RestHelper.php

Go to the documentation of this file.

<?php
/*
 SPDX-FileCopyrightText: © 2017 Siemens AG
 
 SPDX-License-Identifier: GPL-2.0-only
*/
 
namespace Fossology\UI\Api\Helper;
 
use Fossology\Lib\Auth\Auth;
use Fossology\Lib\Dao\FolderDao;
use Fossology\Lib\Dao\JobDao;
use Fossology\Lib\Dao\ShowJobsDao;
use Fossology\Lib\Dao\UploadDao;
use Fossology\Lib\Dao\UploadPermissionDao;
use Fossology\Lib\Dao\UserDao;
use Fossology\Lib\Plugin\Plugin;
use Fossology\UI\Api\Exceptions\HttpBadRequestException;
use Fossology\UI\Api\Exceptions\HttpForbiddenException;
use Fossology\UI\Api\Models\Info;
use Fossology\UI\Api\Models\InfoType;
 
class RestHelper
{
  const VALID_SCOPES = ["read", "write"];
  const SCOPE_DB_MAP = ["read" => "r", "write" => "w"];
  const TOKEN_KEY_LENGTH = 40;
  private $uploadDao;
  private $dbHelper;
  private $uploadPermissionDao;
  private $folderDao;
  private $userDao;
  private $jobDao;
  private $showJobDao;
  private $authHelper;
 
  public function __construct(UploadPermissionDao $uploadPermissionDao,
    UploadDao $uploadDao, UserDao $userDao, FolderDao $folderDao,
    DbHelper $dbHelper, AuthHelper $authHelper, JobDao $jobDao,
    ShowJobsDao $showJobDao)
  {
    $this->uploadPermissionDao = $uploadPermissionDao;
    $this->uploadDao = $uploadDao;
    $this->userDao = $userDao;
    $this->folderDao = $folderDao;
    $this->dbHelper = $dbHelper;
    $this->authHelper = $authHelper;
    $this->jobDao = $jobDao;
    $this->showJobDao = $showJobDao;
  }
 
  public function getUserId()
  {
    $session = $this->authHelper->getSession();
    return $session->get(Auth::USER_ID);
  }
 
  public function getGroupId()
  {
    $session = $this->authHelper->getSession();
    return $session->get(Auth::GROUP_ID);
  }
 
  public function getUploadDao()
  {
    return $this->uploadDao;
  }
 
  public function getUserDao()
  {
    return $this->userDao;
  }
 
  public function getFolderDao()
  {
    return $this->folderDao;
  }
 
  public function getUploadPermissionDao()
  {
    return $this->uploadPermissionDao;
  }
 
  public function getAuthHelper()
  {
    return $this->authHelper;
  }
 
  public function getDbHelper()
  {
    return $this->dbHelper;
  }
 
  public function getJobDao()
  {
    return $this->jobDao;
  }
 
  public function getShowJobDao()
  {
    return $this->showJobDao;
  }
 
  public function copyUpload($uploadId, $newFolderId, $isCopy)
  {
    if (! is_numeric($newFolderId) || $newFolderId <= 0) {
      throw new HttpBadRequestException("Folder id should be a positive integer");
    }
    if (!$this->folderDao->isFolderAccessible($newFolderId, $this->getUserId())) {
      throw new HttpForbiddenException("Folder is not accessible.");
    }
    if (!$this->uploadPermissionDao->isAccessible($uploadId, $this->getGroupId())) {
      throw new HttpForbiddenException("Upload is not accessible.");
    }
    $uploadContentId = $this->folderDao->getFolderContentsId($uploadId,
      $this->folderDao::MODE_UPLOAD);
    $contentMove = $this->getPlugin('content_move');
 
    $errors = $contentMove->copyContent([$uploadContentId], $newFolderId, $isCopy);
    if (empty($errors)) {
      $action = $isCopy ? "copied" : "moved";
      $info = new Info(202, "Upload $uploadId will be $action to folder $newFolderId",
        InfoType::INFO);
    } else {
      $info = new Info(202, "Exceptions occurred: $errors",
        InfoType::ERROR);
    }
    return $info;
  }
 
  public function getPlugin($pluginName)
  {
    $plugin = plugin_find($pluginName);
    if (! $plugin) {
      throw new \UnexpectedValueException(
        "Unable to find plugin " . $pluginName);
    }
    return $plugin;
  }
 
  public function validateTokenRequest($tokenExpire, $tokenName, $tokenScope)
  {
    $tokenValidity = $this->authHelper->getMaxTokenValidity();
 
    if (strtotime($tokenExpire) < strtotime("tomorrow") ||
      ! preg_match("/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])$/",
        $tokenExpire) ||
      strtotime($tokenExpire) > strtotime("+$tokenValidity days")) {
      throw new HttpBadRequestException(
        "The token should have at least 1 day and max $tokenValidity days " .
        "of validity and should follow YYYY-MM-DD format.");
    } elseif (! in_array($tokenScope, RestHelper::SCOPE_DB_MAP)) {
      throw new HttpBadRequestException(
        "Invalid token scope, allowed only " .
        join(",", RestHelper::VALID_SCOPES));
    } elseif (empty($tokenName) || strlen($tokenName) > 40) {
      throw new HttpBadRequestException(
        "The token name must be a valid string of max 40 character length");
    }
  }
 
  public function validateNewOauthClient($userId, $clientName, $clientScope,
                                        $clientId)
  {
    if (!in_array($clientScope, RestHelper::SCOPE_DB_MAP)) {
      throw new HttpBadRequestException("Invalid client scope, allowed only " .
        join(",", RestHelper::VALID_SCOPES));
    }
    if (empty($clientName) || strlen($clientName) > 40) {
      throw new HttpBadRequestException(
        "The client name must be a valid string of max 40 character length");
    }
    $sql = "SELECT 1 FROM personal_access_tokens " .
      "WHERE user_fk = $1 AND client_id = $2;";
    $rows = $this->dbHelper->getDbManager()->getSingleRow($sql, [
      $userId,
      $clientId
    ], __METHOD__);
    if (!empty($rows)) {
      throw new HttpBadRequestException("Client already added for the user.");
    }
  }
}