Intentnado resolver conflicto

2025-07-25 22:52:08 +00:00 · 2024-05-07 10:16:53 +02:00
parent f652227b9f
commit 60178b334e
2 changed files with 206 additions and 3 deletions
--- a/ci4/app/Filters/LoginAuthFilter.php
+++ b/ci4/app/Filters/LoginAuthFilter.php
@ -0,0 +1,205 @@
+<?php
+namespace App\Filters;
+
+use App\Models\SettingsModel;
+use CodeIgniter\Filters\FilterInterface;
+use CodeIgniter\HTTP\RequestInterface;
+use CodeIgniter\HTTP\ResponseInterface;
+use Exception;
+
+class LoginAuthFilter implements FilterInterface
+{
+    public function before(RequestInterface $request, $arguments = null)
+    {
+        try {
+            if(!$this->validateIgnoreControllerAccess()){
+                $session = session();
+                $token = $session->get('token')??'';
+                $tfa = $session->get('tfa')??false;
+    
+                $this->getSettings();
+    
+                if (empty($token) || $tfa == true) {
+                    return redirect()->to('/login');
+                }else{
+                    $this->validateControllerAccess();
+                }
+            }
+        } catch (Exception $e) {
+
+        }
+    }
+
+    public function after(RequestInterface $request, ResponseInterface $response, $arguments = null)
+    {
+
+    }
+
+    /**
+     * Access to controllers is valid.
+     */
+    public function validateControllerAccess(){
+        $request = \Config\Services::request();
+        $uri = $request->uri;
+        
+        $language = \Config\Services::language();
+        $language->setLocale(session()->lang);
+
+        $getWhiteList = $this->whiteListController();
+
+        foreach ($getWhiteList as $item){
+            if(strtolower($item) == $uri->getSegment(1)){
+                return true;
+            }
+        }
+
+        $getRules = json_decode(session()->get('rules')??'[]');
+
+        foreach ($this->whiteListMethod() as $item){
+            if(strtolower($item) == $uri->getSegment(2)){
+                return true;
+            }
+        }
+
+        foreach ($getRules as $key=>$value){
+            if(strtolower($key) == $uri->getSegment(1)){
+                if($uri->getTotalSegments() <= 1){
+                    return true;
+                }
+                foreach ($value as $item){
+                    if(strtolower($item) == $uri->getSegment(2)){
+                        return true;
+                    }
+                }
+            }
+            else{
+                foreach($this->controllerFolderWhiteList() as $folder){
+                    if(strtolower($folder) == $uri->getSegment(1)){
+                        if(strtolower($key) == $uri->getSegment(2)){
+                            if($uri->getTotalSegments() <= 2){
+                                return true;
+                            }
+                            
+                            foreach ($value as $item){
+                                if(strtolower($item) == $uri->getSegment(3)){
+                                    return true;
+                                }
+                            }
+                            
+                        }
+                    }
+                }
+                
+            }
+        } 
+        session()->setFlashdata('sweet', ['error',lang("App.dashboard_alert_rules")]);
+        header('Location: /home');
+        exit();
+    }
+
+    /**
+     * JJO
+     * Returns the controller folder list
+     */
+    public function controllerFolderWhiteList(){
+        return [
+            'Catalogo',
+            'Clientes',
+            'Compras',
+            'Configuracion',
+            'EnviosLogistica',
+            'Facturacion',
+            'Informes',
+            'Importacion',
+            'Pedidos',
+            'Presupuestos',
+            'Produccion',
+            'Proveedores',
+            'Servicios',
+            'Tarifas',
+        ];
+    } 
+
+
+
+    /**
+     * Returns the white list of allowed controllers.
+     */
+    public function whiteListController(){
+        return [
+            'Js_loader',
+            'BaseController',
+            'Home',
+            'Login',
+            'Oauth',
+            'Language',
+            'Api',
+            'Cron',
+            'lang',
+            'Ajax',
+            'Integration',
+            'Migrate',
+            'Test',
+            'Viewmode',
+            'GoBaseController',
+            'GoBaseResourceController',
+            'Maquinaspapelesimpresion',
+            'Maquinastarifasimpresion',
+            'Maquinascalles',
+            'My', 'Usuarios', 'Notification'    // PARA LA DEMO
+
+        ];
+    }
+
+    /**
+     * Returns the whitelist of public controllers.
+     */
+    public function ignoreListController(){
+        return [
+        ];
+    }
+
+    public function validateIgnoreControllerAccess(){
+        $request = \Config\Services::request();
+        $uri = $request->uri;
+
+        $getList = $this->ignoreListController();
+        foreach ($getList as $item){
+            if(strtolower($item) == $uri->getSegment(1)){
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public function whiteListMethod(){
+        return [
+            'initController',
+            '__construct',
+            'validateControllerAccess',
+            'whiteListController',
+            'whiteListMethod',
+            'allItemsSelect',
+            'menuItems',
+            'datatable',
+            'datatable_editor',
+            'datatable_2',
+            'datatable_editor_2',
+            'collect',
+            'cast',
+            'getGramaje',
+            'presupuesto',
+        ];
+    }
+
+    public function getSettings(){
+        // Get Settings
+        $session = session();
+        $settingsBase = new SettingsModel();
+        $settings = $settingsBase->first()??[];
+        $session->set('settings', $settings);
+        if(empty($session->get('lang'))) {
+            $session->set('lang', $settings['default_language'] ?? 'es');
+        }
+    }
+}