diff options
| author | Frederic Guillot <fred@kanboard.net> | 2015-12-30 14:54:54 +0100 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2015-12-30 14:54:54 +0100 |
| commit | 5b45a082d9111d03774d6a393a38ea73970c9178 (patch) | |
| tree | b4c77e47337824d0cb14ac1e82ae01bd3ebcea34 | |
| parent | 019d83f3fc57010af403274241c4921ffb184974 (diff) | |
Remove arguments of beforeAction() method
| -rw-r--r-- | app/Controller/Base.php | 28 | ||||
| -rw-r--r-- | app/Core/Http/Router.php | 2 |
2 files changed, 16 insertions, 14 deletions
diff --git a/app/Controller/Base.php b/app/Controller/Base.php index 6d0ecae9..b090356e 100644 --- a/app/Controller/Base.php +++ b/app/Controller/Base.php @@ -17,18 +17,18 @@ abstract class Base extends \Kanboard\Core\Base * * @access public */ - public function beforeAction($controller, $action) + public function beforeAction() { $this->sessionManager->open(); $this->dispatcher->dispatch('app.bootstrap'); - $this->sendHeaders($action); + $this->sendHeaders(); $this->authenticationManager->checkCurrentSession(); - if (! $this->applicationAuthorization->isAllowed($controller, $action, Role::APP_PUBLIC)) { + if (! $this->applicationAuthorization->isAllowed($this->router->getController(), $this->router->getAction(), Role::APP_PUBLIC)) { $this->handleAuthentication(); - $this->handlePostAuthentication($controller, $action); - $this->checkApplicationAuthorization($controller, $action); - $this->checkProjectAuthorization($controller, $action); + $this->handlePostAuthentication(); + $this->checkApplicationAuthorization(); + $this->checkProjectAuthorization(); } } @@ -37,7 +37,7 @@ abstract class Base extends \Kanboard\Core\Base * * @access private */ - private function sendHeaders($action) + private function sendHeaders() { // HTTP secure headers $this->response->csp($this->container['cspRules']); @@ -45,7 +45,7 @@ abstract class Base extends \Kanboard\Core\Base $this->response->xss(); // Allow the public board iframe inclusion - if (ENABLE_XFRAME && $action !== 'readonly') { + if (ENABLE_XFRAME && $this->router->getAction() !== 'readonly') { $this->response->xframe(); } @@ -76,8 +76,10 @@ abstract class Base extends \Kanboard\Core\Base * * @access private */ - private function handlePostAuthentication($controller, $action) + private function handlePostAuthentication() { + $controller = strtolower($this->router->getController()); + $action = strtolower($this->router->getAction()); $ignore = ($controller === 'twofactor' && in_array($action, array('code', 'check'))) || ($controller === 'auth' && $action === 'logout'); if ($ignore === false && $this->userSession->hasPostAuthentication() && ! $this->userSession->isPostAuthenticationValidated()) { @@ -94,9 +96,9 @@ abstract class Base extends \Kanboard\Core\Base * * @access private */ - private function checkApplicationAuthorization($controller, $action) + private function checkApplicationAuthorization() { - if (! $this->helper->user->hasAccess($controller, $action)) { + if (! $this->helper->user->hasAccess($this->router->getController(), $this->router->getAction())) { $this->forbidden(); } } @@ -106,7 +108,7 @@ abstract class Base extends \Kanboard\Core\Base * * @access private */ - private function checkProjectAuthorization($controller, $action) + private function checkProjectAuthorization() { $project_id = $this->request->getIntegerParam('project_id'); $task_id = $this->request->getIntegerParam('task_id'); @@ -116,7 +118,7 @@ abstract class Base extends \Kanboard\Core\Base $project_id = $this->taskFinder->getProjectId($task_id); } - if ($project_id > 0 && ! $this->helper->user->hasProjectAccess($controller, $action, $project_id)) { + if ($project_id > 0 && ! $this->helper->user->hasProjectAccess($this->router->getController(), $this->router->getAction(), $project_id)) { $this->forbidden(); } } diff --git a/app/Core/Http/Router.php b/app/Core/Http/Router.php index 8b58a947..0fe80ecc 100644 --- a/app/Core/Http/Router.php +++ b/app/Core/Http/Router.php @@ -147,7 +147,7 @@ class Router extends Base } $instance = new $class($this->container); - $instance->beforeAction($this->controller, $this->action); + $instance->beforeAction(); $instance->{$this->action}(); return $instance; } |