From 3c085a949fadf452c178e7d4be4ff26d9c18390c Mon Sep 17 00:00:00 2001
From: daniel <daniel.barbero@artica.es>
Date: Thu, 11 Apr 2024 10:49:51 +0200
Subject: [PATCH] add new endpoint userlogin pandora_enterprise#13485

---
 pandora_console/api/v2/public/swagger.json    | 52 +++++++++++++++-
 .../Controllers/CreateTokenController.php     | 12 ++--
 .../Users/Actions/GetUserLoginAction.php      | 19 ++++++
 .../Controllers/GetUserLoginController.php    | 59 +++++++++++++++++++
 .../Users/Services/GetUserLoginService.php    | 27 +++++++++
 .../Modules/Users/Services/GetUserService.php |  4 +-
 .../include/lib/Modules/Users/routes.php      |  2 +
 7 files changed, 165 insertions(+), 10 deletions(-)
 create mode 100644 pandora_console/include/lib/Modules/Users/Actions/GetUserLoginAction.php
 create mode 100644 pandora_console/include/lib/Modules/Users/Controllers/GetUserLoginController.php
 create mode 100644 pandora_console/include/lib/Modules/Users/Services/GetUserLoginService.php

diff --git a/pandora_console/api/v2/public/swagger.json b/pandora_console/api/v2/public/swagger.json
index c432271fef..0b7acb3284 100644
--- a/pandora_console/api/v2/public/swagger.json
+++ b/pandora_console/api/v2/public/swagger.json
@@ -2,7 +2,7 @@
   "openapi": "3.0.0",
   "info": {
     "title": "API Pandora FMS",
-    "description": "<p>This is the new API framework for Pandora FMS.</p>\n<p>The old API is deprecated but still functional, and not all old endpoints are supported in the new API, but new endpoints will be added in each release.</p>\n<p>Using this web interface, you can play around and see how it works each endpoint interactively.</p>\n\nMore useful links:\n\n* <a target='_blank' href='https://pandorafms.com/en/pandora-fms-license-2024_en/'>Pandora FMS Licence </a>\n* <a target='_blank' href='https://support.pandorafms.com'> Pandora FMS Official Support </a>\n* <a target='_blank' href='https://pandorafms.com/en/community/'> Pandora FMS Community </a>\n* <a target='_blank' href='https://pandorafms.com/en/security/vulnerability-disclosure-policy/'> Vulnerability Disclosure Policy </a>\n* <a target='_blank' href='https://pandorafms.com/en/faq/'> Pandora FMS FAQ </a>",
+    "description": "<p>This is the new API framework for Pandora FMS.</p>\n<p>The old API is deprecated but still functional, and not all old endpoints are supported in the new API, but new endpoints will be added in each release.</p>\n<p>Using this web interface, you can play around and see how it works each endpoint interactively.</p>\n\nMore useful links:\n\n * <a target='_blank' href='https://pandorafms.com/en/pandora-fms-license-2024_en/'>Pandora FMS Licence </a>\n * <a target='_blank' href='https://support.pandorafms.com'> Pandora FMS Official Support </a>\n * <a target='_blank' href='https://pandorafms.com/en/community/'> Pandora FMS Community </a>\n * <a target='_blank' href='https://pandorafms.com/en/security/vulnerability-disclosure-policy/'> Vulnerability Disclosure Policy </a>\n * <a target='_blank' href='https://pandorafms.com/en/faq/'> Pandora FMS FAQ </a>",
     "version": "0.0.1"
   },
   "servers": [
@@ -1791,6 +1791,46 @@
         ]
       }
     },
+    "/user/{idUser}/login": {
+      "get": {
+        "tags": ["Users"],
+        "summary": "show user when login process",
+        "operationId": "1b50ee1984a43d87d69342174571775c",
+        "parameters": [
+          {
+            "$ref": "#/components/parameters/parameterIdUser"
+          },
+          {
+            "$ref": "#/components/parameters/parameterIdUserPass"
+          }
+        ],
+        "responses": {
+          "200": {
+            "$ref": "#/components/responses/ResponseUser"
+          },
+          "400": {
+            "$ref": "#/components/responses/BadRequest"
+          },
+          "401": {
+            "$ref": "#/components/responses/Unauthorized"
+          },
+          "403": {
+            "$ref": "#/components/responses/Forbidden"
+          },
+          "404": {
+            "$ref": "#/components/responses/NotFound"
+          },
+          "500": {
+            "$ref": "#/components/responses/InternalServerError"
+          }
+        },
+        "security": [
+          {
+            "bearerAuth": []
+          }
+        ]
+      }
+    },
     "/user/list": {
       "post": {
         "tags": ["Users"],
@@ -4038,6 +4078,16 @@
           "default": 1
         }
       },
+      "parameterIdUserPass": {
+        "name": "password",
+        "in": "query",
+        "description": "User password",
+        "required": true,
+        "schema": {
+          "type": "string",
+          "default": null
+        }
+      },
       "parameterIdUser": {
         "name": "idUser",
         "in": "path",
diff --git a/pandora_console/include/lib/Modules/Authentication/Controllers/CreateTokenController.php b/pandora_console/include/lib/Modules/Authentication/Controllers/CreateTokenController.php
index e6b005408c..9f104c2f99 100644
--- a/pandora_console/include/lib/Modules/Authentication/Controllers/CreateTokenController.php
+++ b/pandora_console/include/lib/Modules/Authentication/Controllers/CreateTokenController.php
@@ -26,12 +26,12 @@ final class CreateTokenController extends Controller
      *   path="/token",
      *   summary="Creates a new tokens",
      * @OA\RequestBody(ref="#/components/requestBodies/requestBodyToken"),
-     * @OA\Response(response=200,                                          ref="#/components/responses/ResponseToken"),
-     * @OA\Response(response=400,                                          ref="#/components/responses/BadRequest"),
-     * @OA\Response(response=401,                                          ref="#/components/responses/Unauthorized"),
-     * @OA\Response(response=403,                                          ref="#/components/responses/Forbidden"),
-     * @OA\Response(response=404,                                          ref="#/components/responses/NotFound"),
-     * @OA\Response(response=500,                                          ref="#/components/responses/InternalServerError")
+     * @OA\Response(response=200, ref="#/components/responses/ResponseToken"),
+     * @OA\Response(response=400, ref="#/components/responses/BadRequest"),
+     * @OA\Response(response=401, ref="#/components/responses/Unauthorized"),
+     * @OA\Response(response=403, ref="#/components/responses/Forbidden"),
+     * @OA\Response(response=404, ref="#/components/responses/NotFound"),
+     * @OA\Response(response=500, ref="#/components/responses/InternalServerError")
      * )
      */
     public function __invoke(Request $request, Response $response): Response
diff --git a/pandora_console/include/lib/Modules/Users/Actions/GetUserLoginAction.php b/pandora_console/include/lib/Modules/Users/Actions/GetUserLoginAction.php
new file mode 100644
index 0000000000..a14df3564e
--- /dev/null
+++ b/pandora_console/include/lib/Modules/Users/Actions/GetUserLoginAction.php
@@ -0,0 +1,19 @@
+<?php
+
+namespace PandoraFMS\Modules\Users\Actions;
+
+use PandoraFMS\Modules\Users\Entities\User;
+use PandoraFMS\Modules\Users\Services\GetUserLoginService;
+
+final class GetUserLoginAction
+{
+    public function __construct(
+        private GetUserLoginService $getUserLoginService
+    ) {
+    }
+
+    public function __invoke(string $idUser, string $pass): User
+    {
+        return $this->getUserLoginService->__invoke($idUser, $pass);
+    }
+}
diff --git a/pandora_console/include/lib/Modules/Users/Controllers/GetUserLoginController.php b/pandora_console/include/lib/Modules/Users/Controllers/GetUserLoginController.php
new file mode 100644
index 0000000000..a415a63eaa
--- /dev/null
+++ b/pandora_console/include/lib/Modules/Users/Controllers/GetUserLoginController.php
@@ -0,0 +1,59 @@
+<?php
+
+namespace PandoraFMS\Modules\Users\Controllers;
+
+use PandoraFMS\Modules\Shared\Controllers\Controller;
+use PandoraFMS\Modules\Shared\Services\ValidateAclSystem;
+use PandoraFMS\Modules\Users\Actions\GetUserLoginAction;
+use PandoraFMS\Modules\Users\Entities\UserFilter;
+use Psr\Http\Message\ResponseInterface as Response;
+use Psr\Http\Message\ServerRequestInterface as Request;
+
+final class GetUserLoginController extends Controller
+{
+    public function __construct(
+        private GetUserLoginAction $getUserLoginAction,
+        private ValidateAclSystem $acl
+    ) {
+    }
+
+    /**
+     * @OA\Get(
+     *   security={{ "bearerAuth": {}}},
+     *   path="/user/{idUser}/login",
+     *   tags={"Users"},
+     *   summary="show user when login process",
+     *   @OA\Parameter(ref="#/components/parameters/parameterIdUser"),
+     *   @OA\Parameter(ref="#/components/parameters/parameterIdUserPass"),
+     *   @OA\Response(response=200, ref="#/components/responses/ResponseUser"),
+     *   @OA\Response(response=400, ref="#/components/responses/BadRequest"),
+     *   @OA\Response(response=401, ref="#/components/responses/Unauthorized"),
+     *   @OA\Response(response=403, ref="#/components/responses/Forbidden"),
+     *   @OA\Response(response=404, ref="#/components/responses/NotFound"),
+     *   @OA\Response(response=500, ref="#/components/responses/InternalServerError")
+     *  ),
+     *  @OA\Parameter(
+     *    parameter="parameterIdUserPass",
+     *    name="password",
+     *    in="query",
+     *    description="User password",
+     *    required=true,
+     *    @OA\Schema(
+     *      type="string",
+     *      default=null
+     *    )
+     *  )
+     */
+    public function __invoke(Request $request, Response $response): Response
+    {
+        $idUser = $this->getParam($request, 'idUser');
+        $userFilter = $this->fromRequest($request, UserFilter::class);
+        $pass = $userFilter->getEntityFilter()->getPassword();
+
+        $this->acl->validate(0, 'UM', ' tried to manage user');
+        
+        $result = $this->getUserLoginAction->__invoke($idUser, $pass);
+
+        return $this->getResponse($response, $result);
+    }
+}
diff --git a/pandora_console/include/lib/Modules/Users/Services/GetUserLoginService.php b/pandora_console/include/lib/Modules/Users/Services/GetUserLoginService.php
new file mode 100644
index 0000000000..91252d973c
--- /dev/null
+++ b/pandora_console/include/lib/Modules/Users/Services/GetUserLoginService.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace PandoraFMS\Modules\Users\Services;
+
+use PandoraFMS\Modules\Shared\Exceptions\NotFoundException;
+use PandoraFMS\Modules\Users\Entities\User;
+use PandoraFMS\Modules\Users\Repositories\UserRepository;
+
+final class GetUserLoginService
+{
+    public function __construct(
+        private UserRepository $userRepository,
+        private GetUserService $getUserService
+    ) {
+    }
+
+    public function __invoke(string $idUser, string $pass): User
+    {
+        $result = \process_user_login($idUser, $pass);
+
+        if ($result === false) {
+            throw new NotFoundException(__('Not found User'));
+        }
+
+        return $this->getUserService->__invoke($idUser);
+    }
+}
diff --git a/pandora_console/include/lib/Modules/Users/Services/GetUserService.php b/pandora_console/include/lib/Modules/Users/Services/GetUserService.php
index 97b670dbee..6e88cd4ab0 100644
--- a/pandora_console/include/lib/Modules/Users/Services/GetUserService.php
+++ b/pandora_console/include/lib/Modules/Users/Services/GetUserService.php
@@ -20,9 +20,7 @@ final class GetUserService
     {
         $userFilter = new UserFilter();
 
-        /*
-            @var User $entityFilter
-        */
+        /** @var User $entityFilter*/
         $entityFilter = $userFilter->getEntityFilter();
         $entityFilter->setIdUser($idUser);
 
diff --git a/pandora_console/include/lib/Modules/Users/routes.php b/pandora_console/include/lib/Modules/Users/routes.php
index c2d3dcaae3..7e336ff8b9 100644
--- a/pandora_console/include/lib/Modules/Users/routes.php
+++ b/pandora_console/include/lib/Modules/Users/routes.php
@@ -3,6 +3,7 @@
 use PandoraFMS\Modules\Users\Controllers\CreateUserController;
 use PandoraFMS\Modules\Users\Controllers\DeleteUserController;
 use PandoraFMS\Modules\Users\Controllers\GetUserController;
+use PandoraFMS\Modules\Users\Controllers\GetUserLoginController;
 use PandoraFMS\Modules\Users\Controllers\ListUserController;
 use PandoraFMS\Modules\Users\Controllers\UpdateUserController;
 use PandoraFMS\Modules\Users\UserProfiles\Controllers\CreateUserProfileController;
@@ -17,6 +18,7 @@ return function (App $app) {
     $app->post('/user', CreateUserController::class);
     $app->put('/user/{idUser}', UpdateUserController::class);
     $app->delete('/user/{idUser}', DeleteUserController::class);
+    $app->get('/user/{idUser}/login', GetUserLoginController::class);
 
     $app->map(['GET', 'POST'], '/user/{idUser}/profiles', ListUserProfileController::class);
     $app->get('/user/{idUser}/profile/{idProfile}', GetUserProfileController::class);