ray-di · koriym · Sep 15, 2015 · Sep 15, 2015 · Sep 15, 2015 · Sep 15, 2015
diff --git a/src/AbstractAuraForm.php b/src/AbstractAuraForm.php
diff --git a/src/AbstractForm.php b/src/AbstractForm.php
@@ -11,11 +11,11 @@
 use Aura\Html\HelperLocator;
 use Aura\Html\HelperLocatorFactory;
 use Aura\Input\AntiCsrfInterface;
-use Aura\Input\Builder;
 use Aura\Input\BuilderInterface;
-use Aura\Input\Form;
+use Aura\Input\Fieldset;
+use Ray\WebFormModule\Exception\CsrfViolationException;
 
-abstract class AbstractForm extends Form implements FormInterface
+abstract class AbstractForm extends Fieldset implements FormInterface
 {
     /**
      * @var SubjectFilter
@@ -45,25 +45,22 @@ abstract class AbstractForm extends Form implements FormInterface
      * @\Ray\Di\Di\Inject
      */
     public function setBaseDependencies(
-        BuilderInterface $builder = null,
-        FilterFactory $filterFactory = null,
-        HelperLocatorFactory $helperFactory = null
+        BuilderInterface $builder,
+        FilterFactory $filterFactory,
+        HelperLocatorFactory $helperFactory
     ) {
-        $this->builder  = $builder ?: new Builder;
-        $this->filter = $filterFactory ? $filterFactory->newSubjectFilter() : (new FilterFactory)->newSubjectFilter();
-        $this->helper = $helperFactory ? $helperFactory->newInstance() : (new HelperLocatorFactory)->newInstance();
+        $this->builder  = $builder;
+        $this->filter = $filterFactory->newSubjectFilter();
+        $this->helper = $helperFactory->newInstance();
     }
 
     public function __construct()
     {
     }
 
-    /**
-     * @param AntiCsrfInterface $antiCsrf
-     */
-    public function setCsrf(AntiCsrfInterface $antiCsrf)
+    public function setAntiCsrf(AntiCsrfInterface $antiCsrf)
     {
-        $this->setAntiCsrf($antiCsrf);
+        $this->antiCsrf = $antiCsrf;
     }
 
     /**
@@ -73,7 +70,7 @@ public function postConstruct()
     {
         $this->init();
         if ($this->antiCsrf instanceof AntiCsrfInterface) {
-            $this->setAntiCsrf($this->antiCsrf);
+            $this->antiCsrf->setField($this);
         }
     }
 
@@ -131,29 +128,39 @@ public function form($attr = [])
      */
     public function apply(array $data)
     {
+        if ($this->antiCsrf && ! $this->antiCsrf->isValid($data)) {
+            throw new CsrfViolationException;
+        }
         $isValid = $this->filter->apply($data);
 
         return $isValid;
     }
 
     /**
-     * Gets the filter messages.
-     *
-     * @param string $name The input name to get the filter message for; if
-     *                     empty, gets all messages for all inputs.
+     * Returns all failure messages for all fields.
      *
-     * @return array The filter messages.
+     * @return array
      */
-    public function getMessages($name = null)
+    public function getFailureMessages()
     {
         $messages = $this->filter->getFailures()->getMessages();
-        if ($name && isset($messages[$name])) {
-            return $messages[$name];
-        }
 
         return $messages;
     }
 
+
+    /**
+     *
+     * Returns all the fields collection
+     *
+     * @return \ArrayIterator
+     *
+     */
+    public function getIterator()
+    {
+        return new \ArrayIterator($this->inputs);
+    }
+
     public function __clone()
     {
         $this->filter = clone $this->filter;

diff --git a/src/AntiCsrf.php b/src/AntiCsrf.php
@@ -16,14 +16,31 @@ final class AntiCsrf implements AntiCsrfInterface
 
     const TOKEN_KEY = '__csrf_token';
 
+    /**
+     * @var bool
+     */
+    private $isCli;
+
+    /**
+     * $_POST
+     *
+     * @var array
+     */
+    private $post;
+
     /**
      * @var Session
      */
     private $session;
 
-    public function __construct(Session $session)
+    /**
+     * @param Session      $session
+     * @param bool|null    $isCli
+s     */
+    public function __construct(Session $session, $isCli = null)
     {
         $this->session = $session;
+        $this->isCli = is_bool($isCli) ? $isCli : PHP_SAPI === 'cli';
     }
 
     public function setField(Fieldset $fieldset)
@@ -39,19 +56,19 @@ public function setField(Fieldset $fieldset)
      */
     public function isValid(array $data)
     {
-        if (PHP_SAPI === 'cli') {
+        if ($this->isCli) {
             return true;
         }
-        if (isset($_POST[self::TOKEN_KEY])) {
-            $data[self::TOKEN_KEY] = $_POST[self::TOKEN_KEY];
-        }
 
         return isset($data[self::TOKEN_KEY]) && $data[self::TOKEN_KEY] == $this->getToken();
     }
 
+    /**
+     * @return string
+     */
     private function getToken()
     {
-        $value = PHP_SAPI === 'cli' ? self::TEST_TOKEN : $this->session->getCsrfToken()->getValue();
+        $value = $this->isCli ? self::TEST_TOKEN : $this->session->getCsrfToken()->getValue();
 
         return $value;
     }

diff --git a/src/AuraInputInterceptor.php b/src/AuraInputInterceptor.php
@@ -13,7 +13,6 @@
 use Ray\WebFormModule\Annotation\FormValidation;
 use Ray\WebFormModule\Exception\InvalidArgumentException;
 use Ray\WebFormModule\Exception\InvalidFormPropertyException;
-use Ray\WebFormModule\Exception\LogicException;
 
 class AuraInputInterceptor implements MethodInterceptor
 {
@@ -48,7 +47,7 @@ public function invoke(MethodInvocation $invocation)
         $formValidation = $this->reader->getMethodAnnotation($invocation->getMethod(), FormValidation::class);
         $form = $this->getFormProperty($formValidation, $object);
         $data = $object instanceof SubmitInterface ? $object->submit() : $this->getNamedArguments($invocation);
-        $isValid = $this->isValidForm($data, $form);
+        $isValid = $this->isValid($data, $form);
         if ($isValid === true) {
             // validation   success
             return $invocation->proceed();
@@ -85,22 +84,11 @@ private function getNamedArguments(MethodInvocation $invocation)
      *
      * @throws \Aura\Input\Exception\CsrfViolation
      */
-    public function isValidForm(array $submit, Form $form)
+    public function isValid(array $submit, AbstractForm $form)
     {
-        if ($form instanceof AbstractAuraForm) {
-            $form->fill($submit);
-            $isValid = $form->filter();
+        $isValid = $form->apply($submit);
 
-            return $isValid;
-        }
-
-        if ($form instanceof AbstractForm) {
-            $isValid = $form->apply($submit);
-
-            return $isValid;
-        }
-
-        throw new LogicException('invalid form type');
+        return $isValid;
     }
 
     /**
@@ -109,7 +97,7 @@ public function isValidForm(array $submit, Form $form)
      * @param FormValidation $formValidation
      * @param object         $object
      *
-     * @return AbstractAuraForm
+     * @return AbstractForm
      */
     private function getFormProperty(FormValidation $formValidation, $object)
     {
@@ -119,7 +107,7 @@ private function getFormProperty(FormValidation $formValidation, $object)
         $prop = (new \ReflectionClass($object))->getProperty($formValidation->form);
         $prop->setAccessible(true);
         $form = $prop->getValue($object);
-        if (! $form instanceof FormInterface) {
+        if (! $form instanceof AbstractForm) {
             throw new InvalidFormPropertyException($formValidation->form);
         }
 

diff --git a/src/AuraInputModule.php b/src/AuraInputModule.php
@@ -6,6 +6,7 @@
  */
 namespace Ray\WebFormModule;
 
+use Aura\Filter\FilterFactory;
 use Aura\Html\HelperLocatorFactory;
 use Aura\Input\AntiCsrfInterface;
 use Aura\Input\Builder;
@@ -30,9 +31,10 @@ protected function configure()
         $this->bind(Reader::class)->to(AnnotationReader::class)->in(Scope::SINGLETON);
         $this->bind(BuilderInterface::class)->to(Builder::class);
         $this->bind(FilterInterface::class)->to(Filter::class);
-        $this->bind(HelperLocatorFactory::class);
         $this->bind(AntiCsrfInterface::class)->to(AntiCsrf::class)->in(Scope::SINGLETON);
         $this->bind(FailureHandlerInterface::class)->to(OnFailureMethodHandler::class);
+        $this->bind(HelperLocatorFactory::class);
+        $this->bind(FilterFactory::class);
         $this->bindInterceptor(
             $this->matcher->any(),
             $this->matcher->annotatedWith(FormValidation::class),

diff --git a/src/Exception/CsrfViolationException.php b/src/Exception/CsrfViolationException.php
@@ -0,0 +1,13 @@
+<?php
+/**
+ * This file is part of the Ray.WebFormModule
+ *
+ * @license http://opensource.org/licenses/bsd-license.php MIT
+ */
+namespace Ray\WebFormModule\Exception;
+
+use Aura\Input\Exception\CsrfViolation;
+
+class CsrfViolationException extends CsrfViolation
+{
+}
diff --git a/src/FailureHandlerInterface.php b/src/FailureHandlerInterface.php
@@ -12,5 +12,5 @@
 
 interface FailureHandlerInterface
 {
-    public function handle(FormValidation $formValidation, MethodInvocation $invocation, Form $form);
+    public function handle(FormValidation $formValidation, MethodInvocation $invocation, AbstractForm $form);
 }
diff --git a/src/OnFailureMethodHandler.php b/src/OnFailureMethodHandler.php
@@ -16,7 +16,7 @@ final class OnFailureMethodHandler implements FailureHandlerInterface
     /**
      * {@inheritdoc}
      */
-    public function handle(FormValidation $formValidation, MethodInvocation $invocation, Form $form)
+    public function handle(FormValidation $formValidation, MethodInvocation $invocation, AbstractForm $form)
     {
         unset($form);
         $args = (array) $invocation->getArguments();