FOSSology  4.6.0
Open Source License Compliance by Open Source Software
UserController.php
Go to the documentation of this file.
1 <?php
2 /*
3  SPDX-FileCopyrightText: © 2018, 2021 Siemens AG
4  Author: Gaurav Mishra <mishra.gaurav@siemens.com>
5 
6  SPDX-License-Identifier: GPL-2.0-only
7 */
13 namespace Fossology\UI\Api\Controllers;
14 
15 use Fossology\Lib\Exceptions\DuplicateTokenKeyException;
16 use Fossology\Lib\Exceptions\DuplicateTokenNameException;
17 use Fossology\UI\Api\Exceptions\HttpBadRequestException;
18 use Fossology\UI\Api\Exceptions\HttpConflictException;
19 use Fossology\UI\Api\Exceptions\HttpErrorException;
20 use Fossology\UI\Api\Exceptions\HttpInternalServerErrorException;
21 use Fossology\UI\Api\Exceptions\HttpNotFoundException;
22 use Fossology\UI\Api\Exceptions\HttpTooManyRequestException;
23 use Fossology\UI\Api\Helper\ResponseHelper;
24 use Fossology\UI\Api\Helper\RestHelper;
25 use Fossology\UI\Api\Helper\UserHelper;
26 use Fossology\UI\Api\Models\ApiVersion;
27 use Fossology\UI\Api\Models\Info;
28 use Fossology\UI\Api\Models\InfoType;
29 use Fossology\UI\Api\Models\TokenRequest;
30 use Psr\Http\Message\ServerRequestInterface;
31 
36 class UserController extends RestController
37 {
47  public function getUsers($request, $response, $args)
48  {
49  $this->throwNotAdminException();
50  $apiVersion = ApiVersion::getVersion($request);
51  $id = null;
52  if (isset($args['pathParam'])) {
53  $id = $apiVersion == ApiVersion::V2 ? intval($this->restHelper->getUserDao()->getUserByName($args['pathParam'])['user_pk']) : intval($args['pathParam']);
54  if (! $this->dbHelper->doesIdExist("users", "user_pk", $id)) {
55  throw new HttpNotFoundException("UserId doesn't exist");
56  }
57  }
58  $users = $this->dbHelper->getUsers($id);
59 
60  $allUsers = array();
61  foreach ($users as $user) {
62  $allUsers[] = $user->getArray($apiVersion);
63  }
64  if ($id !== null) {
65  $allUsers = $allUsers[0];
66  }
67  return $response->withJson($allUsers, 200);
68  }
69 
79  public function addUser($request, $response, $args)
80  {
81  $this->throwNotAdminException();
82  $apiVersion = ApiVersion::getVersion($request);
83  $userDetails = $this->getParsedBody($request);
84  $userHelper = new UserHelper();
85  // creating symphony request
86  $symfonyRequest = new \Symfony\Component\HttpFoundation\Request();
87  $symfonyRequest->request->set('username', $userDetails['name']);
88  $symfonyRequest->request->set('pass1', $userDetails[$apiVersion == ApiVersion::V2 ? 'userPass' : 'user_pass']);
89  $symfonyRequest->request->set('pass2', $userDetails[$apiVersion == ApiVersion::V2 ? 'userPass' : 'user_pass']);
90  $symfonyRequest->request->set('description', $userDetails['description']);
91  $symfonyRequest->request->set('permission', $userHelper->getEquivalentValueForPermission($userDetails['accessLevel']));
92  $symfonyRequest->request->set('folder', $userDetails['rootFolderId']);
93  $symfonyRequest->request->set('enote', $userDetails['emailNotification'] ? 'y' : 'n');
94  $symfonyRequest->request->set('email', $userDetails['email']);
95  $symfonyRequest->request->set('public', $userDetails['defaultVisibility']);
96  $symfonyRequest->request->set('default_bucketpool_fk', $userDetails['defaultBucketpool'] ?? 2);
97 
98  $agents = array();
99  if (isset($userDetails['agents'])) {
100  if (is_string($userDetails['agents'])) { // If 'x-www-form-urlencoded', inner elements are not decoded
101  $userDetails['agents'] = json_decode($userDetails['agents'], true);
102  }
103  $agents['Check_agent_mimetype'] = isset($userDetails['agents']['mime']) && $userDetails['agents']['mime'] ? 1 : 0;
104  $agents['Check_agent_monk'] = isset($userDetails['agents']['monk']) && $userDetails['agents']['monk'] ? 1 : 0;
105  $agents['Check_agent_ojo'] = isset($userDetails['agents']['ojo']) && $userDetails['agents']['ojo'] ? 1 : 0;
106  $agents['Check_agent_bucket'] = isset($userDetails['agents']['bucket']) && $userDetails['agents']['bucket'] ? 1 : 0 ;
107  $agents['Check_agent_copyright'] = isset($userDetails['agents'][$apiVersion == ApiVersion::V2 ? 'copyrightEmailAuthor' : 'copyright_email_author']) && $userDetails['agents'][$apiVersion == ApiVersion::V2 ? 'copyrightEmailAuthor' : 'copyright_email_author'] ? 1 : 0;
108  $agents['Check_agent_ecc'] = isset($userDetails['agents']['ecc']) && $userDetails['agents']['ecc'] ? 1 : 0;
109  $agents['Check_agent_keyword'] = isset($userDetails['agents']['keyword']) && $userDetails['agents']['keyword'] ? 1 : 0;
110  $agents['Check_agent_nomos'] = isset($userDetails['agents']['nomos']) && $userDetails['agents']['nomos'] ? 1 : 0;
111  $agents['Check_agent_pkgagent'] = isset($userDetails['agents']['package']) && $userDetails['agents']['package'] ? 1 : 0;
112  $agents['Check_agent_reso'] = isset($userDetails['agents']['reso']) && $userDetails['agents']['reso'] ? 1 : 0;
113  $agents['Check_agent_shagent'] = isset($userDetails['agents']['heritage']) && $userDetails['agents']['heritage'] ? 1 : 0 ;
114  }
115 
116  $symfonyRequest->request->set('user_agent_list', userAgents($agents));
117 
118  // initialising the user_add object
119  global $container;
120  $restHelper = $container->get('helper.restHelper');
121  $userAddObj = $restHelper->getPlugin('user_add');
122 
123  // calling the add function
124  $ErrMsg = $userAddObj->add($symfonyRequest);
125 
126  if ($ErrMsg != '') {
127  throw new HttpInternalServerErrorException($ErrMsg);
128  }
129 
130  $returnVal = new Info(201, "User created successfully", InfoType::INFO);
131  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
132  }
133 
143  public function deleteUser($request, $response, $args)
144  {
145  $this->throwNotAdminException();
146  $apiVersion = ApiVersion::getVersion($request);
147  $id = $apiVersion == ApiVersion::V2 ? intval($this->restHelper->getUserDao()->getUserByName($args['pathParam'])['user_pk']) : intval($args['pathParam']);
148  if (!$this->dbHelper->doesIdExist("users","user_pk", $id)) {
149  throw new HttpNotFoundException("UserId doesn't exist");
150  }
151 
152  $this->dbHelper->deleteUser($id);
153  $returnVal = new Info(202, "User will be deleted", InfoType::INFO);
154  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
155  }
156 
165  public function getCurrentUser($request, $response, $args)
166  {
167  $apiVersion = ApiVersion::getVersion($request);
168  $user = $this->dbHelper->getUsers($this->restHelper->getUserId())[0]->getArray($apiVersion);
169  if ($apiVersion == ApiVersion::V2) {
170  return $response->withJson($user, 200);
171  }
172  $userDao = $this->restHelper->getUserDao();
173  $defaultGroup = $userDao->getUserAndDefaultGroupByUserName($user["name"])["group_name"];
174  $user['default_group'] = $defaultGroup;
175  return $response->withJson($user, 200);
176  }
177 
187  public function updateUser($request, $response, $args)
188  {
189  $apiVersion = ApiVersion::getVersion($request);
190  $id = $apiVersion == ApiVersion::V2 ? intval($this->restHelper->getUserDao()->getUserByName($args['pathParam'])['user_pk']) : intval($args['pathParam']);
191  if ($id !== intval($this->restHelper->getUserId())) {
192  $this->throwNotAdminException();
193  }
194  if (!$this->dbHelper->doesIdExist("users","user_pk", $id)) {
195  throw new HttpNotFoundException("UserId doesn't exist");
196  }
197  $reqBody = $this->getParsedBody($request);
198  $userHelper = new UserHelper($id);
199  $returnVal = $userHelper->modifyUserDetails($reqBody, $apiVersion);
200  return $response->withJson($returnVal->getArray(), $returnVal->getCode());
201  }
202 
212  public function createRestApiToken($request, $response, $args)
213  {
214  $reqBody = $this->getParsedBody($request);
215  $tokenRequest = TokenRequest::fromArray($reqBody,
216  ApiVersion::getVersion($request));
217  $symfonyRequest = new \Symfony\Component\HttpFoundation\Request();
218 
219  // translating values for symfony request
220  $symfonyRequest->request->set('pat_name', $tokenRequest->getTokenName());
221  $symfonyRequest->request->set('pat_expiry', $tokenRequest->getTokenExpire());
222  $symfonyRequest->request->set('pat_scope', $tokenRequest->getTokenScope());
223 
224  // initialising the user_edit plugin
225  global $container;
227  $restHelper = $container->get('helper.restHelper');
229  $userEditObj = $restHelper->getPlugin('user_edit');
230 
231  // creating the REST token
232  try {
233  $token = $userEditObj->generateNewToken($symfonyRequest);
234  } catch (DuplicateTokenKeyException $e) {
235  throw new HttpTooManyRequestException("Please try again later.", $e);
236  } catch (DuplicateTokenNameException $e) {
237  throw new HttpConflictException($e->getMessage(), $e);
238  } catch (\UnexpectedValueException $e) {
239  throw new HttpBadRequestException($e->getMessage(), $e);
240  }
241 
242  $returnVal = new Info(201, "Token created successfully", InfoType::INFO);
243  $res = $returnVal->getArray();
244  $res['token'] = $token;
245  return $response->withJson($res, $returnVal->getCode());
246  }
247 
257  public function getTokens($request, $response, $args)
258  {
259  $apiVersion = ApiVersion::getVersion($request);
260  $tokenType = $args['type'];
261  if ($tokenType != "active" && $tokenType != "expired") {
262  throw new HttpBadRequestException("Invalid request!");
263  }
264  // initialising the user_edit plugin
265  global $container;
266  $restHelper = $container->get('helper.restHelper');
267  $userEditObj = $restHelper->getPlugin('user_edit');
268 
269  // getting the list of tokens based on the type of token requested
270  $tokens = $tokenType == "active" ? $userEditObj->getListOfActiveTokens() : $userEditObj->getListOfExpiredTokens();
271  $manageTokenObj = $restHelper->getPlugin('manage-token');
272 
273  $finalTokens = array();
274  foreach ($tokens as $token) {
275  list($tokenPk) = explode(".", $token['id']);
276  $tokenVal = $manageTokenObj->revealToken($tokenPk);
277  $finalTokens[] = array_merge($token, ['token' => $tokenVal['token']]);
278  }
279 
280  $returnVal = new Info(200, "Success", InfoType::INFO);
281  $res = $returnVal->getArray();
282  $res[$tokenType . ($apiVersion == ApiVersion::V2 ? 'Tokens' : '_tokens')] = $finalTokens;
283  return $response->withJson($res, $returnVal->getCode());
284  }
285 }
Fossology\Lib\Exceptions\DuplicateTokenKeyException
Exception when a token has duplicate key for same user.
Definition: DuplicateTokenKeyException.php:15
Fossology\Lib\Exceptions\DuplicateTokenNameException
Exception when a token has duplicate name for same user.
Definition: DuplicateTokenNameException.php:15
Fossology\UI\Api\Controllers\RestController
Base controller for REST calls.
Definition: RestController.php:30
Fossology\UI\Api\Controllers\RestController\getParsedBody
getParsedBody(ServerRequestInterface $request)
Parse request body as JSON and return associative PHP array.
Definition: RestController.php:69
Fossology\UI\Api\Controllers\UserController\getCurrentUser
getCurrentUser($request, $response, $args)
Definition: UserController.php:165
Fossology\UI\Api\Helper\ResponseHelper
Override Slim response for withJson function.
Definition: ResponseHelper.php:22
Fossology\UI\Api\Helper\RestHelper
Provides various DAO helper functions for REST api.
Definition: RestHelper.php:32
Fossology\UI\Api\Helper\UserHelper
Handle user related queries.
Definition: UserHelper.php:28
Fossology\UI\Api\Models\ApiVersion\getVersion
static getVersion(ServerRequestInterface $request)
Definition: ApiVersion.php:29
Fossology\UI\Api\Models\InfoType
Different type of infos provided by REST.
Definition: InfoType.php:16
Fossology\UI\Api\Models\Info
Info model to contain general error and return values.
Definition: Info.php:19
Fossology\UI\Api\Models\TokenRequest\fromArray
static fromArray(array $input, int $version)
Definition: TokenRequest.php:184
userAgents
userAgents($agents=null)
Read the UI form and format the user selected agents into a comma separated list.
Definition: common-agents.php:361