xref: /webtrees/app/Http/Middleware/AuthModerator.php (revision 5229eade2a8cdd1381e19f96f67fc1c8b92ca95d)
103f10823SGreg Roach<?php
203f10823SGreg Roach
303f10823SGreg Roach/**
403f10823SGreg Roach * webtrees: online genealogy
503f10823SGreg Roach * Copyright (C) 2019 webtrees development team
603f10823SGreg Roach * This program is free software: you can redistribute it and/or modify
703f10823SGreg Roach * it under the terms of the GNU General Public License as published by
803f10823SGreg Roach * the Free Software Foundation, either version 3 of the License, or
903f10823SGreg Roach * (at your option) any later version.
1003f10823SGreg Roach * This program is distributed in the hope that it will be useful,
1103f10823SGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of
1203f10823SGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1303f10823SGreg Roach * GNU General Public License for more details.
1403f10823SGreg Roach * You should have received a copy of the GNU General Public License
1503f10823SGreg Roach * along with this program. If not, see <http://www.gnu.org/licenses/>.
1603f10823SGreg Roach */
1703f10823SGreg Roachdeclare(strict_types=1);
1803f10823SGreg Roach
1903f10823SGreg Roachnamespace Fisharebest\Webtrees\Http\Middleware;
2003f10823SGreg Roach
2103f10823SGreg Roachuse Fisharebest\Webtrees\Auth;
220c0910bfSGreg Roachuse Fisharebest\Webtrees\Http\RequestHandlers\HomePage;
2356f9a9c1SGreg Roachuse Fisharebest\Webtrees\Http\RequestHandlers\LoginPage;
2403f10823SGreg Roachuse Fisharebest\Webtrees\Tree;
2503f10823SGreg Roachuse Fisharebest\Webtrees\User;
26*5229eadeSGreg Roachuse InvalidArgumentException;
2703f10823SGreg Roachuse Psr\Http\Message\ResponseInterface;
2803f10823SGreg Roachuse Psr\Http\Message\ServerRequestInterface;
2903f10823SGreg Roachuse Psr\Http\Server\MiddlewareInterface;
3003f10823SGreg Roachuse Psr\Http\Server\RequestHandlerInterface;
3103f10823SGreg Roachuse Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
3271378461SGreg Roach
33*5229eadeSGreg Roachuse function assert;
3403f10823SGreg Roachuse function redirect;
350c0910bfSGreg Roachuse function route;
3603f10823SGreg Roach
3703f10823SGreg Roach/**
3803f10823SGreg Roach * Middleware to restrict access to moderators.
3903f10823SGreg Roach */
4003f10823SGreg Roachclass AuthModerator implements MiddlewareInterface
4103f10823SGreg Roach{
4203f10823SGreg Roach    /**
4303f10823SGreg Roach     * @param ServerRequestInterface  $request
4403f10823SGreg Roach     * @param RequestHandlerInterface $handler
4503f10823SGreg Roach     *
4603f10823SGreg Roach     * @return ResponseInterface
4703f10823SGreg Roach     */
4803f10823SGreg Roach    public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
4903f10823SGreg Roach    {
5003f10823SGreg Roach        $tree = $request->getAttribute('tree');
51*5229eadeSGreg Roach        assert($tree instanceof Tree, new InvalidArgumentException());
52*5229eadeSGreg Roach
5303f10823SGreg Roach        $user = $request->getAttribute('user');
5403f10823SGreg Roach
5503f10823SGreg Roach        // Logged in with the correct role?
5603f10823SGreg Roach        if ($tree instanceof Tree && Auth::isModerator($tree, $user)) {
5703f10823SGreg Roach            return $handler->handle($request);
5803f10823SGreg Roach        }
5903f10823SGreg Roach
6003f10823SGreg Roach        // Logged in, but without the correct role?
6103f10823SGreg Roach        if ($user instanceof User) {
620c0910bfSGreg Roach            return redirect(route(HomePage::class));
6303f10823SGreg Roach        }
6403f10823SGreg Roach
6503f10823SGreg Roach        // Not logged in.
66f567c3d8SGreg Roach        return redirect(route(LoginPage::class, ['url' => $request->getUri()]));
6703f10823SGreg Roach    }
6803f10823SGreg Roach}
69