FOSSology  4.7.0-rc1
Open Source License Compliance by Open Source Software
GroupController.php
Go to the documentation of this file.
1 <?php
2 /*
3  SPDX-FileCopyrightText: © 2021 Orange
4  SPDX-FileCopyrightText: © 2022 Samuel Dushimimana <dushsam100@gmail.com>
5  Author: Piotr Pszczola <piotr.pszczola@orange.com>
6 
7  SPDX-License-Identifier: GPL-2.0-only
8 */
14 namespace Fossology\UI\Api\Controllers;
15 
16 use Fossology\Lib\Auth\Auth;
17 use Fossology\Lib\Dao\UserDao;
18 use Fossology\UI\Api\Exceptions\HttpBadRequestException;
19 use Fossology\UI\Api\Exceptions\HttpErrorException;
20 use Fossology\UI\Api\Exceptions\HttpForbiddenException;
21 use Fossology\UI\Api\Exceptions\HttpNotFoundException;
22 use Fossology\UI\Api\Helper\ResponseHelper;
23 use Fossology\UI\Api\Models\Group;
24 use Fossology\UI\Api\Models\Info;
25 use Fossology\UI\Api\Models\InfoType;
26 use Fossology\UI\Api\Models\ApiVersion;
27 use Fossology\UI\Api\Models\UserGroupMember;
28 use Psr\Http\Message\ServerRequestInterface;
29 
34 class GroupController extends RestController
35 {
36 
45  public function getGroups($request, $response, $args)
46  {
47  $userDao = $this->restHelper->getUserDao();
48  $groups = array();
49  if (Auth::isAdmin()) {
50  $groups = $userDao->getAdminGroupMap($this->restHelper->getUserId(),Auth::PERM_ADMIN);
51  } else {
52  $groups = $userDao->getUserGroupMap($this->restHelper->getUserId());
53  }
54  $groupList = array();
55  foreach ($groups as $key => $value) {
56  $groupObject = new Group($key,$value);
57  $groupList[] = $groupObject->getArray();
58  }
59  return $response->withJson($groupList, 200);
60  }
61 
71  public function createGroup($request, $response, $args)
72  {
73  $apiVersion = ApiVersion::getVersion($request);
74  $groupName = '';
75  if ($apiVersion == ApiVersion::V2) {
76  $queryParams = $request->getQueryParams();
77  $groupName = $queryParams['name'] ?? '';
78  } else {
79  $groupName = $request->getHeaderLine('name') ?: '';
80  }
81  if (empty($groupName)) {
82  throw new HttpBadRequestException("ERROR - no group name provided");
83  }
84  $userDao = $this->restHelper->getUserDao();
85  $groupId = $userDao->addGroup($groupName);
86  $userDao->addGroupMembership($groupId, $this->restHelper->getUserId());
87  $statusCode = $apiVersion == ApiVersion::V2 ? 201 : 200;
88  $returnVal = new Info($statusCode, "Group $groupName added.", InfoType::INFO);
89  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
90  }
91 
101  public function deleteGroup($request, $response, $args)
102  {
103  $apiVersion = ApiVersion::getVersion($request);
104  if (empty($args['pathParam'])) {
105  throw new HttpBadRequestException("ERROR - No group name or id provided");
106  }
107  $userId = $this->restHelper->getUserId();
108 
110  $userDao = $this->restHelper->getUserDao();
111  $groupMap = $userDao->getDeletableAdminGroupMap($userId,
112  $_SESSION[Auth::USER_LEVEL]);
113  $groupId = null;
114  if ($apiVersion == ApiVersion::V2) {
115  $groupName = $args['pathParam'];
116  $groupId = intval($userDao->getGroupIdByName($groupName));
117  } else {
118  $groupId = intval($args['pathParam']);
119  }
120 
121  if (!$this->dbHelper->doesIdExist("groups", "group_pk", $groupId)) {
122  throw new HttpNotFoundException("Group id not found!");
123  }
124  try {
125  $userDao->deleteGroup($groupId);
126  $returnVal = new Info(202, "User Group will be deleted", InfoType::INFO);
127  unset($groupMap[$groupId]);
128  } catch (\Exception $e) {
129  throw new HttpBadRequestException($e->getMessage(), $e);
130  }
131  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
132  }
133 
143  public function deleteGroupMember($request, $response, $args)
144  {
145  $apiVersion = ApiVersion::getVersion($request);
146  $dbManager = $this->dbHelper->getDbManager();
147 
148  $user_pk = null;
149  $group_pk = null;
150  if ($apiVersion == ApiVersion::V2) {
151  $user = $this->restHelper->getUserDao()->getUserByName($args['userPathParam']);
152  if ($user === null) {
153  throw new HttpNotFoundException("User not found");
154  }
155  $user_pk = intval($user['user_pk']);
156  $group_pk = intval($this->restHelper->getUserDao()->getGroupIdByName($args['pathParam']));
157  } else {
158  $user_pk = intval($args['userPathParam']);
159  $group_pk = intval($args['pathParam']);
160  }
161 
162  $userIsAdmin = Auth::isAdmin();
163  $userHasGroupAccess = $this->restHelper->getUserDao()->isAdvisorOrAdmin(
164  $this->restHelper->getUserId(), $group_pk);
165 
166  if (!$this->dbHelper->doesIdExist("groups", "group_pk", $group_pk)) {
167  throw new HttpNotFoundException("Group id not found!");
168  }
169  if (!$this->dbHelper->doesIdExist("users", "user_pk", $user_pk)) {
170  throw new HttpNotFoundException("User id not found!");
171  }
172  if (! $userIsAdmin && ! $userHasGroupAccess) {
173  throw new HttpForbiddenException("Not advisor or admin of the group. " .
174  "Can not process request.");
175  }
176  $fetchResult = $dbManager->getSingleRow(
177  "SELECT group_user_member_pk FROM group_user_member " .
178  "WHERE group_fk=$1 AND user_fk=$2", [$group_pk, $user_pk],
179  __METHOD__ . ".getByGroupAndUser");
180  if (empty($fetchResult)) {
181  throw new HttpNotFoundException("Not a member!");
182  }
183  $group_user_member_pk = $fetchResult['group_user_member_pk'];
185  $adminGroupUsers = $this->restHelper->getPlugin('group_manage_users');
186  $adminGroupUsers->updateGUMPermission($group_user_member_pk, -1,$dbManager);
187  $returnVal = new Info(202, "User will be removed from group.", InfoType::INFO);
188  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
189  }
190 
199  public function getDeletableGroups($request, $response, $args)
200  {
201  $userId = $this->restHelper->getUserId();
202  /* @var $userDao UserDao */
203  $userDao = $this->restHelper->getUserDao();
204  $groupMap = $userDao->getDeletableAdminGroupMap($userId,
205  $_SESSION[Auth::USER_LEVEL]);
206 
207  $groupList = array();
208  foreach ($groupMap as $key => $value) {
209  $groupObject = new Group($key, $value);
210  $groupList[] = $groupObject->getArray();
211  }
212  return $response->withJson($groupList, 200);
213  }
214 
224  public function getGroupMembers($request, $response, $args)
225  {
226  $apiVersion = ApiVersion::getVersion($request);
227  $userId = $this->restHelper->getUserId();
228  $userDao = $this->restHelper->getUserDao();
229  $groupMap = $userDao->getAdminGroupMap($userId, $_SESSION[Auth::USER_LEVEL]);
230 
231  if (empty($groupMap)) {
232  throw new HttpForbiddenException("You have no permission to manage any group.");
233  }
234 
235  // Get the group name/id form the params and then the group Id
236  $groupId = $apiVersion == ApiVersion::V2 ? intval($this->restHelper->getUserDao()->getGroupIdByName($args['pathParam'])) : intval($args['pathParam']);
237 
238  // The query to get the list of users with corresponding roles from the group.
239  $dbManager = $this->dbHelper->getDbManager();
240 
241  $stmt = __METHOD__ . "getUsersWithGroup";
242  $dbManager->prepare($stmt, "SELECT user_pk, group_perm
243  FROM users INNER JOIN group_user_member gum ON gum.user_fk=users.user_pk AND gum.group_fk=$1;");
244 
245  $result = $dbManager->execute($stmt, array($groupId));
246  $usersWithGroup = $dbManager->fetchAll($result);
247 
248  // Convert back fields [user_pk , group_user_member_pk ,group_perm ] from String to Integer
249  $memberList = array();
250  foreach ($usersWithGroup as $record) {
251  $user = $this->dbHelper->getUsers($record['user_pk']);
252  $userGroupMember = new UserGroupMember($user[0],$record["group_perm"]);
253  $memberList[] = $userGroupMember->getArray(ApiVersion::getVersion($request));
254  }
255  $dbManager->freeResult($result);
256 
257  return $response->withJson($memberList, 200);
258  }
259 
260 
270  public function addMember($request, $response, $args)
271  {
272  $apiVersion = ApiVersion::getVersion($request);
273  $dbManager = $this->dbHelper->getDbManager();
274 
275  $body = $this->getParsedBody($request);
276  $newuser = null;
277  $group_pk = null;
278  if ($apiVersion == ApiVersion::V2) {
279  $user = $this->restHelper->getUserDao()->getUserByName($args['userPathParam']);
280  if ($user === null) {
281  throw new HttpNotFoundException("User not found");
282  }
283  $newuser = intval($user['user_pk']);
284  $group_pk = intval($this->restHelper->getUserDao()->getGroupIdByName($args['pathParam']));
285  } else {
286  $group_pk = intval($args['pathParam']);
287  $newuser = intval($args['userPathParam']);
288  }
289  $newperm = intval($body['perm']);
290 
291  $userIsAdmin = Auth::isAdmin();
292  $userHasGroupAccess = $this->restHelper->getUserDao()->isAdvisorOrAdmin(
293  $this->restHelper->getUserId(), $group_pk);
294 
295  if (!isset($newperm)) {
296  throw new HttpBadRequestException("ERROR - no default permission provided");
297  }
298  if (!$this->dbHelper->doesIdExist("groups", "group_pk", $group_pk)) {
299  throw new HttpNotFoundException("Group id not found!");
300  }
301  if (!$this->dbHelper->doesIdExist("users", "user_pk", $newuser)) {
302  throw new HttpNotFoundException("User id not found!");
303  }
304  if ($newperm < 0 || $newperm > 2) {
305  throw new HttpBadRequestException("ERROR - Permission should be in range [0-2]");
306  }
307  if (! $userIsAdmin && ! $userHasGroupAccess) {
308  throw new HttpForbiddenException("Not advisor or admin of the group. " .
309  "Can not process request.");
310  }
311  $stmt = __METHOD__ . ".getByGroupAndUser";
312  $sql = "SELECT group_user_member_pk FROM group_user_member WHERE group_fk=$1 AND user_fk=$2;";
313  $fetchResult = $dbManager->getSingleRow($sql, [$group_pk, $newuser], $stmt);
314 
315  // Do not produce duplicate
316  if (!empty($fetchResult)) {
317  throw new HttpBadRequestException("Already a member!");
318  }
319  $dbManager->prepare($stmt = __METHOD__ . ".insertGUP",
320  "INSERT INTO group_user_member (group_fk, user_fk, group_perm) VALUES ($1,$2,$3)");
321  $dbManager->freeResult(
322  $dbManager->execute($stmt, array($group_pk, $newuser, $newperm)));
323 
324  $returnVal = new Info(201, "User added to group.", InfoType::INFO);
325  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
326  }
327 
337  public function changeUserPermission($request, $response, $args)
338  {
339  // Extract all prerequisites (dbManager , user_pk , new_permission , group_pk ) for this functionality
340  $apiVersion = ApiVersion::getVersion($request);
341  $dbManager = $this->dbHelper->getDbManager();
342 
343  $user_pk = null;
344  $group_pk = null;
345  if ($apiVersion == ApiVersion::V2) {
346  $user = $this->restHelper->getUserDao()->getUserByName($args['userPathParam']);
347  if ($user === null) {
348  throw new HttpNotFoundException("User not found");
349  }
350  $user_pk = intval($user['user_pk']);
351  $group_pk = intval($this->restHelper->getUserDao()->getGroupIdByName($args['pathParam']));
352  } else {
353  $user_pk = intval($args['userPathParam']);
354  $group_pk = intval($args['pathParam']);
355  }
356 
357  $newperm = intval($this->getParsedBody($request)['perm']);
358  $userIsAdmin = Auth::isAdmin();
359  $userHasGroupAccess = $this->restHelper->getUserDao()->isAdvisorOrAdmin(
360  $this->restHelper->getUserId(), $group_pk);
361 
362  // Validate arguments
363 
364  if (!isset($newperm)) {
365  throw new HttpBadRequestException("Permission should be provided");
366  }
367  if (!$this->dbHelper->doesIdExist("groups", "group_pk", $group_pk)) {
368  throw new HttpNotFoundException("Group id not found!");
369  }
370  if (!$this->dbHelper->doesIdExist("users", "user_pk", $user_pk)) {
371  throw new HttpNotFoundException("User id not found!");
372  }
373  if ($newperm < 0) {
374  throw new HttpBadRequestException("Permission can not be negative");
375  }
376  if ($newperm > 2) {
377  throw new HttpBadRequestException("Permission can not be greater than 2");
378  }
379  if (! $userIsAdmin && ! $userHasGroupAccess) {
380  throw new HttpForbiddenException("Not advisor or admin of the group. " .
381  "Can not process request.");
382  }
383 
384  // Check if the relation already exists, retrieve the PK.
385  // IF not, return 404 error
386  $memberRow = $dbManager->getSingleRow("SELECT group_user_member_pk FROM group_user_member WHERE group_fk=$1 AND user_fk=$2",
387  [$group_pk, $user_pk],
388  __METHOD__ . ".getByGroupAndUser");
389 
390  if (empty($memberRow)) {
391  throw new HttpNotFoundException("User not part of the group");
392  }
393  $group_user_member_pk = $memberRow['group_user_member_pk'];
395  $adminGroupUsers = $this->restHelper->getPlugin('group_manage_users');
396  $adminGroupUsers->updateGUMPermission($group_user_member_pk, $newperm,$dbManager);
397  $info = new Info(202, "Permission updated successfully.", InfoType::INFO);
398  return $response->withJson($info->getArray(), $info->getCode());
399  }
400 }
Fossology\Lib\Auth\Auth
Contains the constants and helpers for authentication of user.
Definition: Auth.php:24
Fossology\Lib\Auth\Auth\isAdmin
static isAdmin()
Check if user is admin.
Definition: Auth.php:92
Fossology\UI\Api\Controllers\GroupController\getDeletableGroups
getDeletableGroups($request, $response, $args)
Definition: GroupController.php:199
Fossology\UI\Api\Controllers\RestController
Base controller for REST calls.
Definition: RestController.php:30
Fossology\UI\Api\Controllers\RestController\getParsedBody
getParsedBody(ServerRequestInterface $request)
Parse request body as JSON and return associative PHP array.
Definition: RestController.php:69
Fossology\UI\Api\Helper\ResponseHelper
Override Slim response for withJson function.
Definition: ResponseHelper.php:22
Fossology\UI\Api\Models\ApiVersion\getVersion
static getVersion(ServerRequestInterface $request)
Definition: ApiVersion.php:29
Fossology\UI\Api\Models\InfoType
Different type of infos provided by REST.
Definition: InfoType.php:16
Fossology\UI\Api\Models\Info
Info model to contain general error and return values.
Definition: Info.php:19