @@ class DeleteUserController extends AbstractDeleteController
|
||||
protected function delete(ServerRequestInterface $request)
|
||||
{
|
||||
$this->bus->dispatch(
|
||||
new DeleteUser(Arr::get($request->getQueryParams(), 'id'), $request->getAttribute('actor'))
|
||||
new DeleteUser(Arr::get($request->getQueryParams(), 'id'), RequestUtil::getActor($request))
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@ -13,6 +13,7 @@ use Flarum\Api\Serializer\DiscussionSerializer;
|
||||
use Flarum\Discussion\Discussion;
|
||||
use Flarum\Discussion\Filter\DiscussionFilterer;
|
||||
use Flarum\Discussion\Search\DiscussionSearcher;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\UrlGenerator;
|
||||
use Flarum\Query\QueryCriteria;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -85,7 +86,7 @@ class ListDiscussionsController extends AbstractListController
|
||||
*/
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$filters = $this->extractFilter($request);
|
||||
$sort = $this->extractSort($request);
|
||||
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\GroupSerializer;
|
||||
use Flarum\Group\Group;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
use Tobscure\JsonApi\Document;
|
||||
|
||||
@ -26,7 +27,7 @@ class ListGroupsController extends AbstractListController
|
||||
*/
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
$results = Group::whereVisibleTo($actor)->get();
|
||||
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\NotificationSerializer;
|
||||
use Flarum\Discussion\Discussion;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\UrlGenerator;
|
||||
use Flarum\Notification\NotificationRepository;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -62,7 +63,7 @@ class ListNotificationsController extends AbstractListController
|
||||
*/
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
$actor->assertRegistered();
|
||||
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\PostSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\UrlGenerator;
|
||||
use Flarum\Post\Filter\PostFilterer;
|
||||
use Flarum\Post\PostRepository;
|
||||
@ -74,7 +75,7 @@ class ListPostsController extends AbstractListController
|
||||
*/
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
$filters = $this->extractFilter($request);
|
||||
$sort = $this->extractSort($request);
|
||||
@ -116,7 +117,7 @@ class ListPostsController extends AbstractListController
|
||||
*/
|
||||
protected function extractOffset(ServerRequestInterface $request)
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$queryParams = $request->getQueryParams();
|
||||
$sort = $this->extractSort($request);
|
||||
$limit = $this->extractLimit($request);
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\UserSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\UrlGenerator;
|
||||
use Flarum\Query\QueryCriteria;
|
||||
use Flarum\User\Filter\UserFilterer;
|
||||
@ -72,7 +73,7 @@ class ListUsersController extends AbstractListController
|
||||
*/
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
$actor->assertCan('viewUserList');
|
||||
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Notification\Command\ReadAllNotifications;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -34,7 +35,7 @@ class ReadAllNotificationsController extends AbstractDeleteController
|
||||
protected function delete(ServerRequestInterface $request)
|
||||
{
|
||||
$this->bus->dispatch(
|
||||
new ReadAllNotifications($request->getAttribute('actor'))
|
||||
new ReadAllNotifications(RequestUtil::getActor($request))
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\UrlGenerator;
|
||||
use Flarum\Settings\SettingsRepositoryInterface;
|
||||
use Flarum\User\AccountActivationMailerTrait;
|
||||
@ -65,7 +66,7 @@ class SendConfirmationEmailController implements RequestHandlerInterface
|
||||
public function handle(ServerRequestInterface $request): ResponseInterface
|
||||
{
|
||||
$id = Arr::get($request->getQueryParams(), 'id');
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
$actor->assertRegistered();
|
||||
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Container\Container;
|
||||
use Illuminate\Contracts\Mail\Mailer;
|
||||
use Illuminate\Mail\Message;
|
||||
@ -35,7 +36,7 @@ class SendTestMailController implements RequestHandlerInterface
|
||||
|
||||
public function handle(ServerRequestInterface $request): ResponseInterface
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$actor->assertAdmin();
|
||||
|
||||
$body = $this->translator->trans('core.email.send_test.body', ['{username}' => $actor->username]);
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Group\Permission;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Support\Arr;
|
||||
use Laminas\Diactoros\Response\EmptyResponse;
|
||||
use Psr\Http\Message\ResponseInterface;
|
||||
@ -23,7 +24,7 @@ class SetPermissionController implements RequestHandlerInterface
|
||||
*/
|
||||
public function handle(ServerRequestInterface $request): ResponseInterface
|
||||
{
|
||||
$request->getAttribute('actor')->assertAdmin();
|
||||
RequestUtil::getActor($request)->assertAdmin();
|
||||
|
||||
$body = $request->getParsedBody();
|
||||
$permission = Arr::get($body, 'permission');
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Settings\Event;
|
||||
use Flarum\Settings\SettingsRepositoryInterface;
|
||||
use Illuminate\Contracts\Events\Dispatcher;
|
||||
@ -43,7 +44,7 @@ class SetSettingsController implements RequestHandlerInterface
|
||||
*/
|
||||
public function handle(ServerRequestInterface $request): ResponseInterface
|
||||
{
|
||||
$request->getAttribute('actor')->assertAdmin();
|
||||
RequestUtil::getActor($request)->assertAdmin();
|
||||
|
||||
$settings = $request->getParsedBody();
|
||||
|
||||
|
||||
@ -12,6 +12,7 @@ namespace Flarum\Api\Controller;
|
||||
use Flarum\Api\Serializer\DiscussionSerializer;
|
||||
use Flarum\Discussion\Discussion;
|
||||
use Flarum\Discussion\DiscussionRepository;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\SlugManager;
|
||||
use Flarum\Post\PostRepository;
|
||||
use Flarum\User\User;
|
||||
@ -82,7 +83,7 @@ class ShowDiscussionController extends AbstractShowController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$discussionId = Arr::get($request->getQueryParams(), 'id');
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$include = $this->extractInclude($request);
|
||||
|
||||
if (Arr::get($request->getQueryParams(), 'bySlug', false)) {
|
||||
@ -111,7 +112,7 @@ class ShowDiscussionController extends AbstractShowController
|
||||
*/
|
||||
private function includePosts(Discussion $discussion, ServerRequestInterface $request, array $include)
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$limit = $this->extractLimit($request);
|
||||
$offset = $this->getPostsOffset($request, $discussion, $limit);
|
||||
|
||||
@ -160,7 +161,7 @@ class ShowDiscussionController extends AbstractShowController
|
||||
private function getPostsOffset(ServerRequestInterface $request, Discussion $discussion, $limit)
|
||||
{
|
||||
$queryParams = $request->getQueryParams();
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
if (($near = Arr::get($queryParams, 'page.near')) > 1) {
|
||||
$offset = $this->posts->getIndexForNumber($discussion->id, $near, $actor);
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\ForumSerializer;
|
||||
use Flarum\Group\Group;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
use Tobscure\JsonApi\Document;
|
||||
|
||||
@ -32,7 +33,7 @@ class ShowForumController extends AbstractShowController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
return [
|
||||
'groups' => Group::whereVisibleTo($request->getAttribute('actor'))->get()
|
||||
'groups' => Group::whereVisibleTo(RequestUtil::getActor($request))->get()
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\MailSettingsSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Settings\SettingsRepositoryInterface;
|
||||
use Illuminate\Contracts\Validation\Factory;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -27,7 +28,7 @@ class ShowMailSettingsController extends AbstractShowController
|
||||
*/
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$request->getAttribute('actor')->assertAdmin();
|
||||
RequestUtil::getActor($request)->assertAdmin();
|
||||
|
||||
$drivers = array_map(function ($driver) {
|
||||
return self::$container->make($driver);
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\PostSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Post\PostRepository;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -51,6 +52,6 @@ class ShowPostController extends AbstractShowController
|
||||
*/
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
return $this->posts->findOrFail(Arr::get($request->getQueryParams(), 'id'), $request->getAttribute('actor'));
|
||||
return $this->posts->findOrFail(Arr::get($request->getQueryParams(), 'id'), RequestUtil::getActor($request));
|
||||
}
|
||||
}
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\CurrentUserSerializer;
|
||||
use Flarum\Api\Serializer\UserSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\SlugManager;
|
||||
use Flarum\User\User;
|
||||
use Flarum\User\UserRepository;
|
||||
@ -56,7 +57,7 @@ class ShowUserController extends AbstractShowController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$id = Arr::get($request->getQueryParams(), 'id');
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
if (Arr::get($request->getQueryParams(), 'bySlug', false)) {
|
||||
$user = $this->slugManager->forResource(User::class)->fromSlug($id, $actor);
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Extension\ExtensionManager;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
|
||||
@ -30,7 +31,7 @@ class UninstallExtensionController extends AbstractDeleteController
|
||||
|
||||
protected function delete(ServerRequestInterface $request)
|
||||
{
|
||||
$request->getAttribute('actor')->assertAdmin();
|
||||
RequestUtil::getActor($request)->assertAdmin();
|
||||
|
||||
$name = Arr::get($request->getQueryParams(), 'name');
|
||||
|
||||
|
||||
@ -12,6 +12,7 @@ namespace Flarum\Api\Controller;
|
||||
use Flarum\Api\Serializer\DiscussionSerializer;
|
||||
use Flarum\Discussion\Command\EditDiscussion;
|
||||
use Flarum\Discussion\Command\ReadDiscussion;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Database\Eloquent\Collection;
|
||||
use Illuminate\Support\Arr;
|
||||
@ -43,7 +44,7 @@ class UpdateDiscussionController extends AbstractShowController
|
||||
*/
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$discussionId = Arr::get($request->getQueryParams(), 'id');
|
||||
$data = Arr::get($request->getParsedBody(), 'data', []);
|
||||
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Extension\ExtensionManager;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Support\Arr;
|
||||
use Laminas\Diactoros\Response\EmptyResponse;
|
||||
use Psr\Http\Message\ResponseInterface;
|
||||
@ -36,7 +37,7 @@ class UpdateExtensionController implements RequestHandlerInterface
|
||||
*/
|
||||
public function handle(ServerRequestInterface $request): ResponseInterface
|
||||
{
|
||||
$request->getAttribute('actor')->assertAdmin();
|
||||
RequestUtil::getActor($request)->assertAdmin();
|
||||
|
||||
$enabled = Arr::get($request->getParsedBody(), 'enabled');
|
||||
$name = Arr::get($request->getQueryParams(), 'name');
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\GroupSerializer;
|
||||
use Flarum\Group\Command\EditGroup;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ServerRequestInterface;
|
||||
@ -42,7 +43,7 @@ class UpdateGroupController extends AbstractShowController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$id = Arr::get($request->getQueryParams(), 'id');
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$data = Arr::get($request->getParsedBody(), 'data', []);
|
||||
|
||||
return $this->bus->dispatch(
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\NotificationSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Notification\Command\ReadNotification;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
@ -42,7 +43,7 @@ class UpdateNotificationController extends AbstractShowController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$id = Arr::get($request->getQueryParams(), 'id');
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
return $this->bus->dispatch(
|
||||
new ReadNotification($id, $actor)
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\PostSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Post\Command\EditPost;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
@ -50,7 +51,7 @@ class UpdatePostController extends AbstractShowController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$id = Arr::get($request->getQueryParams(), 'id');
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$data = Arr::get($request->getParsedBody(), 'data', []);
|
||||
|
||||
return $this->bus->dispatch(
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\CurrentUserSerializer;
|
||||
use Flarum\Api\Serializer\UserSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\Command\EditUser;
|
||||
use Flarum\User\Exception\NotAuthenticatedException;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
@ -49,7 +50,7 @@ class UpdateUserController extends AbstractShowController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$id = Arr::get($request->getQueryParams(), 'id');
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$data = Arr::get($request->getParsedBody(), 'data', []);
|
||||
|
||||
if ($actor->id == $id) {
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Api\Serializer\UserSerializer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\Command\UploadAvatar;
|
||||
use Illuminate\Contracts\Bus\Dispatcher;
|
||||
use Illuminate\Support\Arr;
|
||||
@ -42,7 +43,7 @@ class UploadAvatarController extends AbstractShowController
|
||||
protected function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$id = Arr::get($request->getQueryParams(), 'id');
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$file = Arr::get($request->getUploadedFiles(), 'avatar');
|
||||
|
||||
return $this->bus->dispatch(
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Api\Controller;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Settings\SettingsRepositoryInterface;
|
||||
use Illuminate\Support\Arr;
|
||||
use Illuminate\Support\Str;
|
||||
@ -60,7 +61,7 @@ abstract class UploadImageController extends ShowForumController
|
||||
*/
|
||||
public function data(ServerRequestInterface $request, Document $document)
|
||||
{
|
||||
$request->getAttribute('actor')->assertAdmin();
|
||||
RequestUtil::getActor($request)->assertAdmin();
|
||||
|
||||
$file = Arr::get($request->getUploadedFiles(), $this->filenamePrefix);
|
||||
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Api\Serializer;
|
||||
|
||||
use Closure;
|
||||
use DateTime;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\User;
|
||||
use Illuminate\Contracts\Container\Container;
|
||||
use Illuminate\Support\Arr;
|
||||
@ -64,7 +65,7 @@ abstract class AbstractSerializer extends BaseAbstractSerializer
|
||||
public function setRequest(Request $request)
|
||||
{
|
||||
$this->request = $request;
|
||||
$this->actor = $request->getAttribute('actor');
|
||||
$this->actor = RequestUtil::getActor($request);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -26,7 +26,7 @@ class ThrottleApi implements ExtenderInterface
|
||||
*
|
||||
* The callable can be a closure or invokable class, and should accept:
|
||||
* - $request: The current `\Psr\Http\Message\ServerRequestInterface` request object.
|
||||
* `$request->getAttribute('actor')` can be used to get the current user.
|
||||
* `\Flarum\Http\RequestUtil::getActor($request)` can be used to get the current user.
|
||||
* `$request->getAttribute('routeName')` can be used to get the current route.
|
||||
* Please note that every throttler runs by default on every route.
|
||||
* If you only want to throttle certain routes, you'll need to check for that inside your logic.
|
||||
|
||||
@ -10,12 +10,13 @@
|
||||
namespace Flarum\Forum\Content;
|
||||
|
||||
use Flarum\Frontend\Document;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
|
||||
class AssertRegistered
|
||||
{
|
||||
public function __invoke(Document $document, Request $request)
|
||||
{
|
||||
$request->getAttribute('actor')->assertRegistered();
|
||||
RequestUtil::getActor($request)->assertRegistered();
|
||||
}
|
||||
}
|
||||
|
||||
@ -12,6 +12,7 @@ namespace Flarum\Forum\Content;
|
||||
use Flarum\Api\Client;
|
||||
use Flarum\Frontend\Document;
|
||||
use Flarum\Http\Exception\RouteNotFoundException;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\UrlGenerator;
|
||||
use Flarum\User\User;
|
||||
use Illuminate\Contracts\View\Factory;
|
||||
@ -61,7 +62,7 @@ class Discussion
|
||||
]
|
||||
];
|
||||
|
||||
$apiDocument = $this->getApiDocument($request->getAttribute('actor'), $params);
|
||||
$apiDocument = $this->getApiDocument(RequestUtil::getActor($request), $params);
|
||||
|
||||
$getResource = function ($link) use ($apiDocument) {
|
||||
return Arr::first($apiDocument->included, function ($value) use ($link) {
|
||||
|
||||
@ -12,6 +12,7 @@ namespace Flarum\Forum\Content;
|
||||
use Flarum\Api\Client;
|
||||
use Flarum\Api\Controller\ListDiscussionsController;
|
||||
use Flarum\Frontend\Document;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\UrlGenerator;
|
||||
use Flarum\Settings\SettingsRepositoryInterface;
|
||||
use Flarum\User\User;
|
||||
@ -83,7 +84,7 @@ class Index
|
||||
$params['filter']['q'] = $q;
|
||||
}
|
||||
|
||||
$apiDocument = $this->getApiDocument($request->getAttribute('actor'), $params);
|
||||
$apiDocument = $this->getApiDocument(RequestUtil::getActor($request), $params);
|
||||
$defaultRoute = $this->settings->get('default_route');
|
||||
|
||||
$document->title = $this->translator->trans('core.forum.index.meta_title_text');
|
||||
|
||||
@ -12,6 +12,7 @@ namespace Flarum\Forum\Content;
|
||||
use Flarum\Api\Client;
|
||||
use Flarum\Api\Controller\ShowUserController;
|
||||
use Flarum\Frontend\Document;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\UrlGenerator;
|
||||
use Flarum\User\User as FlarumUser;
|
||||
use Illuminate\Database\Eloquent\ModelNotFoundException;
|
||||
@ -43,7 +44,7 @@ class User
|
||||
public function __invoke(Document $document, Request $request)
|
||||
{
|
||||
$queryParams = $request->getQueryParams();
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$userId = Arr::get($queryParams, 'username');
|
||||
|
||||
$params = [
|
||||
|
||||
@ -14,6 +14,7 @@ use Flarum\Api\Controller\CreateTokenController;
|
||||
use Flarum\Http\AccessToken;
|
||||
use Flarum\Http\RememberAccessToken;
|
||||
use Flarum\Http\Rememberer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\SessionAuthenticator;
|
||||
use Flarum\User\Event\LoggedIn;
|
||||
use Flarum\User\UserRepository;
|
||||
@ -70,7 +71,7 @@ class LogInController implements RequestHandlerInterface
|
||||
*/
|
||||
public function handle(Request $request): ResponseInterface
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$body = $request->getParsedBody();
|
||||
$params = Arr::only($body, ['identification', 'password', 'remember']);
|
||||
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Forum\Controller;
|
||||
|
||||
use Flarum\Http\Exception\TokenMismatchException;
|
||||
use Flarum\Http\Rememberer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\SessionAuthenticator;
|
||||
use Flarum\Http\UrlGenerator;
|
||||
use Flarum\User\Event\LoggedOut;
|
||||
@ -79,7 +80,7 @@ class LogOutController implements RequestHandlerInterface
|
||||
public function handle(Request $request): ResponseInterface
|
||||
{
|
||||
$session = $request->getAttribute('session');
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
$url = Arr::get($request->getQueryParams(), 'return', $this->url->to('forum')->base());
|
||||
|
||||
|
||||
@ -13,6 +13,7 @@ use Flarum\Api\Client;
|
||||
use Flarum\Api\Controller\CreateUserController;
|
||||
use Flarum\Http\RememberAccessToken;
|
||||
use Flarum\Http\Rememberer;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Http\SessionAuthenticator;
|
||||
use Psr\Http\Message\ResponseInterface;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
@ -53,7 +54,7 @@ class RegisterController implements RequestHandlerInterface
|
||||
public function handle(Request $request): ResponseInterface
|
||||
{
|
||||
$controller = CreateUserController::class;
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
$body = ['data' => ['attributes' => $request->getParsedBody()]];
|
||||
|
||||
$response = $this->api->send($controller, $actor, [], $body);
|
||||
|
||||
@ -12,6 +12,7 @@ namespace Flarum\Frontend\Content;
|
||||
use Flarum\Api\Client;
|
||||
use Flarum\Api\Controller\ShowUserController;
|
||||
use Flarum\Frontend\Document;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Locale\LocaleManager;
|
||||
use Flarum\User\User;
|
||||
use Psr\Http\Message\ResponseInterface;
|
||||
@ -51,7 +52,7 @@ class CorePayload
|
||||
{
|
||||
$data = $this->getDataFromApiDocument($document->getForumApiDocument());
|
||||
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
if ($actor->exists) {
|
||||
$user = $this->getUserApiDocument($actor);
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Frontend;
|
||||
|
||||
use Flarum\Api\Client;
|
||||
use Flarum\Api\Controller\ShowForumController;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Illuminate\Contracts\View\Factory;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
@ -66,7 +67,7 @@ class Frontend
|
||||
|
||||
private function getForumDocument(Request $request): array
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
return $this->getResponseBody(
|
||||
$this->api->send(ShowForumController::class, $actor)
|
||||
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Http\Middleware;
|
||||
|
||||
use Flarum\Api\ApiKey;
|
||||
use Flarum\Http\AccessToken;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\User;
|
||||
use Illuminate\Support\Str;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
@ -46,7 +47,7 @@ class AuthenticateWithHeader implements Middleware
|
||||
}
|
||||
|
||||
if (isset($actor)) {
|
||||
$request = $request->withAttribute('actor', $actor);
|
||||
$request = RequestUtil::withActor($request, $actor);
|
||||
$request = $request->withAttribute('bypassCsrfToken', true);
|
||||
$request = $request->withoutAttribute('session');
|
||||
}
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Flarum\Http\AccessToken;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\User\Guest;
|
||||
use Illuminate\Contracts\Session\Session;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
@ -27,7 +28,7 @@ class AuthenticateWithSession implements Middleware
|
||||
|
||||
$actor->setSession($session);
|
||||
|
||||
$request = $request->withAttribute('actor', $actor);
|
||||
$request = RequestUtil::withActor($request, $actor);
|
||||
|
||||
return $handler->handle($request);
|
||||
}
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
|
||||
namespace Flarum\Http\Middleware;
|
||||
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Locale\LocaleManager;
|
||||
use Illuminate\Support\Arr;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
@ -33,7 +34,7 @@ class SetLocale implements Middleware
|
||||
|
||||
public function process(Request $request, Handler $handler): Response
|
||||
{
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
if ($actor->exists) {
|
||||
$locale = $actor->getPreference('locale');
|
||||
|
||||
26
src/Http/RequestUtil.php
Normal file
26
src/Http/RequestUtil.php
Normal file
@ -0,0 +1,26 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of Flarum.
|
||||
*
|
||||
* For detailed copyright and license information, please view the
|
||||
* LICENSE file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Flarum\Http;
|
||||
|
||||
use Flarum\User\User;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
|
||||
class RequestUtil
|
||||
{
|
||||
public static function getActor(Request $request): User
|
||||
{
|
||||
return $request->getAttribute('actor');
|
||||
}
|
||||
|
||||
public static function withActor(Request $request, User $actor): Request
|
||||
{
|
||||
return $request->withAttribute('actor', $actor);
|
||||
}
|
||||
}
|
||||
@ -11,6 +11,7 @@ namespace Flarum\Post;
|
||||
|
||||
use DateTime;
|
||||
use Flarum\Foundation\AbstractServiceProvider;
|
||||
use Flarum\Http\RequestUtil;
|
||||
use Flarum\Post\Access\ScopePostVisibility;
|
||||
|
||||
class PostServiceProvider extends AbstractServiceProvider
|
||||
@ -26,7 +27,7 @@ class PostServiceProvider extends AbstractServiceProvider
|
||||
return;
|
||||
}
|
||||
|
||||
$actor = $request->getAttribute('actor');
|
||||
$actor = RequestUtil::getActor($request);
|
||||
|
||||
if ($actor->can('postWithoutThrottle')) {
|
||||
return false;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user