From 73b492e89249fba82d9caf4316960709af9e8d7a Mon Sep 17 00:00:00 2001
From: Romain Quetiez <romain.quetiez@combodo.com>
Date: Tue, 27 Aug 2013 14:04:59 +0000
Subject: [PATCH] New mechanism: a module page can be accessed by the mean of a
 canonical URL (utils::GetAbsoluteUrlModulePage to build the proper URL)

SVN:trunk[2836]
---
 application/nicewebpage.class.inc.php | 18 +++++++
 application/utils.inc.php             | 28 +++++++++++
 pages/exec.php                        | 71 +++++++++++++++++++++++++++
 3 files changed, 117 insertions(+)
 create mode 100644 pages/exec.php

diff --git a/application/nicewebpage.class.inc.php b/application/nicewebpage.class.inc.php
index 24b8f1ce1..1f68a0ec3 100644
--- a/application/nicewebpage.class.inc.php
+++ b/application/nicewebpage.class.inc.php
@@ -99,6 +99,7 @@ EOF
 		$this->m_sRootUrl = $this->GetAbsoluteUrlAppRoot();
      	$sAbsURLAppRoot = addslashes($this->m_sRootUrl);
     	$sAbsURLModulesRoot = addslashes($this->GetAbsoluteUrlModulesRoot());
+    	$sEnvironment = addslashes(utils::GetCurrentEnvironment());
 
 		$sAppContext = addslashes($this->GetApplicationContext());
 
@@ -113,6 +114,23 @@ function GetAbsoluteUrlModulesRoot()
 {
 	return '$sAbsURLModulesRoot';
 }
+
+function GetAbsoluteUrlModulePage(sModule, sPage, aArguments)
+{
+	// aArguments is optional, it default to an empty hash
+	aArguments = typeof aArguments !== 'undefined' ? aArguments : {};
+
+	var sUrl = '$sAbsURLAppRoot'+'pages/exec.php?exec_module='+sModule+'&exec_page='+sPage+'&exec_env='+'$sEnvironment';
+	for (var sArgName in aArguments)
+	{
+		if (aArguments.hasOwnProperty(sArgName))
+		{
+			sUrl = sUrl + '&'+sArgName+'='+aArguments[sArgname];
+		}
+	}
+	return sUrl;
+}
+
 function AddAppContext(sURL)
 {
 	var sContext = '$sAppContext';
diff --git a/application/utils.inc.php b/application/utils.inc.php
index cf8ac915f..948930cd6 100644
--- a/application/utils.inc.php
+++ b/application/utils.inc.php
@@ -839,6 +839,34 @@ class utils
 		return $sUrl;
 	}
 
+    /**
+     * Returns the URL to a page that will execute the requested module page
+     *      
+     * To be compatible with this mechanism, the called page must include approot
+     * with an absolute path OR not include it at all (losing the direct access to the page)
+     * if (!defined('__DIR__')) define('__DIR__', dirname(__FILE__));
+     * require_once(__DIR__.'/../../approot.inc.php');
+     *      
+     * @return string ...
+     */                   
+	static public function GetAbsoluteUrlModulePage($sModule, $sPage, $aArguments = array())
+	{
+		$aArgs = array();
+		$aArgs[] = 'exec_module='.$sModule;
+		$aArgs[] = 'exec_page='.$sPage;
+		$aArgs[] = 'exec_env='.self::GetCurrentEnvironment();
+		foreach($aArguments as $sName => $sValue)
+		{
+			if (($sName == 'exec_module')||($sName == 'exec_page')||($sName == 'exec_env'))
+			{
+				throw new Exception("Module page: $sName is a reserved page argument name");
+			}
+			$aArgs[] = $sName.'='.urlencode($sValue);
+		}
+		$sArgs = implode('&', $aArgs);
+		return self::GetAbsoluteUrlAppRoot().'pages/exec.php?'.$sArgs;
+	}
+
 	/**
 	 * Returns a name unique amongst the given list
 	 * @param string $sProposed The default value
diff --git a/pages/exec.php b/pages/exec.php
new file mode 100644
index 000000000..6257a8ba2
--- /dev/null
+++ b/pages/exec.php
@@ -0,0 +1,71 @@
+<?php
+// Copyright (C) 2013 Combodo SARL
+//
+//   This file is part of iTop.
+//
+//   iTop is free software; you can redistribute it and/or modify	
+//   it under the terms of the GNU Affero General Public License as published by
+//   the Free Software Foundation, either version 3 of the License, or
+//   (at your option) any later version.
+//
+//   iTop is distributed in the hope that it will be useful,
+//   but WITHOUT ANY WARRANTY; without even the implied warranty of
+//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+//   GNU Affero General Public License for more details.
+//
+//   You should have received a copy of the GNU Affero General Public License
+//   along with iTop. If not, see <http://www.gnu.org/licenses/>
+
+
+/**
+ * Execute a module page - this is an alternative to invoking /myItop/env-production/myModule/somePage.php
+ *
+ * The recommended way to build an URL to a module page is to invoke utils::GetAbsoluteUrlModulePage()
+ * or its javascript equivalent GetAbsoluteUrlModulePage()
+ * 
+ * To be compatible with this mechanism, the called page must include approot
+ * with an absolute path OR not include it at all (losing the direct access to the page)
+ * if (!defined('__DIR__')) define('__DIR__', dirname(__FILE__));
+ * require_once(__DIR__.'/../../approot.inc.php');
+ *  
+ * @copyright   Copyright (C) 2013 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+require_once('../approot.inc.php');
+
+// Needed to read the parameters (with sanitization)
+require_once(APPROOT.'application/utils.inc.php');
+
+$sModule = utils::ReadParam('exec_module', '');
+if ($sModule == '')
+{
+	echo "Missing argument 'exec_module'";
+	exit;
+}
+$sModule = basename($sModule); // protect against ../.. ...
+
+$sPage = utils::ReadParam('exec_page', '', false, 'raw_data');
+if ($sPage == '')
+{
+	echo "Missing argument 'exec_page'";
+	exit;
+}
+$sPage = basename($sPage); // protect against ../.. ...
+
+$sEnvironment = utils::ReadParam('exec_env', 'production');
+
+$sTargetPage = APPROOT.'env-'.$sEnvironment.'/'.$sModule.'/'.$sPage;
+
+if (!file_exists($sTargetPage))
+{
+	// Do not recall the parameters (security takes precedence)
+	echo "Wrong module, page name or environment...";
+	exit;
+}
+
+/////////////////////////////////////////
+//
+// GO!
+//
+require_once($sTargetPage);