formwork/panel/routes.php

347 lines
12 KiB
PHP
Raw Normal View History

<?php
2024-11-29 23:05:18 +01:00
use Formwork\Cms\Site;
2024-10-05 20:08:22 +02:00
use Formwork\Config\Config;
2023-07-29 22:39:28 +02:00
use Formwork\Http\JsonResponse;
use Formwork\Http\RedirectResponse;
use Formwork\Http\Request;
2024-10-05 20:08:22 +02:00
use Formwork\Http\Response;
2023-07-29 22:39:28 +02:00
use Formwork\Http\ResponseStatus;
2024-10-25 01:13:00 +02:00
use Formwork\Panel\Controllers\AuthenticationController;
2023-07-29 22:39:28 +02:00
use Formwork\Panel\Panel;
use Formwork\Security\CsrfToken;
use Formwork\Translations\Translations;
use Formwork\Utils\FileSystem;
2024-11-02 00:33:37 +01:00
use Formwork\Utils\Str;
2024-10-05 20:08:22 +02:00
use Formwork\View\ViewFactory;
2022-11-27 19:30:41 +01:00
return [
'routes' => [
2022-11-27 21:21:19 +01:00
'panel.index' => [
'path' => '/',
2023-07-29 22:39:28 +02:00
'action' => fn (Panel $panel) => new RedirectResponse($panel->uri('/dashboard/')),
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.login' => [
'path' => '/login/',
2024-04-27 13:08:58 +02:00
'action' => 'Formwork\Panel\Controllers\AuthenticationController@login',
2023-05-20 21:26:49 +02:00
'methods' => ['GET', 'POST'],
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.logout' => [
'path' => '/logout/',
2024-04-27 13:08:58 +02:00
'action' => 'Formwork\Panel\Controllers\AuthenticationController@logout',
],
2022-12-11 16:48:45 +01:00
2024-11-05 22:04:24 +01:00
'panel.assets' => [
'path' => '/assets/{type:alpha}/{file:all}/',
'action' => 'Formwork\Panel\Controllers\AssetsController@asset',
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.dashboard' => [
'path' => '/dashboard/',
2023-05-20 21:26:49 +02:00
'action' => 'Formwork\Panel\Controllers\DashboardController@index',
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.pages' => [
'path' => '/pages/',
2023-05-20 21:26:49 +02:00
'action' => 'Formwork\Panel\Controllers\PagesController@index',
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.pages.new' => [
'path' => '/pages/new/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\PagesController@create',
2023-05-20 21:26:49 +02:00
'methods' => ['POST'],
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.pages.edit' => [
2024-11-05 22:04:24 +01:00
'path' => '/pages/{page:all}/edit/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\PagesController@edit',
2023-05-20 21:26:49 +02:00
'methods' => ['GET', 'POST'],
],
2022-12-11 16:48:45 +01:00
2024-09-17 22:07:33 +02:00
'panel.pages.preview' => [
2024-11-05 22:04:24 +01:00
'path' => '/pages/{page:all}/preview/',
2024-09-17 22:07:33 +02:00
'action' => 'Formwork\Panel\Controllers\PagesController@preview',
'methods' => ['POST'],
],
2022-11-27 21:21:19 +01:00
'panel.pages.edit.lang' => [
2024-11-05 22:04:24 +01:00
'path' => '/pages/{page:all}/edit/language/{language:alpha}/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\PagesController@edit',
2023-05-20 21:26:49 +02:00
'methods' => ['GET', 'POST'],
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.pages.reorder' => [
'path' => '/pages/reorder/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\PagesController@reorder',
'methods' => ['POST'],
2023-05-20 21:26:49 +02:00
'types' => ['XHR'],
],
2022-12-11 16:48:45 +01:00
2024-11-05 22:04:24 +01:00
'panel.pages.file' => [
'path' => '/pages/{page:all}/file/{filename}/',
'action' => 'Formwork\Panel\Controllers\PagesController@file',
'methods' => ['GET', 'POST'],
],
'panel.pages.uploadFile' => [
'path' => '/pages/{page:all}/file/upload/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\PagesController@uploadFile',
2023-05-20 21:26:49 +02:00
'methods' => ['POST'],
],
2022-12-11 16:48:45 +01:00
2024-11-05 22:04:24 +01:00
'panel.pages.deleteFile' => [
'path' => '/pages/{page:all}/file/{filename}/delete/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\PagesController@deleteFile',
2023-05-20 21:26:49 +02:00
'methods' => ['POST'],
],
2022-12-11 16:48:45 +01:00
2023-07-30 17:32:20 +02:00
'panel.pages.renameFile' => [
2024-11-05 22:04:24 +01:00
'path' => '/pages/{page:all}/file/{filename}/rename/',
2023-07-30 17:32:20 +02:00
'action' => 'Formwork\Panel\Controllers\PagesController@renameFile',
'methods' => ['POST'],
],
'panel.pages.replaceFile' => [
2024-11-05 22:04:24 +01:00
'path' => '/pages/{page:all}/file/{filename}/replace/',
'action' => 'Formwork\Panel\Controllers\PagesController@replaceFile',
'methods' => ['POST'],
],
2022-11-27 21:21:19 +01:00
'panel.pages.delete' => [
2024-11-05 22:04:24 +01:00
'path' => '/pages/{page:all}/delete/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\PagesController@delete',
2023-05-20 21:26:49 +02:00
'methods' => ['POST'],
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.pages.delete.lang' => [
2024-11-05 22:04:24 +01:00
'path' => '/pages/{page:all}/delete/language/{language:alpha}/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\PagesController@delete',
2023-05-20 21:26:49 +02:00
'methods' => ['POST'],
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.updates.check' => [
'path' => '/updates/check/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\UpdatesController@check',
'methods' => ['POST'],
2023-05-20 21:26:49 +02:00
'types' => ['XHR'],
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.updates.update' => [
'path' => '/updates/update/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\UpdatesController@update',
'methods' => ['POST'],
2023-05-20 21:26:49 +02:00
'types' => ['XHR'],
],
2022-12-11 16:48:45 +01:00
2023-12-29 13:53:31 +01:00
'panel.statistics' => [
'path' => '/statistics/',
'action' => 'Formwork\Panel\Controllers\StatisticsController@index',
],
2022-11-27 21:21:19 +01:00
'panel.users' => [
'path' => '/users/',
2023-05-20 21:26:49 +02:00
'action' => 'Formwork\Panel\Controllers\UsersController@index',
],
2022-12-11 16:48:45 +01:00
2022-11-27 21:21:19 +01:00
'panel.users.new' => [
'path' => '/users/new/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\UsersController@create',
2023-05-20 21:26:49 +02:00
'methods' => ['POST'],
],
2022-12-11 16:48:45 +01:00
2024-11-05 22:04:24 +01:00
'panel.users.profile' => [
'path' => '/users/{user:[a-z0-9_-]+}/profile/',
'action' => 'Formwork\Panel\Controllers\UsersController@profile',
'methods' => ['GET', 'POST'],
],
'panel.users.images' => [
'path' => '/users/images/{image}/',
'action' => 'Formwork\Panel\Controllers\UsersController@images',
'methods' => ['GET'],
],
2022-11-27 21:21:19 +01:00
'panel.users.delete' => [
2024-10-06 14:35:55 +02:00
'path' => '/users/{user:[a-z0-9_-]+}/delete/',
2022-11-27 21:21:19 +01:00
'action' => 'Formwork\Panel\Controllers\UsersController@delete',
2023-05-20 21:26:49 +02:00
'methods' => ['POST'],
],
2022-12-11 16:48:45 +01:00
2024-10-06 14:35:55 +02:00
'panel.users.deleteImage' => [
'path' => '/users/{user:[a-z0-9_-]+}/image/delete/',
'action' => 'Formwork\Panel\Controllers\UsersController@deleteImage',
'methods' => ['POST'],
],
2024-11-05 22:04:24 +01:00
'panel.options' => [
'path' => '/options/',
'action' => 'Formwork\Panel\Controllers\OptionsController@index',
],
'panel.options.system' => [
'path' => '/options/system/',
'action' => 'Formwork\Panel\Controllers\OptionsController@systemOptions',
2023-05-20 21:26:49 +02:00
'methods' => ['GET', 'POST'],
2022-11-23 22:50:16 +01:00
],
2022-12-11 16:48:45 +01:00
2024-11-05 22:04:24 +01:00
'panel.options.site' => [
'path' => '/options/site/',
'action' => 'Formwork\Panel\Controllers\OptionsController@siteOptions',
'methods' => ['GET', 'POST'],
],
'panel.tools' => [
'path' => '/tools/',
'action' => 'Formwork\Panel\Controllers\ToolsController@index',
],
'panel.tools.backups' => [
'path' => '/tools/backups/',
'action' => 'Formwork\Panel\Controllers\ToolsController@backups',
],
'panel.tools.updates' => [
'path' => '/tools/updates/',
'action' => 'Formwork\Panel\Controllers\ToolsController@updates',
],
'panel.tools.info' => [
'path' => '/tools/info/',
'action' => 'Formwork\Panel\Controllers\ToolsController@info',
],
'panel.backup.make' => [
'path' => '/backup/make/',
'action' => 'Formwork\Panel\Controllers\BackupController@make',
'methods' => ['POST'],
'types' => ['XHR'],
],
'panel.backup.download' => [
'path' => '/backup/download/{backup:base64}/',
'action' => 'Formwork\Panel\Controllers\BackupController@download',
'methods' => ['GET', 'POST'],
],
'panel.backup.delete' => [
'path' => '/backup/delete/{backup:base64}/',
'action' => 'Formwork\Panel\Controllers\BackupController@delete',
'methods' => ['POST'],
],
'panel.cache.clear' => [
'path' => '/cache/clear/{type:alpha}?/',
'action' => 'Formwork\Panel\Controllers\CacheController@clear',
'methods' => ['POST'],
'types' => ['XHR'],
2024-10-04 15:24:53 +02:00
],
'panel.register' => [
'path' => '/register/',
'action' => 'Formwork\Panel\Controllers\RegisterController@register',
2023-05-20 21:26:49 +02:00
'methods' => ['GET', 'POST'],
],
2022-12-11 16:48:45 +01:00
2024-11-05 22:04:24 +01:00
'panel.errors.notFound' => [
'path' => '/{route:all}/',
2023-05-20 21:26:49 +02:00
'action' => 'Formwork\Panel\Controllers\ErrorsController@notFound',
],
],
2022-12-11 16:48:45 +01:00
'filters' => [
2024-06-16 14:55:53 +02:00
'panel.request.validateSize' => [
2023-07-29 22:39:28 +02:00
'action' => static function (Request $request, Translations $translations, Panel $panel) {
// Validate HTTP request Content-Length according to `post_max_size` directive
2023-07-29 22:39:28 +02:00
if ($request->contentLength() !== null) {
2023-12-28 12:49:13 +01:00
$maxSize = FileSystem::shorthandToBytes(ini_get('post_max_size') ?: '0');
2023-07-29 22:39:28 +02:00
if ($request->contentLength() > $maxSize && $maxSize > 0) {
$panel->notify(
2023-07-29 22:39:28 +02:00
$translations->getCurrent()->translate('panel.request.error.postMaxSize'),
'error'
);
return new RedirectResponse($panel->uri());
}
}
},
2023-05-20 21:26:49 +02:00
'methods' => ['POST'],
2024-06-16 14:55:53 +02:00
'types' => ['HTTP', 'XHR'],
],
2024-06-16 14:55:53 +02:00
'panel.request.validateCsrf' => [
2023-07-29 22:39:28 +02:00
'action' => static function (Request $request, Translations $translations, Panel $panel, CsrfToken $csrfToken) {
2024-06-16 14:55:53 +02:00
$tokenName = $panel->getCsrfTokenName();
$token = (string) $request->input()->get('csrf-token');
2024-06-16 14:55:53 +02:00
if (!$csrfToken->validate($tokenName, $token)) {
$csrfToken->destroy($tokenName);
if ($panel->isLoggedIn()) {
$panel->user()->logout();
}
$panel->notify(
2023-07-29 22:39:28 +02:00
$translations->getCurrent()->translate('panel.login.suspiciousRequestDetected'),
'warning'
);
2023-07-29 22:39:28 +02:00
if ($request->isXmlHttpRequest()) {
return JsonResponse::error('Bad Request: the CSRF token is not valid', ResponseStatus::BadRequest);
}
return new RedirectResponse($panel->uri('/login/'));
}
},
'methods' => ['POST'],
2023-05-20 21:26:49 +02:00
'types' => ['HTTP', 'XHR'],
],
2024-10-05 20:08:22 +02:00
'panel.checkAssets' => [
'action' => static function (Config $config, ViewFactory $viewFactory) {
$path = $config->get('system.panel.paths.assets');
$assets = ['css/panel.min.css', 'js/app.min.js'];
2024-10-05 20:08:22 +02:00
foreach ($assets as $asset) {
$assetPath = FileSystem::joinPaths($path, $asset);
if (!FileSystem::isFile($assetPath, assertExists: false)) {
$view = $viewFactory->make('errors.panel.assets');
return new Response($view->render(), ResponseStatus::InternalServerError);
}
}
},
],
2022-11-27 21:21:19 +01:00
'panel.register' => [
2024-11-24 15:34:27 +01:00
'action' => static function (Request $request, Site $site, Panel $panel) {
2022-11-27 21:21:19 +01:00
// Register panel if no user exists
2024-10-05 15:47:07 +02:00
if ($site->users()->isEmpty()) {
2023-07-29 22:39:28 +02:00
if (!$request->isLocalhost()) {
return new RedirectResponse($site->uri());
}
if ($panel->route() !== '/register/') {
return new RedirectResponse($panel->uri('/register/'));
}
}
},
2023-05-20 21:26:49 +02:00
'methods' => ['GET', 'POST'],
],
2022-12-06 21:26:54 +01:00
'panel.redirectToLogin' => [
2024-10-05 15:47:07 +02:00
'action' => static function (Request $request, Site $site, Panel $panel) {
// Redirect to login if no user is logged
2024-11-02 00:33:37 +01:00
if (
!$site->users()->isEmpty() && !$panel->isLoggedIn()
&& !in_array($panel->route(), ['/login/', '/logout/'], true)
&& !Str::startsWith($panel->route(), '/assets/')
) {
2024-10-25 01:13:00 +02:00
$request->session()->set(AuthenticationController::SESSION_REDIRECT_KEY, $panel->route());
return new RedirectResponse($panel->uri('/login/'));
}
2023-05-20 21:26:49 +02:00
},
],
],
];