mirror of
https://github.com/pandorafms/pandorafms.git
synced 2025-04-08 18:55:09 +02:00
new api 2.0
This commit is contained in:
daniel
parent
510e8452cf
commit
5ff79dc550
@ -1,5 +1,7 @@
|
||||
<?php
|
||||
|
||||
use PandoraFMS\Modules\Authentication\Repositories\TokenRepository;
|
||||
use PandoraFMS\Modules\Authentication\Repositories\TokenRepositoryMySQL;
|
||||
use PandoraFMS\Modules\Events\Repositories\EventRepository;
|
||||
use PandoraFMS\Modules\Events\Repositories\EventRepositoryMySQL;
|
||||
use PandoraFMS\Modules\Groups\Repositories\GroupRepository;
|
||||
@ -40,6 +42,9 @@ return [
|
||||
Repository::class => function (ContainerInterface $container) {
|
||||
return $container->get(RepositoryMySQL::class);
|
||||
},
|
||||
TokenRepository::class => function (ContainerInterface $container) {
|
||||
return $container->get(TokenRepositoryMySQL::class);
|
||||
},
|
||||
UserRepository::class => function (ContainerInterface $container) {
|
||||
return $container->get(UserRepositoryMySQL::class);
|
||||
},
|
||||
|
||||
@ -1981,7 +1981,6 @@
|
||||
"description": "id_user of the token",
|
||||
"type": "string",
|
||||
"default": null,
|
||||
"readOnly": true,
|
||||
"nullable": true
|
||||
},
|
||||
"validity": {
|
||||
@ -2013,6 +2012,12 @@
|
||||
"idToken": {
|
||||
"default": null,
|
||||
"readOnly": false
|
||||
},
|
||||
"freeSearch": {
|
||||
"description": "Find word in name field.",
|
||||
"type": "string",
|
||||
"default": null,
|
||||
"nullable": true
|
||||
}
|
||||
},
|
||||
"type": "object"
|
||||
@ -3002,7 +3007,7 @@
|
||||
"User": {
|
||||
"properties": {
|
||||
"idUser": {
|
||||
"description": "Id user, not ",
|
||||
"description": "Id user",
|
||||
"type": "string",
|
||||
"nullable": false
|
||||
},
|
||||
@ -3777,7 +3782,7 @@
|
||||
"schema": {
|
||||
"type": "string",
|
||||
"default": "",
|
||||
"enum": ["ascending", "descending"]
|
||||
"enum": ["ASC", "DESC"]
|
||||
}
|
||||
},
|
||||
"parameterIdTag": {
|
||||
|
||||
@ -71,18 +71,6 @@ $table->data = [];
|
||||
$table->rowspan = [];
|
||||
$table->colspan = [];
|
||||
|
||||
if (is_metaconsole() === true) {
|
||||
$table->class = 'databox data';
|
||||
if (empty($id_token) === true) {
|
||||
$table->head[0] = __('Update Profile');
|
||||
} else {
|
||||
$table->head[0] = __('Create Profile');
|
||||
}
|
||||
|
||||
$table->head_colspan[0] = 4;
|
||||
$table->headstyle[0] = 'text-align: center';
|
||||
}
|
||||
|
||||
$table->data[0][0] = __('Token label');
|
||||
$table->data[0][1] = html_print_input_text(
|
||||
'label',
|
||||
@ -95,7 +83,21 @@ $table->data[0][1] = html_print_input_text(
|
||||
|
||||
if ((bool) users_is_admin() === true) {
|
||||
$table->data[0][2] = __('User');
|
||||
$table->data[0][3] = 'aaaa';
|
||||
$user_users = users_get_user_users(
|
||||
$config['id_user'],
|
||||
'AR',
|
||||
true
|
||||
);
|
||||
|
||||
$table->data[0][3] = html_print_select(
|
||||
$user_users,
|
||||
'idUser',
|
||||
$config['id_user'],
|
||||
'',
|
||||
'',
|
||||
0,
|
||||
true
|
||||
);
|
||||
}
|
||||
|
||||
$expiration_date = null;
|
||||
|
||||
@ -72,6 +72,7 @@ if ($delete_token === true) {
|
||||
$tokenMsg = '';
|
||||
if ($create_token === true || $update_token === true) {
|
||||
$label = get_parameter('label', null);
|
||||
$idUser = get_parameter('idUser', $config['id_user']);
|
||||
|
||||
$expirationDate = get_parameter('date-expiration', null);
|
||||
$expirationTime = get_parameter('time-expiration', null);
|
||||
@ -84,6 +85,7 @@ if ($create_token === true || $update_token === true) {
|
||||
}
|
||||
|
||||
$values = [
|
||||
'idUser' => $idUser,
|
||||
'label' => $label,
|
||||
'validity' => $validity,
|
||||
];
|
||||
@ -124,6 +126,7 @@ if ($create_token === true || $update_token === true) {
|
||||
try {
|
||||
$columns = [
|
||||
'label',
|
||||
'idUser',
|
||||
'validity',
|
||||
'lastUsage',
|
||||
'options',
|
||||
@ -131,6 +134,7 @@ try {
|
||||
|
||||
$column_names = [
|
||||
__('Label'),
|
||||
__('For user'),
|
||||
__('Expiration'),
|
||||
__('Last usage'),
|
||||
[
|
||||
@ -139,6 +143,16 @@ try {
|
||||
],
|
||||
];
|
||||
|
||||
$user_users = [$config['id_user'] => get_user_fullname($config['id_user'])];
|
||||
if ((bool) users_is_admin() === true) {
|
||||
$user_users = users_get_user_users(
|
||||
$config['id_user'],
|
||||
'AR',
|
||||
true
|
||||
);
|
||||
$user_users[0] = __('Any');
|
||||
}
|
||||
|
||||
$tableId = 'token_table';
|
||||
// Load datatables user interface.
|
||||
ui_print_datatable(
|
||||
@ -162,14 +176,21 @@ try {
|
||||
[
|
||||
'label' => __('Free search'),
|
||||
'type' => 'text',
|
||||
'class' => 'w25p',
|
||||
'id' => 'freeSearch',
|
||||
'name' => 'freeSearch',
|
||||
],
|
||||
[
|
||||
'label' => __('User'),
|
||||
'type' => 'select',
|
||||
'fields' => $user_users,
|
||||
'selected' => $config['id_user'],
|
||||
'id' => 'idUser',
|
||||
'name' => 'idUser',
|
||||
],
|
||||
],
|
||||
],
|
||||
'filter_main_class' => 'box-flat white_table_graph fixed_filter_bar',
|
||||
'dom_elements' => 'lftpB',
|
||||
'dom_elements' => 'lftp',
|
||||
]
|
||||
);
|
||||
} catch (Exception $e) {
|
||||
|
||||
7
pandora_console/images/setup-password.svg
Normal file
7
pandora_console/images/setup-password.svg
Normal file
@ -0,0 +1,7 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<svg width="20px" height="20px" viewBox="0 0 20 20" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
|
||||
<title>Icons / 20 / setup-password</title>
|
||||
<g id="Icons-/-20-/-setup-password" stroke="none" stroke-width="1" fill="none" fill-rule="evenodd">
|
||||
<path d="M13.208468,9.26583823 L19.39347,13.7454161 C20.5245355,14.5646067 19.9687223,16.4156239 18.5916747,16.4156239 L15.9658602,16.4155425 L14.7930093,19.1348551 C14.2313611,20.436557 12.4230217,20.2083185 12.1400384,18.8589672 L12.1195829,18.7405724 L11.0151183,10.6773323 C10.8414908,9.40975022 12.2000464,8.53547418 13.208468,9.26583823 Z M17,0 C18.6568542,0 20,1.34314575 20,3 L20,9 C20,9.81609934 19.6741328,10.5560883 19.1454186,11.0969469 L17.4692534,9.88328821 C17.7850281,9.71518084 18,9.3826951 18,9 L18,3 C18,2.44771525 17.5522847,2 17,2 L3,2 C2.44771525,2 2,2.44771525 2,3 L2,9 C2,9.55228475 2.44771525,10 3,10 L9.02768756,10.0002458 C8.98874158,10.3032607 8.98869844,10.6207909 9.03362053,10.9487486 L9.177,12 L3,12 C1.34314575,12 0,10.6568542 0,9 L0,3 C0,1.34314575 1.34314575,0 3,0 L17,0 Z M6.52839506,4 L6.52839506,5.31948052 L7.67407407,4.91428571 L8,5.93246753 L6.8345679,6.32727273 L7.5654321,7.36623377 L6.74567901,8 L5.99506173,6.95064935 L5.26419753,8 L4.44444444,7.35584416 L5.1654321,6.32727273 L4,5.93246753 L4.31604938,4.91428571 L5.47160494,5.31948052 L5.47160494,4 L6.52839506,4 Z M11.5283951,4 L11.5283951,5.31948052 L12.6740741,4.91428571 L13,5.93246753 L11.8345679,6.32727273 L12.5654321,7.36623377 L11.745679,8 L10.9950617,6.95064935 L10.2641975,8 L9.44444444,7.35584416 L10.1654321,6.32727273 L9,5.93246753 L9.31604938,4.91428571 L10.4716049,5.31948052 L10.4716049,4 L11.5283951,4 Z" id="Path-91" fill="#3F3F3F"></path>
|
||||
</g>
|
||||
</svg>
|
||||
|
After Width: | Height: | Size: 1.8 KiB |
@ -82,9 +82,7 @@ function list_user_tokens(
|
||||
/** @var Token $entityFilter */
|
||||
$entityFilter = $tokenFilter->getEntityFilter();
|
||||
|
||||
if (empty($filters['idUser']) === true) {
|
||||
$entityFilter->setIdUser($config['id_user']);
|
||||
} else {
|
||||
if (empty($filters['idUser']) === false) {
|
||||
$entityFilter->setIdUser($filters['idUser']);
|
||||
}
|
||||
|
||||
@ -103,11 +101,10 @@ function list_user_tokens(
|
||||
*/
|
||||
function create_user_token(array $params): array
|
||||
{
|
||||
global $config;
|
||||
global $container;
|
||||
|
||||
$token = new Token;
|
||||
$token->setIdUser($config['id_user']);
|
||||
$token->setIdUser($params['idUser']);
|
||||
$token->setLabel(io_safe_output($params['label']));
|
||||
$token->setValidity((empty($params['validity']) === false) ? io_safe_output($params['validity']) : null);
|
||||
$result = $container->get(CreateTokenAction::class)->__invoke($token)->toArray();
|
||||
@ -126,13 +123,12 @@ function create_user_token(array $params): array
|
||||
*/
|
||||
function update_user_token(int $idToken, array $params): array
|
||||
{
|
||||
global $config;
|
||||
global $container;
|
||||
|
||||
$token = $container->get(GetTokenAction::class)->__invoke($idToken);
|
||||
$oldToken = clone $token;
|
||||
|
||||
$token->setIdUser($config['id_user']);
|
||||
$token->setIdUser($params['idUser']);
|
||||
$token->setLabel(io_safe_output($params['label']));
|
||||
$token->setValidity((empty($params['validity']) === false) ? io_safe_output($params['validity']) : null);
|
||||
|
||||
|
||||
@ -1040,19 +1040,19 @@ function user_print_header(int $pure=0, string $tab='user', ?string $title=null)
|
||||
$url_list_token = 'index.php?sec=gusuarios&sec2=godmode/users/token_list';
|
||||
$url_list_token .= '&tab=token&pure='.$pure;
|
||||
|
||||
$buttons['user'] = [
|
||||
'active' => false,
|
||||
'text' => '<a href="'.$url_list_user.'">'.html_print_image(
|
||||
'images/user.svg',
|
||||
true,
|
||||
[
|
||||
'title' => __('User management'),
|
||||
'class' => 'invert_filter main_menu_icon',
|
||||
]
|
||||
).'</a>',
|
||||
];
|
||||
|
||||
if ((bool) check_acl($config['id_user'], 0, 'PM') === true) {
|
||||
$buttons['user'] = [
|
||||
'active' => false,
|
||||
'text' => '<a href="'.$url_list_user.'">'.html_print_image(
|
||||
'images/user.svg',
|
||||
true,
|
||||
[
|
||||
'title' => __('User management'),
|
||||
'class' => 'invert_filter main_menu_icon',
|
||||
]
|
||||
).'</a>',
|
||||
];
|
||||
|
||||
$buttons['profile'] = [
|
||||
'active' => false,
|
||||
'text' => '<a href="'.$url_list_profile.'">'.html_print_image(
|
||||
@ -1069,7 +1069,7 @@ function user_print_header(int $pure=0, string $tab='user', ?string $title=null)
|
||||
$buttons['token'] = [
|
||||
'active' => false,
|
||||
'text' => '<a href="'.$url_list_token.'">'.html_print_image(
|
||||
'images/incremental-data@svg.svg',
|
||||
'images/setup-password.svg',
|
||||
true,
|
||||
[
|
||||
'title' => __('Token management'),
|
||||
@ -1078,12 +1078,14 @@ function user_print_header(int $pure=0, string $tab='user', ?string $title=null)
|
||||
).'</a>',
|
||||
];
|
||||
|
||||
$buttons[$tab]['active'] = true;
|
||||
if (isset($buttons[$tab]) === true) {
|
||||
$buttons[$tab]['active'] = true;
|
||||
}
|
||||
|
||||
switch ($tab) {
|
||||
case 'token':
|
||||
$title = (empty($title) === false) ? $title : __('Token management');
|
||||
$img = 'images/incremental-data@svg.svg';
|
||||
$img = 'images/setup-password.svg';
|
||||
$tab_name = 'token_tab';
|
||||
$short_title = __('Token');
|
||||
break;
|
||||
|
||||
@ -4,16 +4,19 @@ namespace PandoraFMS\Modules\Authentication\Actions;
|
||||
|
||||
use PandoraFMS\Modules\Authentication\Entities\Token;
|
||||
use PandoraFMS\Modules\Authentication\Services\CreateTokenService;
|
||||
use PandoraFMS\Modules\Shared\Services\ValidateAclSystem;
|
||||
|
||||
final class CreateTokenAction
|
||||
{
|
||||
public function __construct(
|
||||
private CreateTokenService $createTokenService
|
||||
private CreateTokenService $createTokenService,
|
||||
private ValidateAclSystem $acl,
|
||||
) {
|
||||
}
|
||||
|
||||
public function __invoke(Token $token): Token
|
||||
{
|
||||
$this->acl->validateAclToken($token);
|
||||
return $this->createTokenService->__invoke($token);
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,16 +4,19 @@ namespace PandoraFMS\Modules\Authentication\Actions;
|
||||
|
||||
use PandoraFMS\Modules\Authentication\Entities\Token;
|
||||
use PandoraFMS\Modules\Authentication\Services\DeleteTokenService;
|
||||
use PandoraFMS\Modules\Shared\Services\ValidateAclSystem;
|
||||
|
||||
final class DeleteTokenAction
|
||||
{
|
||||
public function __construct(
|
||||
private DeleteTokenService $deleteTokenService
|
||||
private DeleteTokenService $deleteTokenService,
|
||||
private ValidateAclSystem $acl,
|
||||
) {
|
||||
}
|
||||
|
||||
public function __invoke(Token $token): void
|
||||
{
|
||||
$this->acl->validateAclToken($token);
|
||||
$this->deleteTokenService->__invoke($token);
|
||||
}
|
||||
}
|
||||
|
||||
@ -4,16 +4,19 @@ namespace PandoraFMS\Modules\Authentication\Actions;
|
||||
|
||||
use PandoraFMS\Modules\Authentication\Entities\Token;
|
||||
use PandoraFMS\Modules\Authentication\Services\UpdateTokenService;
|
||||
use PandoraFMS\Modules\Shared\Services\ValidateAclSystem;
|
||||
|
||||
final class UpdateTokenAction
|
||||
{
|
||||
public function __construct(
|
||||
private UpdateTokenService $updateTokenService
|
||||
private UpdateTokenService $updateTokenService,
|
||||
private ValidateAclSystem $acl,
|
||||
) {
|
||||
}
|
||||
|
||||
public function __invoke(Token $token, Token $oldToken): Token
|
||||
{
|
||||
$this->acl->validateAclToken($token);
|
||||
return $this->updateTokenService->__invoke($token, $oldToken);
|
||||
}
|
||||
}
|
||||
|
||||
@ -5,7 +5,6 @@ namespace PandoraFMS\Modules\Authentication\Controllers;
|
||||
use PandoraFMS\Modules\Authentication\Actions\CreateTokenAction;
|
||||
use PandoraFMS\Modules\Authentication\Entities\Token;
|
||||
use PandoraFMS\Modules\Shared\Controllers\Controller;
|
||||
use PandoraFMS\Modules\Shared\Services\ValidateAclSystem;
|
||||
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
@ -13,8 +12,7 @@ use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
final class CreateTokenController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private CreateTokenAction $createTokenAction,
|
||||
private ValidateAclSystem $acl,
|
||||
private CreateTokenAction $createTokenAction
|
||||
) {
|
||||
}
|
||||
|
||||
@ -38,8 +36,6 @@ final class CreateTokenController extends Controller
|
||||
// @var Token $token.
|
||||
$token = $this->fromRequest($request, Token::class);
|
||||
|
||||
$this->acl->validate(0, 'UM', ' tried to manage tokens');
|
||||
|
||||
$result = $this->createTokenAction->__invoke($token);
|
||||
|
||||
return $this->getResponse($response, $result);
|
||||
|
||||
@ -5,7 +5,6 @@ namespace PandoraFMS\Modules\Authentication\Controllers;
|
||||
use PandoraFMS\Modules\Authentication\Actions\DeleteTokenAction;
|
||||
use PandoraFMS\Modules\Authentication\Actions\GetTokenAction;
|
||||
use PandoraFMS\Modules\Shared\Controllers\Controller;
|
||||
use PandoraFMS\Modules\Shared\Services\ValidateAclSystem;
|
||||
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
@ -14,7 +13,6 @@ final class DeleteTokenController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private DeleteTokenAction $deleteTokenAction,
|
||||
private ValidateAclSystem $acl,
|
||||
private GetTokenAction $getTokenAction
|
||||
) {
|
||||
}
|
||||
@ -39,8 +37,6 @@ final class DeleteTokenController extends Controller
|
||||
$idToken = $this->getParam($request, 'id');
|
||||
$token = $this->getTokenAction->__invoke($idToken);
|
||||
|
||||
$this->acl->validate(0, 'UM', ' tried to manage token');
|
||||
|
||||
$result = $this->deleteTokenAction->__invoke($token);
|
||||
return $this->getResponse($response, $result);
|
||||
}
|
||||
|
||||
@ -4,7 +4,6 @@ namespace PandoraFMS\Modules\Authentication\Controllers;
|
||||
|
||||
use PandoraFMS\Modules\Authentication\Actions\GetTokenAction;
|
||||
use PandoraFMS\Modules\Shared\Controllers\Controller;
|
||||
use PandoraFMS\Modules\Shared\Services\ValidateAclSystem;
|
||||
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
@ -12,8 +11,7 @@ use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
final class GetTokenController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private GetTokenAction $getTokenAction,
|
||||
private ValidateAclSystem $acl
|
||||
private GetTokenAction $getTokenAction
|
||||
) {
|
||||
}
|
||||
|
||||
@ -36,8 +34,6 @@ final class GetTokenController extends Controller
|
||||
{
|
||||
$idToken = $this->getParam($request, 'id');
|
||||
|
||||
$this->acl->validate(0, 'UM', ' tried to manage token');
|
||||
|
||||
$result = $this->getTokenAction->__invoke($idToken);
|
||||
return $this->getResponse($response, $result);
|
||||
}
|
||||
|
||||
@ -5,15 +5,13 @@ namespace PandoraFMS\Modules\Authentication\Controllers;
|
||||
use PandoraFMS\Modules\Authentication\Actions\ListTokenAction;
|
||||
use PandoraFMS\Modules\Authentication\Entities\TokenFilter;
|
||||
use PandoraFMS\Modules\Shared\Controllers\Controller;
|
||||
use PandoraFMS\Modules\Shared\Services\ValidateAclSystem;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
|
||||
final class ListTokenController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private ListTokenAction $listTokenAction,
|
||||
private ValidateAclSystem $acl,
|
||||
private ListTokenAction $listTokenAction
|
||||
) {
|
||||
}
|
||||
|
||||
@ -65,8 +63,6 @@ final class ListTokenController extends Controller
|
||||
// @var TokenFilter $tokenFilter.
|
||||
$tokenFilter = $this->fromRequest($request, TokenFilter::class);
|
||||
|
||||
$this->acl->validate(0, 'UM', ' tried to manage token');
|
||||
|
||||
$result = $this->listTokenAction->__invoke($tokenFilter);
|
||||
return $this->getResponse($response, $result);
|
||||
}
|
||||
|
||||
@ -6,7 +6,6 @@ use PandoraFMS\Modules\Authentication\Actions\GetTokenAction;
|
||||
use PandoraFMS\Modules\Authentication\Actions\UpdateTokenAction;
|
||||
use PandoraFMS\Modules\Shared\Controllers\Controller;
|
||||
|
||||
use PandoraFMS\Modules\Shared\Services\ValidateAclSystem;
|
||||
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
@ -31,7 +30,6 @@ final class UpdateTokenController extends Controller
|
||||
{
|
||||
public function __construct(
|
||||
private UpdateTokenAction $updateTokenAction,
|
||||
private ValidateAclSystem $acl,
|
||||
private GetTokenAction $getTokenAction
|
||||
) {
|
||||
}
|
||||
@ -45,8 +43,6 @@ final class UpdateTokenController extends Controller
|
||||
$params = $this->extractParams($request);
|
||||
$token->fromArray($params);
|
||||
|
||||
$this->acl->validate(0, 'UM', ' tried to manage token');
|
||||
|
||||
$result = $this->updateTokenAction->__invoke($token, $oldToken);
|
||||
return $this->getResponse($response, $result);
|
||||
}
|
||||
|
||||
@ -36,8 +36,7 @@ use PandoraFMS\Modules\Shared\Validators\Validator;
|
||||
* type="string",
|
||||
* nullable=true,
|
||||
* default=null,
|
||||
* description="id_user of the token",
|
||||
* readOnly=true
|
||||
* description="id_user of the token"
|
||||
* ),
|
||||
* @OA\Property(
|
||||
* property="validity",
|
||||
@ -116,7 +115,6 @@ final class Token extends Entity
|
||||
'idToken' => 1,
|
||||
'uuid' => 1,
|
||||
'challenge' => 1,
|
||||
'idUser' => 1,
|
||||
'token' => 1,
|
||||
'lastUsage' => 1,
|
||||
];
|
||||
|
||||
@ -3,62 +3,24 @@
|
||||
namespace PandoraFMS\Modules\Authentication\Repositories;
|
||||
|
||||
use PandoraFMS\Modules\Authentication\Entities\Token;
|
||||
use PandoraFMS\Modules\Authentication\Entities\TokenDataMapper;
|
||||
use PandoraFMS\Modules\Authentication\Entities\TokenFilter;
|
||||
use PandoraFMS\Modules\Shared\Repositories\Repository;
|
||||
|
||||
class TokenRepository
|
||||
interface TokenRepository
|
||||
{
|
||||
public function __construct(
|
||||
private Repository $repository,
|
||||
private TokenDataMapper $tokenDataMapper
|
||||
) {
|
||||
}
|
||||
|
||||
/**
|
||||
* @return Token[],
|
||||
*/
|
||||
public function list(TokenFilter $tokenFilter): array
|
||||
{
|
||||
return $this->repository->__list(
|
||||
$tokenFilter,
|
||||
$this->tokenDataMapper
|
||||
);
|
||||
}
|
||||
*/
|
||||
public function list(TokenFilter $tokenFilter): array;
|
||||
|
||||
public function count(TokenFilter $tokenFilter): int
|
||||
{
|
||||
return $this->repository->__count(
|
||||
$tokenFilter,
|
||||
$this->tokenDataMapper
|
||||
);
|
||||
}
|
||||
public function count(TokenFilter $tokenFilter): int;
|
||||
|
||||
public function getOne(TokenFilter $tokenFilter): Token
|
||||
{
|
||||
return $this->repository->__getOne(
|
||||
$tokenFilter,
|
||||
$this->tokenDataMapper
|
||||
);
|
||||
}
|
||||
public function getOne(TokenFilter $tokenFilter): Token;
|
||||
|
||||
public function create(Token $token): Token
|
||||
{
|
||||
$id = $this->repository->__create($token, $this->tokenDataMapper);
|
||||
return $token->setIdToken($id);
|
||||
}
|
||||
public function create(Token $token): Token;
|
||||
|
||||
public function update(Token $token): Token
|
||||
{
|
||||
return $this->repository->__update(
|
||||
$token,
|
||||
$this->tokenDataMapper,
|
||||
$token->getIdToken()
|
||||
);
|
||||
}
|
||||
public function update(Token $token): Token;
|
||||
|
||||
public function delete(int $id): void
|
||||
{
|
||||
$this->repository->__delete($id, $this->tokenDataMapper);
|
||||
}
|
||||
public function delete(int $id): void;
|
||||
|
||||
public function getExistToken(string $label): Token;
|
||||
}
|
||||
|
||||
@ -0,0 +1,182 @@
|
||||
<?php
|
||||
|
||||
namespace PandoraFMS\Modules\Authentication\Repositories;
|
||||
|
||||
use InvalidArgumentException;
|
||||
use PandoraFMS\Modules\Shared\Core\DataMapperAbstract;
|
||||
use PandoraFMS\Modules\Shared\Core\FilterAbstract;
|
||||
use PandoraFMS\Modules\Shared\Enums\HttpCodesEnum;
|
||||
use PandoraFMS\Modules\Shared\Exceptions\NotFoundException;
|
||||
use PandoraFMS\Modules\Shared\Repositories\RepositoryMySQL;
|
||||
use PandoraFMS\Modules\Authentication\Entities\Token;
|
||||
use PandoraFMS\Modules\Authentication\Entities\TokenDataMapper;
|
||||
use PandoraFMS\Modules\Authentication\Entities\TokenFilter;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
|
||||
final class TokenRepositoryMySQL extends RepositoryMySQL implements TokenRepository
|
||||
{
|
||||
public function __construct(
|
||||
private TokenDataMapper $tokenDataMapper,
|
||||
private Config $config
|
||||
) {
|
||||
}
|
||||
|
||||
/**
|
||||
* @return Token[],
|
||||
*/
|
||||
public function list(TokenFilter $tokenFilter): array
|
||||
{
|
||||
try {
|
||||
$sql = $this->getAuthenticationQuery($tokenFilter, $this->tokenDataMapper);
|
||||
$list = $this->dbGetAllRowsSql($sql);
|
||||
} catch (\Throwable $th) {
|
||||
// Capture errors mysql.
|
||||
throw new InvalidArgumentException(
|
||||
strip_tags($th->getMessage()),
|
||||
HttpCodesEnum::INTERNAL_SERVER_ERROR
|
||||
);
|
||||
}
|
||||
|
||||
if (is_array($list) === false) {
|
||||
throw new NotFoundException(__('%s not found', $this->tokenDataMapper->getStringNameClass()));
|
||||
}
|
||||
|
||||
$result = [];
|
||||
foreach ($list as $fields) {
|
||||
$result[] = $this->tokenDataMapper->fromDatabase($fields);
|
||||
}
|
||||
|
||||
return $result;
|
||||
}
|
||||
|
||||
public function count(TokenFilter $tokenFilter): int
|
||||
{
|
||||
$sql = $this->getAuthenticationQuery($tokenFilter, $this->tokenDataMapper, true);
|
||||
try {
|
||||
$count = $this->dbGetValueSql($sql);
|
||||
} catch (\Throwable $th) {
|
||||
// Capture errors mysql.
|
||||
throw new InvalidArgumentException(
|
||||
strip_tags($th->getMessage()),
|
||||
HttpCodesEnum::INTERNAL_SERVER_ERROR
|
||||
);
|
||||
}
|
||||
|
||||
return (int) $count;
|
||||
}
|
||||
|
||||
public function getOne(TokenFilter $tokenFilter): Token
|
||||
{
|
||||
try {
|
||||
$sql = $this->getAuthenticationQuery($tokenFilter, $this->tokenDataMapper);
|
||||
$result = $this->dbGetRowSql($sql);
|
||||
} catch (\Throwable $th) {
|
||||
// Capture errors mysql.
|
||||
throw new InvalidArgumentException(
|
||||
strip_tags($th->getMessage()),
|
||||
HttpCodesEnum::INTERNAL_SERVER_ERROR
|
||||
);
|
||||
}
|
||||
|
||||
if (empty($result) === true) {
|
||||
throw new NotFoundException(__('%s not found', $this->tokenDataMapper->getStringNameClass()));
|
||||
}
|
||||
|
||||
return $this->tokenDataMapper->fromDatabase($result);
|
||||
}
|
||||
|
||||
public function getExistToken(string $label): Token
|
||||
{
|
||||
try {
|
||||
$sql = sprintf('SELECT * FROM `ttoken` WHERE `label` = "%s"', $label);
|
||||
$result = $this->dbGetRowSql($sql);
|
||||
} catch (\Throwable $th) {
|
||||
// Capture errors mysql.
|
||||
throw new InvalidArgumentException(
|
||||
strip_tags($th->getMessage()),
|
||||
HttpCodesEnum::INTERNAL_SERVER_ERROR
|
||||
);
|
||||
}
|
||||
|
||||
if (empty($result) === true) {
|
||||
throw new NotFoundException(__('%s not found', $this->tokenDataMapper->getStringNameClass()));
|
||||
}
|
||||
|
||||
return $this->tokenDataMapper->fromDatabase($result);
|
||||
}
|
||||
|
||||
public function create(Token $token): Token
|
||||
{
|
||||
$idToken = $this->__create($token, $this->tokenDataMapper);
|
||||
return $token->setIdToken($idToken);
|
||||
}
|
||||
|
||||
public function update(Token $token): Token
|
||||
{
|
||||
return $this->__update(
|
||||
$token,
|
||||
$this->tokenDataMapper,
|
||||
$token->getIdToken()
|
||||
);
|
||||
}
|
||||
|
||||
public function delete(int $id): void
|
||||
{
|
||||
$this->__delete($id, $this->tokenDataMapper);
|
||||
}
|
||||
|
||||
private function getAuthenticationQuery(
|
||||
FilterAbstract $filter,
|
||||
DataMapperAbstract $mapper,
|
||||
bool $count = false
|
||||
): string {
|
||||
$pagination = '';
|
||||
$orderBy = '';
|
||||
$fields = 'COUNT(DISTINCT ttoken.id) as count';
|
||||
$filters = $this->buildQueryFilters($filter, $mapper);
|
||||
|
||||
// Check ACL for user list.
|
||||
if (\users_is_admin() === false) {
|
||||
// No admin.
|
||||
$filters .= sprintf(
|
||||
' AND ttoken.id_user = "%s"',
|
||||
$this->config->get('id_user')
|
||||
);
|
||||
}
|
||||
|
||||
if ($count === false) {
|
||||
$pagination = $this->buildQueryPagination($filter);
|
||||
$orderBy = $this->buildQueryOrderBy($filter);
|
||||
if (empty($filter->getFields()) === true) {
|
||||
$fields = 'DISTINCT ttoken.*';
|
||||
} else {
|
||||
$buildFields = '';
|
||||
foreach ($filter->getFields() as $field) {
|
||||
if (empty($buildFields) === false) {
|
||||
$buildFields .= ' , ';
|
||||
}
|
||||
|
||||
$buildFields .= $field;
|
||||
}
|
||||
|
||||
$fields = $buildFields;
|
||||
}
|
||||
}
|
||||
|
||||
$sql = sprintf(
|
||||
'SELECT %s
|
||||
FROM ttoken
|
||||
INNER JOIN tusuario
|
||||
ON tusuario.id_user = ttoken.id_user
|
||||
WHERE %s
|
||||
%s
|
||||
%s',
|
||||
$fields,
|
||||
$filters,
|
||||
$orderBy,
|
||||
$pagination
|
||||
);
|
||||
|
||||
return $sql;
|
||||
}
|
||||
}
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
namespace PandoraFMS\Modules\Authentication\Services;
|
||||
|
||||
use PandoraFMS\Core\Config;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
|
||||
final class ValidateServerIdentifierTokenService
|
||||
{
|
||||
|
||||
@ -7,12 +7,14 @@ use PandoraFMS\Modules\Authentication\Services\ExistLabelTokenService;
|
||||
use PandoraFMS\Modules\Shared\Exceptions\BadRequestException;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
use PandoraFMS\Modules\Shared\Services\Timestamp;
|
||||
use PandoraFMS\Modules\Users\Services\GetUserService;
|
||||
|
||||
final class TokenValidation
|
||||
{
|
||||
public function __construct(
|
||||
private Config $config,
|
||||
private Timestamp $timestamp,
|
||||
private GetUserService $getUserService,
|
||||
private ExistLabelTokenService $existLabelTokenService
|
||||
) {
|
||||
}
|
||||
@ -23,16 +25,20 @@ final class TokenValidation
|
||||
throw new BadRequestException(__('Label is missing'));
|
||||
}
|
||||
|
||||
if($oldToken === null || $oldToken->getLabel() !== $token->getLabel()) {
|
||||
if($this->existLabelTokenService->__invoke($token->getLabel()) === true) {
|
||||
if ($oldToken === null || $oldToken->getLabel() !== $token->getLabel()) {
|
||||
if ($this->existLabelTokenService->__invoke($token->getLabel()) === true) {
|
||||
throw new BadRequestException(
|
||||
__('Label %s is already exists', $token->getLabel())
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
if($oldToken === null) {
|
||||
if (is_user_admin($this->config->get('id_user')) === false
|
||||
|| empty($token->getIdUser()) === true
|
||||
) {
|
||||
$token->setIdUser($this->config->get('id_user'));
|
||||
} else {
|
||||
$this->validateUser($token->getIdUser());
|
||||
}
|
||||
}
|
||||
|
||||
@ -40,4 +46,9 @@ final class TokenValidation
|
||||
{
|
||||
return $this->timestamp->getMysqlCurrentTimestamp(0);
|
||||
}
|
||||
|
||||
private function validateUser(string $idUser): void
|
||||
{
|
||||
$this->getUserService->__invoke($idUser);
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
namespace PandoraFMS\Modules\Events\Comments\Validations;
|
||||
|
||||
use PandoraFMS\Core\Config;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
use PandoraFMS\Modules\Events\Comments\Entities\EventComment;
|
||||
use PandoraFMS\Modules\Events\Comments\Services\GetEventCommentService;
|
||||
use PandoraFMS\Modules\Shared\Exceptions\BadRequestException;
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
namespace PandoraFMS\Modules\Events\Repositories;
|
||||
|
||||
use InvalidArgumentException;
|
||||
use PandoraFMS\Core\Config;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
use PandoraFMS\Modules\Events\Entities\Event;
|
||||
use PandoraFMS\Modules\Events\Entities\EventDataMapper;
|
||||
use PandoraFMS\Modules\Events\Filters\Entities\EventFilter;
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
namespace PandoraFMS\Modules\Events\Services;
|
||||
|
||||
use PandoraFMS\Core\Config;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
use PandoraFMS\Modules\Events\Entities\Event;
|
||||
use PandoraFMS\Modules\Events\Entities\EventFilter;
|
||||
use PandoraFMS\Modules\Events\Enums\EventStatusEnum;
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
namespace PandoraFMS\Modules\Events\Validations;
|
||||
|
||||
use PandoraFMS\Core\Config;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
use PandoraFMS\Modules\Events\Entities\Event;
|
||||
use PandoraFMS\Modules\Events\Enums\EventSeverityEnum;
|
||||
use PandoraFMS\Modules\Events\Enums\EventStatusEnum;
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
namespace PandoraFMS\Modules\Groups\Repositories;
|
||||
|
||||
use InvalidArgumentException;
|
||||
use PandoraFMS\Core\Config;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
use PandoraFMS\Modules\Groups\Entities\Group;
|
||||
use PandoraFMS\Modules\Groups\Entities\GroupDataMapper;
|
||||
use PandoraFMS\Modules\Groups\Entities\GroupFilter;
|
||||
|
||||
@ -89,6 +89,7 @@ abstract class DataMapperAbstract
|
||||
'PandoraFMS\\Modules\\Events\\Filters\\Entities\\EventFilter' => 'EventFilter',
|
||||
'PandoraFMS\\Modules\\Groups\\Entities\\Group' => 'Group',
|
||||
'PandoraFMS\\Modules\\Tags\\Entities\\Tag' => 'Tag',
|
||||
'PandoraFMS\\Modules\\Authentication\\Entities\\Token' => 'Token',
|
||||
];
|
||||
|
||||
$result = ($strname[$this->getClassName()] ?? '');
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
namespace PandoraFMS\Modules\Shared\Middlewares;
|
||||
|
||||
use PandoraFMS\Core\Config;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
use PandoraFMS\Modules\Shared\Exceptions\NotFoundException;
|
||||
|
||||
final class AclListMiddleware
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
namespace PandoraFMS\Modules\Shared\Middlewares;
|
||||
|
||||
use PandoraFMS\Core\Config;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
use PandoraFMS\Modules\Authentication\Services\GetUserTokenService;
|
||||
use PandoraFMS\Modules\Authentication\Services\UpdateTokenService;
|
||||
use PandoraFMS\Modules\Authentication\Services\ValidateServerIdentifierTokenService;
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
|
||||
namespace PandoraFMS\Modules\Shared\Services;
|
||||
|
||||
use PandoraFMS\Modules\Authentication\Entities\Token;
|
||||
use PandoraFMS\Modules\Shared\Exceptions\ForbiddenACLException;
|
||||
use PandoraFMS\Modules\Users\UserProfiles\Actions\GetUserProfileAction;
|
||||
|
||||
@ -36,7 +37,11 @@ class ValidateAclSystem
|
||||
}
|
||||
|
||||
if ($acl === false) {
|
||||
$this->audit->write('ACL forbidden user does not have permission ', $message);
|
||||
$this->audit->write(
|
||||
AUDIT_LOG_ACL_VIOLATION,
|
||||
'ACL forbidden user does not have permission ',
|
||||
$message
|
||||
);
|
||||
throw new ForbiddenACLException('ACL forbidden user does not have permission '.$message);
|
||||
}
|
||||
}
|
||||
@ -64,7 +69,14 @@ class ValidateAclSystem
|
||||
}
|
||||
|
||||
if ($exist === false) {
|
||||
$this->audit->write('ACL Forbidden idGroup is not valid for this user', $message);
|
||||
$this->audit->write(
|
||||
AUDIT_LOG_ACL_VIOLATION,
|
||||
__(
|
||||
'ACL Forbidden idGroup is not valid for this user %d',
|
||||
$this->config->get('id_user')
|
||||
),
|
||||
$message
|
||||
);
|
||||
throw new ForbiddenACLException('ACL Forbidden idGroup is not valid for this user');
|
||||
}
|
||||
}
|
||||
@ -82,4 +94,23 @@ class ValidateAclSystem
|
||||
$idUser ??= $this->config->get('id_user');
|
||||
$this->getUserProfileAction->__invoke($idUser, $idProfile);
|
||||
}
|
||||
|
||||
public function validateAclToken(
|
||||
Token $token
|
||||
) {
|
||||
if (is_user_admin($this->config->get('id_user')) === false
|
||||
&& $token->getIdUser() !== null
|
||||
&& $token->getIdUser() !== $this->config->get('id_user')
|
||||
) {
|
||||
$this->audit->write(
|
||||
AUDIT_LOG_ACL_VIOLATION,
|
||||
__(
|
||||
'ACL Forbidden only user administrator edit token other users, not this user %s',
|
||||
$this->config->get('id_user')
|
||||
)
|
||||
);
|
||||
|
||||
throw new ForbiddenACLException(__('ACL Forbidden only user administrator edit token other users'));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
namespace PandoraFMS\Modules\Users\Repositories;
|
||||
|
||||
use InvalidArgumentException;
|
||||
use PandoraFMS\Core\Config;
|
||||
use PandoraFMS\Modules\Shared\Services\Config;
|
||||
use PandoraFMS\Modules\Shared\Core\DataMapperAbstract;
|
||||
use PandoraFMS\Modules\Shared\Core\FilterAbstract;
|
||||
use PandoraFMS\Modules\Shared\Enums\HttpCodesEnum;
|
||||
@ -13,7 +13,7 @@ use PandoraFMS\Modules\Users\Entities\User;
|
||||
use PandoraFMS\Modules\Users\Entities\UserDataMapper;
|
||||
use PandoraFMS\Modules\Users\Entities\UserFilter;
|
||||
|
||||
class UserRepositoryMySQL extends RepositoryMySQL implements UserRepository
|
||||
final class UserRepositoryMySQL extends RepositoryMySQL implements UserRepository
|
||||
{
|
||||
public function __construct(
|
||||
private UserDataMapper $userDataMapper,
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user