mirror of
https://github.com/nuxsmin/sysPass.git
synced 2026-03-01 14:14:06 +01:00
187 lines
6.6 KiB
PHP
187 lines
6.6 KiB
PHP
<?php
|
|
/*
|
|
* sysPass
|
|
*
|
|
* @author nuxsmin
|
|
* @link https://syspass.org
|
|
* @copyright 2012-2024, Rubén Domínguez nuxsmin@$syspass.org
|
|
*
|
|
* This file is part of sysPass.
|
|
*
|
|
* sysPass is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* sysPass is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
namespace SP\Modules\Web\Controllers\Account;
|
|
|
|
use Defuse\Crypto\Exception\EnvironmentIsBrokenException;
|
|
use SP\Core\Application;
|
|
use SP\Core\Events\Event;
|
|
use SP\Core\Events\EventMessage;
|
|
use SP\Core\UI\ThemeIcons;
|
|
use SP\Domain\Account\Dtos\AccountViewDto;
|
|
use SP\Domain\Account\Ports\AccountService;
|
|
use SP\Domain\Account\Ports\PublicLinkService;
|
|
use SP\Domain\Common\Adapters\Serde;
|
|
use SP\Domain\Common\Attributes\Action;
|
|
use SP\Domain\Common\Dtos\ActionResponse;
|
|
use SP\Domain\Common\Enums\ResponseType;
|
|
use SP\Domain\Common\Models\Simple;
|
|
use SP\Domain\Core\Acl\AclActionsInterface;
|
|
use SP\Domain\Core\Crypt\VaultInterface;
|
|
use SP\Domain\Core\Exceptions\ConstraintException;
|
|
use SP\Domain\Core\Exceptions\CryptException;
|
|
use SP\Domain\Core\Exceptions\QueryException;
|
|
use SP\Domain\Core\Exceptions\SPException;
|
|
use SP\Domain\Http\Providers\Uri;
|
|
use SP\Domain\Image\Ports\ImageService;
|
|
use SP\Infrastructure\Common\Repositories\NoSuchItemException;
|
|
use SP\Modules\Web\Util\ErrorUtil;
|
|
use SP\Mvc\Controller\WebControllerHelper;
|
|
|
|
use function SP\__;
|
|
use function SP\__u;
|
|
|
|
/**
|
|
* Class ViewLinkController
|
|
*/
|
|
final class ViewLinkController extends AccountControllerBase
|
|
{
|
|
private readonly ThemeIcons $icons;
|
|
|
|
public function __construct(
|
|
Application $application,
|
|
WebControllerHelper $webControllerHelper,
|
|
private readonly AccountService $accountService,
|
|
private readonly PublicLinkService $publicLinkService,
|
|
private readonly ImageService $imageUtil
|
|
) {
|
|
parent::__construct($application, $webControllerHelper);
|
|
|
|
$this->icons = $this->theme->getIcons();
|
|
}
|
|
|
|
/**
|
|
* View public link action
|
|
*
|
|
* @param string $hash Link's hash
|
|
* @return ActionResponse
|
|
* @throws EnvironmentIsBrokenException
|
|
* @throws ConstraintException
|
|
* @throws CryptException
|
|
* @throws QueryException
|
|
* @throws SPException
|
|
* @throws NoSuchItemException
|
|
*/
|
|
#[Action(ResponseType::PLAIN_TEXT)]
|
|
public function viewLinkAction(string $hash): ActionResponse
|
|
{
|
|
$this->layoutHelper->getPublicLayout('account-link', 'account');
|
|
|
|
$publicLink = $this->publicLinkService->getByHash($hash);
|
|
|
|
if (time() < $publicLink->getDateExpire()
|
|
&& $publicLink->getCountViews() < $publicLink->getMaxCountViews()
|
|
) {
|
|
$this->publicLinkService->addLinkView($publicLink);
|
|
|
|
$this->accountService->incrementViewCounter($publicLink->getItemId());
|
|
$this->accountService->incrementDecryptCounter($publicLink->getItemId());
|
|
|
|
$vault = Serde::deserialize($publicLink->getData(), VaultInterface::class);
|
|
|
|
$accountViewDto = AccountViewDto::fromModel(
|
|
Serde::deserialize(
|
|
$vault->getData(
|
|
$this->publicLinkService->getPublicLinkKey($publicLink->getHash())->getKey()
|
|
),
|
|
Simple::class
|
|
)
|
|
);
|
|
|
|
$this->view->assign(
|
|
'title',
|
|
[
|
|
'class' => 'titleNormal',
|
|
'name' => __('Account Details'),
|
|
'icon' => $this->icons->view()->getIcon(),
|
|
]
|
|
);
|
|
|
|
$this->view->assign('isView', true);
|
|
$useImage = $this->configData->isPublinksImageEnabled()
|
|
|| $this->configData->isAccountPassToImage();
|
|
$this->view->assign('useImage', $useImage);
|
|
|
|
if ($useImage) {
|
|
$this->view->assign(
|
|
'accountPassImage',
|
|
$this->imageUtil->convertText($accountViewDto->pass)
|
|
);
|
|
} else {
|
|
$this->view->assign(
|
|
'copyPassRoute',
|
|
$this->acl->getRouteFor(AclActionsInterface::ACCOUNT_VIEW_PASS)
|
|
);
|
|
}
|
|
|
|
$this->view->assign('accountData', $accountViewDto);
|
|
|
|
$clientAddress = $this->configData->isDemoEnabled()
|
|
? '***'
|
|
: $this->request->getClientAddress(true);
|
|
|
|
$baseUrl = ($this->configData->getApplicationUrl() ?: $this->uriContext->getWebUri()) .
|
|
$this->uriContext->getSubUri();
|
|
|
|
$deepLink = new Uri($baseUrl);
|
|
$deepLink->addParam(
|
|
'r',
|
|
sprintf(
|
|
"%s/%s",
|
|
$this->acl->getRouteFor(AclActionsInterface::ACCOUNT_VIEW),
|
|
$accountViewDto->getId()
|
|
)
|
|
);
|
|
|
|
$this->eventDispatcher->notify(
|
|
'show.account.link',
|
|
new Event(
|
|
$this,
|
|
EventMessage::build(__u('Link viewed'))
|
|
->addDetail(__u('Account'), $accountViewDto->getName())
|
|
->addDetail(__u('Client'), $accountViewDto->getClientName())
|
|
->addDetail(__u('Agent'), $this->request->getHeader('User-Agent'))
|
|
->addDetail(__u('HTTPS'), $this->request->isHttps() ? __u('ON') : __u('OFF'))
|
|
->addDetail(__u('IP'), $clientAddress)
|
|
->addDetail(
|
|
__u('Link'),
|
|
$deepLink->getUriSigned($this->configData->getPasswordSalt())
|
|
)
|
|
->addExtra('userId', $publicLink->getUserId())
|
|
->addExtra('notify', $publicLink->isNotify())
|
|
)
|
|
);
|
|
} else {
|
|
ErrorUtil::showErrorInView(
|
|
$this->view,
|
|
ErrorUtil::ERR_PAGE_NO_PERMISSION,
|
|
true,
|
|
'account-link'
|
|
);
|
|
}
|
|
|
|
return ActionResponse::ok($this->render());
|
|
}
|
|
}
|