Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-07 00:46:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
daa97f79fc09d7e094e5dd4e13868c307e59cb06
sysPass/inc/SP/Api/ApiBase.class.php
nuxsmin 931e3e75d5 * [MOD] Event logs are now logged in app lagnguage instead of user language. 
* [MOD] Improved actions handling.
* [FIX] Minor bugfixes.
2017-01-15 22:33:11 +01:00

240 lines
6.1 KiB
PHP
Raw Blame History

<?php
/**
* sysPass
*
* @author nuxsmin
* @link http://syspass.org
* @copyright 2012-2017, Rubén Domínguez nuxsmin@$syspass.org
*
* This file is part of sysPass.
*
* sysPass is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* sysPass is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
*/
namespace SP\Api;
defined('APP_ROOT') || die();
use SP\Auth\Auth;
use SP\Auth\AuthResult;
use SP\Auth\AuthUtil;
use SP\Core\Exceptions\InvalidArgumentException;
use SP\Core\Exceptions\SPException;
use SP\Core\Session;
use SP\Core\SessionUtil;
use SP\DataModel\UserData;
use SP\Mgmt\Users\User;
use SP\Mgmt\Users\UserPass;
use SP\Util\Json;
/**
* Class ApiBase
*
* @package SP\Api
*/
abstract class ApiBase implements ApiInterface
{
/**
* El ID de la acción
*
* @var int
*/
protected $actionId = 0;
/**
* El ID de usuario resuelto
*
* @var int
*/
protected $userId = 0;
/**
* Indica si la autentificación es correcta
*
* @var bool
*/
protected $auth = false;
/**
* Los parámetros de la acción a ejecutar
*
* @var mixed
*/
protected $data;
/**
* @var string
*/
protected $mPass = '';
/**
* @var UserData
*/
protected $UserData;
/**
* @param $data
* @throws \SP\Core\Exceptions\SPException
*/
public function __construct($data)
{
$this->actionId = $this->getActionId($data->method);
if (!AuthUtil::checkAuthToken($this->actionId, $data->params->authToken)) {
throw new SPException(SPException::SP_CRITICAL, __('Acceso no permitido', false));
}
$this->data = $data;
$this->userId = ApiTokensUtil::getUserIdForToken($data->params->authToken);
$this->loadUserData();
if ($this->getParam('userPass') !== null) {
$this->doAuth();
}
Session::setSessionType(Session::SESSION_API);
}
/**
* Devolver el código de acción a realizar a partir del nombre
*
* @param $action string El nombre de la acción
* @return int
*/
protected function getActionId($action)
{
$actions = $this->getActions();
return isset($actions[$action]) ? $actions[$action]['id'] : 0;
}
/**
* Cargar los datos del usuario
*
* @return UserData
* @throws \SP\Core\Exceptions\InvalidClassException
* @throws \SP\Core\Exceptions\SPException
*/
protected function loadUserData()
{
$UserData = new UserData();
$UserData->setUserId($this->userId);
$UserData->setUserPass($this->getParam('userPass'));
$this->UserData = User::getItem($UserData)->getById($this->userId);
SessionUtil::loadUserSession($this->UserData);
}
/**
* Devolver el valor de un parámetro
*
* @param string $name Nombre del parámetro
* @param bool $required Si es requerido
* @param mixed $default Valor por defecto
* @return int|string
* @throws SPException
*/
protected function getParam($name, $required = false, $default = null)
{
if ($required === true && !isset($this->data->params->$name)) {
throw new InvalidArgumentException(SPException::SP_WARNING, __('Parámetros incorrectos', false), $this->getHelp($this->data->method));
}
if (isset($this->data->params->$name)) {
return $this->data->params->$name;
}
return $default;
}
/**
* Realizar la autentificación del usuario
*
* @throws SPException
* @throws \SP\Core\Exceptions\InvalidClassException
*/
protected function doAuth()
{
$Auth = new Auth($this->UserData);
$resAuth = $Auth->doAuth();
if ($resAuth !== false) {
/** @var AuthResult $AuthResult */
foreach ($resAuth as $AuthResult) {
$data = $AuthResult->getData();
if ($data->getAuthenticated() && $data->getStatusCode() === 0) {
break;
}
}
} else {
throw new SPException(SPException::SP_CRITICAL, __('Acceso no permitido', false));
}
$UserPass = UserPass::getItem($this->UserData);
if (!$this->UserData->isUserIsDisabled()
&& $UserPass->checkUserUpdateMPass()
&& $UserPass->loadUserMPass()
) {
$this->auth = true;
$this->mPass = $UserPass->getClearUserMPass();
} else {
throw new SPException(SPException::SP_CRITICAL, __('Acceso no permitido', false));
}
}
/**
* Comprobar el acceso a la acción
*
* @param $action
* @throws SPException
*/
protected function checkActionAccess($action)
{
if ($this->actionId !== $action) {
throw new SPException(SPException::SP_CRITICAL, __('Acceso no permitido', false));
}
}
/**
* Devuelve una respuesta en formato JSON con el estado y el mensaje.
*
* {"jsonrpc": "2.0", "result": 19, "id": 3}
*
* @param string $data Los datos a devolver
* @return string La cadena en formato JSON
* @throws SPException
*/
protected function wrapJSON(&$data)
{
$json = [
'jsonrpc' => '2.0',
'result' => $data,
'id' => $this->data->id
];
return Json::getJson($json);
}
/**
* Comprobar si se ha realizado la autentificación
*
* @throws SPException
*/
protected function checkAuth()
{
if ($this->auth === false) {
throw new SPException(SPException::SP_CRITICAL, __('Acceso no permitido', false));
}
}
}
Reference in New Issue View Git Blame Copy Permalink