FOSSology  4.4.0
Open Source License Compliance by Open Source Software
GroupController.php
Go to the documentation of this file.
1 <?php
2 /*
3  SPDX-FileCopyrightText: © 2021 Orange
4  SPDX-FileCopyrightText: © 2022 Samuel Dushimimana <dushsam100@gmail.com>
5  Author: Piotr Pszczola <piotr.pszczola@orange.com>
6 
7  SPDX-License-Identifier: GPL-2.0-only
8 */
14 namespace Fossology\UI\Api\Controllers;
15 
16 use Fossology\Lib\Auth\Auth;
17 use Fossology\Lib\Dao\UserDao;
18 use Fossology\UI\Api\Exceptions\HttpBadRequestException;
19 use Fossology\UI\Api\Exceptions\HttpErrorException;
20 use Fossology\UI\Api\Exceptions\HttpForbiddenException;
21 use Fossology\UI\Api\Exceptions\HttpNotFoundException;
22 use Fossology\UI\Api\Helper\ResponseHelper;
23 use Fossology\UI\Api\Models\Group;
24 use Fossology\UI\Api\Models\Info;
25 use Fossology\UI\Api\Models\InfoType;
26 use Fossology\UI\Api\Models\ApiVersion;
27 use Fossology\UI\Api\Models\UserGroupMember;
28 use Psr\Http\Message\ServerRequestInterface;
29 
34 class GroupController extends RestController
35 {
36 
45  public function getGroups($request, $response, $args)
46  {
47  $userDao = $this->restHelper->getUserDao();
48  $groups = array();
49  if (Auth::isAdmin()) {
50  $groups = $userDao->getAdminGroupMap($this->restHelper->getUserId(),Auth::PERM_ADMIN);
51  } else {
52  $groups = $userDao->getUserGroupMap($this->restHelper->getUserId());
53  }
54  $groupList = array();
55  foreach ($groups as $key => $value) {
56  $groupObject = new Group($key,$value);
57  $groupList[] = $groupObject->getArray();
58  }
59  return $response->withJson($groupList, 200);
60  }
61 
71  public function createGroup($request, $response, $args)
72  {
73  $groupName = '';
74  if (ApiVersion::getVersion($request) == ApiVersion::V2) {
75  $queryParams = $request->getQueryParams();
76  $groupName = $queryParams['name'] ?? '';
77  } else {
78  $groupName = $request->getHeaderLine('name') ?: '';
79  }
80  if (empty($groupName)) {
81  throw new HttpBadRequestException("ERROR - no group name provided");
82  }
83  $userDao = $this->restHelper->getUserDao();
84  $groupId = $userDao->addGroup($groupName);
85  $userDao->addGroupMembership($groupId, $this->restHelper->getUserId());
86  $returnVal = new Info(200, "Group $groupName added.", InfoType::INFO);
87  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
88  }
89 
99  public function deleteGroup($request, $response, $args)
100  {
101  $apiVerison = ApiVersion::getVersion($request);
102  if (empty($args['pathParam'])) {
103  throw new HttpBadRequestException("ERROR - No group name or id provided");
104  }
105  $userId = $this->restHelper->getUserId();
106 
108  $userDao = $this->restHelper->getUserDao();
109  $groupMap = $userDao->getDeletableAdminGroupMap($userId,
110  $_SESSION[Auth::USER_LEVEL]);
111  $groupId = null;
112  if ($apiVerison == ApiVersion::V2) {
113  $groupName = $args['pathParam'];
114  $groupId = intval($userDao->getGroupIdByName($groupName));
115  } else {
116  $groupId = intval($args['pathParam']);
117  }
118 
119  if (!$this->dbHelper->doesIdExist("groups", "group_pk", $groupId)) {
120  throw new HttpNotFoundException("Group id not found!");
121  }
122  try {
123  $userDao->deleteGroup($groupId);
124  $returnVal = new Info(202, "User Group will be deleted", InfoType::INFO);
125  unset($groupMap[$groupId]);
126  } catch (\Exception $e) {
127  throw new HttpBadRequestException($e->getMessage(), $e);
128  }
129  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
130  }
131 
141  public function deleteGroupMember($request, $response, $args)
142  {
143  $apiVersion = ApiVersion::getVersion($request);
144  $dbManager = $this->dbHelper->getDbManager();
145 
146  $user_pk = null;
147  $group_pk = null;
148  if ($apiVersion == ApiVersion::V2) {
149  $user_pk = intval($this->restHelper->getUserDao()->getUserByName($args['userPathParam'])['user_pk']);
150  $group_pk = intval($this->restHelper->getUserDao()->getGroupIdByName($args['pathParam']));
151  } else {
152  $user_pk = intval($args['userPathParam']);
153  $group_pk = intval($args['pathParam']);
154  }
155 
156  $userIsAdmin = Auth::isAdmin();
157  $userHasGroupAccess = $this->restHelper->getUserDao()->isAdvisorOrAdmin(
158  $this->restHelper->getUserId(), $group_pk);
159 
160  if (!$this->dbHelper->doesIdExist("groups", "group_pk", $group_pk)) {
161  throw new HttpNotFoundException("Group id not found!");
162  }
163  if (!$this->dbHelper->doesIdExist("users", "user_pk", $user_pk)) {
164  throw new HttpNotFoundException("User id not found!");
165  }
166  if (! $userIsAdmin && ! $userHasGroupAccess) {
167  throw new HttpForbiddenException("Not advisor or admin of the group. " .
168  "Can not process request.");
169  }
170  $fetchResult = $dbManager->getSingleRow(
171  "SELECT group_user_member_pk FROM group_user_member " .
172  "WHERE group_fk=$1 AND user_fk=$2", [$group_pk, $user_pk],
173  __METHOD__ . ".getByGroupAndUser");
174  if (empty($fetchResult)) {
175  throw new HttpNotFoundException("Not a member!");
176  }
177  $group_user_member_pk = $fetchResult['group_user_member_pk'];
179  $adminGroupUsers = $this->restHelper->getPlugin('group_manage_users');
180  $adminGroupUsers->updateGUMPermission($group_user_member_pk, -1,$dbManager);
181  $returnVal = new Info(200, "User will be removed from group.", InfoType::INFO);
182  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
183  }
184 
193  public function getDeletableGroups($request, $response, $args)
194  {
195  $userId = $this->restHelper->getUserId();
196  /* @var $userDao UserDao */
197  $userDao = $this->restHelper->getUserDao();
198  $groupMap = $userDao->getDeletableAdminGroupMap($userId,
199  $_SESSION[Auth::USER_LEVEL]);
200 
201  $groupList = array();
202  foreach ($groupMap as $key => $value) {
203  $groupObject = new Group($key, $value);
204  $groupList[] = $groupObject->getArray();
205  }
206  return $response->withJson($groupList, 200);
207  }
208 
218  public function getGroupMembers($request, $response, $args)
219  {
220  $apiVersion = ApiVersion::getVersion($request);
221  $userId = $this->restHelper->getUserId();
222  $userDao = $this->restHelper->getUserDao();
223  $groupMap = $userDao->getAdminGroupMap($userId, $_SESSION[Auth::USER_LEVEL]);
224 
225  if (empty($groupMap)) {
226  throw new HttpForbiddenException("You have no permission to manage any group.");
227  }
228 
229  // Get the group name/id form the params and then the group Id
230  $groupId = $apiVersion == ApiVersion::V2 ? intval($this->restHelper->getUserDao()->getGroupIdByName($args['pathParam'])) : intval($args['pathParam']);
231 
232  // The query to get the list of users with corresponding roles from the group.
233  $dbManager = $this->dbHelper->getDbManager();
234 
235  $stmt = __METHOD__ . "getUsersWithGroup";
236  $dbManager->prepare($stmt, "SELECT user_pk, group_perm
237  FROM users INNER JOIN group_user_member gum ON gum.user_fk=users.user_pk AND gum.group_fk=$1;");
238 
239  $result = $dbManager->execute($stmt, array($groupId));
240  $usersWithGroup = $dbManager->fetchAll($result);
241 
242  // Convert back fields [user_pk , group_user_member_pk ,group_perm ] from String to Integer
243  $memberList = array();
244  foreach ($usersWithGroup as $record) {
245  $user = $this->dbHelper->getUsers($record['user_pk']);
246  $userGroupMember = new UserGroupMember($user[0],$record["group_perm"]);
247  $memberList[] = $userGroupMember->getArray(ApiVersion::getVersion($request));
248  }
249  $dbManager->freeResult($result);
250 
251  return $response->withJson($memberList, 200);
252  }
253 
254 
264  public function addMember($request, $response, $args)
265  {
266  $apiVersion = ApiVersion::getVersion($request);
267  $dbManager = $this->dbHelper->getDbManager();
268 
269  $body = $this->getParsedBody($request);
270  $newuser = null;
271  $group_pk = null;
272  if ($apiVersion == ApiVersion::V2) {
273  $newuser = intval($this->restHelper->getUserDao()->getUserByName($args['userPathParam'])['user_pk']);
274  $group_pk = intval($this->restHelper->getUserDao()->getGroupIdByName($args['pathParam']));
275  } else {
276  $group_pk = intval($args['pathParam']);
277  $newuser = intval($args['userPathParam']);
278  }
279  $newperm = intval($body['perm']);
280 
281  $userIsAdmin = Auth::isAdmin();
282  $userHasGroupAccess = $this->restHelper->getUserDao()->isAdvisorOrAdmin(
283  $this->restHelper->getUserId(), $group_pk);
284 
285  if (!isset($newperm)) {
286  throw new HttpBadRequestException("ERROR - no default permission provided");
287  }
288  if (!$this->dbHelper->doesIdExist("groups", "group_pk", $group_pk)) {
289  throw new HttpNotFoundException("Group id not found!");
290  }
291  if (!$this->dbHelper->doesIdExist("users", "user_pk", $newuser)) {
292  throw new HttpNotFoundException("User id not found!");
293  }
294  if ($newperm < 0 || $newperm > 2) {
295  throw new HttpBadRequestException("ERROR - Permission should be in range [0-2]");
296  }
297  if (! $userIsAdmin && ! $userHasGroupAccess) {
298  throw new HttpForbiddenException("Not advisor or admin of the group. " .
299  "Can not process request.");
300  }
301  $stmt = __METHOD__ . ".getByGroupAndUser";
302  $sql = "SELECT group_user_member_pk FROM group_user_member WHERE group_fk=$1 AND user_fk=$2;";
303  $fetchResult = $dbManager->getSingleRow($sql, [$group_pk, $newuser], $stmt);
304 
305  // Do not produce duplicate
306  if (!empty($fetchResult)) {
307  throw new HttpBadRequestException("Already a member!");
308  }
309  $dbManager->prepare($stmt = __METHOD__ . ".insertGUP",
310  "INSERT INTO group_user_member (group_fk, user_fk, group_perm) VALUES ($1,$2,$3)");
311  $dbManager->freeResult(
312  $dbManager->execute($stmt, array($group_pk, $newuser, $newperm)));
313 
314  $returnVal = new Info(200, "User will be added to group.", InfoType::INFO);
315  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
316  }
317 
327  public function changeUserPermission($request, $response, $args)
328  {
329  // Extract all prerequisites (dbManager , user_pk , new_permission , group_pk ) for this functionality
330  $apiVersion = ApiVersion::getVersion($request);
331  $dbManager = $this->dbHelper->getDbManager();
332 
333  $user_pk = null;
334  $group_pk = null;
335  if ($apiVersion == ApiVersion::V2) {
336  $user_pk = intval($this->restHelper->getUserDao()->getUserByName($args['userPathParam'])['user_pk']);
337  $group_pk = intval($this->restHelper->getUserDao()->getGroupIdByName($args['pathParam']));
338  } else {
339  $user_pk = intval($args['userPathParam']);
340  $group_pk = intval($args['pathParam']);
341  }
342 
343  $newperm = intval($this->getParsedBody($request)['perm']);
344  $userIsAdmin = Auth::isAdmin();
345  $userHasGroupAccess = $this->restHelper->getUserDao()->isAdvisorOrAdmin(
346  $this->restHelper->getUserId(), $group_pk);
347 
348  // Validate arguments
349 
350  if (!isset($newperm)) {
351  throw new HttpBadRequestException("Permission should be provided");
352  }
353  if (!$this->dbHelper->doesIdExist("groups", "group_pk", $group_pk)) {
354  throw new HttpNotFoundException("Group id not found!");
355  }
356  if (!$this->dbHelper->doesIdExist("users", "user_pk", $user_pk)) {
357  throw new HttpNotFoundException("User id not found!");
358  }
359  if ($newperm < 0) {
360  throw new HttpBadRequestException("Permission can not be negative");
361  }
362  if ($newperm > 2) {
363  throw new HttpBadRequestException("Permission can not be greater than 2");
364  }
365  if (! $userIsAdmin && ! $userHasGroupAccess) {
366  throw new HttpForbiddenException("Not advisor or admin of the group. " .
367  "Can not process request.");
368  }
369 
370  // Check if the relation already exists, retrieve the PK.
371  // IF not, return 404 error
372  $group_user_member_pk = $dbManager->getSingleRow("SELECT group_user_member_pk FROM group_user_member WHERE group_fk=$1 AND user_fk=$2",
373  [$group_pk, $user_pk],
374  __METHOD__ . ".getByGroupAndUser")['group_user_member_pk'];
375 
376  if (empty($group_user_member_pk)) {
377  throw new HttpNotFoundException("User not part of the group");
378  }
380  $adminGroupUsers = $this->restHelper->getPlugin('group_manage_users');
381  $adminGroupUsers->updateGUMPermission($group_user_member_pk, $newperm,$dbManager);
382  $info = new Info(202, "Permission updated successfully.", InfoType::INFO);
383  return $response->withJson($info->getArray(), $info->getCode());
384  }
385 }
Fossology\Lib\Auth\Auth
Contains the constants and helpers for authentication of user.
Definition: Auth.php:24
Fossology\Lib\Auth\Auth\isAdmin
static isAdmin()
Check if user is admin.
Definition: Auth.php:92
Fossology\UI\Api\Controllers\GroupController\getDeletableGroups
getDeletableGroups($request, $response, $args)
Definition: GroupController.php:193
Fossology\UI\Api\Controllers\RestController
Base controller for REST calls.
Definition: RestController.php:30
Fossology\UI\Api\Controllers\RestController\getParsedBody
getParsedBody(ServerRequestInterface $request)
Parse request body as JSON and return associative PHP array.
Definition: RestController.php:69
Fossology\UI\Api\Helper\ResponseHelper
Override Slim response for withJson function.
Definition: ResponseHelper.php:22
Fossology\UI\Api\Models\ApiVersion\getVersion
static getVersion(ServerRequestInterface $request)
Definition: ApiVersion.php:29
Fossology\UI\Api\Models\InfoType
Different type of infos provided by REST.
Definition: InfoType.php:16
Fossology\UI\Api\Models\Info
Info model to contain general error and return values.
Definition: Info.php:19