DefaultController.php in Warden 8
File
src/Controller/DefaultController.php
View source
<?php
namespace Drupal\warden\Controller;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Config\Config;
use Drupal\Core\Config\ConfigFactory;
use Drupal\Core\Controller\ControllerBase;
use Drupal\warden\Service\WardenManager;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\DependencyInjection\ContainerInterface;
class DefaultController extends ControllerBase {
protected $wardenManager;
protected $wardenConfig;
public static function create(ContainerInterface $container) {
$warden_manager = $container
->get('warden.manager');
$config_factory = $container
->get('config.factory');
$warden_settings = $config_factory
->get('warden.settings');
return new static($warden_manager, $warden_settings);
}
public function __construct(WardenManager $wardenManager, Config $wardenConfig) {
$this->wardenManager = $wardenManager;
$this->wardenConfig = $wardenConfig;
}
public function getWardenConfig() {
return $this->wardenConfig;
}
public function getWardenManager() {
return $this->wardenManager;
}
public function wardenRegistration() {
$build = [];
$warden_path = $this
->getWardenConfig()
->get('warden_server_host_path');
if (empty($warden_path)) {
drupal_set_message(t('You are missing some Warden configuration. Please read the README file for more details.'), 'error');
return [];
}
$build['local_token'] = [
'#markup' => '<p>' . t('Site security token: %token', [
'%token' => $this
->getWardenManager()
->getLocalToken(),
]) . '</p>',
];
$build['message'] = [
'#markup' => '<p>' . t('To add this site to your Warden dashboard click the button below. Read the README file which comes with the module for configuration information.') . '</p>',
];
$build['button'] = [
'#markup' => t('<a class="button" href="@url">Add this site to your Warden Dashboard</a>', array(
'@url' => $this
->generateWardenRegistrationRedirect(),
)),
];
return $build;
}
protected function generateWardenRegistrationRedirect() {
global $base_url;
$site_url = $base_url;
$site_url .= "|" . $this
->getWardenManager()
->getLocalToken();
$site_url_encrypted = $this
->getWardenManager()
->encrypt($site_url);
$site_host_path = $this
->getWardenConfig()
->get('warden_server_host_path');
return $site_host_path . '/sites/add?data=' . $site_url_encrypted;
}
public function wardenAccess() {
$allow_requests = $this
->getWardenConfig()
->get('warden_allow_requests');
if (empty($allow_requests)) {
\Drupal::logger('warden')
->warning('Update request denied: warden_allow_requests is set to FALSE', []);
return AccessResult::forbidden();
}
if (empty($_POST) || empty($_POST['token'])) {
\Drupal::logger('warden')
->warning('Update request denied: request body is empty or missing the security token', []);
return AccessResult::forbidden();
}
if (!$this
->getWardenManager()
->isValidWardenToken($_POST['token'], REQUEST_TIME)) {
\Drupal::logger('warden')
->warning('Update request denied: Failed to validate security token in request at timestamp @time', [
'@time' => REQUEST_TIME,
]);
return AccessResult::forbidden();
}
$allowed_ips = $this
->getWardenConfig()
->get('warden_public_allow_ips');
if (!empty($allowed_ips)) {
$ip_address = \Drupal::request()
->getClientIp();
$allowed_ips = explode(',', $this
->getWardenConfig()
->get('warden_public_allow_ips'));
foreach ($allowed_ips as &$address) {
if ($ip_address === $address) {
return AccessResult::allowed();
}
}
\Drupal::logger('warden')
->warning('Update request denied: The requesting IP is not in the warden_public_allow_ips whitelist - @ip', [
'@ip' => $ip_address,
]);
return AccessResult::forbidden();
}
return AccessResult::allowed();
}
public function wardenStatus() {
\Drupal::service('page_cache_kill_switch')
->trigger();
$response = new JsonResponse();
try {
$this
->getWardenManager()
->updateWarden();
$response
->setData([
'data' => 'OK',
]);
} catch (\Exception $e) {
watchdog_exception('warden', $e);
$response
->setStatusCode(500);
$response
->setData([
'error' => 'Internal fault',
]);
}
return $response;
}
}