Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-13 03:46:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

refactor: [WIP] Migrate auth token controller.

Browse Source 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
This commit is contained in:
Rubén D
2022-06-11 08:44:23 +02:00
parent 6aa2e29caf
commit 1bc977dfc8
10 changed files with 794 additions and 516 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
app/modules/web/Controllers/AuthToken/AuthTokenSaveBase.php Normal file
View File

@@ -0,0 +1,63 @@
<?php
/*
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2022, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Modules\Web\Controllers\AuthToken;
use SP\Core\Application;
use SP\Domain\Auth\AuthTokenServiceInterface;
use SP\Domain\CustomField\CustomFieldServiceInterface;
use SP\Modules\Web\Controllers\ControllerBase;
use SP\Modules\Web\Controllers\Traits\JsonTrait;
use SP\Modules\Web\Forms\AuthTokenForm;
use SP\Mvc\Controller\ItemTrait;
use SP\Mvc\Controller\WebControllerHelper;
/**
* A base class for all "save" actions
*/
abstract class AuthTokenSaveBase extends ControllerBase
{
use JsonTrait, ItemTrait;
protected CustomFieldServiceInterface $customFieldService;
protected AuthTokenServiceInterface $authTokenService;
protected AuthTokenForm $form;
public function __construct(
Application $application,
WebControllerHelper $webControllerHelper,
AuthTokenServiceInterface $authTokenService,
CustomFieldServiceInterface $customFieldService,
) {
parent::__construct($application, $webControllerHelper);
$this->checkLoggedIn();
$this->authTokenService = $authTokenService;
$this->customFieldService = $customFieldService;
$this->form = new AuthTokenForm($application, $this->request);
}
}

119
app/modules/web/Controllers/AuthToken/AuthTokenViewBase.php Normal file
View File

@@ -0,0 +1,119 @@
<?php
/*
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2022, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Modules\Web\Controllers\AuthToken;
use SP\Core\Acl\Acl;
use SP\Core\Acl\ActionsInterface;
use SP\Core\Application;
use SP\Core\Exceptions\ConstraintException;
use SP\Core\Exceptions\QueryException;
use SP\Core\Exceptions\SPException;
use SP\DataModel\AuthTokenData;
use SP\Domain\Auth\AuthTokenServiceInterface;
use SP\Domain\Auth\Services\AuthTokenService;
use SP\Domain\CustomField\CustomFieldServiceInterface;
use SP\Domain\User\UserServiceInterface;
use SP\Modules\Web\Controllers\ControllerBase;
use SP\Modules\Web\Controllers\Traits\JsonTrait;
use SP\Mvc\Controller\ItemTrait;
use SP\Mvc\Controller\WebControllerHelper;
use SP\Mvc\View\Components\SelectItemAdapter;
/**
* A base class for all classes that creates viewieable actions
*/
abstract class AuthTokenViewBase extends ControllerBase
{
use JsonTrait, ItemTrait;
private AuthTokenServiceInterface $authTokenService;
private CustomFieldServiceInterface $customFieldService;
private UserServiceInterface $userService;
public function __construct(
Application $application,
WebControllerHelper $webControllerHelper,
CustomFieldServiceInterface $customFieldService,
UserServiceInterface $userService
) {
parent::__construct($application, $webControllerHelper);
$this->checkLoggedIn();
$this->customFieldService = $customFieldService;
$this->userService = $userService;
}
/**
* Sets view data for displaying auth token's data
*
* @param int|null $authTokenId
*
* @throws ConstraintException
* @throws QueryException
* @throws SPException
* @throws \SP\Domain\Common\Services\ServiceException
*/
protected function setViewData(?int $authTokenId = null): void
{
$this->view->addTemplate('auth_token', 'itemshow');
$authToken = $authTokenId
? $this->authTokenService->getById($authTokenId)
: new AuthTokenData();
$this->view->assign('authToken', $authToken);
$this->view->assign(
'users',
SelectItemAdapter::factory($this->userService->getAllBasic())
->getItemsFromModelSelected([$authToken->getUserId()])
);
$this->view->assign(
'actions',
SelectItemAdapter::factory(AuthTokenService::getTokenActions())
->getItemsFromArraySelected([$authToken->getActionId()])
);
$this->view->assign(
'nextAction',
Acl::getActionRoute(ActionsInterface::ACCESS_MANAGE)
);
if ($this->view->isView === true) {
$this->view->assign('disabled', 'disabled');
$this->view->assign('readonly', 'readonly');
} else {
$this->view->assign('disabled', false);
$this->view->assign('readonly', false);
}
$this->view->assign(
'customFields',
$this->getCustomFieldsForItem(ActionsInterface::AUTHTOKEN, $authTokenId, $this->customFieldService)
);
}
}

70
app/modules/web/Controllers/AuthToken/CreateController.php Normal file
View File

@@ -0,0 +1,70 @@
<?php
/*
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2022, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Modules\Web\Controllers\AuthToken;
use Exception;
use SP\Core\Acl\ActionsInterface;
use SP\Core\Events\Event;
use SP\Http\JsonResponse;
/**
* Class CreateController
*
* @package SP\Modules\Web\Controllers
*/
final class CreateController extends AuthTokenViewBase
{
/**
* @return bool
* @throws \JsonException
*/
public function createAction(): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_CREATE)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$this->view->assign('header', __('New Authorization'));
$this->view->assign('isView', false);
$this->view->assign('route', 'authToken/saveCreate');
$this->setViewData();
$this->eventDispatcher->notifyEvent('show.authToken.create', new Event($this));
return $this->returnJsonResponseData(['html' => $this->render()]);
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent('exception', new Event($e));
return $this->returnJsonResponseException($e);
}
}
}

94
app/modules/web/Controllers/AuthToken/DeleteController.php Normal file
View File

@@ -0,0 +1,94 @@
<?php
/*
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2022, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Modules\Web\Controllers\AuthToken;
use Exception;
use SP\Core\Acl\ActionsInterface;
use SP\Core\Events\Event;
use SP\Core\Events\EventMessage;
use SP\Http\JsonResponse;
/**
* Class DeleteController
*
* @package SP\Modules\Web\Controllers
*/
final class DeleteController extends AuthTokenSaveBase
{
/**
* Delete action
*
* @param int|null $id
*
* @return bool
* @throws \JsonException
*/
public function deleteAction(?int $id = null): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_DELETE)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
if ($id === null) {
$this->authTokenService->deleteByIdBatch($this->getItemsIdFromRequest($this->request));
$this->deleteCustomFieldsForItem(ActionsInterface::AUTHTOKEN, $id, $this->customFieldService);
$this->eventDispatcher->notifyEvent(
'delete.authToken.selection',
new Event($this, EventMessage::factory()->addDescription(__u('Authorizations deleted')))
);
return $this->returnJsonResponse(JsonResponse::JSON_SUCCESS, __u('Authorizations deleted'));
}
$this->authTokenService->delete($id);
$this->deleteCustomFieldsForItem(ActionsInterface::AUTHTOKEN, $id, $this->customFieldService);
$this->eventDispatcher->notifyEvent(
'delete.authToken',
new Event(
$this,
EventMessage::factory()
->addDescription(__u('Authorization deleted'))
->addDetail(__u('Authorization'), $id)
)
);
return $this->returnJsonResponse(JsonResponse::JSON_SUCCESS, __u('Authorization deleted'));
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent('exception', new Event($e));
return $this->returnJsonResponseException($e);
}
}
}

74
app/modules/web/Controllers/AuthToken/EditController.php Normal file
View File

@@ -0,0 +1,74 @@
<?php
/*
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2022, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Modules\Web\Controllers\AuthToken;
use Exception;
use SP\Core\Acl\ActionsInterface;
use SP\Core\Events\Event;
use SP\Http\JsonResponse;
/**
* Class EditController
*
* @package SP\Modules\Web\Controllers
*/
final class EditController extends AuthTokenViewBase
{
/**
* Edit action
*
* @param int $id
*
* @return bool
* @throws \JsonException
*/
public function editAction(int $id): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_EDIT)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$this->view->assign('header', __('Edit Authorization'));
$this->view->assign('isView', false);
$this->view->assign('route', 'authToken/saveEdit/'.$id);
$this->setViewData($id);
$this->eventDispatcher->notifyEvent('show.authToken.edit', new Event($this));
return $this->returnJsonResponseData(['html' => $this->render()]);
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent('exception', new Event($e));
return $this->returnJsonResponseException($e);
}
}
}

78
app/modules/web/Controllers/AuthToken/SaveCreateController.php Normal file
View File

@@ -0,0 +1,78 @@
<?php
/*
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2022, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Modules\Web\Controllers\AuthToken;
use Exception;
use SP\Core\Acl\ActionsInterface;
use SP\Core\Events\Event;
use SP\Core\Exceptions\ValidationException;
use SP\Http\JsonResponse;
/**
* Class SaveCreateController
*
* @package SP\Modules\Web\Controllers
*/
final class SaveCreateController extends AuthTokenSaveBase
{
/**
* @return bool
* @throws \JsonException
*/
public function saveCreateAction(): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_CREATE)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$this->form->validate(ActionsInterface::AUTHTOKEN_CREATE);
$id = $this->authTokenService->create($this->form->getItemData());
$this->addCustomFieldsForItem(
ActionsInterface::AUTHTOKEN,
$id,
$this->request,
$this->customFieldService
);
$this->eventDispatcher->notifyEvent('create.authToken', new Event($this));
return $this->returnJsonResponse(JsonResponse::JSON_SUCCESS, __u('Authorization added'));
} catch (ValidationException $e) {
return $this->returnJsonResponse(JsonResponse::JSON_ERROR, $e->getMessage());
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent('exception', new Event($e));
return $this->returnJsonResponseException($e);
}
}
}

107
app/modules/web/Controllers/AuthToken/SaveEditController.php Normal file
View File

@@ -0,0 +1,107 @@
<?php
/*
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2022, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Modules\Web\Controllers\AuthToken;
use Exception;
use SP\Core\Acl\ActionsInterface;
use SP\Core\Events\Event;
use SP\Core\Events\EventMessage;
use SP\Core\Exceptions\ValidationException;
use SP\Http\JsonResponse;
/**
* Class SaveEditController
*
* @package SP\Modules\Web\Controllers
*/
final class SaveEditController extends AuthTokenSaveBase
{
/**
* Saves edit action
*
* @param int $id
*
* @return bool
* @throws \JsonException
*/
public function saveEditAction(int $id): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_EDIT)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$this->form->setItemId($id);
$this->form->validate(ActionsInterface::AUTHTOKEN_EDIT);
if ($this->form->isRefresh()) {
$this->authTokenService->refreshAndUpdate($this->form->getItemData());
$this->eventDispatcher->notifyEvent(
'refresh.authToken',
new Event(
$this,
EventMessage::factory()
->addDescription(__u('Authorization updated'))
->addDetail(__u('Authorization'), $id)
)
);
} else {
$this->authTokenService->update($this->form->getItemData());
$this->eventDispatcher->notifyEvent(
'edit.authToken',
new Event(
$this,
EventMessage::factory()
->addDescription(__u('Authorization updated'))
->addDetail(__u('Authorization'), $id)
)
);
}
$this->updateCustomFieldsForItem(
ActionsInterface::AUTHTOKEN,
$id,
$this->request,
$this->customFieldService
);
return $this->returnJsonResponse(JsonResponse::JSON_SUCCESS, __u('Authorization updated'));
} catch (ValidationException $e) {
return $this->returnJsonResponse(JsonResponse::JSON_ERROR, $e->getMessage());
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent('exception', new Event($e));
return $this->returnJsonResponseException($e);
}
}
}

107
app/modules/web/Controllers/AuthToken/SearchController.php Normal file
View File

@@ -0,0 +1,107 @@
<?php
/*
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2022, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Modules\Web\Controllers\AuthToken;
use SP\Core\Acl\ActionsInterface;
use SP\Core\Application;
use SP\Core\Exceptions\ConstraintException;
use SP\Core\Exceptions\QueryException;
use SP\Core\Exceptions\SPException;
use SP\Domain\Auth\AuthTokenServiceInterface;
use SP\Html\DataGrid\DataGridInterface;
use SP\Http\JsonResponse;
use SP\Modules\Web\Controllers\ControllerBase;
use SP\Modules\Web\Controllers\Helpers\Grid\AuthTokenGrid;
use SP\Modules\Web\Controllers\Traits\JsonTrait;
use SP\Mvc\Controller\ItemTrait;
use SP\Mvc\Controller\WebControllerHelper;
/**
* Class SearchController
*
* @package SP\Modules\Web\Controllers
*/
final class SearchController extends ControllerBase
{
use JsonTrait, ItemTrait;
private AuthTokenServiceInterface $authTokenService;
private AuthTokenGrid $authTokenGrid;
public function __construct(
Application $application,
WebControllerHelper $webControllerHelper,
AuthTokenServiceInterface $authTokenService,
AuthTokenGrid $authTokenGrid
) {
parent::__construct($application, $webControllerHelper);
$this->checkLoggedIn();
$this->authTokenService = $authTokenService;
$this->authTokenGrid = $authTokenGrid;
}
/**
* Search action
*
* @return bool
* @throws ConstraintException
* @throws QueryException
* @throws SPException
* @throws \JsonException
*/
public function searchAction(): bool
{
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_SEARCH)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$this->view->addTemplate('datagrid-table', 'grid');
$this->view->assign('index', $this->request->analyzeInt('activetab', 0));
$this->view->assign('data', $this->getSearchGrid());
return $this->returnJsonResponseData(['html' => $this->render()]);
}
/**
* getSearchGrid
*
* @throws ConstraintException
* @throws QueryException
*/
protected function getSearchGrid(): DataGridInterface
{
$itemSearchData = $this->getSearchData($this->configData->getAccountCount(), $this->request);
return $this->authTokenGrid->updatePager(
$this->authTokenGrid->getGrid($this->authTokenService->search($itemSearchData)),
$itemSearchData
);
}
}

82
app/modules/web/Controllers/AuthToken/ViewController.php Normal file
View File

@@ -0,0 +1,82 @@
<?php
/*
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2022, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Modules\Web\Controllers\AuthToken;
use Exception;
use SP\Core\Acl\ActionsInterface;
use SP\Core\Events\Event;
use SP\Core\Events\EventMessage;
use SP\Http\JsonResponse;
/**
* Class ViewController
*
* @package SP\Modules\Web\Controllers
*/
final class ViewController extends AuthTokenViewBase
{
/**
* View action
*
* @param int $id
*
* @return bool
* @throws \JsonException
*/
public function viewAction(int $id): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_VIEW)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$this->view->assign('header', __('View Authorization'));
$this->view->assign('isView', true);
$this->setViewData($id);
$this->eventDispatcher->notifyEvent(
'show.authToken',
new Event(
$this,
EventMessage::factory()
->addDescription(__u('Authorization viewed'))
->addDetail(__u('Authorization'), $id)
)
);
return $this->returnJsonResponseData(['html' => $this->render()]);
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent('exception', new Event($e));
return $this->returnJsonResponseException($e);
}
}
}

516
app/modules/web/Controllers/AuthTokenController.php
View File

@@ -1,516 +0,0 @@
<?php
/*
* sysPass
*
* @author nuxsmin
* @link https://syspass.org
* @copyright 2012-2021, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Modules\Web\Controllers;
use DI\DependencyException;
use DI\NotFoundException;
use Exception;
use SP\Core\Acl\Acl;
use SP\Core\Acl\ActionsInterface;
use SP\Core\Events\Event;
use SP\Core\Events\EventMessage;
use SP\Core\Exceptions\ConstraintException;
use SP\Core\Exceptions\QueryException;
use SP\Core\Exceptions\SessionTimeout;
use SP\Core\Exceptions\SPException;
use SP\Core\Exceptions\ValidationException;
use SP\DataModel\AuthTokenData;
use SP\Domain\Auth\Services\AuthException;
use SP\Domain\Auth\Services\AuthTokenService;
use SP\Domain\Common\Services\ServiceException;
use SP\Domain\User\Services\UserService;
use SP\Html\DataGrid\DataGridInterface;
use SP\Http\JsonResponse;
use SP\Modules\Web\Controllers\Helpers\Grid\AuthTokenGrid;
use SP\Modules\Web\Controllers\Traits\JsonTrait;
use SP\Modules\Web\Forms\AuthTokenForm;
use SP\Mvc\Controller\CrudControllerInterface;
use SP\Mvc\Controller\ItemTrait;
use SP\Mvc\View\Components\SelectItemAdapter;
/**
* Class AuthTokenController
*
* @package SP\Modules\Web\Controllers
*/
final class AuthTokenController extends ControllerBase implements CrudControllerInterface
{
use JsonTrait, ItemTrait;
protected ?AuthTokenService $authTokenService = null;
/**
* Search action
*
* @return bool
* @throws DependencyException
* @throws NotFoundException
* @throws ConstraintException
* @throws QueryException
* @throws SPException
* @throws \JsonException
*/
public function searchAction(): bool
{
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_SEARCH)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$this->view->addTemplate('datagrid-table', 'grid');
$this->view->assign(
'index',
$this->request->analyzeInt('activetab', 0)
);
$this->view->assign('data', $this->getSearchGrid());
return $this->returnJsonResponseData(['html' => $this->render()]);
}
/**
* getSearchGrid
*
* @throws DependencyException
* @throws NotFoundException
* @throws ConstraintException
* @throws QueryException
*/
protected function getSearchGrid(): DataGridInterface
{
$itemSearchData = $this->getSearchData(
$this->configData->getAccountCount(),
$this->request
);
$authTokenGrid = $this->dic->get(AuthTokenGrid::class);
return $authTokenGrid->updatePager(
$authTokenGrid->getGrid($this->authTokenService->search($itemSearchData)),
$itemSearchData
);
}
/**
* @return bool
* @throws \DI\DependencyException
* @throws \DI\NotFoundException
* @throws \JsonException
*/
public function createAction(): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_CREATE)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$this->view->assign('header', __('New Authorization'));
$this->view->assign('isView', false);
$this->view->assign('route', 'authToken/saveCreate');
$this->setViewData();
$this->eventDispatcher->notifyEvent(
'show.authToken.create',
new Event($this)
);
return $this->returnJsonResponseData(['html' => $this->render()]);
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent(
'exception',
new Event($e)
);
return $this->returnJsonResponseException($e);
}
}
/**
* Sets view data for displaying auth token's data
*
* @param int|null $authTokenId
*
* @throws ConstraintException
* @throws DependencyException
* @throws NotFoundException
* @throws QueryException
* @throws SPException
* @throws \SP\Domain\Common\Services\ServiceException
*/
protected function setViewData(?int $authTokenId = null): void
{
$this->view->addTemplate('auth_token', 'itemshow');
$authToken = $authTokenId
? $this->authTokenService->getById($authTokenId)
: new AuthTokenData();
$this->view->assign('authToken', $authToken);
$this->view->assign(
'users',
SelectItemAdapter::factory(UserService::getItemsBasic())
->getItemsFromModelSelected([$authToken->getUserId()])
);
$this->view->assign(
'actions',
SelectItemAdapter::factory(AuthTokenService::getTokenActions())
->getItemsFromArraySelected([$authToken->getActionId()])
);
$this->view->assign(
'nextAction',
Acl::getActionRoute(ActionsInterface::ACCESS_MANAGE)
);
if ($this->view->isView === true) {
$this->view->assign('disabled', 'disabled');
$this->view->assign('readonly', 'readonly');
} else {
$this->view->assign('disabled', false);
$this->view->assign('readonly', false);
}
$this->view->assign(
'customFields',
$this->getCustomFieldsForItem(ActionsInterface::AUTHTOKEN, $authTokenId)
);
}
/**
* Edit action
*
* @param int $id
*
* @return bool
* @throws \DI\DependencyException
* @throws \DI\NotFoundException
* @throws \JsonException
*/
public function editAction(int $id): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_EDIT)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$this->view->assign('header', __('Edit Authorization'));
$this->view->assign('isView', false);
$this->view->assign('route', 'authToken/saveEdit/' . $id);
$this->setViewData($id);
$this->eventDispatcher->notifyEvent(
'show.authToken.edit',
new Event($this)
);
return $this->returnJsonResponseData(['html' => $this->render()]);
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent('exception', new Event($e));
return $this->returnJsonResponseException($e);
}
}
/**
* Delete action
*
* @param int|null $id
*
* @return bool
* @throws DependencyException
* @throws NotFoundException
* @throws \JsonException
*/
public function deleteAction(?int $id = null): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_DELETE)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
if ($id === null) {
$this->authTokenService
->deleteByIdBatch($this->getItemsIdFromRequest($this->request));
$this->deleteCustomFieldsForItem(ActionsInterface::AUTHTOKEN, $id);
$this->eventDispatcher->notifyEvent(
'delete.authToken.selection',
new Event(
$this,
EventMessage::factory()
->addDescription(__u('Authorizations deleted'))
)
);
return $this->returnJsonResponse(
JsonResponse::JSON_SUCCESS,
__u('Authorizations deleted')
);
}
$this->authTokenService->delete($id);
$this->deleteCustomFieldsForItem(ActionsInterface::AUTHTOKEN, $id);
$this->eventDispatcher->notifyEvent(
'delete.authToken',
new Event(
$this,
EventMessage::factory()
->addDescription(__u('Authorization deleted'))
->addDetail(__u('Authorization'), $id)
)
);
return $this->returnJsonResponse(
JsonResponse::JSON_SUCCESS,
__u('Authorization deleted')
);
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent(
'exception',
new Event($e)
);
return $this->returnJsonResponseException($e);
}
}
/**
* @return bool
* @throws DependencyException
* @throws NotFoundException
* @throws \JsonException
*/
public function saveCreateAction(): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_CREATE)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$form = new AuthTokenForm($this->dic);
$form->validate(ActionsInterface::AUTHTOKEN_CREATE);
$apiTokenData = $form->getItemData();
$id = $this->authTokenService->create($apiTokenData);
$this->addCustomFieldsForItem(
ActionsInterface::AUTHTOKEN,
$id,
$this->request
);
$this->eventDispatcher->notifyEvent(
'create.authToken',
new Event($this)
);
return $this->returnJsonResponse(
JsonResponse::JSON_SUCCESS,
__u('Authorization added')
);
} catch (ValidationException $e) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
$e->getMessage()
);
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent(
'exception',
new Event($e)
);
return $this->returnJsonResponseException($e);
}
}
/**
* Saves edit action
*
* @param int $id
*
* @return bool
* @throws DependencyException
* @throws NotFoundException
* @throws \JsonException
*/
public function saveEditAction(int $id): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_EDIT)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$form = new AuthTokenForm($this->dic, $id);
$form->validate(ActionsInterface::AUTHTOKEN_EDIT);
if ($form->isRefresh()) {
$this->authTokenService->refreshAndUpdate($form->getItemData());
$this->eventDispatcher->notifyEvent(
'refresh.authToken',
new Event(
$this,
EventMessage::factory()
->addDescription(__u('Authorization updated'))
->addDetail(__u('Authorization'), $id)
)
);
} else {
$this->authTokenService->update($form->getItemData());
$this->eventDispatcher->notifyEvent('edit.authToken',
new Event(
$this,
EventMessage::factory()
->addDescription(__u('Authorization updated'))
->addDetail(__u('Authorization'), $id)
)
);
}
$this->updateCustomFieldsForItem(
ActionsInterface::AUTHTOKEN,
$id,
$this->request
);
return $this->returnJsonResponse(
JsonResponse::JSON_SUCCESS,
__u('Authorization updated')
);
} catch (ValidationException $e) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
$e->getMessage()
);
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent(
'exception',
new Event($e)
);
return $this->returnJsonResponseException($e);
}
}
/**
* View action
*
* @param int $id
*
* @return bool
* @throws DependencyException
* @throws NotFoundException
* @throws \JsonException
*/
public function viewAction(int $id): bool
{
try {
if (!$this->acl->checkUserAccess(ActionsInterface::AUTHTOKEN_VIEW)) {
return $this->returnJsonResponse(
JsonResponse::JSON_ERROR,
__u('You don\'t have permission to do this operation')
);
}
$this->view->assign('header', __('View Authorization'));
$this->view->assign('isView', true);
$this->setViewData($id);
$this->eventDispatcher->notifyEvent(
'show.authToken',
new Event(
$this,
EventMessage::factory()
->addDescription(__u('Authorization viewed'))
->addDetail(__u('Authorization'), $id)
)
);
return $this->returnJsonResponseData(['html' => $this->render()]);
} catch (Exception $e) {
processException($e);
$this->eventDispatcher->notifyEvent(
'exception',
new Event($e)
);
return $this->returnJsonResponseException($e);
}
}
/**
* Initialize class
*
* @throws AuthException
* @throws DependencyException
* @throws NotFoundException
* @throws SessionTimeout
*/
protected function initialize(): void
{
$this->checkLoggedIn();
$this->authTokenService = $this->dic->get(AuthTokenService::class);
}
}