‪TYPO3CMS  10.4
Installer.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
19 
20 use Psr\Container\ContainerInterface;
21 use Psr\Http\Message\ResponseInterface;
22 use Psr\Http\Message\ServerRequestInterface;
23 use Psr\Http\Server\MiddlewareInterface;
24 use Psr\Http\Server\RequestHandlerInterface;
25 use TYPO3\CMS\Core\Configuration\ConfigurationManager;
31 use TYPO3\CMS\Install\Service\SessionService;
32 
37 class ‪Installer implements MiddlewareInterface
38 {
42  private ‪$container;
43 
44  public function ‪__construct(ContainerInterface ‪$container)
45  {
46  $this->container = ‪$container;
47  }
48 
57  public function ‪process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
58  {
59  if (!$this->‪canHandleRequest($request)) {
60  return $handler->handle($request);
61  }
62 
63  // Lazy load InstallerController, to instantiate the class and the dependencies only if we handle an install request.
64  $controller = $this->container->get(InstallerController::class);
65  $actionName = $request->getParsedBody()['install']['action'] ?? $request->getQueryParams()['install']['action'] ?? 'init';
66  $action = $actionName . 'Action';
67 
68  if ($actionName === 'init' || $actionName === 'mainLayout') {
69  $response = $controller->$action();
70  } elseif ($actionName === 'checkInstallerAvailable') {
71  $response = new JsonResponse([
72  'success' => $this->‪isInstallerAvailable(),
73  ]);
74  } elseif ($actionName === 'showInstallerNotAvailable') {
75  $response = $controller->showInstallerNotAvailableAction();
76  } elseif ($actionName === 'checkEnvironmentAndFolders'
77  || $actionName === 'showEnvironmentAndFolders'
78  || $actionName === 'executeEnvironmentAndFolders'
79  ) {
81  $response = $controller->$action($request);
82  } else {
84  // With main folder layout available, sessions can be handled
85  $session = new SessionService();
86  $session->startSession();
87  if ($session->isExpired()) {
88  $session->refreshSession();
89  }
90  $postValues = $request->getParsedBody()['install'];
91  $sessionTokenOk = false;
92  if (empty($postValues)) {
93  // No post data is there, no token check necessary
94  $sessionTokenOk = true;
95  }
96  if (isset($postValues['token'])) {
97  // A token must be given as soon as there is POST data
98  $formProtection = ‪FormProtectionFactory::get(InstallToolFormProtection::class);
99  if ($actionName === '') {
100  throw new \RuntimeException('No POST action given for token check', 1505647681);
101  }
102  $sessionTokenOk = $formProtection->validateToken($postValues['token'], 'installTool', $actionName);
103  }
104  if (!$sessionTokenOk) {
105  $session->resetSession();
106  $session->startSession();
107  throw new \RuntimeException('Invalid session token', 1505647737);
108  }
109 
110  if (!method_exists($controller, $action)) {
111  // Sanitize action method, preventing injecting whatever method name
112  throw new \RuntimeException(
113  'Unknown action method ' . $action . ' in controller InstallerController',
114  1505687700
115  );
116  }
117 
118  $response = $controller->$action($request);
119 
120  if ($actionName === 'executeDefaultConfiguration') {
121  // Executing last step cleans session
122  $session->destroySession();
123  }
124  }
125 
126  return $response;
127  }
128 
136  protected function ‪canHandleRequest(ServerRequestInterface $request): bool
137  {
138  $localConfigurationFileLocation = (new ConfigurationManager())->getLocalConfigurationFileLocation();
139  return !@is_file($localConfigurationFileLocation) || ‪EnableFileService::isFirstInstallAllowed();
140  }
141 
145  protected function ‪throwIfInstallerIsNotAvailable()
146  {
147  if (!$this->‪isInstallerAvailable()) {
148  throw new \RuntimeException(
149  'Installer not available',
150  1505637427
151  );
152  }
153  }
154 
158  protected function ‪isInstallerAvailable(): bool
159  {
161  return true;
162  }
163  return false;
164  }
165 }
‪TYPO3\CMS\Install\Middleware\Installer\isInstallerAvailable
‪bool isInstallerAvailable()
Definition: Installer.php:157
‪TYPO3\CMS\Core\FormProtection\FormProtectionFactory\get
‪static TYPO3 CMS Core FormProtection AbstractFormProtection get($classNameOrType='default',... $constructorArguments)
Definition: FormProtectionFactory.php:74
‪TYPO3\CMS\Install\Middleware\Installer\process
‪ResponseInterface process(ServerRequestInterface $request, RequestHandlerInterface $handler)
Definition: Installer.php:56
‪TYPO3\CMS\Install\Service\EnableFileService
Definition: EnableFileService.php:26
‪TYPO3\CMS\Install\Middleware\Installer\$container
‪ContainerInterface $container
Definition: Installer.php:41
‪TYPO3\CMS\Core\FormProtection\InstallToolFormProtection
Definition: InstallToolFormProtection.php:61
‪TYPO3\CMS\Install\Middleware\Installer\throwIfInstallerIsNotAvailable
‪throwIfInstallerIsNotAvailable()
Definition: Installer.php:144
‪TYPO3\CMS\Install\Middleware\Installer
Definition: Installer.php:38
‪TYPO3\CMS\Install\Middleware\Installer\__construct
‪__construct(ContainerInterface $container)
Definition: Installer.php:43
‪TYPO3\CMS\Install\Service\EnableFileService\isFirstInstallAllowed
‪static bool isFirstInstallAllowed()
Definition: EnableFileService.php:45
‪TYPO3\CMS\Install\Controller\InstallerController
Definition: InstallerController.php:74
‪TYPO3\CMS\Core\FormProtection\FormProtectionFactory
Definition: FormProtectionFactory.php:47
‪TYPO3\CMS\Core\Http\JsonResponse
Definition: JsonResponse.php:26
‪TYPO3\CMS\Install\Middleware
Definition: Installer.php:18
‪TYPO3\CMS\Install\Middleware\Installer\canHandleRequest
‪bool canHandleRequest(ServerRequestInterface $request)
Definition: Installer.php:135