From e582d24d869edecb5d6eddd53d0b1316b558475b Mon Sep 17 00:00:00 2001
From: Uladzimir Tsykun <tsykun314@gmail.com>
Date: Thu, 14 Nov 2024 00:56:11 +0100
Subject: [PATCH] Allow to publish artifact package via API or composer push
 plugin

---
 config/packages/security.yaml              |  2 +-
 src/Controller/PackageController.php       |  1 -
 src/Controller/PushPackagesController.php  | 36 ++++++++++++++++++
 src/Form/Handler/PushPackageHandler.php    | 43 ++++++++++++++++++++++
 src/Form/Model/NexusPushRequestDto.php     | 38 +++++++++++++++++++
 src/Form/Model/PushRequestDtoInterface.php | 16 ++++++++
 src/Form/Type/Push/NexusPushType.php       | 33 +++++++++++++++++
 src/Model/PatUserScores.php                |  2 +-
 8 files changed, 168 insertions(+), 3 deletions(-)
 create mode 100644 src/Controller/PushPackagesController.php
 create mode 100644 src/Form/Handler/PushPackageHandler.php
 create mode 100644 src/Form/Model/NexusPushRequestDto.php
 create mode 100644 src/Form/Model/PushRequestDtoInterface.php
 create mode 100644 src/Form/Type/Push/NexusPushType.php

diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index fbe27795..096d7cdf 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -23,7 +23,7 @@ security:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
         packages:
-            pattern: (^(.+\.json$|/p/|/mirror/|/zipball/|/feeds/.+(\.rss|\.atom)|/packages/[A-Za-z0-9_.-]+/[A-Za-z0-9_.-]+?(\.json|/changelog)|/packages/list\.json|/downloads/|/api/))+
+            pattern: (^(.+\.json$|/p/|/mirror/|/zipball/|/feeds/.+(\.rss|\.atom)|/packages/[A-Za-z0-9_.-]+/[A-Za-z0-9_.-]+?(\.json|/changelog)|/packages/list\.json|/packages/upload/|/downloads/|/api/))+
             api_basic:
                 provider: all_users
             stateless: true
diff --git a/src/Controller/PackageController.php b/src/Controller/PackageController.php
index 7415eaf2..5bb6074b 100644
--- a/src/Controller/PackageController.php
+++ b/src/Controller/PackageController.php
@@ -281,7 +281,6 @@ public function viewVendorAction($vendor)
         ]);
     }
 
-
     #[Route('/providers/{name}/', name: 'view_providers', requirements: ['name' => '[A-Za-z0-9/_.-]+?'], defaults: ['_format' => 'html'], methods: ['GET'])]
     #[IsGranted('ROLE_MAINTAINER')]
     public function viewProvidersAction($name, \Redis $redis): Response
diff --git a/src/Controller/PushPackagesController.php b/src/Controller/PushPackagesController.php
new file mode 100644
index 00000000..424a0dea
--- /dev/null
+++ b/src/Controller/PushPackagesController.php
@@ -0,0 +1,36 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Packeton\Controller;
+
+use Packeton\Form\Handler\PushPackageHandler;
+use Packeton\Form\Type\Push\NexusPushType;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\Form\FormInterface;
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+use Symfony\Component\Security\Http\Attribute\IsGranted;
+
+#[Route(defaults: ['_format' => 'json'])]
+class PushPackagesController extends AbstractController
+{
+    #[Route('/packages/upload/{name}/{version}', name: 'package_push_nexus', requirements: ['name' => '%package_name_regex%'], methods: ['PUT', 'POST'])]
+    #[IsGranted('ROLE_MAINTAINER')]
+    public function pushNexusAction(PushPackageHandler $handler, Request $request, string $name, string $version): Response
+    {
+        $form = $this->createApiForm(NexusPushType::class, options: ['method' => $request->getMethod()]);
+
+        $handler($form, $request, $name, $version);
+
+        return new JsonResponse([], 201);
+    }
+
+    protected function createApiForm(string $type, mixed $data = null, array $options = []): FormInterface
+    {
+        $options['csrf_protection'] = false;
+        return $this->container->get('form.factory')->createNamed('', $type, $data, $options);
+    }
+}
diff --git a/src/Form/Handler/PushPackageHandler.php b/src/Form/Handler/PushPackageHandler.php
new file mode 100644
index 00000000..d7b2edf9
--- /dev/null
+++ b/src/Form/Handler/PushPackageHandler.php
@@ -0,0 +1,43 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Packeton\Form\Handler;
+
+use Doctrine\Persistence\ManagerRegistry;
+use Packeton\Entity\Package;
+use Packeton\Repository\PackageRepository;
+use Symfony\Component\Form\FormInterface;
+use Symfony\Component\HttpFoundation\Request;
+
+class PushPackageHandler
+{
+    public function __construct(
+        private readonly ManagerRegistry $registry
+    ) {
+    }
+
+    public function __invoke(FormInterface $form, Request $request, string $name, ?string $version = null): void
+    {
+        // todo fix PUT support
+        $form->handleRequest($request);
+        if (!$form->isSubmitted() || !$form->isValid()) {
+            throw new \RuntimeException('todo');
+        }
+
+        $dtoRequest = $form->getData();
+        $package = $this->getRepo()->getPackageByName($name);
+        if (null === $package) {
+
+        }
+    }
+
+    private function getRepo(): PackageRepository
+    {
+        return $this->registry->getRepository(Package::class);
+    }
+
+    private function createArtifactPackage(string $name): Package
+    {
+    }
+}
diff --git a/src/Form/Model/NexusPushRequestDto.php b/src/Form/Model/NexusPushRequestDto.php
new file mode 100644
index 00000000..c3c3df0a
--- /dev/null
+++ b/src/Form/Model/NexusPushRequestDto.php
@@ -0,0 +1,38 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Packeton\Form\Model;
+
+use Symfony\Component\HttpFoundation\File\File;
+use Symfony\Component\HttpFoundation\File\UploadedFile;
+use Symfony\Component\Validator\Constraints as Assert;
+
+class NexusPushRequestDto implements PushRequestDtoInterface
+{
+    public function __construct(
+        #[Assert\NotBlank]
+        public ?UploadedFile $package = null,
+        public ?string $srcType = null,
+        public ?string $srcUrl = null,
+        public ?string $srcRef = null,
+        public ?string $name = null,
+        public ?string $version = null,
+    ) {
+    }
+
+    public function getArtifact(): File
+    {
+        return $this->package;
+    }
+
+    public function getPackageName(): string
+    {
+        return $this->name;
+    }
+
+    public function getPackageVersion(): string
+    {
+        return $this->version;
+    }
+}
diff --git a/src/Form/Model/PushRequestDtoInterface.php b/src/Form/Model/PushRequestDtoInterface.php
new file mode 100644
index 00000000..662b66e5
--- /dev/null
+++ b/src/Form/Model/PushRequestDtoInterface.php
@@ -0,0 +1,16 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Packeton\Form\Model;
+
+use Symfony\Component\HttpFoundation\File\File;
+
+interface PushRequestDtoInterface
+{
+    public function getArtifact(): File;
+
+    public function getPackageName(): string;
+
+    public function getPackageVersion(): string;
+}
diff --git a/src/Form/Type/Push/NexusPushType.php b/src/Form/Type/Push/NexusPushType.php
new file mode 100644
index 00000000..8c5eec6c
--- /dev/null
+++ b/src/Form/Type/Push/NexusPushType.php
@@ -0,0 +1,33 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Packeton\Form\Type\Push;
+
+use Packeton\Form\Model\NexusPushRequestDto;
+use Symfony\Component\Form\AbstractType;
+use Symfony\Component\Form\Extension\Core\Type\FileType;
+use Symfony\Component\Form\Extension\Core\Type\TextType;
+use Symfony\Component\Form\FormBuilderInterface;
+use Symfony\Component\OptionsResolver\OptionsResolver;
+
+class NexusPushType extends AbstractType
+{
+    public function buildForm(FormBuilderInterface $builder, array $options): void
+    {
+        $builder
+            ->add('src-type', TextType::class, ['property_path' => 'srcType'])
+            ->add('src-url', TextType::class, ['property_path' => 'srcUrl'])
+            ->add('src-ref', TextType::class, ['property_path' => 'srcRef'])
+            ->add('package', FileType::class);
+    }
+
+    public function configureOptions(OptionsResolver $resolver): void
+    {
+        $resolver->setDefaults([
+            'csrf_protection' => false,
+            'allow_extra_fields' => true,
+            'data_class' => NexusPushRequestDto::class,
+        ]);
+    }
+}
diff --git a/src/Model/PatUserScores.php b/src/Model/PatUserScores.php
index e5b978d4..06897e53 100644
--- a/src/Model/PatUserScores.php
+++ b/src/Model/PatUserScores.php
@@ -18,7 +18,7 @@ class PatUserScores
         'webhooks' => ['generic_webhook_invoke', 'github_postreceive', 'bitbucket_postreceive', 'generic_postreceive', 'generic_named_postreceive'],
         'feeds' => ['feeds', 'feed_packages', 'feed_releases', 'feed_vendor', 'feed_package'],
         'packages:read' => ['api_packages_lists', 'api_packages_item', 'api_packages_changelog', 'api_packages_dependents', 'list', 'package_changelog'],
-        'packages:all' => ['@packages:read', 'api_edit_package', 'generic_create'],
+        'packages:all' => ['@packages:read', 'api_edit_package', 'generic_create', 'package_push_nexus'],
         'users' => ['api_users_lists', 'api_users_get', 'api_users_create', 'api_users_update', 'api_users_delete'],
         'groups' => ['api_groups_lists', 'api_groups_create', 'api_groups_item', 'api_groups_update', 'api_groups_delete'],
     ];