Skip to content

Commit

Permalink
[GT-184] Update code to tackle the next objective
Browse files Browse the repository at this point in the history
  • Loading branch information
@Sae126V
Sae126V committed Aug 18, 2023
1 parent 6f26459 commit 4c6e237
Show file tree
Hide file tree
Showing 11 changed files with 368 additions and 157 deletions.
22 changes: 16 additions & 6 deletions htdocs/web_portal/controllers/site/edit_api_auth.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,8 +55,13 @@ function initialize()
*/
checkPortalIsNotReadOnlyOrUserIsAdmin($user);

if (!isset($_REQUEST['authentityid']) || !is_numeric($_REQUEST['authentityid'])) {
throw new Exception("A authentication entity id must be specified in the url");
if (
!isset($_REQUEST['authentityid']) ||
!is_numeric($_REQUEST['authentityid'])
) {
throw new Exception(
"An authentication entity ID must be specified in the URL."
);
}

$serv = \Factory::getSiteService();
Expand All @@ -66,7 +71,8 @@ function initialize()
// Validate the user has permission to edit properties
if (!$serv->userCanEditSite($user, $site)) {
throw new \Exception(
"Permission denied: a site role is required to edit authentication entities at " .
"Permission denied: A site role is required " .
"to edit authentication entities at " .
$site->getShortName()
);
}
Expand All @@ -88,7 +94,9 @@ function draw(
\Site $site = null
) {
if (is_null($user)) {
throw new Exception("Unregistered users can't edit authentication credentials");
throw new Exception(
"Unregistered users can't edit authentication credentials."
);
}

$params = array();
Expand All @@ -102,13 +110,15 @@ function draw(
if ($_REQUEST['isRenewalRequest']) {
$params['isRenewalRequest'] = true;
}

show_view("site/edit_api_auth.php", $params);
die();
}

/**
* If this receives a POST request, it can be either to edit an API authentication entity
* or to update the `$lastRenewTime` in `APIAuthentication`.
* If this receives a POST request,
* it can be either to edit an API authentication entity or
* to update the `$lastRenewTime` in `APIAuthentication`.
*
* @param \User $user
* @param \APIAuthentication $authEntity
Expand Down
1 change: 0 additions & 1 deletion htdocs/web_portal/img/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,4 +23,3 @@
|trash.png|[Link](http://www.softicons.com/business-icons/ecommerce-and-business-icons-by-designcontest.com/trash-icon)|CC Attribution 3.0 Unported|DesignContest.com|
|user.png|[Link](http://www.iconarchive.com/show/ravenna-3d-icons-by-double-j-design/Users-icon.html)|CC Attribution 4.0|Double-J Design|
|virtualsite.png|[Link](http://www.softicons.com/android-icons/mobile-icon-set-by-webiconset.com/maps-icon)|Free Use of icon| WebIconSet.com|
|refresh_key.png|[Link](https://www.softicons.com/toolbar-icons/free-mobile-icon-kit-by-happy-icon-studio/refresh-key-silver-icon)|Free Use of icon| WebIconSet.com|
Binary file removed htdocs/web_portal/img/refresh_key.png
View file
Binary file not shown.
41 changes: 29 additions & 12 deletions htdocs/web_portal/views/site/edit_api_auth.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,9 @@
if ($entUser->getId() != $user->getId()) {
echo('<div class="input_warning">');
if ($params['isRenewalRequest']) {
echo("WARNING: Renewing this will change the linked user from '");
echo(
"WARNING: Renewing this will change the linked user from '"
);
} else {
echo("WARNING: Editing will change the linked user from '");
}
Expand Down Expand Up @@ -79,8 +81,11 @@ class="input_input_text"
<?php if (!($params['isRenewalRequest'])) {?>
<div style="margin-bottom: 1em">
<div class="input_warning">
WARNING: It is possible to delete information using the write functionality of the API.
Leave Allow API write unchecked if you do not need to write data.
<p>
WARNING: It is possible to delete information using
the write functionality of the API. Leave Allow API write
unchecked if you do not need to write data.
</p>
</div>

<div class="input_checkbox">
Expand All @@ -94,14 +99,26 @@ class="input_input_text"
</div>
<?php } ?>

<?php if ($params['isRenewalRequest']) {
echo '<br><p> Are you sure you want to continue? </P>';
echo '<input class="input_input_hidden" type="hidden" name="isRenewalRequest" value=true />';
} ?>
<input
type="submit"
value="<?php echo $params['isRenewalRequest'] ? 'Renew credential' : 'Edit credential'; ?>"
class="input_button"
>
<br><p> Are you sure you want to continue? </P>

<div>
<?php if ($params['isRenewalRequest']) { ?>
<input
class="input_input_hidden"
type="hidden"
name="isRenewalRequest"
value=true />
<?php } ?>
<input
type="submit"
class="input_button"
value="<?php
if ($params['isRenewalRequest']) {
echo 'Renew credential';
} else {
echo 'Edit credential';
} ?>"
>
</div>
</form>
</div>
2 changes: 1 addition & 1 deletion htdocs/web_portal/views/site/edited_api_auth.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<h1 class="Success">Success</h1><br />
The API authenication credential has now been
<?php if ($params['isRenewalRequest']) {
echo 'renewed for';
echo 'renewed,';
} else {
echo 'updated. Type: ';
xecho($params['apiAuthenticationEntity']->getType());
Expand Down
43 changes: 22 additions & 21 deletions htdocs/web_portal/views/site/view_site.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -607,9 +607,12 @@ class="header"
<th>Type</th>
<th>Identifier</th>
<th>User</th>
<th style="text-align:center;white-space: nowrap">Last Renewed</th>
<th style="text-align:center;white-space: nowrap">
<p>Last Renewed<p>
</th>
<th style="text-align:center;white-space: nowrap">Last Used</th>
<th style="text-align:center">Write</th>
<th style="text-align:center;">Renew</th>
<th style="text-align:center;">Edit</th>
<th style="text-align:center">Delete</th>
</tr>
Expand Down Expand Up @@ -653,28 +656,13 @@ class="header"
<td style="text-align:center">
<?php
$useTime = $APIAuthEnt->getLastRenewTime();
$titleStr = 'Last renewed ' . $useTime->format('d-m-Y H:iTP');
$titleStr = 'Last renewed ' .
$useTime->format('d-m-Y H:iTP');

echo '<div title="' . $titleStr . '">';
?>
<?php if (!$portalIsReadOnly) :?>
<form action="index.php?Page_Type=Edit_API_Authentication_Entity&amp;
authentityid=<?php echo $APIAuthEnt->getId();?>&amp;
isRenewalRequest=true"
method="post">
<button type="submit">
<?php
echo '<img height="18px" src="'
. \GocContextPath::getPath()
. 'img/refresh_key.png"';
echo 'title="Renew the API credentials"' . '/>';
?>
</button>
<?php
echo $useTime->format('d-m-y');
echo '</div>';
?>
</form>
<?php endif;?>
echo '</div>';
?>
</td>
<td style="text-align:center">
<?php
Expand All @@ -699,6 +687,19 @@ class="header"
} ?>
/>
</td>
<td style="width: 8%; text-align: center;">
<?php if (!$portalIsReadOnly) :?>
<form
action="index.php
?Page_Type=Edit_API_Authentication_Entity&amp;
authentityid=<?= $APIAuthEnt->getId();?>&amp;
isRenewalRequest=true"
method="post"
>
<button type="submit">Renew</button>
</form>
<?php endif;?>
</td>
<td style="width: 8%;"align = "center">
<?php if (!$portalIsReadOnly) :?>
<form action="index.php?Page_Type=Edit_API_Authentication_Entity&amp;
Expand Down
77 changes: 58 additions & 19 deletions lib/Gocdb_Services/APIAuthenticationService.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,21 +152,34 @@ public function deleteAPIAuthentication(\APIAuthentication $authEntity)
*
* @param \APIAuthentication Entity to update
* @param \User Owning user
* @param mixed $newValues Holds the new data for updating the `APIAuthentication` entity.
* @param mixed $newValues Holds the new data for updating the
* `APIAuthentication` entity.
*
* @throws \Exception on error with commit rolled back
*/
public function editAPIAuthentication(\APIAuthentication $authEntity, \User $user, $newValues)
{
public function editAPIAuthentication(
\APIAuthentication $authEntity,
\User $user,
$newValues
) {
$isRenewalRequest = $newValues['isRenewalRequest'] || false;

try {
$this->em->getConnection()->beginTransaction();

if ($isRenewalRequest) {
$this->handleRenewalRequest($authEntity, $user, $isRenewalRequest);
$this->handleRenewalRequest(
$authEntity,
$user,
$isRenewalRequest
);
} else {
$this->handleEditRequest($authEntity, $user, $newValues, $isRenewalRequest);
$this->handleEditRequest(
$authEntity,
$user,
$newValues,
$isRenewalRequest
);
}

$this->em->getConnection()->commit();
Expand Down Expand Up @@ -254,7 +267,10 @@ private function validate($data, $identifier, $type)
throw new \Exception("Invalid X.509 DN");
}

//If the entity is of type OIDC subject, do a more thorough check again
/**
* If the entity is of type OIDC subject,
* do a more thorough check again.
*/
if (
$type == 'OIDC Subject' &&
!preg_match(
Expand All @@ -271,10 +287,14 @@ private function validate($data, $identifier, $type)
*
* @param \APIAuthentication $authEntity Entity to update.
* @param \User $user Owning user.
* @param bool $isRenewalRequest A boolean indicating if it's a renewal request.
* @param bool $isRenewalRequest A boolean indicating
* if it's a renewal request.
*/
private function handleRenewalRequest(\APIAuthentication $authEntity, \User $user, $isRenewalRequest)
{
private function handleRenewalRequest(
\APIAuthentication $authEntity,
\User $user,
$isRenewalRequest
) {
$this->updateLastRenewTime($authEntity, $user, $isRenewalRequest);

$user->addAPIAuthenticationEntitiesDoJoin($authEntity);
Expand All @@ -289,8 +309,10 @@ private function handleRenewalRequest(\APIAuthentication $authEntity, \User $use
*
* @param \APIAuthentication $authEntity Entity to update.
* @param \User $user Owning user.
* @param array $newValues An array containing data for updating the APIAuthentication entity.
* @param bool $isRenewalRequest A boolean indicating if it's a renewal request.
* @param array $newValues An array containing data for
* updating the APIAuthentication entity.
* @param bool $isRenewalRequest A boolean indicating
* if it's a renewal request.
*
* @throws \Exception Throws an exception if the identifier is empty.
*/
Expand All @@ -306,13 +328,20 @@ private function handleEditRequest(

// Check that an identifier has been provided
if (empty($identifier)) {
throw new \Exception("A value must be provided for the identifier");
throw new \Exception(
"A value must be provided for the identifier"
);
}

$this->validate($newValues, $identifier, $type);

$this->updateLastRenewTime($authEntity, $user, $isRenewalRequest);
$this->updateAuthenticationEntity($authEntity, $identifier, $type, $allowWrite);
$this->updateAuthenticationEntity(
$authEntity,
$identifier,
$type,
$allowWrite
);
$user->addAPIAuthenticationEntitiesDoJoin($authEntity);

$this->em->persist($authEntity);
Expand All @@ -321,19 +350,27 @@ private function handleEditRequest(
}

/**
* Validates whether to update the `LastRenewTime` of the APIAuthentication entity or NOT.
* Validates whether to update the `LastRenewTime`
* of the APIAuthentication entity or NOT.
*
* @param \APIAuthentication $authEntity Entity to update.
* @param \User $user Owning user.
* @param bool $isRenewalRequest A boolean indicating if it's a renewal request.
* @param bool $isRenewalRequest A boolean indicating
* if it's a renewal request.
*/
private function updateLastRenewTime(
\APIAuthentication $authEntity,
\User $user,
$isRenewalRequest
) {
// This would probably be the place hook for any future policy acceptance tracking
if (($user->getId() != $authEntity->getUser()) || $isRenewalRequest) {
/**
* This would probably be the place hook for any
* future policy acceptance tracking.
*/
if (
($user->getId() != $authEntity->getUser()) ||
$isRenewalRequest
) {
$authEntity->setLastRenewTime();
}
}
Expand All @@ -342,9 +379,11 @@ private function updateLastRenewTime(
* Helper to update the APIAuthentication entity with edited values.
*
* @param \APIAuthentication $authEntity Entity to update.
* @param string $identifier Unique identifier for the API authentication entity.
* @param string $identifier Unique identifier for the
* API authentication entity.
* @param string $type Type for the API authentication entity.
* @param bool $allowWrite Helps to identify write functionality of the API is enabled or NOT.
* @param bool $allowWrite Helps to identify write functionality
* of the API is enabled or NOT.
*/
private function updateAuthenticationEntity(
\APIAuthentication $authEntity,
Expand Down
Loading

0 comments on commit 4c6e237

Please sign in to comment.