diff --git a/Dispatcher/Dispatcher.php b/Dispatcher/Dispatcher.php index 72d66fa5d..c5f7a4c87 100755 --- a/Dispatcher/Dispatcher.php +++ b/Dispatcher/Dispatcher.php @@ -124,7 +124,7 @@ final class Dispatcher implements DispatcherInterface $function = $dispatch[0] . '::' . $dispatch[2]; if (!\is_callable($function)) { - throw new \Exception(); + throw new \Exception('Endpoint "'. $function .'" is not callable!'); } $views[$controller] = $data === null ? $function() : $function(...$data); diff --git a/Router/RouteStatus.php b/Router/RouteStatus.php new file mode 100644 index 000000000..8c6bb6bb2 --- /dev/null +++ b/Router/RouteStatus.php @@ -0,0 +1,36 @@ +hasPermission( - $d['permission']['type'] ?? null, $orgId, $app, $d['permission']['module'] ?? null, $d['permission']['state'] ?? null + if (isset($d['permission']) && !empty($d['permission']) + && ($account === null || $account instanceof NullAccount) + ) { + return ['dest' => RouteStatus::NOT_LOGGED_IN]; + } elseif (isset($d['permission']) && !empty($d['permission']) + && !($account?->hasPermission( + $d['permission']['type'] ?? 0, + $d['permission']['unit'] ?? $orgId, + $app, + $d['permission']['module'] ?? null, + $d['permission']['state'] ?? null ) ) ) { - return $app !== null ? $this->route('/' . \strtolower($app) . '/e403') : $this->route('/e403'); + return ['dest' => RouteStatus::INVALID_PERMISSIONS]; } // if validation check is invalid if (isset($d['validation'])) { foreach ($d['validation'] as $name => $pattern) { if (!isset($data[$name]) || \preg_match($pattern, $data[$name]) !== 1) { - return $app !== null ? $this->route('/' . \strtolower($app) . '/e403') : $this->route('/e403'); + return ['dest' => RouteStatus::INVALID_DATA]; } } } diff --git a/Router/WebRouter.php b/Router/WebRouter.php index 1a8c11792..d86c714df 100755 --- a/Router/WebRouter.php +++ b/Router/WebRouter.php @@ -15,6 +15,7 @@ declare(strict_types=1); namespace phpOMS\Router; use phpOMS\Account\Account; +use phpOMS\Account\NullAccount; /** * Router class for web routes. @@ -155,15 +156,16 @@ final class WebRouter implements RouterInterface ) { // if csrf is required but not set if (isset($d['csrf']) && $d['csrf'] && $csrf === null) { - return $app !== null - ? $this->route('/' . \strtolower($app) . '/e403', $csrf, $verb) - : $this->route('/e403', $csrf, $verb); + return ['dest' => RouteStatus::INVALID_CSRF]; } // if permission check is invalid - if ((isset($d['permission']) && !empty($d['permission']) && $account === null) - || (isset($d['permission']) && !empty($d['permission']) - && !$account?->hasPermission( + if (isset($d['permission']) && !empty($d['permission']) + && ($account === null || $account instanceof NullAccount) + ) { + return ['dest' => RouteStatus::NOT_LOGGED_IN]; + } elseif (isset($d['permission']) && !empty($d['permission']) + && !($account?->hasPermission( $d['permission']['type'] ?? 0, $d['permission']['unit'] ?? $orgId, $app, @@ -172,18 +174,14 @@ final class WebRouter implements RouterInterface ) ) ) { - return $app !== null - ? $this->route('/' . \strtolower($app) . '/e403', $csrf, $verb) - : $this->route('/e403', $csrf, $verb); + return ['dest' => RouteStatus::INVALID_PERMISSIONS]; } // if validation check is invalid if (isset($d['validation'])) { foreach ($d['validation'] as $name => $validation) { if (!isset($data[$name]) || \preg_match($validation, $data[$name]) !== 1) { - return $app !== null - ? $this->route('/' . \strtolower($app) . '/e403', $csrf, $verb) - : $this->route('/e403', $csrf, $verb); + return ['dest' => RouteStatus::INVALID_DATA]; } } }