src/Cms/FrontendBundle/Service/FrontendBuilder.php line 923

Open in your IDE?
  1. <?php
  3. namespace Cms\FrontendBundle\Service;
  5. use App\Service\MediaDecorator;
  6. use App\Subscriber\HstsSubscriber;
  7. use Cms\AssetsBundle\Model\Structure\MetaStructure;
  8. use Cms\AssetsBundle\Model\Structure\TitleStructure;
  9. use Cms\ContainerBundle\Doctrine\ContainerRepository;
  10. use Cms\ContainerBundle\Doctrine\Containers\IntranetContainerRepository;
  11. use Cms\ContainerBundle\Entity\Container;
  12. use Cms\ContainerBundle\Entity\Containers\GenericContainer;
  13. use Cms\ContainerBundle\Entity\Containers\IntranetContainer;
  14. use Cms\ContainerBundle\Entity\Containers\PersonalContainer;
  15. use Cms\ContainerBundle\Service\ContainerService;
  16. use Cms\ContentBundle\Service\FrontendRenderer;
  17. use Cms\CoreBundle\Model\Interfaces\Identifiable\IdentifiableInterface;
  18. use Cms\CoreBundle\Service\Aws\S3Wrapper;
  19. use Cms\CoreBundle\Service\ContextManager;
  20. use Cms\CoreBundle\Service\SceneRenderer;
  21. use Cms\CoreBundle\Service\Slugger;
  22. use Cms\CoreBundle\Service\Transcoding\Transcoder;
  23. use Cms\CoreBundle\Util\Doctrine\EntityManager;
  24. use Cms\DomainBundle\Doctrine\DomainRepository;
  25. use Cms\DomainBundle\Entity\Domain;
  26. use Cms\DomainBundle\Entity\SslCertificate;
  27. use Cms\FileBundle\Entity\Nodes\File;
  28. use Cms\FileBundle\Entity\Nodes\Files\ImageFile;
  29. use Cms\FileBundle\Entity\Nodes\Folder;
  30. use Cms\FileBundle\Entity\Optimizations\ImageOptimization;
  31. use Cms\FileBundle\Service\MimeHelper;
  32. use Cms\FrontendBundle\Exception\FrontendBuilderException;
  33. use Cms\FrontendBundle\Model\FrontendGlobals;
  34. use Cms\ModuleBundle\Doctrine\ModuleSettingsRepository;
  35. use Cms\ModuleBundle\Entity\Draft;
  36. use Cms\ModuleBundle\Entity\History;
  37. use Cms\ModuleBundle\Entity\ModuleEntity;
  38. use Cms\ModuleBundle\Entity\ModuleSettings;
  39. use Cms\ModuleBundle\Entity\Proxy;
  40. use Cms\ModuleBundle\Entity\Revision;
  41. use Cms\ModuleBundle\Model\ModuleConfig;
  42. use Cms\ModuleBundle\Model\Traits\FrontendActions\SocialMetaTrait;
  43. use Cms\ModuleBundle\Service\PublicationService;
  44. use Cms\ModuleBundle\Service\ModuleManager;
  45. use Cms\ModuleBundle\Util\ModuleProxyPlaceholderDoctrineFilter;
  46. use Cms\Modules\PageBundle\Service\PageModuleConfig;
  47. use Cms\RedirectBundle\Doctrine\RedirectRepository;
  48. use Cms\RedirectBundle\Entity\Redirect;
  49. use Cms\TenantBundle\Entity\Tenant;
  50. use Cms\TenantBundle\Model\ProductsBitwise;
  51. use Cms\ThemeBundle\Entity\InnerLayout;
  52. use Cms\ThemeBundle\Entity\OuterLayout;
  53. use Cms\ThemeBundle\Entity\Template;
  54. use Cms\ThemeBundle\Model\Package;
  55. use Cms\ThemeBundle\Service\PackageManager;
  56. use Cms\ThemeBundle\Service\ThemeManager;
  57. use Cms\ThemeBundle\Service\Twig\Loader\DatabaseLoader;
  58. use Cms\WidgetBundle\Model\WidgetObject;
  59. use Cms\Widgets\Html\Html;
  60. use Common\Util\Requests;
  61. use Platform\SecurityBundle\Doctrine\Identity\AccountRepository;
  62. use Products\NotificationsBundle\Entity\Notifications\Message;
  63. use Products\SocialBundle\Entity\SocialAccount;
  64. use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
  65. use Symfony\Component\HttpFoundation\Cookie;
  66. use Platform\SecurityBundle\Entity\Identity\Account;
  67. use Symfony\Component\HttpFoundation\RedirectResponse;
  68. use Symfony\Component\HttpFoundation\Request;
  69. use Symfony\Component\HttpFoundation\Response;
  70. use Symfony\Component\HttpFoundation\StreamedResponse;
  71. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  72. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  73. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  74. use Twig\Environment;
  76. /**
  77.  * Class FrontendBuilder
  78.  * @package Cms\FrontendBundle\Service
  79.  */
  80. final class FrontendBuilder
  81. {
  82.     const ACCOUNT_UID_KEY 'campussuiteAccountUid';
  84.     const QUERIES_SKIP = array(
  85.         // Google Analytics query string tracking variables
  86.         'utm_source',
  87.         'utm_medium',
  88.         'utm_term',
  89.         'utm_content',
  90.         'utm_campaign',
  91.     );
  93.     /**
  94.      * @var EntityManager
  95.      */
  96.     private EntityManager $em;
  98.     /**
  99.      * @param ParameterBagInterface $params
  100.      * @param ContainerService $containerService
  101.      * @param DatabaseLoader $databaseLoader
  102.      * @param EntityManager $em
  103.      * @param Environment $twig
  104.      * @param FrontendRenderer $frontendRenderer
  105.      * @param ModuleManager $moduleManager
  106.      * @param PackageManager $packageManager
  107.      * @param S3Wrapper $s3Wrapper
  108.      * @param SceneRenderer $sceneRenderer
  109.      * @param ThemeManager $themeManager
  110.      * @param Transcoder $transcoder
  111.      * @param ContextManager $contextManager
  112.      * @param PublicationService $publicationService
  113.      * @param MimeHelper $mimeHelper
  114.      * @param MediaDecorator $mediaDecorator
  115.      */
  116.     public function __construct(
  117.         ParameterBagInterface $params,
  118.         ContainerService $containerService,
  119.         DatabaseLoader $databaseLoader,
  120.         EntityManager $em,
  121.         Environment $twig,
  122.         FrontendRenderer $frontendRenderer,
  123.         ModuleManager $moduleManager,
  124.         PackageManager $packageManager,
  125.         S3Wrapper $s3Wrapper,
  126.         SceneRenderer $sceneRenderer,
  127.         ThemeManager $themeManager,
  128.         Transcoder $transcoder,
  129.         ContextManager $contextManager,
  130.         PublicationService $publicationService,
  131.         MimeHelper $mimeHelper,
  132.         MediaDecorator $mediaDecorator
  133.     ) {
  134.         $this->params $params;
  135.         $this->containerService $containerService;
  136.         $this->databaseLoader $databaseLoader;
  137.         $this->em $em;
  138.         $this->moduleManager $moduleManager;
  139.         $this->packageManager $packageManager;
  140.         $this->frontendRenderer $frontendRenderer;
  141.         $this->s3 $s3Wrapper;
  142.         $this->sceneRenderer $sceneRenderer;
  143.         $this->themeManager$themeManager;
  144.         $this->transcoder $transcoder;
  145.         $this->twig $twig;
  146.         $this->contextManager $contextManager;
  147.         $this->publicationService $publicationService;
  148.         $this->mimeHelper $mimeHelper;
  149.         $this->mediaDecorator $mediaDecorator;
  150.     }
  152.     /**
  153.      * @return DomainRepository
  154.      */
  155.     private function domainRepository()
  156.     {
  157.         return $this->em->getRepository(Domain::class);
  158.     }
  160.     /**
  161.      * @return RedirectRepository
  162.      */
  163.     private function redirectRepository()
  164.     {
  165.         return $this->em->getRepository(Redirect::class);
  166.     }
  169.     /**
  170.      * @return AccountRepository
  171.      */
  172.     private function accountRepository()
  173.     {
  174.         return $this->em->getRepository(Account::class);
  175.     }
  177.     /**
  178.      * @return ContainerRepository
  179.      */
  180.     private function containerRepository()
  181.     {
  182.         return $this->em->getRepository(Container::class);
  183.     }
  185.     /**
  186.      * @return IntranetContainerRepository
  187.      */
  188.     private function intranetContainerRepository()
  189.     {
  190.         return $this->em->getRepository(IntranetContainer::class);
  191.     }
  193.     /**
  194.      * @return string
  195.      */
  196.     private function determineEnvironment(): string
  197.     {
  198.         return $this->params->get('kernel.environment');
  199.     }
  201.     /**
  202.      * @return string
  203.      */
  204.     private function determineDashboard(): string
  205.     {
  206.         return $this->params->get('dashboard.hostname');
  207.     }
  209.     /**
  210.      * @return Tenant
  211.      */
  212.     private function determineTenant(): Tenant
  213.     {
  214.         $tenant $this->contextManager->getGlobalContext()->getTenant();
  215.         if ( ! $tenant) {
  216.             throw new \RuntimeException();
  217.         }
  218.         return $tenant;
  219.     }
  221.     /**
  222.      * @param ModuleEntity $entity
  223.      * @return Response
  224.      * @throws \Exception
  225.      */
  226.     public function preview(ModuleEntity $entity)
  227.     {
  228.         // determine the proxy
  229.         $proxy null;
  230.         switch (true) {
  231.             case $entity instanceof Proxy:
  232.                 $proxy $entity;
  233.                 break;
  234.             case $entity instanceof History:
  235.                 $proxy $entity->getProxy();
  236.                 break;
  237.             case $entity instanceof Draft:
  238.                 $proxy $entity->getProxy();
  239.                 break;
  240.             case $entity instanceof Revision:
  241.                 $proxy $entity->getDraft()->getProxy();
  242.                 break;
  243.             default:
  244.                 throw new \Exception();
  245.         }
  247.         // generate the url for the module entity
  248.         $url $this->publicationService->getFrontLink($proxyfalse);
  250.         // generate the preview
  251.         $preview $this->build(
  252.             Request::create($url),
  253.             function (FrontendGlobals $globals) use ($entity) {
  255.                 // set the override content to like a draft, history, or revision
  256.                 $globals->setThingOverride($entity);
  258.                 // ensure no mimic
  259.                 $globals->setMimic(null);
  261.                 // need to set the base
  262.                 $globals->getAssetsOrganizer()->getBaseTag()->set(
  263.                     'href',
  264.                     $globals->pathPrefix()
  265.                 );
  267.                 // due to how the lookup is needed to be made, need to disable our filter for placeholders
  268.                 $this->em->getFilters()
  269.                     ->getFilter(ModuleProxyPlaceholderDoctrineFilter::FILTER)
  270.                     ->setParameter(
  271.                         'mode',
  272.                         ModuleProxyPlaceholderDoctrineFilter::MODES__ANY
  273.                     );
  275.             }
  276.         );
  278.         return $preview;
  279.     }
  281.     /**
  282.      * @param mixed|Request|FrontendGlobals $input
  283.      * @return FrontendGlobals
  284.      * @throws \Exception
  285.      */
  286.     public function globals($input)
  287.     {
  288.         // create the globals if not given
  289.         switch (true) {
  290.             case is_string($input):
  291.                 $globals = new FrontendGlobals(Requests::factory($input));
  292.                 break;
  293.             case $input instanceof FrontendGlobals:
  294.                 $globals $input;
  295.                 break;
  296.             case $input instanceof Request:
  297.                 $globals = new FrontendGlobals($input);
  298.                 break;
  299.             default:
  300.                 throw new \Exception();
  301.         }
  303.         // determine if we should do debugging
  304.         $debugging $this->contextManager->getGlobalContext()->getTenant();
  305.         $globals->debugging( ! empty($debugging) && $debugging->getDebugging() === true);
  307.         // save the environment
  308.         $globals->debugStart('setEnvironment');
  309.         $globals->setEnvironment(
  310.             $this->determineEnvironment()
  311.         );
  312.         $globals->debugStop('setEnvironment');
  314.         // obtain the tenant
  315.         $globals->debugStart('setTenant');
  316.         $globals->setTenant(
  317.             $this->determineTenant()
  318.         );
  319.         $globals->debugStop('setTenant');
  321.         // save the dashboard hostname
  322.         $globals->debugStart('setDashboard');
  323.         $globals->setDashboard(
  324.             $this->determineDashboard()
  325.         );
  326.         $globals->debugStop('setDashboard');
  328.         // obtain just the url
  329.         $globals->debugStart('setPath');
  330.         $globals->setPath(
  331.             $this->determinePath($globals)
  332.         );
  333.         $globals->debugStop('setPath');
  335.         // get the domain entity tied to this site
  336.         $globals->debugStart('setDomain');
  337.         $globals->setDomain(
  338.             $this->determineDomain($globals)
  339.         );
  340.         $globals->debugStop('setDomain');
  342.         // determine if we are running a personal site
  343.         $globals->debugStart('setAccount');
  344.         $globals->setAccount(
  345.             $this->determineAccount($globals)
  346.         );
  347.         $globals->debugStop('setAccount');
  349.         // deterime the website for this (i.e. root container)
  350.         $globals->debugStart('setSite');
  351.         $globals->setSite(
  352.             $this->determineSite($globals)
  353.         );
  354.         $globals->debugStop('setSite');
  356.         // get the path of containers to where we are at
  357.         $globals->debugStart('setContainers');
  358.         $globals->setContainers(
  359.             $this->determineContainers($globals)
  360.         );
  361.         $globals->debugStop('setContainers');
  363.         // set the specific container
  364.         $globals->debugStart('setContainer');
  365.         $globals->setContainer(
  366.             $this->determineContainer($globals)
  367.         );
  368.         $globals->debugStop('setContainer');
  370.         // get mimicking account if any
  371.         $globals->debugStart('setMimic');
  372.         $globals->setMimic(
  373.             $this->determineMimic($globals)
  374.         );
  375.         $globals->debugStop('setMimic');
  377.         // get the theme for the container we are at
  378.         $globals->debugStart('setTheme');
  379.         $globals->setTheme(
  380.             $this->determineTheme($globals)
  381.         );
  382.         $globals->debugStop('setTheme');
  384.         // get the package for the theme
  385.         $globals->debugStart('setPackage');
  386.         $globals->setPackage(
  387.             $this->determinePackage($globals)
  388.         );
  389.         $globals->debugStop('setPackage');
  391.         // go ahead and get an outer layout
  392.         $globals->debugStart('setOuterLayout');
  393.         $globals->setOuterLayout(
  394.             $this->determineOuterLayout($globals)
  395.         );
  396.         $globals->debugStop('setOuterLayout');
  398.         // go ahead and get an inner layout, this may be changed later by module specific code
  399.         $globals->debugStart('setInnerLayout');
  400.         $globals->setInnerLayout(
  401.             $this->determineInnerLayout($globals)
  402.         );
  403.         $globals->debugStop('setInnerLayout');
  405.         // build out the generated navigation
  406.         $globals->debugStart('setNavigations');
  407.         $globals->setNavigations(
  408.             $this->determineNavigations($globals)
  409.         );
  410.         $globals->debugStop('setNavigations');
  412.         // get the module type
  413.         $globals->debugStart('setModule');
  414.         $globals->setModule(
  415.             $this->determineModule($globals)
  416.         );
  417.         $globals->debugStop('setModule');
  419.         // figure out what piece of the path is left; should either be nothing or and id/slug combo
  420.         $globals->debugStart('setExtra');
  421.         $globals->setExtra(
  422.             $this->determineExtra($globals)
  423.         );
  424.         $globals->debugStop('setExtra');
  426.         // set the module settings
  427.         $globals->debugStart('setModuleSettings');
  428.         $globals->setModuleSettings(
  429.             $this->determineModuleSettings($globals)
  430.         );
  431.         $globals->debugStop('setModuleSettings');
  433.         // HACK: social support
  434.         $globals->debugStart('setSocialSupport');
  435.         $globals->setSocialSupport(
  436.             $this->determineSocialSupport($globals)
  437.         );
  438.         $globals->debugStop('setSocialSupport');
  440.         // done
  441.         return $globals;
  442.     }
  444.     /**
  445.      * @param Request $request
  446.      * @return bool
  447.      */
  448.     private function checkMimic(Request $request)
  449.     {
  450.         return $request->query->has('_mimic');
  451.     }
  453.     /**
  454.      * @param FrontendGlobals $globals
  455.      * @return bool
  456.      */
  457.     private function determineSocialSupport(FrontendGlobals $globals)
  458.     {
  459.         if ($globals->getTenant()->getProducts()->checkFlag(ProductsBitwise::SMM__BASE)) {
  460.             return ( ! empty($this->em->getRepository(SocialAccount::class)->findOneBy(array())));
  461.         }
  462.         return false;
  463.     }
  465.     /**
  466.      * @param FrontendGlobals $globals
  467.      * @return Container
  468.      */
  469.     private function determineContainer(FrontendGlobals $globals)
  470.     {
  471.         if (count($globals->getContainers()) > 0) {
  472.             return $globals->getContainers()[0];
  473.         }
  474.         return $globals->getSite();
  475.     }
  477.     /**
  478.      * @return bool
  479.      */
  480.     private function preventRedirect()
  481.     {
  482.         return ($this->contextManager->getGlobalContext()->getTenant()->getRedirects() !== true);
  483.     }
  485.     /**
  486.      * @param Request $request
  487.      * @return Redirect
  488.      */
  489.     private function checkRedirection(Request $request)
  490.     {
  491.         if ($this->preventRedirect()) {
  492.             return null;
  493.         }
  495.         // check for testing override and set host properly
  496.         $host null;
  497.         if ($request->headers->has('X-CAMPUSSUITE-REDIRECTS-CHECKER-HOSTNAME')) {
  498.             $host $request->headers->get('X-CAMPUSSUITE-REDIRECTS-CHECKER-HOSTNAME');
  499.         }
  500.         if (empty($host)) {
  501.             $host $request->getHost();
  502.         }
  504.         // get the path and break it up
  505.         $path $request->getPathInfo();
  507.         $queries $request->query->all();
  509.         // filter queries
  510.         if (count($queries)) {
  511.             $queries array_filter(
  512.                 $queries,
  513.                 function ($key) {
  514.                     return ( ! in_array($keyself::QUERIES_SKIP));
  515.                 },
  516.                 ARRAY_FILTER_USE_KEY
  517.             );
  518.         }
  520.         // add queries to path
  521.         if (count($queries)) {
  522.             $path sprintf('%s?%s'$pathhttp_build_query($queries));
  523.         }
  525.         // attempt to grab the domain
  526.         $domain $this->domainRepository()->findOneByHost($host);
  528.         // if no domain, no redirects to check
  529.         if (empty($domain)) {
  530.             return null;
  531.         }
  533.         // check static redirect first
  534.         // TODO: need to support query string in source urls; so we can support redirecting things like "/page.asp?id=1234" which is a must
  535.         $redirect $this->redirectRepository()->findActiveStaticRedirect($domain$path);
  536.         if ( ! empty($redirect)) {
  537.             return $redirect;
  538.         }
  540.         // check against wildcard redirects
  541.         $redirect $this->redirectRepository()->findActiveWildcardRedirect($domain$path);
  542.         if ( ! empty($redirect)) {
  543.             return $redirect;
  544.         }
  546.         // check for uppercase symbols in path
  547.         // if there are any, redirect to the same path, but in lower case
  548.         // this should only check the path portion of the url
  549.         // upper case should be allowed in query string
  550.         // also, need to ensure that google analytics is included in the query string still too
  551.         // with that, this code needs to use the original request information
  552.         // we also return own own redirect entity type to make code easier, as this method should return that type or null otherwise
  553.         // TODO: does this affect query params when their handling becomes more complex?
  554.         if (preg_match('/[A-Z]/'$request->getPathInfo())) {
  555.             $fixed strtolower($request->getPathInfo());
  556.             if ($request->query->count() > 0) {
  557.                 $fixed .= '?' http_build_query($request->query->all());
  558.             }
  559.             return (new Redirect())
  560.                 ->setDomain($domain)
  561.                 ->setDestination($fixed)
  562.                 ->setCode(Redirect::CODES__302)
  563.                 ->setStatus(Redirect::STATUSES__ACTIVE);
  564.         }
  566.         // no matches
  567.         return null;
  568.     }
  570.     /**
  571.      * @param Request $request
  572.      * @param Redirect $redirect
  573.      * @return RedirectResponse
  574.      * @throws \Exception
  575.      */
  576.     private function handleRedirection(Request $requestRedirect $redirect)
  577.     {
  578.         if ($this->preventRedirect()) {
  579.             return null;
  580.         }
  582.         $dest $redirect->getDestination();
  583.         $src $redirect->getSource();
  585.         // prevent circular redirects
  586.         if ($dest === $src) {
  587.             return null;
  588.         }
  590.         // detect wildcard redirects
  591.         $wildcardRegexp '/(.*)\\/\\*$/';
  592.         if (preg_match($wildcardRegexp$dest$destMatches) === && preg_match($wildcardRegexp$src$srcMatches) === 1) {
  594.             // dest and source should both end in /* now
  595.             // remove the common part from the url
  596.             if ($srcMatches[1] !== '' && mb_strpos(mb_strtolower($request->getPathInfo()), mb_strtolower($srcMatches[1])) !== 0) {
  597.                 return null;
  598.             }
  600.             // get what we need to attach to the end of the destination
  601.             $srcChunk mb_substr($request->getPathInfo(), mb_strlen($srcMatches[1]));
  603.             // do the replacement
  604.             $dest preg_replace('/\\/\\*$/', ('/' ltrim($srcChunk'/')), $dest);
  606.         }
  608.         // if no destination or it has a wrong wildcard pattern, we can't do anything
  609.         if (empty($dest) || preg_match('/\\/\\*$/'$dest) === 1) {
  610.             return null;
  611.         }
  613.         // fix the destination
  614.         if (preg_match('/^https?:\\/\\//'$dest) !== 1) {
  616.             // ensure front slash
  617.             if (substr($dest01) !== '/') {
  618.                 $dest '/' $dest;
  619.             }
  621.             // attach the original domain to it
  622.             $dest $request->getScheme() . '://' $request->getHost() . $dest;
  624.         }
  626.         // generate the base request for the redirection
  627.         // handle fragments; they get lost when parsing as a request
  628.         $parts explode('#'$dest);
  629.         $dest array_shift($parts);
  630.         $fragment = ( ! empty($parts)) ? implode('#'$parts) : null;
  631.         $base Request::create($dest);
  633.         $queries array_filter(
  634.             $request->query->all(),
  635.             function ($key) {
  636.                 return in_array($keyself::QUERIES_SKIP);
  637.             },
  638.             ARRAY_FILTER_USE_KEY
  639.         );
  640.         $queries array_merge($queries$base->query->all());
  642.         // attach query info from original request to new one
  643.         $base $base->duplicate(nullnullnullnullnullarray_merge(
  644.             $base->server->all(),
  645.             array(
  646.                 // this will set the query string, so need to append the two together first
  647.                 // TODO: do we need setting to toggle adding incoming query string or not?
  648.                 // TODO: need to change the order these get appended; some systems require them in order
  649.                 'QUERY_STRING' => http_build_query($queries),
  650.             )
  651.         ));
  653.         // get final string, and add fragment if relevant
  654.         $base $base->getUri();
  655.         if ( ! empty($fragment)) {
  656.             $base .= '#' $fragment;
  657.         }
  659.         // generate the actual redirect response
  660.         return new RedirectResponse(
  661.             $base,
  662.             $redirect->getRealCode(),
  663.             array(
  664.                 'X-CAMPUSSUITE-FE-REDIRECT' => sprintf(
  665.                     'redirect:%s',
  666.                     $redirect->getId()
  667.                 ),
  668.             )
  669.         );
  670.     }
  672.     /**
  673.      * @param Request $request
  674.      * @param Domain $domain
  675.      *
  676.      * @return RedirectResponse|null
  677.      */
  678.     private function checkDomainBehaviorRedirect(Request $requestDomain $domain)
  679.     {
  680.         if (empty($domain->getId())) {
  681.             if ( ! $site $this->resolveSiteByStagingDomain($domain)) {
  682.                 return null;
  683.             }
  685.             if ( ! $site->getDomain()) {
  686.                 return null;
  687.             }
  689.             if ($request->getHost() === $site->getDomain()->getHost()) {
  690.                 return null;
  691.             }
  693.             return new RedirectResponse(
  694.                 $request->getScheme() . '://' $site->getDomain()->getHost() . $request->getRequestUri(),
  695.                 RedirectResponse::HTTP_FOUND,
  696.                 [
  697.                     'X-CAMPUSSUITE-FE-REDIRECT' => sprintf(
  698.                         'domain:%s',
  699.                         $domain->getId()
  700.                     ),
  701.                 ]
  702.             );
  703.         }
  705.         // if not secure coming in, but needs to be
  706.         if ($domain instanceof Domain && $domain->getCertificate() instanceof SslCertificate && $domain->isHttpsUpgrade() && ! $request->isSecure()) {
  707.             return new RedirectResponse(
  708.                 'https://' $request->getHost() . $request->getRequestUri(),
  709.                 RedirectResponse::HTTP_FOUND,
  710.                 array(
  711.                     'X-CAMPUSSUITE-FE-REDIRECT' => sprintf(
  712.                         'ssl:%s',
  713.                         $domain->getCertificate()->getId()
  714.                     ),
  715.                 )
  716.             );
  717.         }
  719.         // by default, no redirection
  720.         return null;
  721.     }
  722.     /**
  723.      * @param Request $request
  724.      * @param FrontendGlobals $globals
  725.      *
  726.      * @return RedirectResponse|null
  727.      */
  728.     private function checkPersonalSiteSlugRedirect(Request $requestFrontendGlobals $globals)
  729.     {
  730.         // check if we are a personal site
  731.         if ($globals->getSite() instanceof PersonalContainer) {
  733.             // generate the slug that we should be
  734.             $expected '~'.strtolower($globals->getAccount()->getEmail());
  736.             // obtain the slug from the front url pattern
  737.             $actual explode('/'trim(strtolower($globals->getPath()), '/'))[0];
  738.             if ($actual !== $expected) {
  739.                 return new RedirectResponse(
  740.                     rtrim(sprintf(
  741.                         '%s://%s/%s?%s',
  742.                         $request->getScheme(),
  743.                         $request->getHost(),
  744.                         str_replace($actual$expectedtrim(strtolower($request->getPathInfo()), '/')),
  745.                         $request->getQueryString()
  746.                     ), '?'),
  747.                     RedirectResponse::HTTP_FOUND,
  748.                     array(
  749.                         'X-CAMPUSSUITE-FE-REDIRECT' => sprintf(
  750.                             'personal:%s',
  751.                             $globals->getAccount()->getUid()
  752.                         ),
  753.                     )
  754.                 );
  755.             }
  756.         }
  758.         // by default, no redirection
  759.         return null;
  760.     }
  762.     /**
  763.      * @param FrontendGlobals $globals
  764.      * @param array|WidgetObject[] $widgets
  765.      * @return string
  766.      */
  767.     public function renderCustom(FrontendGlobals $globals, array $widgets): string
  768.     {
  769.         return $this->render($globals, [
  770.             'content' => $widgets,
  771.         ]);
  772.     }
  774.     /**
  775.      * @param Request $request
  776.      * @param callable|null $callback
  777.      * @throws FrontendBuilderException
  778.      * @throws \Exception
  779.      * @return Response
  780.      */
  781.     public function build(Request $request, callable $callback null)
  782.     {
  783.         return $this->secureWithHSTS(
  784.             $request,
  785.             $this->buildWithoutHSTS($request$callback)
  786.         );
  787.     }
  789.     /**
  790.      * @param Request $request
  791.      * @param callable|null $callback
  792.      * @throws FrontendBuilderException
  793.      * @throws \Exception
  794.      * @return Response
  795.      */
  796.     private function buildWithoutHSTS(Request $request, callable $callback null): Response
  797.     {
  798.         // see if we need to trigger mimic functionality and do that if so
  799.         if ($this->checkMimic($request)) {
  800.             return $this->handleMimic($request);
  801.         }
  803.         // see if we need to do a redirect
  804.         if ( ! empty($redirect $this->checkRedirection($request))) {
  805.             $response $this->handleRedirection($request$redirect);
  806.             if ( ! empty($response)) {
  807.                 return $response;
  808.             }
  809.         }
  811.         // enable the filter for keeping out placeholder proxies
  812.         $this->em->getFilters()->getFilter(ModuleProxyPlaceholderDoctrineFilter::FILTER)
  813.             ->setParameter('mode'ModuleProxyPlaceholderDoctrineFilter::MODES__NO_PLACEHOLDERS);
  814.         $this->em->getFilters()->enable(ModuleProxyPlaceholderDoctrineFilter::FILTER);
  816.         // obtain globals
  817.         $globals $this->globals($request);
  819.         // run callback if one
  820.         if (is_callable($callback)) {
  821.             call_user_func($callback$globals);
  822.         }
  824.         // ensure that request schema matches the domains behavior setting if it is set
  825.         $globals->debugStart('checkDomainBehaviorRedirect');
  826.         $response $this->checkDomainBehaviorRedirect($request$globals->getDomain());
  827.         if ( ! empty($response)) {
  828.             return $response;
  829.         }
  830.         $globals->debugStop('checkDomainBehaviorRedirect');
  832.         // if doing a teacher site, make sure the incoming url matches the proper email address
  833.         $globals->debugStart('checkPersonalSiteSlugRedirect');
  834.         $response $this->checkPersonalSiteSlugRedirect($request$globals);
  835.         if ( ! empty($response)) {
  836.             return $response;
  837.         }
  838.         $globals->debugStop('checkPersonalSiteSlugRedirect');
  840.         // run the controller for the module to get a response
  841.         $response null;
  842.         $globals->debugStart('runController');
  843.         $response $this->runController($globals);
  844.         $globals->debugStop('runController');
  846.         // TODO: is this needed anymore?
  847.         $response->headers->setCookie(
  848.             new Cookie(
  849.                 'campussuite.tenant.id',
  850.                 $globals->getTenant()->getId(),
  851.                 0,
  852.                 '/',
  853.                 null,
  854.                 false,
  855.                 false
  856.             )
  857.         );
  859.         // done
  860.         return $response;
  861.     }
  863.     /**
  864.      * @param Request $request
  865.      * @param Response $response
  866.      * @return Response
  867.      * @throws \Exception
  868.      */
  869.     private function secureWithHSTS(Request $requestResponse $response): Response
  870.     {
  871.         $globals $this->globals($request);
  872.         $domain $globals->getDomain();
  873.         if ( ! $domain instanceof Domain) {
  874.             return $response;
  875.         }
  877.         $certificate $domain->getCertificate();
  878.         if ( ! $domain->getCertificate() instanceof SslCertificate) {
  879.             return $response;
  880.         }
  882.         $certificateAge = (time() - $certificate->getCreatedAt()->getTimestamp());
  883.         $isCertificateMoreThanDayOld = ((24 60 60) < $certificateAge);
  884.         if ( ! $isCertificateMoreThanDayOld) {
  885.             return $response;
  886.         }
  888.         $maxAge HstsSubscriber::HSTS_MAX_AGE;
  889.         $response->headers->add(['Strict-Transport-Security' => "max-age=$maxAge"]);
  890.         return $response;
  891.     }
  893.     /**
  894.      * @param FrontendGlobals $globals
  895.      * @return string
  896.      */
  897.     private function determinePath(FrontendGlobals $globals)
  898.     {
  899.         return rawurldecode($globals->getRequest()->getPathInfo());
  900.     }
  902.     /**
  903.      * @param FrontendGlobals $globals
  904.      * @return Account
  905.      * @throws \Exception
  906.      */
  907.     private function determineMimic(FrontendGlobals $globals)
  908.     {
  909.         // handling of this depends on the type of container/site we are in
  910.         switch (true) {
  911.             case $globals->getSite() instanceof IntranetContainer:
  913.                 // we are still logged in and on the dashboard, pull from the context
  914.                 return $this->contextManager->getGlobalContext()->getEffectiveAccount();
  916.             default:
  918.                 // obtain the uid of the mimic user from cookies
  919.                 $uid $globals->getRequest()->cookies->get(self::ACCOUNT_UID_KEY);
  921.                 // if not null, find the account
  922.                 if ( ! empty($uid)) {
  923.                     return $this->accountRepository()->findExactByUid($uid);
  924.                 }
  926.         }
  928.         // no mimic
  929.         return null;
  930.     }
  932.     /**
  933.      * @param FrontendGlobals $globals
  934.      * @return Account
  935.      * @throws \Exception
  936.      */
  937.     private function determineAccount(FrontendGlobals $globals)
  938.     {
  939.         // get the slugs
  940.         $pieces $this->explodePath($globals->getPath());
  942.         // see if we match the regex, if not, we are not running a personal site
  943.         if (preg_match('/^[~](.+)$/'$pieces[0], $matches) !== 1
  944.             || ($globals->getDomain()->getHost()
  945.             === $this->contextManager->getGlobalContext()->getDashboard())
  946.         ) {
  947.             return null;
  948.         }
  950.         // what is left should be a username
  951.         // need to perform a lookup
  952.         $account $this->accountRepository()->findByEmailWithPartialFallback($matches[1]);
  954.         // if we get nothing, then that means somebody is requesting a teacher site that does not exist
  955.         if (count($account) !== || ! $account['0'] instanceof Account) {
  956.             throw new BadRequestHttpException();
  957.         }
  959.         // done
  960.         return $account['0'];
  961.     }
  963.     /**
  964.      * @param FrontendGlobals $globals
  965.      * @return Response
  966.      * @throws \Exception
  967.      */
  968.     private function runController(FrontendGlobals $globals)
  969.     {
  970.         // get the module config
  971.         $module $globals->getModule();
  973.         $container $globals->getContainer();
  975.         // try to run the controller
  976.         try {
  978.             // if module is inactive, may need to throw a not found exception
  979.             $active $this->containerService->isModuleActive($container$module->name());
  981.             // do the processing
  982.             $globals->debugStart('runControllerFrontend');
  983.             $result $module->frontend($globals);
  984.             $globals->debugStop('runControllerFrontend');
  986.             // HACK: for special widget cases
  987.             // @see https://campussuiteteam.slack.com/archives/C0ZRTD8MS/p1533838566000422
  988.             // if the container on an item is not the same, check it for module enabling
  989.             $thing $globals->getThing();
  990.             if ( ! $active && $thing instanceof Proxy && $thing->getContainer() !== $container) {
  991.                 $active $this->containerService->isModuleActive($thing->getContainer(), $module->name());
  992.             }
  993.             if ( ! $active) {
  994.                 throw new NotFoundHttpException();
  995.             }
  997.             // common metadata about content
  998.             try {
  999.                 if ($globals->getTenant() instanceof Tenant) {
  1000.                     $globals->getAssetsOrganizer()->getMetas()->add(new MetaStructure(
  1001.                         'campussuite:tenant',
  1002.                         $globals->getTenant()->getId()
  1003.                     ));
  1004.                 }
  1005.                 if ($globals->getSite() instanceof Container) {
  1006.                     $globals->getAssetsOrganizer()->getMetas()->add(new MetaStructure(
  1007.                         'campussuite:site',
  1008.                         $globals->getSite()->getId()
  1009.                     ));
  1010.                 }
  1011.                 if ($globals->getContainer() instanceof Container) {
  1012.                     $globals->getAssetsOrganizer()->getMetas()->add(new MetaStructure(
  1013.                         'campussuite:department',
  1014.                         $globals->getContainer()->getId()
  1015.                     ));
  1016.                 }
  1017.                 if ($globals->getTheme() instanceof Template) {
  1018.                     $globals->getAssetsOrganizer()->getMetas()->add(new MetaStructure(
  1019.                         'campussuite:theme',
  1020.                         $globals->getTheme()->getId()
  1021.                     ));
  1022.                 }
  1023.                 if ($globals->getOuterLayout() instanceof OuterLayout) {
  1024.                     $globals->getAssetsOrganizer()->getMetas()->add(new MetaStructure(
  1025.                         'campussuite:outer_layout',
  1026.                         $globals->getOuterLayout()->getId()
  1027.                     ));
  1028.                 }
  1029.                 if ($globals->getInnerLayout() instanceof InnerLayout) {
  1030.                     $globals->getAssetsOrganizer()->getMetas()->add(new MetaStructure(
  1031.                         'campussuite:inner_layout',
  1032.                         $globals->getInnerLayout()->getId()
  1033.                     ));
  1034.                 }
  1035.                 if ($globals->getModule() instanceof ModuleConfig) {
  1036.                     $globals->getAssetsOrganizer()->getMetas()->add(new MetaStructure(
  1037.                         'campussuite:module',
  1038.                         $globals->getModule()->key()
  1039.                     ));
  1040.                 }
  1041.                 if ($globals->getThing() instanceof IdentifiableInterface) {
  1042.                     $globals->getAssetsOrganizer()->getMetas()->add(new MetaStructure(
  1043.                         'campussuite:content',
  1044.                         $globals->getThing()->getId()
  1045.                     ));
  1046.                 }
  1047.             } catch (\Exception $e) {
  1048.                 // noop
  1049.             }
  1051.             // if we were returned an exception, throw it
  1052.             if ($result instanceof \Exception) {
  1053.                 throw $result;
  1054.             }
  1056.             // if we were given a response directly, return it
  1057.             if ($result instanceof Response) {
  1058.                 return $result;
  1059.             }
  1061.             // if we don't get the expected return back, throw error
  1062.             if ( ! is_array($result)) {
  1063.                 throw new \Exception();
  1064.             }
  1066.             // default stuff just to be safe
  1067.             $result $result + array(
  1068.                 [],
  1069.                 new Response()
  1070.             );
  1072.         } catch (\Exception $e) {
  1074.             // attempt to handle the exception
  1075.             return $this->handleControllerException($globals$e);
  1077.         }
  1079.         // get the pieces from the result
  1080.         /** @var array $content */
  1081.         /** @var Response $response */
  1082.         [$content$response] = $result;
  1084.         // now that the main logic has been completed, we can ensure that non-live data is not returned again
  1085.         $this->em->getFilters()->getFilter(ModuleProxyPlaceholderDoctrineFilter::FILTER)
  1086.             ->setParameter('mode'ModuleProxyPlaceholderDoctrineFilter::MODES__NO_PLACEHOLDERS);
  1087.         $this->em->getFilters()->enable(ModuleProxyPlaceholderDoctrineFilter::FILTER);
  1089.         // render and return
  1090.         $globals->debugStart('runControllerRender');
  1091.         $rendered $this->render($globals$content);
  1092.         $globals->debugStop('runControllerRender');
  1094.         // fix the content on the response and set proper headers
  1095.         $response
  1096.             ->setContent($rendered)
  1097.             ->setStatusCode(200)
  1098.             ->headers->set('Content-Type''text/html')
  1099.         ;
  1101.         // done
  1102.         return $response;
  1103.     }
  1105.     /**
  1106.      * @param FrontendGlobals $globals
  1107.      * @param \Exception $e
  1108.      * @return Response
  1109.      * @throws \Exception
  1110.      */
  1111.     private function handleControllerException(FrontendGlobals $globals\Exception $e)
  1112.     {
  1113.         // determine the code
  1114.         switch (true) {
  1115.             case $e instanceof NotFoundHttpException:
  1116.                 $globals->getAssetsOrganizer()->getTitles()->add(
  1117.                     new TitleStructure('404 Not Found')
  1118.                 );
  1119.                 $code 404;
  1120.                 break;
  1121.             case $e instanceof AccessDeniedHttpException:
  1122.                 $globals->getAssetsOrganizer()->getTitles()->add(
  1123.                     new TitleStructure('403 Forbidden')
  1124.                 );
  1125.                 $code 403;
  1126.                 break;
  1127.             case $e instanceof BadRequestHttpException:
  1128.                 return new Response(null400, []);
  1129.             default:
  1130.                 $globals->getAssetsOrganizer()->getTitles()->add(
  1131.                     new TitleStructure('500 Server Error')
  1132.                 );
  1133.                 $code 500;
  1134.         }
  1136.         // render the page content
  1137.         $rendered $this->render($globals, array(
  1138.             'content' => array(
  1139.                 (new Html())
  1140.                     ->setContent($this->twig->render(
  1141.                         $this->databaseLoader->determine(
  1142.                             $globals->getTheme(),
  1143.                             sprintf(
  1144.                                 '/system/http/%s/build/tpl.html.twig',
  1145.                                 $code
  1146.                             )
  1147.                         ),
  1148.                         array(
  1149.                             'code' => $code,
  1150.                             'error' => $e,
  1151.                             '_globals' => $globals->asArray(),
  1152.                         )
  1153.                     ))
  1154.             ),
  1155.         ));
  1157.         // send back a response
  1158.         return (new Response(
  1159.             $rendered,
  1160.             $code,
  1161.             array(
  1162.                 'Content-Type' => 'text/html'
  1163.             )
  1164.         ));
  1165.     }
  1167.     /**
  1168.      * @param FrontendGlobals $globals
  1169.      * @param mixed $content
  1170.      * @return string
  1171.      */
  1172.     private function render(FrontendGlobals $globals$content): string
  1173.     {
  1174.         if ( ! is_array($content)) {
  1175.             $content = [];
  1176.         }
  1177.         $this->frontendRenderer->prepare($globalsFrontendRenderer::MODES__LIVE);
  1178.         return $this->frontendRenderer->renderPage($content);
  1179.     }
  1181.     /**
  1182.      * @param FrontendGlobals $globals
  1183.      * @return Domain
  1184.      * @throws \Exception
  1185.      */
  1186.     private function determineDomain(FrontendGlobals $globals)
  1187.     {
  1188.         // obtain the hostname
  1189.         $host $globals->getRequest()->getHost();
  1191.         // determine the domain for this hostname
  1192.         $domain $this->domainRepository()->findOneByHost($host);
  1194.         // throw error if we found one that was not configured
  1195.         if ($domain === null) {
  1196.             return (new Domain())
  1197.                 ->setName($host);
  1198.         }
  1200.         // now we need the apex
  1201.         $apex $domain->getApex();
  1203.         // if the apex is not verified, we have a problem
  1204.         /*
  1205.         if ( ! $apex->getVerification()->isVerified()) {
  1206.             throw FrontendBuilderException::apexNotVerified($apex);
  1207.         }
  1208.         */
  1210.         // all is good, send back the domain, the apex is already loaded and linked to it
  1211.         return $domain;
  1212.     }
  1214.     /**
  1215.      * @param FrontendGlobals $globals
  1216.      * @return Container
  1217.      * @throws \Exception
  1218.      */
  1219.     private function determineSite(FrontendGlobals $globals)
  1220.     {
  1221.         // obtain the domain
  1222.         $domain $globals->getDomain();
  1224.         // init the site
  1225.         $site null;
  1227.         // handle based on the domain type
  1228.         switch (true) {
  1229.             case ! empty($domain->getId()):
  1231.                 // get basic container
  1232.                 $site $this->em->getRepository(GenericContainer::class)->findOneByDomain($domain);
  1233.                 if ( ! $site) {
  1234.                     throw new NotFoundHttpException(sprintf(
  1235.                         'No site is linked to the domain "%s".',
  1236.                         $domain->getHost()
  1237.                     ));
  1238.                 }
  1240.                 break;
  1241.             case empty($domain->getId()):
  1242.                 $site $this->resolveSiteByStagingDomain($domain);
  1244.                 // handle intranets
  1245.                 if ($domain->getHost() === $this->contextManager->getGlobalContext()->getDashboard()) {
  1246.                     // in this case, the next chunk of the slug should be a slug of an intranet container
  1247.                     $pieces $this->explodePath($globals->getPath());
  1249.                     // if we don't have at least one pieces, we have a problem
  1250.                     if (count($pieces) < 1) {
  1251.                         throw new BadRequestHttpException();
  1252.                     }
  1254.                     // lookup based on this info
  1255.                     $site $this->intranetContainerRepository()->findOneBy(array(
  1256.                         'parent' => null,
  1257.                         'slug' => ltrim($pieces[0], '~'),
  1258.                     ));
  1259.                 }
  1261.                 break;
  1262.             default:
  1263.                 throw FrontendBuilderException::domainUnhandled($domain);
  1264.         }
  1266.         // if we are doing a personal site, need to possibly tweak this
  1267.         if ($globals->getAccount() !== null) {
  1269.             // in this case, the next chunk of the slug should be a slug of a personal container
  1270.             $pieces $this->explodePath($globals->getPath());
  1272.             // if we don't have at least two pieces, we have a problem
  1273.             if (count($pieces) < 2) {
  1274.                 throw new BadRequestHttpException();
  1275.             }
  1277.             // lookup based on this info
  1278.             $site $this->em->getRepository(PersonalContainer::class)->findRootForAccountBySlug(
  1279.                 $globals->getAccount(),
  1280.                 $pieces[1]
  1281.             );
  1283.         }
  1285.         // if a site was not found to be attached, that is a problem as we don't know the root to work from
  1286.         if ($site === null) {
  1287.             throw new NotFoundHttpException(sprintf(
  1288.                 'No site is associated with the domain "%s".',
  1289.                 $domain->getHost()
  1290.             ));
  1291.         }
  1293.         // done
  1294.         return $site;
  1295.     }
  1297.     /**
  1298.      * @param FrontendGlobals $globals
  1299.      * @return array|Container[]
  1300.      */
  1301.     private function determineContainers(FrontendGlobals $globals)
  1302.     {
  1303.         // get stuff we need
  1304.         $site $globals->getSite();
  1306.         // build initial array of containers, assume site is listed first (oldest to youngest)
  1307.         $containers = array(
  1308.             $site,
  1309.         );
  1311.         // make sure we account for the piece of path that has already been handled
  1312.         $count 0;
  1313.         switch (true) {
  1314.             case $globals->getSite() instanceof PersonalContainer:
  1315.                 $count += 2;
  1316.                 break;
  1317.             case $globals->getSite() instanceof IntranetContainer:
  1318.                 $count += 1;
  1319.                 break;
  1320.         }
  1321.         $chopped $this->chopPath($globals->getPath(), $count);
  1323.         // get the pieces of the path
  1324.         $slugs $this->explodePath($chopped);
  1326.         // loop over the remaining slugs
  1327.         foreach ($slugs as $i => $slug) {
  1329.             // see if we find one with this slug and the current parent
  1330.             $match $this->containerRepository()->findOneBy(array(
  1331.                 'parent' => $containers[$i],
  1332.                 'slug' => $slug,
  1333.             ));
  1335.             // if nothing, we need to stop looping
  1336.             if ($match === null) {
  1337.                 break;
  1338.             }
  1340.             // found one, add them to the set
  1341.             $containers[] = $match;
  1343.         }
  1345.         // done, but first reverse so youngest is first in the array
  1346.         return array_reverse($containers);
  1347.     }
  1349.     /**
  1350.      * @param FrontendGlobals $globals
  1351.      * @return Template
  1352.      * @throws \Exception
  1353.      */
  1354.     private function determineTheme(FrontendGlobals $globals)
  1355.     {
  1356.         $container $globals->getContainer();
  1357.         if ($container instanceof PersonalContainer) {
  1359.             // get the root level personal container
  1360.             while ( ! empty($container->getParent())) {
  1361.                 $container $container->getParent();
  1362.             }
  1364.             // TODO: this assumes a site is always attached to a public web site; causes an error if not...
  1365.             if ( ! $container->getContainer()) {
  1366.                 throw new NotFoundHttpException();
  1367.             }
  1368.             $containers $this->em->getRepository(GenericContainer::class)->findAncestors(
  1369.                 $container->getContainer()
  1370.             );
  1371.             array_push($containers$container->getContainer());
  1372.             $containers array_reverse($containers);
  1373.         } else {
  1374.             $containers $globals->getContainers();
  1375.         }
  1376.         $theme $this->themeManager->effectiveTheme($containers);
  1377.         if (empty($theme)) {
  1378.             throw FrontendBuilderException::noThemeAssociatedWithSite($container);
  1379.         }
  1380.         return $theme;
  1381.     }
  1383.     /**
  1384.      * @param FrontendGlobals $globals
  1385.      * @return Package
  1386.      * @throws \Exception
  1387.      */
  1388.     private function determinePackage(FrontendGlobals $globals)
  1389.     {
  1390.         if ($globals->getTheme() === null) {
  1391.             return null;
  1392.         }
  1393.         return $this->packageManager->getPackageForTheme($globals->getTheme());
  1394.     }
  1396.     /**
  1397.      * @param FrontendGlobals $globals
  1398.      * @return OuterLayout
  1399.      */
  1400.     private function determineOuterLayout(FrontendGlobals $globals)
  1401.     {
  1402.         $container $globals->getContainer();
  1403.         if ($container instanceof PersonalContainer) {
  1405.             // get the root level personal container
  1406.             while ( ! empty($container->getParent())) {
  1407.                 $container $container->getParent();
  1408.             }
  1410.             $containers $this->em->getRepository(GenericContainer::class)->findAncestors(
  1411.                 $container->getContainer()
  1412.             );
  1413.             array_push($containers$container->getContainer());
  1414.             $containers array_reverse($containers);
  1415.         } else {
  1416.             $containers $globals->getContainers();
  1417.         }
  1418.         return $this->themeManager->effectiveOuterLayout(array_merge(
  1419.             $containers,
  1420.             array($globals->getTheme())
  1421.         ));
  1422.     }
  1424.     /**
  1425.      * @param FrontendGlobals $globals
  1426.      * @return InnerLayout
  1427.      */
  1428.     private function determineInnerLayout(FrontendGlobals $globals)
  1429.     {
  1430.         $container $globals->getContainer();
  1431.         if ($container instanceof PersonalContainer) {
  1433.             // get the root level personal container
  1434.             while ( ! empty($container->getParent())) {
  1435.                 $container $container->getParent();
  1436.             }
  1438.             $containers $this->em->getRepository(GenericContainer::class)->findAncestors(
  1439.                 $container->getContainer()
  1440.             );
  1441.             array_push($containers$container->getContainer());
  1442.             $containers array_reverse($containers);
  1443.         } else {
  1444.             $containers $globals->getContainers();
  1445.         }
  1446.         return $this->themeManager->effectiveInnerLayout(array_merge(
  1447.             $containers,
  1448.             array($globals->getTheme())
  1449.         ));
  1450.     }
  1452.     /**
  1453.      * @param FrontendGlobals $globals
  1454.      * @return array
  1455.      */
  1456.     private function determineNavigations(FrontendGlobals $globals)
  1457.     {
  1458.         if ($globals->getContainer()->getNavigation() === null) {
  1459.             return [];
  1460.         }
  1461.         return Transcoder::fromStorage($globals->getContainer()->getNavigation());
  1462.     }
  1464.     /**
  1465.      * @param FrontendGlobals $globals
  1466.      * @return ModuleConfig|mixed
  1467.      */
  1468.     private function determineModule(FrontendGlobals $globals)
  1469.     {
  1470.         // make sure we account for the piece of path that has already been handled
  1471.         $count 0;
  1472.         $count += (count($globals->getContainers()) - 1);
  1473.         switch (true) {
  1474.             case $globals->getSite() instanceof PersonalContainer:
  1475.                 $count += 2;
  1476.                 break;
  1477.             case $globals->getSite() instanceof IntranetContainer:
  1478.                 $count += 1;
  1479.                 break;
  1481.         }
  1482.         $chopped $this->chopPath($globals->getPath(), $count);
  1484.         // get the remaining slugs
  1485.         $pieces $this->explodePath($chopped);
  1487.         // HACK: keep supporting the @ method to dictate modules for all current links
  1488.         if (preg_match('/^@(.+)$/'$pieces[0], $matches) === 1) {
  1490.             // attempt to find the module from the given string, could be bogus
  1491.             try {
  1493.                 // found it
  1494.                 $module $this->moduleManager->getModuleConfiguration($matches[1]);
  1496.                 // pages are weird, we should not have gotten a page module this way
  1497.                 if ($module instanceof PageModuleConfig) {
  1498.                     throw new \Exception();
  1499.                 }
  1501.                 // good to go
  1502.                 return $module;
  1504.             } catch (\Exception $e) {
  1506.                 // not found, assume it is a page
  1507.                 return $this->moduleManager->getModuleConfiguration(PageModuleConfig::NAME);
  1509.             }
  1511.         } else {
  1513.             // see if we are a module
  1514.             if ($this->moduleManager->isModule($pieces[0])) {
  1516.                 // return the module then
  1517.                 return $this->moduleManager->getModuleConfiguration($pieces[0]);
  1519.             }
  1521.             // check for files
  1522.             if ($pieces[0] === 'files') {
  1523.                 return new FileHandlerHack(
  1524.                     $this->em,
  1525.                     $this->s3,
  1526.                     $this->mimeHelper,
  1527.                 );
  1528.             }
  1530.             // check for notifications
  1531.             if ($pieces[0] === 'notification') {
  1532.                 return new NotificationsHandlerHack(
  1533.                     $this->em,
  1534.                     $this->s3,
  1535.                     $this->mediaDecorator,
  1536.                     $this->twig,
  1537.                     $this->databaseLoader,
  1538.                 );
  1539.             }
  1541.         }
  1543.         // no specific module, assume page
  1544.         return $this->moduleManager->getModuleConfiguration(PageModuleConfig::NAME);
  1545.     }
  1547.     /**
  1548.      * @param FrontendGlobals $globals
  1549.      * @return string
  1550.      */
  1551.     private function determineExtra(FrontendGlobals $globals)
  1552.     {
  1553.         // init the count
  1554.         $count 0;
  1556.         // we know we need to handle containers
  1557.         $count += (count($globals->getContainers()) - 1);
  1559.         // if it is not the page module, we need to account for the module slug
  1560.         if ( ! $globals->getModule() instanceof PageModuleConfig) {
  1561.             $count += 1;
  1562.         }
  1564.         // if there is an account set, there are two slugs that should be accounted for
  1565.         switch (true) {
  1566.             case $globals->getSite() instanceof PersonalContainer:
  1567.                 $count += 2;
  1568.                 break;
  1569.             case $globals->getSite() instanceof IntranetContainer:
  1570.                 $count += 1;
  1571.                 break;
  1572.         }
  1574.         // return based on the count
  1575.         return $this->chopPath($globals->getPath(), $count);
  1576.     }
  1578.     /**
  1579.      * @param string $path
  1580.      * @return array
  1581.      */
  1582.     private function explodePath($path)
  1583.     {
  1584.         return explode('/'trim(trim($path), '/'));
  1585.     }
  1587.     /**
  1588.      * @param string $path
  1589.      * @param int $chop
  1590.      * @return string
  1591.      */
  1592.     private function chopPath($path$chop)
  1593.     {
  1594.         return '/' implode('/'array_slice($this->explodePath($path), $chop));
  1595.     }
  1597.     /**
  1598.      * @param Request $request
  1599.      * @return RedirectResponse
  1600.      * @throws \Exception
  1601.      */
  1602.     private function handleMimic(Request $request)
  1603.     {
  1604.         $uid $request->query->get('_mimic');
  1605.         if ( ! preg_match('/^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$/'$uid)) {
  1606.             throw new NotFoundHttpException();
  1607.         }
  1608.         $account $this->accountRepository()->findByUid($uid);
  1609.         $response = new RedirectResponse(
  1610.             strtok($request->getUri(), '?'),
  1611.             RedirectResponse::HTTP_FOUND,
  1612.             array(
  1613.                 'X-CAMPUSSUITE-FE-REDIRECT' => sprintf(
  1614.                     'mimic:%s',
  1615.                     $uid
  1616.                 ),
  1617.             )
  1618.         );
  1619.         $response->headers->setCookie(
  1620.             new Cookie(
  1621.                 self::ACCOUNT_UID_KEY,
  1622.                 $account->getUid()->toString(),
  1623.                 0,
  1624.                 '/',
  1625.                 null,
  1626.                 false,
  1627.                 false
  1628.             )
  1629.         );
  1630.         return $response;
  1631.     }
  1633.     /**
  1634.      * @param FrontendGlobals $globals
  1635.      * @return ModuleSettings|null
  1636.      */
  1637.     private function determineModuleSettings(FrontendGlobals $globals)
  1638.     {
  1639.         // attempt to obtain module settings class name; some may not implement this yet
  1640.         try {
  1641.             $settingsClass $globals->getModule()->settingsClass();
  1642.         } catch (\Exception $e) {
  1643.             return null;
  1644.         }
  1646.         // get the repo for finding settings
  1647.         /** @var ModuleSettingsRepository $repo */
  1648.         $repo $this->em->getRepository($settingsClass);
  1650.         // try to get settings for container, may not find any
  1651.         $settings $repo->findOneByContainer($globals->getContainer());
  1653.         // if none found, create a new empty one
  1654.         if (empty($settings)) {
  1655.             $settings = new $settingsClass();
  1656.         }
  1658.         // done
  1659.         return $settings;
  1660.     }
  1662.     /**
  1663.      * @param Domain $domain
  1664.      * @return Container|null
  1665.      */
  1666.     private function resolveSiteByStagingDomain(Domain $domain): ?Container
  1667.     {
  1668.         $regex '/^([-a-zA-Z0-9]+)\.([-a-zA-Z0-9]+)\.' $this->params->get('cms.container.staging.domain') . '$/';
  1669.         if (preg_match($regex$domain->getName(), $matches) !== 1) {
  1670.             return null;
  1671.         }
  1673.         return $this->containerRepository()->findOneBy([
  1674.             'parent' => null,
  1675.             'slug' => $matches[1],
  1676.         ]);
  1677.     }
  1678. }
  1680. /**
  1681.  * For ability to have file endpoints.
  1682.  *
  1683.  * Class FileHandlerHack
  1684.  * @package Cms\FrontendBundle\Service
  1685.  */
  1686. final class FileHandlerHack
  1687. {
  1688.     const STREAMABLE = array(
  1689.         'css',
  1690.         'htm',
  1691.         'html',
  1692.         'js',
  1693.         'xhtml',
  1694.         'xml',
  1695.     );
  1697.     /**
  1698.      * @var EntityManager
  1699.      */
  1700.     private $em;
  1702.     /**
  1703.      * @var S3Wrapper
  1704.      */
  1705.     private $s3;
  1707.     /**
  1708.      * @var MimeHelper
  1709.      */
  1710.     private $mimeHelper;
  1712.     /**
  1713.      * @param EntityManager $em
  1714.      * @param S3Wrapper $s3
  1715.      * @param MimeHelper $mimeHelper
  1716.      */
  1717.     public function __construct(EntityManager $emS3Wrapper $s3MimeHelper $mimeHelper)
  1718.     {
  1719.         $this->em $em;
  1720.         $this->s3 $s3;
  1721.         $this->mimeHelper $mimeHelper;
  1722.     }
  1724.     /**
  1725.      * @param FrontendGlobals $globals
  1726.      * @return RedirectResponse|StreamedResponse
  1727.      */
  1728.     public function frontend(FrontendGlobals $globals)
  1729.     {
  1730.         // break apart by slashes
  1731.         $paths array_filter(explode('/'$globals->getExtra()));
  1733.         // last should be the filename
  1734.         $filepath array_pop($paths);
  1736.         // determine the folder
  1737.         $folder null;
  1738.         foreach ($paths as $path) {
  1740.             // search for the next one
  1741.             $folder $this->em->getRepository(Folder::class)->findOneBy(array(
  1742.                 'container' => $globals->getContainer(),
  1743.                 'parent' => $folder,
  1744.                 'name' => $path,
  1745.             ));
  1747.             // if we don't find one, then the path is bad, stop checking
  1748.             if (empty($folder)) {
  1749.                 break;
  1750.             }
  1752.         }
  1754.         // double check folder
  1755.         if (empty($folder)) {
  1756.             throw new NotFoundHttpException();
  1757.         }
  1759.         // break apart the filename
  1760.         $fileparts explode('.'$filepath);
  1761.         $fileext = (count($fileparts) > 0) ? array_pop($fileparts) : null;
  1762.         $filename implode('.'$fileparts);
  1764.         // made it this far, have the final folder, get the file
  1765.         $file $this->em->getRepository(File::class)->findOneBy([
  1766.             'container' => $globals->getContainer(),
  1767.             'parent' => $folder,
  1768.             'name' => $filename,
  1769.             'extension' => $fileext,
  1770.         ]);
  1772.         // double check file
  1773.         if (empty($file)) {
  1774.             throw new NotFoundHttpException();
  1775.         }
  1777.         // handle special cases
  1778.         $redir null;
  1779.         switch (true) {
  1781.             // passing through size width and height; need to match to predefined constant
  1782.             case $file instanceof ImageFile && ! empty($globals->getRequest()->query->get('size')):
  1783.                 $mask array_search(
  1784.                     $globals->getRequest()->query->get('size'),
  1785.                     ImageOptimization::$sizes
  1786.                 );
  1787.                 if ( ! empty($mask)) {
  1788.                     $redir $this->s3->entityUrl(
  1789.                         S3Wrapper::BUCKETS__STORAGE,
  1790.                         $file,
  1791.                         sprintf(
  1792.                             '/optimizations/%s',
  1793.                             $mask
  1794.                         )
  1795.                     );
  1796.                 }
  1797.                 break;
  1799.             // passing through a mask integer bitmask
  1800.             case $file instanceof ImageFile && ! empty($globals->getRequest()->query->get('mask')):
  1801.                 $mask $globals->getRequest()->query->get('mask');
  1802.                 if (array_key_exists($maskImageOptimization::$sizes)) {
  1803.                     $redir $this->s3->entityUrl(
  1804.                         S3Wrapper::BUCKETS__STORAGE,
  1805.                         $file,
  1806.                         sprintf(
  1807.                             '/optimizations/%s',
  1808.                             $mask
  1809.                         )
  1810.                     );
  1811.                 }
  1812.                 break;
  1814.             // passing through a constant name, like MASKS__*; only pass in the * part
  1815.             case $file instanceof ImageFile && ! empty($globals->getRequest()->query->get('const')):
  1816.                 $const 'MASKS__' $globals->getRequest()->query->get('const');
  1817.                 $const ImageOptimization::class . '::' $const;
  1818.                 if (defined($const)) {
  1819.                     $redir $this->s3->entityUrl(
  1820.                         S3Wrapper::BUCKETS__STORAGE,
  1821.                         $file,
  1822.                         sprintf(
  1823.                             '/optimizations/%s',
  1824.                             constant($const)
  1825.                         )
  1826.                     );
  1827.                 }
  1828.                 break;
  1830.             // streaming of file types that have issues when redirected, like html, css, etc
  1831.             case in_array($file->getExtension(), self::STREAMABLE):
  1832.                 return $this->stream($file);
  1834.         }
  1836.         // do default if none handled so far
  1837.         if (empty($redir)) {
  1838.             $redir $this->s3->entityUrl(
  1839.                 S3Wrapper::BUCKETS__STORAGE,
  1840.                 $file,
  1841.                 sprintf(
  1842.                     '/file/%s',
  1843.                     $file->getFilename()
  1844.                 )
  1845.             );
  1846.         }
  1848.         // redirect to s3 location
  1849.         return new RedirectResponse(
  1850.             $redir,
  1851.             RedirectResponse::HTTP_FOUND,
  1852.             array(
  1853.                 'X-CAMPUSSUITE-FE-REDIRECT' => sprintf(
  1854.                     'file:%s',
  1855.                     $file->getId()
  1856.                 ),
  1857.             )
  1858.         );
  1859.     }
  1861.     /**
  1862.      * @param File $file
  1863.      * @return StreamedResponse
  1864.      * @throws \Exception
  1865.      */
  1866.     private function stream(File $file)
  1867.     {
  1868.         // generate the path, use streaming php prefix
  1869.         $path $this->s3->getFileStreamingPath(
  1870.             S3Wrapper::BUCKETS__STORAGE,
  1871.             $file,
  1872.             sprintf(
  1873.                 '/file/%s',
  1874.                 $file->getFilename()
  1875.             )
  1876.         );
  1878.         // detect mime type
  1879.         $mime $this->mimeHelper->determineMime($file->getFilename());
  1881.         // create the response
  1882.         $response = new StreamedResponse();
  1884.         // set the headers needed
  1885.         $response->headers->set('Content-Type'$mime);
  1887.         // actually send the data
  1888.         $response->setCallback(function () use ($path) {
  1890.             // open a stream in read-only mode
  1891.             if ($stream fopen($path'r')) {
  1893.                 // loop while stream is open
  1894.                 while ( ! feof($stream)) {
  1896.                     // read bytes from the stream
  1897.                     echo fread($stream1024);
  1899.                 }
  1901.                 // be sure to close the stream resource when you're done with it
  1902.                 fclose($stream);
  1904.             }
  1905.         });
  1907.         // send back the response
  1908.         return $response;
  1909.     }
  1911.     /**
  1912.      * Needed for ModuleConfig usage in calling code.
  1913.      *
  1914.      * @throws \Exception
  1915.      */
  1916.     public function settingsClass()
  1917.     {
  1918.         throw new \Exception();
  1919.     }
  1921.     /**
  1922.      * Needed for ModuleConfig usage in calling code.
  1923.      *
  1924.      * @return null
  1925.      */
  1926.     public function name()
  1927.     {
  1928.         return 'Files';
  1929.     }
  1931.     /**
  1932.      * Needed for ModuleConfig usage in calling code.
  1933.      *
  1934.      * @return null
  1935.      */
  1936.     public function key()
  1937.     {
  1938.         return 'files';
  1939.     }
  1941.     /**
  1942.      * Needed for ModuleConfig usage in calling code.
  1943.      *
  1944.      * @return array
  1945.      */
  1946.     public function types()
  1947.     {
  1948.         return array(
  1949.             'File',
  1950.         );
  1951.     }
  1953.     /**
  1954.      * Whether the current department is to be powered by newer feed/object data.
  1955.      *
  1956.      * @param Container|Tenant $thing
  1957.      * @return bool
  1958.      */
  1959.     public function isSchoolNow($thing): bool
  1960.     {
  1961.         if ($thing instanceof Tenant) {
  1962.             return $thing->isSchoolNow();
  1963.         }
  1964.         if ( ! $thing instanceof Container) {
  1965.             throw new \Exception();
  1966.         }
  1967.         return $thing->isSchoolNow();
  1968.     }
  1969. }
  1971. /**
  1972.  * For ability to have notifications endpoints.
  1973.  *
  1974.  * Class NotificationsHandlerHack
  1975.  * @package Cms\FrontendBundle\Service
  1976.  */
  1977. final class NotificationsHandlerHack
  1978. {
  1979.     use SocialMetaTrait;
  1981.     /**
  1982.      * @var EntityManager
  1983.      */
  1984.     private EntityManager $em;
  1986.     /**
  1987.      * @var S3Wrapper
  1988.      */
  1989.     private S3Wrapper $s3;
  1991.     /**
  1992.      * @param EntityManager $em
  1993.      * @param S3Wrapper $s3
  1994.      */
  1995.     public function __construct(
  1996.         EntityManager $em,
  1997.         S3Wrapper $s3,
  1998.         MediaDecorator $mediaDecorator,
  1999.         Environment $twig,
  2000.         DatabaseLoader $databaseLoader
  2001.     )
  2002.     {
  2003.         $this->em $em;
  2004.         $this->s3 $s3;
  2005.         $this->mediaDecorator $mediaDecorator;
  2006.         $this->twig $twig;
  2007.         $this->databaseLoader $databaseLoader;
  2008.     }
  2010.     /**
  2011.      * @param FrontendGlobals $globals
  2012.      * @return array|RedirectResponse
  2013.      */
  2014.     public function frontend(FrontendGlobals $globals)
  2015.     {
  2016.         // break apart by slashes
  2017.         $paths array_values(array_filter(explode('/'$globals->getExtra())));
  2019.         // if ther are no paths, then we have a problem (must have an id)
  2020.         if (empty($paths)) {
  2021.             throw new NotFoundHttpException();
  2022.         }
  2024.         // grab the id of the message and look it up in the db
  2025.         $message $this->em->getRepository(Message::class)->find($paths[0]);
  2026.         if (empty($message)) {
  2027.             throw new NotFoundHttpException();
  2028.         }
  2030.         // grab the slug
  2031.         $slug $paths[1];
  2033.         // check slugs, and if incorrect, redirect to proper url with slug
  2034.         if (Slugger::slug($message->getTitle()) !== $slug) {
  2035.             return new RedirectResponse(sprintf(
  2036.                 '%s/%s/%s/%s',
  2037.                 $globals->pathPrefix(),
  2038.                 $globals->getModule()->key(),
  2039.                 $message->getId(),
  2040.                 Slugger::slug($message->getTitle())
  2041.             ));
  2042.         }
  2044.         // set the thing on the globals
  2045.         //$globals->setThing($message);
  2047.         // fill in media urls
  2048.         if ($message->getMedia()) {
  2049.             $this->mediaDecorator->urls($message->getMedia());
  2050.         }
  2052.         // set social meta tags
  2053.         $this->setSocialMeta(
  2054.             $globals,
  2055.             [
  2056.                 'title' => $message->getTitle(),
  2057.                 'description' => strip_tags($message->getDescription()),
  2058.                 // @TODO refactor to $message->getMedia()
  2059.                 'cs:image-presized' => ( ! empty($message->getMedia())),
  2060.                 'image' => $message->getMedia(),
  2061.             ]
  2062.         );
  2064.         // set title
  2065.         $globals->getAssetsOrganizer()->getTitles()
  2066.             ->add(new TitleStructure($message->getTitle()))
  2067.             ->add(new TitleStructure($globals->getContainer()->getName()));
  2069.         // render the content
  2070.         $content $this->twig->render(
  2071.             $this->databaseLoader->determine(
  2072.                 $globals->getTheme(),
  2073.                 sprintf(
  2074.                     '/modules/%s/View/build/tpl.html.twig',
  2075.                     $globals->getModule()->name()
  2076.                 )
  2077.             ),
  2078.             [
  2079.                 'globals' => $globals,
  2080.                 'item' => $message,
  2081.             ]
  2082.         );
  2084.         // pass back as we need it
  2085.         return [
  2086.             [
  2087.                 'content' => [
  2088.                     (new Html())
  2089.                         ->setContent($content),
  2090.                 ],
  2091.             ],
  2092.         ];
  2093.     }
  2095.     /**
  2096.      * Needed for ModuleConfig usage in calling code.
  2097.      *
  2098.      * @throws \Exception
  2099.      */
  2100.     public function settingsClass()
  2101.     {
  2102.         throw new \Exception();
  2103.     }
  2105.     /**
  2106.      * Needed for ModuleConfig usage in calling code.
  2107.      *
  2108.      * @return string
  2109.      */
  2110.     public function name(): string
  2111.     {
  2112.         return 'Notifications';
  2113.     }
  2115.     /**
  2116.      * Needed for ModuleConfig usage in calling code.
  2117.      *
  2118.      * @return string
  2119.      */
  2120.     public function key(): string
  2121.     {
  2122.         return 'notification';
  2123.     }
  2125.     /**
  2126.      * Needed for ModuleConfig usage in calling code.
  2127.      *
  2128.      * @return array
  2129.      */
  2130.     public function types(): array
  2131.     {
  2132.         return [
  2133.             'Message',
  2134.         ];
  2135.     }
  2137.     /**
  2138.      * Whether the current department is to be powered by newer feed/object data.
  2139.      *
  2140.      * @param Container|Tenant $thing
  2141.      * @return bool
  2142.      */
  2143.     public function isSchoolNow($thing): bool
  2144.     {
  2145.         if ($thing instanceof Tenant) {
  2146.             return $thing->isSchoolNow();
  2147.         }
  2148.         if ( ! $thing instanceof Container) {
  2149.             throw new \Exception();
  2150.         }
  2151.         return $thing->isSchoolNow();
  2152.     }
  2153. }