FOSSology  4.6.0
Open Source License Compliance by Open Source Software
UserController.php
Go to the documentation of this file.
1 <?php
2 /*
3  SPDX-FileCopyrightText: © 2018, 2021 Siemens AG
4  Author: Gaurav Mishra <mishra.gaurav@siemens.com>
5 
6  SPDX-License-Identifier: GPL-2.0-only
7 */
13 namespace Fossology\UI\Api\Controllers;
14 
15 use Fossology\Lib\Exceptions\DuplicateTokenKeyException;
16 use Fossology\Lib\Exceptions\DuplicateTokenNameException;
17 use Fossology\UI\Api\Exceptions\HttpBadRequestException;
18 use Fossology\UI\Api\Exceptions\HttpConflictException;
19 use Fossology\UI\Api\Exceptions\HttpErrorException;
20 use Fossology\UI\Api\Exceptions\HttpInternalServerErrorException;
21 use Fossology\UI\Api\Exceptions\HttpNotFoundException;
22 use Fossology\UI\Api\Exceptions\HttpTooManyRequestException;
23 use Fossology\UI\Api\Helper\ResponseHelper;
24 use Fossology\UI\Api\Helper\RestHelper;
25 use Fossology\UI\Api\Helper\UserHelper;
26 use Fossology\UI\Api\Models\ApiVersion;
27 use Fossology\UI\Api\Models\Info;
28 use Fossology\UI\Api\Models\InfoType;
29 use Fossology\UI\Api\Models\TokenRequest;
30 use Psr\Http\Message\ServerRequestInterface;
31 
36 class UserController extends RestController
37 {
47  public function getUsers($request, $response, $args)
48  {
49  $this->throwNotAdminException();
50  $apiVersion = ApiVersion::getVersion($request);
51  $id = null;
52  if (isset($args['pathParam'])) {
53  if ($apiVersion == ApiVersion::V2) {
54  $user = $this->restHelper->getUserDao()->getUserByName($args['pathParam']);
55  if ($user === null) {
56  throw new HttpNotFoundException("UserId doesn't exist");
57  }
58  $id = intval($user['user_pk']);
59  } else {
60  $id = intval($args['pathParam']);
61  }
62  if (! $this->dbHelper->doesIdExist("users", "user_pk", $id)) {
63  throw new HttpNotFoundException("UserId doesn't exist");
64  }
65  }
66  $users = $this->dbHelper->getUsers($id);
67 
68  $allUsers = array();
69  foreach ($users as $user) {
70  $allUsers[] = $user->getArray($apiVersion);
71  }
72  if ($id !== null) {
73  $allUsers = $allUsers[0];
74  }
75  return $response->withJson($allUsers, 200);
76  }
77 
87  public function addUser($request, $response, $args)
88  {
89  $this->throwNotAdminException();
90  $apiVersion = ApiVersion::getVersion($request);
91  $userDetails = $this->getParsedBody($request);
92  $userHelper = new UserHelper();
93  // creating symphony request
94  $symfonyRequest = new \Symfony\Component\HttpFoundation\Request();
95  $symfonyRequest->request->set('username', $userDetails['name']);
96  $symfonyRequest->request->set('pass1', $userDetails[$apiVersion == ApiVersion::V2 ? 'userPass' : 'user_pass']);
97  $symfonyRequest->request->set('pass2', $userDetails[$apiVersion == ApiVersion::V2 ? 'userPass' : 'user_pass']);
98  $symfonyRequest->request->set('description', $userDetails['description']);
99  $symfonyRequest->request->set('permission', $userHelper->getEquivalentValueForPermission($userDetails['accessLevel']));
100  $symfonyRequest->request->set('folder', $userDetails['rootFolderId']);
101  $symfonyRequest->request->set('enote', $userDetails['emailNotification'] ? 'y' : 'n');
102  $symfonyRequest->request->set('email', $userDetails['email']);
103  $symfonyRequest->request->set('public', $userDetails['defaultVisibility']);
104  $symfonyRequest->request->set('default_bucketpool_fk', $userDetails['defaultBucketpool'] ?? 2);
105 
106  $agents = array();
107  if (isset($userDetails['agents'])) {
108  if (is_string($userDetails['agents'])) { // If 'x-www-form-urlencoded', inner elements are not decoded
109  $userDetails['agents'] = json_decode($userDetails['agents'], true);
110  }
111  $agents['Check_agent_mimetype'] = isset($userDetails['agents']['mime']) && $userDetails['agents']['mime'] ? 1 : 0;
112  $agents['Check_agent_monk'] = isset($userDetails['agents']['monk']) && $userDetails['agents']['monk'] ? 1 : 0;
113  $agents['Check_agent_ojo'] = isset($userDetails['agents']['ojo']) && $userDetails['agents']['ojo'] ? 1 : 0;
114  $agents['Check_agent_bucket'] = isset($userDetails['agents']['bucket']) && $userDetails['agents']['bucket'] ? 1 : 0 ;
115  $agents['Check_agent_copyright'] = isset($userDetails['agents'][$apiVersion == ApiVersion::V2 ? 'copyrightEmailAuthor' : 'copyright_email_author']) && $userDetails['agents'][$apiVersion == ApiVersion::V2 ? 'copyrightEmailAuthor' : 'copyright_email_author'] ? 1 : 0;
116  $agents['Check_agent_ecc'] = isset($userDetails['agents']['ecc']) && $userDetails['agents']['ecc'] ? 1 : 0;
117  $agents['Check_agent_keyword'] = isset($userDetails['agents']['keyword']) && $userDetails['agents']['keyword'] ? 1 : 0;
118  $agents['Check_agent_nomos'] = isset($userDetails['agents']['nomos']) && $userDetails['agents']['nomos'] ? 1 : 0;
119  $agents['Check_agent_pkgagent'] = isset($userDetails['agents']['package']) && $userDetails['agents']['package'] ? 1 : 0;
120  $agents['Check_agent_reso'] = isset($userDetails['agents']['reso']) && $userDetails['agents']['reso'] ? 1 : 0;
121  $agents['Check_agent_shagent'] = isset($userDetails['agents']['heritage']) && $userDetails['agents']['heritage'] ? 1 : 0 ;
122  }
123 
124  $symfonyRequest->request->set('user_agent_list', userAgents($agents));
125 
126  // initialising the user_add object
127  global $container;
128  $restHelper = $container->get('helper.restHelper');
129  $userAddObj = $restHelper->getPlugin('user_add');
130 
131  // calling the add function
132  $ErrMsg = $userAddObj->add($symfonyRequest);
133 
134  if ($ErrMsg != '') {
135  throw new HttpInternalServerErrorException($ErrMsg);
136  }
137 
138  $returnVal = new Info(201, "User created successfully", InfoType::INFO);
139  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
140  }
141 
151  public function deleteUser($request, $response, $args)
152  {
153  $this->throwNotAdminException();
154  $apiVersion = ApiVersion::getVersion($request);
155  if ($apiVersion == ApiVersion::V2) {
156  $user = $this->restHelper->getUserDao()->getUserByName($args['pathParam']);
157  if ($user === null) {
158  throw new HttpNotFoundException("UserId doesn't exist");
159  }
160  $id = intval($user['user_pk']);
161  } else {
162  $id = intval($args['pathParam']);
163  }
164  if (!$this->dbHelper->doesIdExist("users","user_pk", $id)) {
165  throw new HttpNotFoundException("UserId doesn't exist");
166  }
167 
168  $this->dbHelper->deleteUser($id);
169  $returnVal = new Info(202, "User will be deleted", InfoType::INFO);
170  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
171  }
172 
181  public function getCurrentUser($request, $response, $args)
182  {
183  $apiVersion = ApiVersion::getVersion($request);
184  $user = $this->dbHelper->getUsers($this->restHelper->getUserId())[0]->getArray($apiVersion);
185  if ($apiVersion == ApiVersion::V2) {
186  return $response->withJson($user, 200);
187  }
188  $userDao = $this->restHelper->getUserDao();
189  $defaultGroup = $userDao->getUserAndDefaultGroupByUserName($user["name"])["group_name"];
190  $user['default_group'] = $defaultGroup;
191  return $response->withJson($user, 200);
192  }
193 
203  public function updateUser($request, $response, $args)
204  {
205  $apiVersion = ApiVersion::getVersion($request);
206  if ($apiVersion == ApiVersion::V2) {
207  $user = $this->restHelper->getUserDao()->getUserByName($args['pathParam']);
208  if ($user === null) {
209  throw new HttpNotFoundException("UserId doesn't exist");
210  }
211  $id = intval($user['user_pk']);
212  } else {
213  $id = intval($args['pathParam']);
214  }
215  if ($id !== intval($this->restHelper->getUserId())) {
216  $this->throwNotAdminException();
217  }
218  if (!$this->dbHelper->doesIdExist("users","user_pk", $id)) {
219  throw new HttpNotFoundException("UserId doesn't exist");
220  }
221  $reqBody = $this->getParsedBody($request);
222  $userHelper = new UserHelper($id);
223  $returnVal = $userHelper->modifyUserDetails($reqBody, $apiVersion);
224  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
225  }
226 
236  public function createRestApiToken($request, $response, $args)
237  {
238  $reqBody = $this->getParsedBody($request);
239  $tokenRequest = TokenRequest::fromArray($reqBody,
240  ApiVersion::getVersion($request));
241  $symfonyRequest = new \Symfony\Component\HttpFoundation\Request();
242 
243  // translating values for symfony request
244  $symfonyRequest->request->set('pat_name', $tokenRequest->getTokenName());
245  $symfonyRequest->request->set('pat_expiry', $tokenRequest->getTokenExpire());
246  $symfonyRequest->request->set('pat_scope', $tokenRequest->getTokenScope());
247 
248  // initialising the user_edit plugin
249  global $container;
251  $restHelper = $container->get('helper.restHelper');
253  $userEditObj = $restHelper->getPlugin('user_edit');
254 
255  // creating the REST token
256  try {
257  $token = $userEditObj->generateNewToken($symfonyRequest);
258  } catch (DuplicateTokenKeyException $e) {
259  throw new HttpTooManyRequestException("Please try again later.", $e);
260  } catch (DuplicateTokenNameException $e) {
261  throw new HttpConflictException($e->getMessage(), $e);
262  } catch (\UnexpectedValueException $e) {
263  throw new HttpBadRequestException($e->getMessage(), $e);
264  }
265 
266  $returnVal = new Info(201, "Token created successfully", InfoType::INFO);
267  $res = $returnVal->getArray();
268  $res['token'] = $token;
269  return $response->withJson($res, $returnVal->getCode());
270  }
271 
281  public function getTokens($request, $response, $args)
282  {
283  $apiVersion = ApiVersion::getVersion($request);
284  $tokenType = $args['type'];
285  if ($tokenType != "active" && $tokenType != "expired") {
286  throw new HttpBadRequestException("Invalid request!");
287  }
288  // initialising the user_edit plugin
289  global $container;
290  $restHelper = $container->get('helper.restHelper');
291  $userEditObj = $restHelper->getPlugin('user_edit');
292 
293  // getting the list of tokens based on the type of token requested
294  $tokens = $tokenType == "active" ? $userEditObj->getListOfActiveTokens() : $userEditObj->getListOfExpiredTokens();
295  $manageTokenObj = $restHelper->getPlugin('manage-token');
296 
297  $finalTokens = array();
298  foreach ($tokens as $token) {
299  list($tokenPk) = explode(".", $token['id']);
300  $tokenVal = $manageTokenObj->revealToken($tokenPk);
301  $finalTokens[] = array_merge($token, ['token' => $tokenVal['token']]);
302  }
303 
304  $returnVal = new Info(200, "Success", InfoType::INFO);
305  $res = $returnVal->getArray();
306  $res[$tokenType . ($apiVersion == ApiVersion::V2 ? 'Tokens' : '_tokens')] = $finalTokens;
307  return $response->withJson($res, $returnVal->getCode());
308  }
309 }
Fossology\Lib\Exceptions\DuplicateTokenKeyException
Exception when a token has duplicate key for same user.
Definition: DuplicateTokenKeyException.php:15
Fossology\Lib\Exceptions\DuplicateTokenNameException
Exception when a token has duplicate name for same user.
Definition: DuplicateTokenNameException.php:15
Fossology\UI\Api\Controllers\RestController
Base controller for REST calls.
Definition: RestController.php:30
Fossology\UI\Api\Controllers\RestController\getParsedBody
getParsedBody(ServerRequestInterface $request)
Parse request body as JSON and return associative PHP array.
Definition: RestController.php:69
Fossology\UI\Api\Controllers\UserController\getCurrentUser
getCurrentUser($request, $response, $args)
Definition: UserController.php:181
Fossology\UI\Api\Helper\ResponseHelper
Override Slim response for withJson function.
Definition: ResponseHelper.php:22
Fossology\UI\Api\Helper\RestHelper
Provides various DAO helper functions for REST api.
Definition: RestHelper.php:32
Fossology\UI\Api\Helper\UserHelper
Handle user related queries.
Definition: UserHelper.php:28
Fossology\UI\Api\Models\ApiVersion\getVersion
static getVersion(ServerRequestInterface $request)
Definition: ApiVersion.php:29
Fossology\UI\Api\Models\InfoType
Different type of infos provided by REST.
Definition: InfoType.php:16
Fossology\UI\Api\Models\Info
Info model to contain general error and return values.
Definition: Info.php:19
Fossology\UI\Api\Models\TokenRequest\fromArray
static fromArray(array $input, int $version)
Definition: TokenRequest.php:184
userAgents
userAgents($agents=null)
Read the UI form and format the user selected agents into a comma separated list.
Definition: common-agents.php:361