Raydium Framework

KioskMiddleware extends AbstractMiddleware
in package

Table of Contents

$configs  : Configs
$isAdminKiosk  : bool|null
$isMultitenant  : bool|null
$isShortInit  : bool|null
$services  : Container
$appDirPath  : mixed
$coreTemplatesDir  : mixed
$kioskConfig  : mixed
$logger  : LoggerInterface
$templatesDir  : mixed
$twig  : Environment
$twigOptions  : mixed
__construct()  : mixed
matchPaths()  : bool
Matches two URL paths, considering optional trailing slashes.
process()  : ResponseInterface
Process an incoming server request.
twig()  : Environment
Creates and returns a Twig environment instance.
defaultTwigOptions()  : array<string|int, null|false|int|string>
Environment Options.
getAllowedAccessPaths()  : null|array<string|int, mixed>
Retrieve allowed access paths for wp-admin routes.
getSubdomain()  : null|array<string|int, string>
isAdminRoute()  : mixed
isAdminRouteRestricted()  : bool
Check if a given URL or route matches the WordPress admin route pattern.
isHybridMode()  : bool
isMultitenantApp()  : bool
Determines if the application is configured to operate in multi-tenant mode.
isSecureMode()  : bool
isValidTenantId()  : false|int
log()  : LoggerInterface
multiMerge()  : array<string|int, mixed>
Merges two multi-dimensional arrays recursively.
when()  : void
debugMode()  : void
setTemplatesDir()  : string
validateTemplatesDirectory()  : bool
Validates that the templates directory exists.

Properties

Methods

__construct()

public __construct([Container $serviceContainer = null ]) : mixed
Parameters
$serviceContainer : Container = null
Return values
mixed

matchPaths()

Matches two URL paths, considering optional trailing slashes.

public static matchPaths(string $uriPath, string $dbadminUrlPath) : bool
Parameters
$uriPath : string
$dbadminUrlPath : string
Return values
bool

process()

Process an incoming server request.

public process(ServerRequestInterface $request, RequestHandlerInterface $handler) : ResponseInterface
Parameters
$request : ServerRequestInterface
$handler : RequestHandlerInterface
Return values
ResponseInterface

twig()

Creates and returns a Twig environment instance.

public twig() : Environment
Tags
throws
Exception

If the templates directory does not exist or if there is an error initializing the Twig loader.

Return values
Environment

The initialized Twig environment instance.

defaultTwigOptions()

Environment Options.

protected static defaultTwigOptions() : array<string|int, null|false|int|string>
Tags
see
https://twig.symfony.com/doc/3.x/api.html#environment-options
psalm-return

array{debug: false, charset: 'utf-8', cache: false, auto_reload: null, strict_variables: false, autoescape: 'html', optimizations: -1}

Return values
array<string|int, null|false|int|string>

getAllowedAccessPaths()

Retrieve allowed access paths for wp-admin routes.

protected getAllowedAccessPaths() : null|array<string|int, mixed>

This method fetches a list of allowed paths for the wp-admin directory based on configuration. It is designed to ensure that critical functionality like AJAX handling can operate without unnecessary restrictions while still securing other sensitive admin functionalities.

Configuration behavior:

  • security.restrict_wpadmin.enabled: Enables or disables the restriction mechanism (disabled by default).
  • security.restrict_wpadmin.secure: If true, applies stricter matching for wp-admin paths.
  • security.restrict_wpadmin.allowed: An array of specific paths to allow, e.g., ['admin-ajax.php'].

Example Usage:

  • Allow admin-ajax.php for AJAX requests to ensure plugins function correctly.
  • Restrict paths like theme-editor.php or custom plugin endpoints unless explicitly allowed.
  • Ensure security while allowing flexibility for specific use cases.

Example Configuration: 'restrict_wpadmin' => [ 'enabled' => true, 'secure' => false, 'allowed' => [ 'admin-ajax.php' ] ];

Tags
psalm-return

array{allowed: mixed, secure: mixed}|null

Return values
null|array<string|int, mixed>

Returns an array of allowed paths if restriction is enabled, null otherwise.

getSubdomain()

protected getSubdomain(ServerRequestInterface $request) : null|array<string|int, string>
Parameters
$request : ServerRequestInterface
Tags
psalm-return

list{string, string}|null

Return values
null|array<string|int, string>

isAdminRoute()

protected isAdminRoute(ServerRequestInterface $request) : mixed
Parameters
$request : ServerRequestInterface
Return values
mixed

isAdminRouteRestricted()

Check if a given URL or route matches the WordPress admin route pattern.

protected isAdminRouteRestricted(ServerRequestInterface $request) : bool

This method ensures that only specified paths within the wp-admin directory are allowed based on configurations. This is crucial for security as it prevents unauthorized access to sensitive WordPress admin functionalities.

Context: When the restrict_wpadmin configuration is enabled (disabled by default), all requests to paths under /wp/wp-admin will be restricted with a 401 response unless explicitly allowed. The isAdminRouteRestricted method determines whether a request matches restricted wp-admin routes and handles the restriction logic upstream.

Examples of wp-admin paths to consider:

  • wp-admin/admin-ajax.php: Frequently used by plugins for AJAX requests, should generally be allowed.
  • wp-admin/theme-editor.php: Sensitive path that should typically be restricted.
  • wp-admin/options.php: Core settings path that requires strict access control.
  • wp-admin/admin-post.php: A common custom plugin endpoint that may require special handling.

Example Configuration: 'restrict_wpadmin' => [ 'enabled' => true, // Enables or disables wp-admin restrictions (disabled by default) 'secure' => false, // Enables stricter matching for wp-admin paths 'allowed' => [ 'admin-ajax.php' // Paths allowed even when restrictions are enabled ] ];

Parameters
$request : ServerRequestInterface

The server request instance.

Return values
bool

Returns true if the route matches a restricted wp-admin route, false otherwise.

isMultitenantApp()

Determines if the application is configured to operate in multi-tenant mode.

protected static isMultitenantApp(mixed $composerConfig) : bool
Parameters
$composerConfig : mixed
Return values
bool

Returns true if the application is in multi-tenant mode, otherwise false.

isValidTenantId()

protected isValidTenantId(string $tenantId) : false|int
Parameters
$tenantId : string
Tags
psalm-return

0|1|false

Return values
false|int

multiMerge()

Merges two multi-dimensional arrays recursively.

protected static multiMerge(array<string|int, mixed> $array1, array<string|int, mixed> $array2) : array<string|int, mixed>

This function will recursively merge the values of $array2 into $array1. If the same key exists in both arrays, and both corresponding values are arrays, the values are recursively merged. Otherwise, values from $array2 will overwrite those in $array1.

Parameters
$array1 : array<string|int, mixed>

The base array that will be merged into.

$array2 : array<string|int, mixed>

The array with values to merge into $array1.

Return values
array<string|int, mixed>

The merged array.

setTemplatesDir()

private setTemplatesDir() : string
Return values
string

validateTemplatesDirectory()

Validates that the templates directory exists.

private validateTemplatesDirectory(string $templatesDir[, bool $withException = true ]) : bool
Parameters
$templatesDir : string
$withException : bool = true
Tags
throws
Exception

If the templates directory does not exist.

Return values
bool

Search results