-
Notifications
You must be signed in to change notification settings - Fork 506
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2597 from ushahidi/master-update-to-develop-20810212
Master update to develop 20180212
- Loading branch information
Showing
55 changed files
with
1,164 additions
and
179 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,3 +3,4 @@ DB_HOST=mysql | |
DB_NAME=ushahidi | ||
DB_PASS=ushahidi | ||
DB_USER=ushahidi | ||
MEDIA_MAX_UPLOAD=1048576 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,3 +3,4 @@ DB_HOST=127.0.0.1 | |
DB_NAME=ushahidi | ||
DB_PASS= | ||
DB_USER=travis | ||
MEDIA_MAX_UPLOAD=1048576 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
<?php defined('SYSPATH') OR die('No direct access allowed.'); | ||
|
||
/** | ||
* Ushahidi API Keys Controller | ||
* | ||
* @author Ushahidi Team <team@ushahidi.com> | ||
* @package Ushahidi\Application\Controllers | ||
* @copyright 2013 Ushahidi | ||
* @license https://www.gnu.org/licenses/agpl-3.0.html GNU Affero General Public License Version 3 (AGPL3) | ||
*/ | ||
|
||
class Controller_Api_ApiKeys extends Ushahidi_Rest { | ||
|
||
protected function _scope() | ||
{ | ||
return 'apikeys'; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
<?php defined('SYSPATH') OR die('No direct access allowed.'); | ||
|
||
/** | ||
* Ushahidi API External Webhook Posts Controller | ||
* | ||
* @author Ushahidi Team <team@ushahidi.com> | ||
* @package Ushahidi\Application\Controllers | ||
* @copyright 2013 Ushahidi | ||
* @license https://www.gnu.org/licenses/agpl-3.0.html GNU Affero General Public License Version 3 (AGPL3) | ||
*/ | ||
|
||
use Ushahidi\Core\Tool\Signer; | ||
|
||
class Controller_Api_Webhooks_Posts extends Controller_Api_Posts { | ||
|
||
protected function _is_auth_required() | ||
{ | ||
return false; | ||
} | ||
|
||
public function checkApiKey($data) | ||
{ | ||
|
||
if (isset($data['api_key'])) { | ||
// Get api key and compare | ||
return service('repository.apikey')->apiKeyExists($data['api_key']); | ||
} | ||
|
||
return false; | ||
} | ||
|
||
public function checkSignature($data) | ||
{ | ||
$signature = $this->request->headers('X-Ushahidi-Signature'); | ||
|
||
if (isset($data['webhook_uuid']) && $signature) { | ||
|
||
// Get webhook and validate signature | ||
$webhook = service('repository.webhook')->getByUUID($data['webhook_uuid']); | ||
$signer = new Signer($webhook->shared_secret); | ||
$fullURL = URL::site(Request::detect_uri(), TRUE) . URL::query(); | ||
|
||
return $signer->validate($signature, $fullURL, $data); | ||
} | ||
return false; | ||
} | ||
|
||
public function before() | ||
{ | ||
parent::before(); | ||
|
||
$post = $this->_request_payload; | ||
|
||
if (!$this->checkApiKey($post) || !$this->checkSignature($post)) | ||
{ | ||
throw HTTP_Exception::factory(403, 'Forbidden'); | ||
} | ||
} | ||
|
||
public function action_put_index() | ||
{ | ||
$this->_usecase = service('factory.usecase') | ||
->get($this->_resource(), 'webhook-update') | ||
->setIdentifiers($this->_identifiers()) | ||
->setPayload($this->_payload()); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
<?php defined('SYSPATH') OR die('No direct access allowed.'); | ||
|
||
/** | ||
* Ushahidi API Formatter for Api Keys | ||
* | ||
* @author Ushahidi Team <team@ushahidi.com> | ||
* @package Ushahidi\Application | ||
* @copyright 2014 Ushahidi | ||
* @license https://www.gnu.org/licenses/agpl-3.0.html GNU Affero General Public License Version 3 (AGPL3) | ||
*/ | ||
|
||
use Ushahidi\Core\Traits\FormatterAuthorizerMetadata; | ||
|
||
class Ushahidi_Formatter_Apikey extends Ushahidi_Formatter_API | ||
{ | ||
use FormatterAuthorizerMetadata; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
<?php defined('SYSPATH') OR die('No direct access allowed.'); | ||
|
||
/** | ||
* Ushahidi ApiKey Repository | ||
* | ||
* @author Ushahidi Team <team@ushahidi.com> | ||
* @package Ushahidi\Application | ||
* @copyright 2014 Ushahidi | ||
* @license https://www.gnu.org/licenses/agpl-3.0.html GNU Affero General Public License Version 3 (AGPL3) | ||
*/ | ||
|
||
use Ushahidi\Core\Entity; | ||
use Ushahidi\Core\SearchData; | ||
use Ushahidi\Core\Entity\ApiKey; | ||
use Ushahidi\Core\Entity\ApiKeyRepository; | ||
use Ushahidi\Core\Traits\AdminAccess; | ||
|
||
use Ramsey\Uuid\Uuid; | ||
use Ramsey\Uuid\Exception\UnsatisfiedDependencyException; | ||
|
||
class Ushahidi_Repository_ApiKey extends Ushahidi_Repository implements ApiKeyRepository | ||
{ | ||
use AdminAccess; | ||
|
||
protected function getTable() | ||
{ | ||
return 'apikeys'; | ||
} | ||
|
||
public function getEntity(Array $data = null) | ||
{ | ||
return new ApiKey($data); | ||
} | ||
|
||
// Ushahidi_Repository | ||
public function setSearchConditions(SearchData $search) | ||
{ | ||
$query = $this->search_query; | ||
|
||
return $query; | ||
} | ||
|
||
// CreateRepository | ||
public function create(Entity $entity) | ||
{ | ||
|
||
$record = $entity->asArray(); | ||
try { | ||
$uuid = Uuid::uuid4(); | ||
$record['api_key'] = $uuid->toString(); | ||
} catch (UnsatisfiedDependencyException $e) { | ||
Kohana::$log->add(Log::ERROR, $e->getMessage()); | ||
} | ||
|
||
$state = [ | ||
'created' => time(), | ||
]; | ||
|
||
return $this->executeInsert($this->removeNullValues($record)); | ||
} | ||
|
||
// UpdateRepository | ||
public function update(Entity $entity) | ||
{ | ||
|
||
$record = $entity->asArray(); | ||
$record['updated'] = time(); | ||
try { | ||
$uuid = Uuid::uuid4(); | ||
$record['api_key'] = $uuid->toString(); | ||
} catch (UnsatisfiedDependencyException $e) { | ||
Kohana::$log->add(Log::ERROR, $e->getMessage()); | ||
} | ||
|
||
return $this->executeUpdate(['id' => $entity->id], $record); | ||
} | ||
|
||
public function apiKeyExists($api_key) | ||
{ | ||
return (bool) $this->selectCount(compact('api_key')); | ||
} | ||
|
||
public function getSearchFields() | ||
{ | ||
return [ | ||
]; | ||
} | ||
} |
Oops, something went wrong.