feat: streamline initing of modAI and it's security

Author: theboxer

core/components/modai/bootstrap.php

@@ -8,7 +8,11 @@
 
 if (!$modx->services->has('modai')) {
     $modx->services->add('modai', function($c) use ($modx) {
-        return new \modAI\modAI($modx);
+        try {
+            return new \modAI\modAI($modx);
+        } catch (\Exception $e) {
+            return null;
+        }
     });
 
 }

core/components/modai/elements/plugins/modai.php

@@ -9,9 +9,11 @@
 
 if (!$modx->services->has('modai')) return;
 
-/** @var \modAI\modAI $modAI */
+/** @var \modAI\modAI | null $modAI */
 $modAI = $modx->services->get('modai');
 
+if ($modAI === null) return;
+
 $action = '';
 
 if (isset($modx->controller) && is_object($modx->controller) && property_exists($modx->controller, 'action')) {
@@ -23,17 +25,12 @@
 if (in_array($action, ['resource/create', 'resource/update'])) {
     $modx->controller->addLexiconTopic('modai:default');
 
-    $firstName = explode(' ', $modx->user->Profile->fullname)[0];
-
+    $baseConfig = $modAI->getBaseConfig();
     $modx->controller->addHtml('
             <script type="text/javascript">
             let modAI;
             Ext.onReady(function() {
-                modAI = ModAI.init({
-                  name: "' . $firstName . '",
-                  apiURL: "' . $modAI->getAPIUrl() . '",
-                  cssURL: "' . $modAI->getCSSFile() . '",
-                });
+                modAI = ModAI.init(' . json_encode($baseConfig). ');
                 
                  Ext.defer(function () {
                    modAI.initOnResource({

core/components/modai/src/API/API.php

@@ -2,6 +2,7 @@
 namespace modAI\API;
 
 use modAI\Exceptions\LexiconException;
+use modAI\modAI;
 use modAI\Services\Response\AIResponse;
 use modAI\Settings;
 use MODX\Revolution\modX;
@@ -11,16 +12,23 @@
 abstract class API {
     protected modX $modx;
 
+    /** @var modAI|null  */
+    protected $modAI = null;
+
     public function __construct(modX $modx)
     {
         $this->modx = $modx;
         $this->modx->lexicon->load('modai:default');
+
+        if ($this->modx->services->has('modai')) {
+            $this->modAI = $this->modx->services->get('modai');
+        }
     }
 
     public function handleRequest(ServerRequestInterface $request): void
     {
         try {
-            if (empty($this->modx->user) || empty($this->modx->user->id) || !$this->modx->hasPermission('frames')) {
+            if ($this->modAI === null) {
                 throw APIException::unauthorized();
             }
 

core/components/modai/src/modAI.php

@@ -20,6 +20,10 @@ function __construct(modX &$modx, array $config = [])
     {
         $this->modx =& $modx;
 
+        if (!$this->hasAccess()) {
+            throw new \Exception('Unauthorized');
+        }
+
         $corePath = $this->getOption('core_path', $config, $this->modx->getOption('core_path', null, MODX_CORE_PATH) . 'components/modai/');
         $assetsUrl = $this->getOption('assets_url', $config, $this->modx->getOption('assets_url', null, MODX_ASSETS_URL) . 'components/modai/');
 
@@ -33,7 +37,6 @@ function __construct(modX &$modx, array $config = [])
                 'jsUrl'     => $assetsUrl . 'js/',
 
                 'templatesPath' => $corePath . 'templates/',
-                'processorsPath' => $corePath . 'src/Processors',
             ],
             $config
         );
@@ -148,4 +151,20 @@ public function getCSSFile()
 
         return "{$assetsUrl}css/modai.css?lit=$lit";
     }
+
+    public function getBaseConfig()
+    {
+        $firstName = explode(' ', $this->modx->user->Profile->fullname)[0];
+
+        return [
+            'name' => $firstName,
+            'apiURL'=> $this->getAPIUrl(),
+            'cssURL' => $this->getCSSFile(),
+        ];
+    }
+
+    public function hasAccess()
+    {
+        return !empty($this->modx->user) && !empty($this->modx->user->id) && $this->modx->hasPermission('frames');
+    }
 }