tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Controller: Introduce method assertHttpMethod() 

We have actions where only certain HTTP methods, e.g. POST are allowed but they are not restricted yet.
Controller::assertHttpMethod() takes a number of allowed HTTP methods and responds with HTTP 405 in case
the current request's method is not one of the given methods.
This commit is contained in:
Eric Lippmann 2015-01-22 15:47:16 +01:00
parent 3d7b375ab4
commit 0f13c0428c
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
library/Icinga/Web/Controller/ActionController.php
View File

@ -146,6 +146,22 @@ class ActionController extends Zend_Controller_Action
return $this;
}
/**
* Respond with HTTP 405 if the current request's method is not one of the given methods
*
* @param string $httpMethod Unlimited number of allowed HTTP methods
*
* @throws \Zend_Controller_Action_Exception If the request method is not one of the given methods
*/
public function assertHttpMethod($httpMethod)
{
$httpMethods = array_flip(array_map('strtoupper', func_get_args()));
if (! isset($httpMethods[$this->getRequest()->getMethod()])) {
$this->getResponse()->setHeader('Allow', implode(', ', array_keys($httpMethods)));
throw new \Zend_Controller_Action_Exception($this->translate('Method Not Allowed'), 405);
}
}
/**
* Return restriction information for an eventually authenticated user
*