<?php/** * This file is part of the Pimcore X Installation by * ercas GmbH & CO. KG <https://www.ercasdieagentur.de> * * @license GPLv3 */namespace App\Controller;use App\mvk\Model\DataObject\AbstractUser;use Pimcore\Controller\FrontendController;use Pimcore\Model\Document;use Pimcore\Model\WebsiteSetting;use Symfony\Component\HttpFoundation\RedirectResponse;use Symfony\Component\HttpFoundation\Request;class DefaultController extends FrontendController{ public function damageAction(Request $request) { return $this->render('layout/damage-declaration.html.twig', []); } public function defaultAction(Request $request) { $user = $this->getUser(); $documentId=$this->document->getId(); $excludedPaths = $this->getWebSettingValueMultiple('2FA_ignoreDocument'); if ($this->checkUrlRegex($request->getPathInfo()) && $user && $user instanceof AbstractUser && !$user->getTwoFactorAuth() && !$user->getSkipTwoFactorAuth() && $user->getActive() && $documentId!=$this->getWebSettingValue('2FA_infoPageDocument') && $documentId!=$this->getWebSettingValue('2FA_vmVerification') && $documentId!=$this->getWebSettingValue('2FA_activationDocument') && !in_array($documentId, $excludedPaths)) { $targetDocumentId = $user->getTwoFactorRequested() ? $this->getWebSettingValue('2FA_infoPageDocument') : $this->getWebSettingValue('2FA_activationRequiredDocument'); $targetDocument = Document::getById($targetDocumentId); return new RedirectResponse($targetDocument->getFullPath()); } $access= $this->checkPagePermissions(); if (!$access) { $accessDeniedDocument = $this->getAccessDeniedDocument(); $baseUrl = ''; return new RedirectResponse($baseUrl.$accessDeniedDocument->getFullPath()); } return $this->render('html/02_body/02_main/main.html.twig', []); } public function angularAction(Request $request) { $access= $this->checkPagePermissions(); if (!$access) { $accessDeniedDocument = $this->getAccessDeniedDocument(); $baseUrl = ''; return new RedirectResponse($baseUrl.$accessDeniedDocument->getFullPath()); } return $this->render('html/02_body/angular.html.twig', []); } public function mailAction(Request $request) { return $this->render('mail/mail.html.twig', []); } public function mailActionCustom(Request $request) { return $this->render('mail/custom-mail.html.twig', ['params'=>null]); } private function checkPagePermissions() { $permission= $this->document->getProperty('pagePermissions'); if ($permission && !$this->editmode) { return $this->isGranted($permission); } return true; } private function checkUrlRegex($url) { $patterns = 'admin|authentication|zwei-faktor|2fa_activation|2fa_qrcode_generate|2fa_code_verify'; $regex = '/' . $patterns. '/'; if (preg_match($regex, $url)) { return false ; } else { return true; } } private function getWebSettingValue($name) { $document = \Pimcore\Model\WebsiteSetting::getByName($name, null, null); $document = $document ? $document->getData() : null ; return $document ? $document->getId() : null; } private function getWebSettingValueMultiple($name) { $accessibleDocuments=[]; $websiteSettingList = new WebsiteSetting\Listing(); $websiteSettingList->setCondition(sprintf('%s = ? ', 'name'), $name); foreach ($websiteSettingList->load() as $key => $websiteSetting) { $websiteSettingData=WebsiteSetting::getById($websiteSetting->getId()); $accessibleDocument = $websiteSettingData ? $websiteSettingData->getData() : null ; if ($accessibleDocument && $websiteSettingData->getType()=='document' && $websiteSettingData->getData()!='') { array_push($accessibleDocuments, $accessibleDocument->getId()); } } return $accessibleDocuments; } private function getAccessDeniedDocument() { if ($this->document->hasProperty('accessDeniedPage')) { $accessDeniedDocId=$this->document->getProperty('accessDeniedPage')->getId(); } else { $accessDeniedDocId=1; } return Document::getById($accessDeniedDocId); }}