101202f80SGreg Roach<?php 201202f80SGreg Roach 301202f80SGreg Roach/** 401202f80SGreg Roach * webtrees: online genealogy 501202f80SGreg Roach * Copyright (C) 2019 webtrees development team 601202f80SGreg Roach * This program is free software: you can redistribute it and/or modify 701202f80SGreg Roach * it under the terms of the GNU General Public License as published by 801202f80SGreg Roach * the Free Software Foundation, either version 3 of the License, or 901202f80SGreg Roach * (at your option) any later version. 1001202f80SGreg Roach * This program is distributed in the hope that it will be useful, 1101202f80SGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of 1201202f80SGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 1301202f80SGreg Roach * GNU General Public License for more details. 1401202f80SGreg Roach * You should have received a copy of the GNU General Public License 1501202f80SGreg Roach * along with this program. If not, see <http://www.gnu.org/licenses/>. 1601202f80SGreg Roach */ 17fcfa147eSGreg Roach 1801202f80SGreg Roachdeclare(strict_types=1); 1901202f80SGreg Roach 2001202f80SGreg Roachnamespace Fisharebest\Webtrees\Http\Middleware; 2101202f80SGreg Roach 2201202f80SGreg Roachuse Fisharebest\Webtrees\Auth; 23*d501c45dSGreg Roachuse Fisharebest\Webtrees\Exceptions\HttpAccessDeniedException; 24*d501c45dSGreg Roachuse Fisharebest\Webtrees\Exceptions\HttpNotFoundException; 2501202f80SGreg Roachuse Fisharebest\Webtrees\Http\RequestHandlers\LoginPage; 265fb051e9SGreg Roachuse Fisharebest\Webtrees\I18N; 2701202f80SGreg Roachuse Fisharebest\Webtrees\Tree; 2801202f80SGreg Roachuse Fisharebest\Webtrees\User; 2901202f80SGreg Roachuse Psr\Http\Message\ResponseInterface; 3001202f80SGreg Roachuse Psr\Http\Message\ServerRequestInterface; 3101202f80SGreg Roachuse Psr\Http\Server\MiddlewareInterface; 3201202f80SGreg Roachuse Psr\Http\Server\RequestHandlerInterface; 3371378461SGreg Roach 3401202f80SGreg Roachuse function redirect; 350c0910bfSGreg Roachuse function route; 3601202f80SGreg Roach 3701202f80SGreg Roach/** 3801202f80SGreg Roach * Middleware to restrict access to editors. 3901202f80SGreg Roach */ 4001202f80SGreg Roachclass AuthMember implements MiddlewareInterface 4101202f80SGreg Roach{ 4201202f80SGreg Roach /** 4301202f80SGreg Roach * @param ServerRequestInterface $request 4401202f80SGreg Roach * @param RequestHandlerInterface $handler 4501202f80SGreg Roach * 4601202f80SGreg Roach * @return ResponseInterface 4701202f80SGreg Roach */ 4801202f80SGreg Roach public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface 4901202f80SGreg Roach { 5001202f80SGreg Roach $tree = $request->getAttribute('tree'); 514c5ad28eSGreg Roach 524c5ad28eSGreg Roach // We've matched a tree parameter in the route, but it is private or deleted. 534c5ad28eSGreg Roach if (!$tree instanceof Tree) { 54*d501c45dSGreg Roach throw new HttpNotFoundException(); 554c5ad28eSGreg Roach } 565229eadeSGreg Roach 5701202f80SGreg Roach $user = $request->getAttribute('user'); 5801202f80SGreg Roach 5901202f80SGreg Roach // Logged in with the correct role? 6086661454SGreg Roach if (Auth::isMember($tree, $user)) { 6101202f80SGreg Roach return $handler->handle($request); 6201202f80SGreg Roach } 6301202f80SGreg Roach 6401202f80SGreg Roach // Logged in, but without the correct role? 6501202f80SGreg Roach if ($user instanceof User) { 66*d501c45dSGreg Roach throw new HttpAccessDeniedException(); 6701202f80SGreg Roach } 6801202f80SGreg Roach 6901202f80SGreg Roach // Not logged in. 7086661454SGreg Roach return redirect(route(LoginPage::class, ['tree' => $tree->name(), 'url' => $request->getUri()])); 7101202f80SGreg Roach } 7201202f80SGreg Roach} 73