URLSpecialsMiddleware
class URLSpecialsMiddleware extends PermissionAwareConfirmationMiddleware
Check the request for the URL special variables.
Performs authorisation, confirmation and actions for some of those.
WARNING: Bypasses only disable authorisation and confirmation, but not actions nor redirects
The rules are: - flush GET parameter - isDev GET parameter - isTest GET parameter - dev/build URL
Traits
Methods
Initializes the middleware with the required rules
Extract the confirmation items from the request and return
Override the confirmation storage ID
Override the confirmation form url
Returns the list of permissions that are affected
Set the list of affected permissions
Returns flag whether we want to enforce authentication or not
Set whether we want to enforce authentication
Check whether the user has permissions to perform the target operation Otherwise we may want to skip the confirmation dialog.
Checks whether the request has GET flags to control environment type and amends the user session accordingly
Looks up for the special flags passed in the request and schedules the changes accordingly for the next request.
Details
at line 37
__construct()
Initializes the middleware with the required rules
in ConfirmationMiddleware at line 118
$this
setDeclineUrl(string $url)
Override the default decline url
in ConfirmationMiddleware at line 132
bool
canBypass(HTTPRequest $request)
Check whether the rules can be bypassed without user confirmation
in ConfirmationMiddleware at line 150
Item[]
getConfirmationItems(HTTPRequest $request)
Extract the confirmation items from the request and return
in ConfirmationMiddleware at line 248
HTTPResponse
process(HTTPRequest $request, callable $delegate)
Generate response for the given request
in ConfirmationMiddleware at line 272
$this
setConfirmationStorageId(string $id)
Override the confirmation storage ID
in ConfirmationMiddleware at line 285
$this
setConfirmationFormUrl(string $url)
Override the confirmation form url
in ConfirmationMiddleware at line 298
$this
setBypasses(Bypass[] $bypasses)
Set the list of bypasses for the confirmation
in PermissionAwareConfirmationMiddleware at line 50
string[]
getAffectedPermissions()
Returns the list of permissions that are affected
in PermissionAwareConfirmationMiddleware at line 66
$this
setAffectedPermissions(string[] $permissions)
Set the list of affected permissions
If the user doesn't have at least one of these, we assume they don't have access to the protected action, so we don't ask for a confirmation
in PermissionAwareConfirmationMiddleware at line 77
bool
getEnforceAuthentication()
Returns flag whether we want to enforce authentication or not
in PermissionAwareConfirmationMiddleware at line 93
$this
setEnforceAuthentication(bool $enforce)
Set whether we want to enforce authentication
We either enforce authentication (redirect to a login form) or silently assume the user does not have permissions and so we don't have to ask for a confirmation
in PermissionAwareConfirmationMiddleware at line 109
bool
hasAccess(HTTPRequest $request)
Check whether the user has permissions to perform the target operation Otherwise we may want to skip the confirmation dialog.
WARNING! The user has to be authenticated beforehand
in FlushScheduler at line 29
bool
scheduleFlush(HTTPRequest $request)
Schedules the manifest flush operation for a following request
WARNING! Does not perform flush, but schedules it for another request
in SessionEnvTypeSwitcher at line 22
bool
setSessionEnvType(HTTPRequest $request)
Checks whether the request has GET flags to control environment type and amends the user session accordingly
at line 58
null|HTTPResponse
buildImpactRedirect(HTTPRequest $request)
Looks up for the special flags passed in the request and schedules the changes accordingly for the next request.
Returns a redirect to the same page (with a random token) if there are changes introduced by the flags. Returns null if there is no impact introduced by the flags.