Commit 1743fb73 authored by Tino Goratsch's avatar Tino Goratsch

reworked the CaptchaValidationRule so that it can handle the various captcha types

parent 0c248b10
......@@ -35,9 +35,12 @@ interface CaptchaExtensionInterface
);
/**
* Returns the name of the to be used validation rule
* Checks, whether the typed in captcha is valid
*
* @return string
* @param mixed $formData
* @param string $formFieldName
* @param array $extra
* @return bool
*/
public function getValidationRule();
public function isCaptchaValid($formData, $formFieldName, array $extra = []);
}
......@@ -39,18 +39,24 @@ class NativeCaptchaExtension implements CaptchaExtensionInterface
* @var \ACP3\Modules\ACP3\Users\Model\UserModel
*/
private $user;
/**
* @var Core\ACL
*/
private $acl;
/**
* NativeCaptchaExtension constructor.
* @param Core\ACL $acl
* @param Translator $translator
* @param \ACP3\Modules\ACP3\Users\Model\UserModel $user
* @param Core\Http\RequestInterface $request
* @param Core\Router\RouterInterface $router
* @param Core\Session\SessionHandlerInterface $sessionHandler
* @param Core\View $view
* @param Core\Helpers\Secure $secureHelper
* @param \ACP3\Modules\ACP3\Users\Model\UserModel $user
*/
public function __construct(
Core\ACL $acl,
Translator $translator,
Core\Http\RequestInterface $request,
Core\Router\RouterInterface $router,
......@@ -66,6 +72,7 @@ class NativeCaptchaExtension implements CaptchaExtensionInterface
$this->view = $view;
$this->secureHelper = $secureHelper;
$this->user = $user;
$this->acl = $acl;
}
/**
......@@ -85,7 +92,7 @@ class NativeCaptchaExtension implements CaptchaExtensionInterface
$inputOnly = false,
$path = ''
) {
if ($this->user->isAuthenticated() === false) {
if (!$this->user->isAuthenticated() && $this->hasCaptchaAccess()) {
$path = sha1($this->router->route(empty($path) === true ? $this->request->getQuery() : $path));
$this->sessionHandler->set('captcha_' . $path, $this->secureHelper->salt($captchaLength));
......@@ -102,11 +109,32 @@ class NativeCaptchaExtension implements CaptchaExtensionInterface
return '';
}
/**
* @return bool
*/
private function hasCaptchaAccess()
{
return $this->acl->hasPermission('frontend/captcha/index/image') === true;
}
/**
* @inheritdoc
*/
public function getValidationRule()
public function isCaptchaValid($formData, $formFieldName, array $extra = [])
{
return '';
if (!$this->hasCaptchaAccess()) {
return true;
}
if (!isset($formData[$formFieldName])) {
return false;
}
$value = $formData[$formFieldName];
$routePath = empty($extra['path']) === true ? $this->request->getQuery() : $extra['path'];
$indexName = 'captcha_' . sha1($this->router->route($routePath));
return preg_match('/^[a-zA-Z0-9]+$/', $value)
&& strtolower($value) === strtolower($this->sessionHandler->get($indexName, ''));
}
}
......@@ -2,6 +2,7 @@ services:
captcha.extension.native_captcha_extension:
class: ACP3\Modules\ACP3\Captcha\Extension\NativeCaptchaExtension
arguments:
- '@core.acl'
- '@core.lang'
- '@core.http.request'
- '@core.router'
......
......@@ -2,11 +2,8 @@ services:
captcha.validation.validation_rules.captcha_validation_rule:
class: ACP3\Modules\ACP3\Captcha\Validation\ValidationRules\CaptchaValidationRule
arguments:
- '@core.acl'
- '@core.http.request'
- '@core.router'
- '@core.session'
- '@users.model.user_model'
- '@captcha.extension.captcha'
tags:
- { name: core.validation.validation_rule }
......
......@@ -6,61 +6,33 @@
namespace ACP3\Modules\ACP3\Captcha\Validation\ValidationRules;
use ACP3\Core\ACL;
use ACP3\Core\Http\RequestInterface;
use ACP3\Core\Router\RouterInterface;
use ACP3\Core\Session\SessionHandlerInterface;
use ACP3\Core\Validation\ValidationRules\AbstractValidationRule;
use ACP3\Modules\ACP3\Captcha\Extension\CaptchaExtensionInterface;
use ACP3\Modules\ACP3\Users\Model\UserModel;
/**
* Class CaptchaValidationRule
* @package ACP3\Modules\ACP3\Captcha\Validation\ValidationRules
*/
class CaptchaValidationRule extends AbstractValidationRule
{
/**
* @var \ACP3\Core\ACL
*/
protected $acl;
/**
* @var \ACP3\Core\Http\RequestInterface
*/
protected $request;
/**
* @var \ACP3\Core\Router\RouterInterface
*/
protected $router;
/**
* @var \ACP3\Core\Session\SessionHandlerInterface
*/
protected $sessionHandler;
/**
* @var \ACP3\Modules\ACP3\Users\Model\UserModel
*/
protected $user;
/**
* @var CaptchaExtensionInterface
*/
private $captcha;
/**
* CaptchaValidationRule constructor.
*
* @param \ACP3\Core\ACL $acl
* @param \ACP3\Core\Http\RequestInterface $request
* @param \ACP3\Core\Router\RouterInterface $router
* @param \ACP3\Core\Session\SessionHandlerInterface $sessionHandler
* @param \ACP3\Modules\ACP3\Users\Model\UserModel $user
* @param CaptchaExtensionInterface $captcha
*/
public function __construct(
ACL $acl,
RequestInterface $request,
RouterInterface $router,
SessionHandlerInterface $sessionHandler,
UserModel $user
UserModel $user,
CaptchaExtensionInterface $captcha
) {
$this->acl = $acl;
$this->request = $request;
$this->router = $router;
$this->sessionHandler = $sessionHandler;
$this->user = $user;
$this->captcha = $captcha;
}
/**
......@@ -68,29 +40,10 @@ class CaptchaValidationRule extends AbstractValidationRule
*/
public function isValid($data, $field = '', array $extra = [])
{
if (is_array($data) && array_key_exists($field, $data)) {
return $this->isValid($data[$field], $field, $extra);
}
if ($this->acl->hasPermission('frontend/captcha/index/image') === true
&& $this->user->isAuthenticated() === false
) {
return $this->checkCaptcha($data, isset($extra['path']) ? $extra['path'] : '');
if ($this->user->isAuthenticated() === false) {
return $this->captcha->isCaptchaValid($data, $field, $extra);
}
return true;
}
/**
* @param string $value
* @param string $path
* @return bool
*/
protected function checkCaptcha($value, $path)
{
$indexName = 'captcha_' . sha1($this->router->route(empty($path) === true ? $this->request->getQuery() : $path));
return preg_match('/^[a-zA-Z0-9]+$/', $value)
&& strtolower($value) === strtolower($this->sessionHandler->get($indexName, ''));
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment