mirror of
https://github.com/nuxsmin/sysPass.git
synced 2026-03-03 15:14:08 +01:00
407a3f0694
* [ADD] Mail provider. Work in progress * [MOD] Updated copyright * [MOD] Improved tracking module
559 lines
18 KiB
PHP
559 lines
18 KiB
PHP
<?php
|
|
/**
|
|
* sysPass
|
|
*
|
|
* @author nuxsmin
|
|
* @link https://syspass.org
|
|
* @copyright 2012-2018, Rubén Domínguez nuxsmin@$syspass.org
|
|
*
|
|
* This file is part of sysPass.
|
|
*
|
|
* sysPass is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation, either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* sysPass is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with sysPass. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
namespace SP\Api;
|
|
|
|
defined('APP_ROOT') || die();
|
|
|
|
use SP\Account\Account;
|
|
use SP\Account\AccountAcl;
|
|
use SP\Account\AccountUtil;
|
|
use SP\Core\Acl\ActionsInterface;
|
|
use SP\Core\Backup;
|
|
use SP\Core\Crypt\Crypt;
|
|
use SP\Core\Exceptions\SPException;
|
|
use SP\DataModel\AccountExtData;
|
|
use SP\DataModel\CategoryData;
|
|
use SP\DataModel\ClientData;
|
|
use SP\DataModel\ItemSearchData;
|
|
use SP\Mgmt\Categories\Category;
|
|
use SP\Mgmt\Categories\CategorySearch;
|
|
use SP\Mgmt\Customers\Customer;
|
|
use SP\Mgmt\Customers\CustomerSearch;
|
|
use SP\Services\Account\AccountSearchService;
|
|
|
|
/**
|
|
* Class Api para la gestión de peticiones a la API de sysPass
|
|
*
|
|
* @package SP
|
|
*/
|
|
class SyspassApi extends ApiBase
|
|
{
|
|
/**
|
|
* Devolver la clave de una cuenta
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\QueryException
|
|
* @throws \SP\Core\Exceptions\ConstraintException
|
|
* @throws \Defuse\Crypto\Exception\CryptoException
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function getAccountPassword()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::ACCOUNT_VIEW_PASS);
|
|
|
|
$accountId = $this->getParam('id', true, 0);
|
|
|
|
$AccountData = new AccountExtData($accountId);
|
|
$Account = new Account($AccountData);
|
|
$Account->getData();
|
|
|
|
$AccountAcl = new AccountAcl(ActionsInterface::ACCOUNT_VIEW_PASS);
|
|
$Acl = $AccountAcl->getAcl();
|
|
|
|
if (!$Acl->isShowViewPass()) {
|
|
throw new SPException(__('Acceso no permitido', false), SPException::WARNING);
|
|
}
|
|
|
|
$Account->getAccountPassData();
|
|
$Account->incrementDecryptCounter();
|
|
|
|
$LogMessage = $this->Log->getLogMessage();
|
|
$LogMessage->setAction(__('Ver Clave', false));
|
|
$LogMessage->addDetails(__('ID', false), $accountId);
|
|
$LogMessage->addDetails(__('Cuenta', false), $AccountData->getClientName() . ' / ' . $AccountData->getName());
|
|
$LogMessage->addDetails(__('Origen', false), 'API');
|
|
$this->Log->writeLog();
|
|
|
|
$mPass = $this->getMPass();
|
|
$securedKey = Crypt::unlockSecuredKey($AccountData->getKey(), $mPass);
|
|
|
|
$ret = [
|
|
'itemId' => $accountId,
|
|
'pass' => Crypt::decrypt($AccountData->getPass(), $securedKey, $mPass)
|
|
];
|
|
|
|
if ($this->getParam('details', false, 0)) {
|
|
// Para evitar los caracteres especiales
|
|
$AccountData->setPass('');
|
|
$AccountData->setKey('');
|
|
|
|
$ret['details'] = $AccountData;
|
|
}
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Devolver los resultados de una búsqueda
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function getAccountSearch()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::ACCOUNT_SEARCH);
|
|
|
|
$Search = new AccountSearchService();
|
|
$Search->setTxtSearch($this->getParam('text'));
|
|
$Search->setLimitCount($this->getParam('count', false, 100));
|
|
$Search->setCategoryId($this->getParam('categoryId', false, 0));
|
|
$Search->setClientId($this->getParam('customerId', false, 0));
|
|
|
|
$ret = $Search->getAccounts();
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Devolver los detalles de una cuenta
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function getAccountData()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::ACCOUNT_VIEW);
|
|
|
|
$accountId = $this->getParam('id', true, 0);
|
|
|
|
$Account = new Account(new AccountExtData($accountId));
|
|
$ret = $Account->getData();
|
|
|
|
$AccountAcl = new AccountAcl(ActionsInterface::ACCOUNT_VIEW);
|
|
$Acl = $AccountAcl->getAcl();
|
|
|
|
if (!$Acl->isShowView()) {
|
|
throw new SPException(__('Acceso no permitido', false), SPException::WARNING);
|
|
}
|
|
|
|
$Account->incrementViewCounter();
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Añadir una nueva cuenta
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\QueryException
|
|
* @throws \SP\Core\Exceptions\ConstraintException
|
|
* @throws \Defuse\Crypto\Exception\EnvironmentIsBrokenException
|
|
* @throws \Defuse\Crypto\Exception\CryptoException
|
|
* @throws \Defuse\Crypto\Exception\BadFormatException
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function addAccount()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::ACCOUNT_CREATE);
|
|
|
|
$AccountData = new AccountExtData();
|
|
$AccountData->setUserId($this->UserData->getId());
|
|
$AccountData->setUserGroupId($this->UserData->getUserGroupId());
|
|
$AccountData->setName($this->getParam('name', true));
|
|
$AccountData->setPass($this->getParam('pass', true));
|
|
$AccountData->setClientId($this->getParam('customerId', true));
|
|
$AccountData->setCategoryId($this->getParam('categoryId', true));
|
|
$AccountData->setLogin($this->getParam('login', true));
|
|
$AccountData->setUrl($this->getParam('url'));
|
|
$AccountData->setNotes($this->getParam('notes'));
|
|
|
|
$Account = new Account($AccountData);
|
|
|
|
$Account->setPasswordEncrypted($this->getMPass());
|
|
$Account->createAccount(false);
|
|
|
|
$LogMessage = $this->Log->getLogMessage();
|
|
$LogMessage->setAction(__('Crear Cuenta', false));
|
|
$LogMessage->addDescription(__('Cuenta creada', false));
|
|
$LogMessage->addDetails(__('Nombre', false), $AccountData->getName());
|
|
$LogMessage->addDetails(__('Origen', false), 'API');
|
|
$this->Log->writeLog();
|
|
|
|
$ret = [
|
|
'itemId' => $AccountData->getId(),
|
|
'result' => $LogMessage->getDescription(true),
|
|
'resultCode' => 0
|
|
];
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Eliminar una cuenta
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\InvalidClassException
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function deleteAccount()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::ACCOUNT_DELETE);
|
|
|
|
$accountId = $this->getParam('id', true);
|
|
|
|
$AccountData = AccountUtil::getAccountNameById($accountId);
|
|
|
|
if ($AccountData === false) {
|
|
throw new SPException(__('Cuenta no encontrada', false), SPException::ERROR);
|
|
}
|
|
|
|
$Account = new Account();
|
|
$Account->deleteAccount($accountId);
|
|
|
|
$LogMessage = $this->Log->getLogMessage();
|
|
$LogMessage->setAction(__('Eliminar Cuenta', false));
|
|
$LogMessage->addDescription(__('Cuenta eliminada', false));
|
|
$LogMessage->addDetails(__('Nombre', false), $AccountData->account_name);
|
|
$LogMessage->addDetails(__('Origen', false), 'API');
|
|
$this->Log->writeLog();
|
|
|
|
$ret = [
|
|
'itemId' => $accountId,
|
|
'result' => $LogMessage->getDescription(true),
|
|
'resultCode' => 0
|
|
];
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Devuelve el listado de categorías
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\InvalidClassException
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function getCategories()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::CATEGORY);
|
|
|
|
$SearchData = new ItemSearchData();
|
|
$SearchData->setSeachString($this->getParam('name', false, ''));
|
|
$SearchData->setLimitCount($this->getParam('count', false, 100));
|
|
|
|
$ret = CategorySearch::getItem()->getMgmtSearch($SearchData);
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Añade una nueva categoría
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\InvalidClassException
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function addCategory()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::CATEGORY);
|
|
|
|
$CategoryData = new CategoryData();
|
|
$CategoryData->setName($this->getParam('name', true));
|
|
$CategoryData->setDescription($this->getParam('description'));
|
|
|
|
Category::getItem($CategoryData)->add();
|
|
|
|
$LogMessage = $this->Log->getLogMessage();
|
|
$LogMessage->setAction(__('Crear Categoría', false));
|
|
$LogMessage->addDescription(__('Categoría creada', false));
|
|
$LogMessage->addDetails(__('Nombre', false), $CategoryData->getName());
|
|
$LogMessage->addDetails(__('Origen', false), 'API');
|
|
$this->Log->writeLog();
|
|
|
|
$ret = [
|
|
'itemId' => $CategoryData->getId(),
|
|
'result' => $LogMessage->getDescription(true),
|
|
'resultCode' => 0
|
|
];
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Elimina una categoría
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function deleteCategory()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::CATEGORY);
|
|
|
|
$id = $this->getParam('id', true);
|
|
|
|
$CategoryData = Category::getItem()->getById($id);
|
|
|
|
if (!is_object($CategoryData)) {
|
|
throw new SPException(__('Categoría no encontrada', false), SPException::ERROR);
|
|
}
|
|
|
|
Category::getItem()->delete($id);
|
|
|
|
$LogMessage = $this->Log->getLogMessage();
|
|
$LogMessage->setAction(__('Eliminar Categoría', false));
|
|
$LogMessage->addDescription(__('Categoría eliminada', false));
|
|
$LogMessage->addDetails(__('Nombre', false), $CategoryData->getName());
|
|
$LogMessage->addDetails(__('Origen', false), 'API');
|
|
$this->Log->writeLog();
|
|
|
|
$ret = [
|
|
'itemId' => $id,
|
|
'result' => $LogMessage->getDescription(true),
|
|
'resultCode' => 0
|
|
];
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Devuelve el listado de clientes
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\InvalidClassException
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function getCustomers()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::CLIENT);
|
|
|
|
$SearchData = new ItemSearchData();
|
|
$SearchData->setSeachString($this->getParam('name', false, ''));
|
|
$SearchData->setLimitCount($this->getParam('count', false, 100));
|
|
|
|
$ret = CustomerSearch::getItem()->getMgmtSearch($SearchData);
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Añade un nuevo cliente
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\InvalidClassException
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function addCustomer()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::CLIENT);
|
|
|
|
$CustomerData = new ClientData();
|
|
$CustomerData->setName($this->getParam('name', true));
|
|
$CustomerData->setDescription($this->getParam('description'));
|
|
|
|
Customer::getItem($CustomerData)->add();
|
|
|
|
$LogMessage = $this->Log->getLogMessage();
|
|
$LogMessage->setAction(__('Crear Cliente', false));
|
|
$LogMessage->addDescription(__('Cliente creado', false));
|
|
$LogMessage->addDetails(__('Nombre', false), $CustomerData->getName());
|
|
$LogMessage->addDetails(__('Origen', false), 'API');
|
|
$this->Log->writeLog();
|
|
|
|
$ret = [
|
|
'itemId' => $CustomerData->getId(),
|
|
'result' => $LogMessage->getDescription(true),
|
|
'resultCode' => 0
|
|
];
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Elimina un cñiente
|
|
*
|
|
* @return string La cadena en formato JSON
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
*/
|
|
public function deleteCustomer()
|
|
{
|
|
$this->checkActionAccess(ActionsInterface::CLIENT);
|
|
|
|
$id = $this->getParam('id', true);
|
|
|
|
$CustomerData = Customer::getItem()->getById($id);
|
|
|
|
if (!is_object($CustomerData)) {
|
|
throw new SPException(__('Cliente no encontrado', false), SPException::ERROR);
|
|
}
|
|
|
|
Customer::getItem()->delete($id);
|
|
|
|
$LogMessage = $this->Log->getLogMessage();
|
|
$LogMessage->setAction(__('Eliminar Cliente', false));
|
|
$LogMessage->addDescription(__('Cliente eliminado', false));
|
|
$LogMessage->addDetails(__('Nombre', false), $CustomerData->getName());
|
|
$LogMessage->addDetails(__('Origen', false), 'API');
|
|
$this->Log->writeLog();
|
|
|
|
$ret = [
|
|
'itemId' => $id,
|
|
'result' => $LogMessage->getDescription(true),
|
|
'resultCode' => 0
|
|
];
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Realizar un backup de sysPass
|
|
*
|
|
* @throws \SP\Core\Exceptions\SPException
|
|
* @throws \phpmailer\phpmailerException
|
|
*/
|
|
public function backup()
|
|
{
|
|
$ret = [
|
|
'result' => __('Proceso de backup finalizado'),
|
|
'resultCode' => 0
|
|
];
|
|
|
|
if (!Backup::doBackup()) {
|
|
$ret = [
|
|
'result' => __('Error al realizar el backup'),
|
|
'hint' => __('Revise el registro de eventos para más detalles'),
|
|
'resultCode' => 1
|
|
];
|
|
}
|
|
|
|
return $this->wrapJSON($ret);
|
|
}
|
|
|
|
/**
|
|
* Devuelve la ayuda para una acción
|
|
*
|
|
* @param string $action
|
|
* @return array
|
|
*/
|
|
public function getHelp($action)
|
|
{
|
|
return $this->getActions()[$action]['help'];
|
|
}
|
|
|
|
/**
|
|
* Devuelve las acciones que implementa la API
|
|
*
|
|
* @return array
|
|
*/
|
|
public function getActions()
|
|
{
|
|
return [
|
|
'getAccountPassword' => [
|
|
'id' => ActionsInterface::ACCOUNT_VIEW_PASS,
|
|
'help' => [
|
|
'id' => __('Id de la cuenta'),
|
|
'tokenPass' => __('Clave del token'),
|
|
'details' => __('Devolver detalles en la respuesta')
|
|
]
|
|
],
|
|
'getAccountSearch' => [
|
|
'id' => ActionsInterface::ACCOUNT_SEARCH,
|
|
'help' => [
|
|
'text' => __('Texto a buscar'),
|
|
'count' => __('Número de resultados a mostrar'),
|
|
'categoryId' => __('Id de categoría a filtrar'),
|
|
'customerId' => __('Id de cliente a filtrar')
|
|
]
|
|
],
|
|
'getAccountData' => [
|
|
'id' => ActionsInterface::ACCOUNT_VIEW,
|
|
'help' => [
|
|
'id' => __('Id de la cuenta')
|
|
]
|
|
],
|
|
'deleteAccount' => [
|
|
'id' => ActionsInterface::ACCOUNT_DELETE,
|
|
'help' => [
|
|
'id' => __('Id de la cuenta')
|
|
]
|
|
],
|
|
'addAccount' => [
|
|
'id' => ActionsInterface::ACCOUNT_CREATE,
|
|
'help' => [
|
|
'tokenPass' => __('Clave del token'),
|
|
'name' => __('Nombre de cuenta'),
|
|
'categoryId' => __('Id de categoría'),
|
|
'customerId' => __('Id de cliente'),
|
|
'pass' => __('Clave'),
|
|
'login' => __('Usuario de acceso'),
|
|
'url' => __('URL o IP de acceso'),
|
|
'notes' => __('Notas sobre la cuenta')
|
|
]
|
|
],
|
|
'backup' => [
|
|
'id' => ActionsInterface::BACKUP_CONFIG,
|
|
'help' => ''
|
|
],
|
|
'getCategories' => [
|
|
'id' => ActionsInterface::CATEGORY,
|
|
'help' => [
|
|
'name' => __('Nombre de categoría a buscar'),
|
|
'count' => __('Número de resultados a mostrar')
|
|
]
|
|
],
|
|
'addCategory' => [
|
|
'id' => ActionsInterface::CATEGORY,
|
|
'help' => [
|
|
'name' => __('Nombre de la categoría'),
|
|
'description' => __('Descripción de la categoría')
|
|
]
|
|
],
|
|
'deleteCategory' => [
|
|
'id' => ActionsInterface::CATEGORY,
|
|
'help' => [
|
|
'id' => __('Id de categoría')
|
|
]
|
|
],
|
|
'getCustomers' => [
|
|
'id' => ActionsInterface::CLIENT,
|
|
'help' => [
|
|
'name' => __('Nombre de cliente a buscar'),
|
|
'count' => __('Número de resultados a mostrar')
|
|
]
|
|
],
|
|
'addCustomer' => [
|
|
'id' => ActionsInterface::CLIENT,
|
|
'help' => [
|
|
'name' => __('Nombre del cliente'),
|
|
'description' => __('Descripción del cliente')
|
|
]
|
|
],
|
|
'deleteCustomer' => [
|
|
'id' => ActionsInterface::CLIENT,
|
|
'help' => [
|
|
'id' => __('Id de cliente')
|
|
]
|
|
]
|
|
];
|
|
}
|
|
|
|
/**
|
|
* @return bool
|
|
*/
|
|
protected function passIsNeeded()
|
|
{
|
|
return $this->actionId === ActionsInterface::ACCOUNT_VIEW_PASS
|
|
|| $this->actionId === ActionsInterface::ACCOUNT_CREATE;
|
|
}
|
|
} |