openinfra/openstackid-resources
Code Issues Proposed changes

Updated Resource Server Context to retrive User

Browse Source 
by external user

this is a change required after this update

https://review.opendev.org/#/c/661661/

Change-Id: I13283c0a491ffb924d67bdeac84b5adcf3afe45c
This commit is contained in:
smarcet 2019-07-28 17:24:04 -03:00
parent 7f3884a95d
commit f1b4ce63ff
50 changed files with 623 additions and 614 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/Factories/CalendarAdminActionSyncWorkRequest/AdminSummitLocationActionSyncWorkRequestFactory.php
View File

@ -29,21 +29,17 @@ final class AdminSummitLocationActionSyncWorkRequestFactory
* @return AdminSummitLocationActionSyncWorkRequest
*/
public static function build(LocationAction $event, $type){
$resource_server_context = App::make(IResourceServerContext::class);
$member_repository = App::make(IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$request = new AdminSummitLocationActionSyncWorkRequest;
$resource_server_context = App::make(IResourceServerContext::class);
$current_member = $resource_server_context->getCurrentUser();
$request = new AdminSummitLocationActionSyncWorkRequest;
$request->setLocationId($event->getLocationId());
$request->setType($type);
if($owner_id > 0){
$member = $member_repository->getById($owner_id);
$request->setCreatedBy($member);
if(!is_null($current_member)){
$request->setCreatedBy($current_member);
}
return $request;

14
app/Factories/CalendarAdminActionSyncWorkRequest/SummitEventDeletedCalendarSyncWorkRequestFactory.php
View File

@ -33,22 +33,16 @@ final class SummitEventDeletedCalendarSyncWorkRequestFactory
$args = $event->getArgs();
$params = $args->getParams();
$resource_server_context = App::make(IResourceServerContext::class);
$member_repository = App::make(IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if($owner_id > 0){
$member = $member_repository->getById($owner_id);
}
$request = null;
$current_member = $resource_server_context->getCurrentUser();
$request = null;
if(isset($params['published']) && $params['published']){
// just record the published state at the moment of the update
$request = new AdminSummitEventActionSyncWorkRequest();
$request->setSummitEventId ($params['id']);
$request->setType(AbstractCalendarSyncWorkRequest::TypeRemove);
if($owner_id > 0){
$request->setCreatedBy($member);
if(!is_null($current_member)){
$request->setCreatedBy($current_member);
}
}
return $request;
}

10
app/Factories/CalendarAdminActionSyncWorkRequest/SummitEventUpdatedCalendarSyncWorkRequestFactory.php
View File

@ -27,20 +27,16 @@ final class SummitEventUpdatedCalendarSyncWorkRequestFactory
*/
public static function build(SummitEventUpdated $event){
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$args = $event->getArgs();
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$current_member = $resource_server_context->getCurrentUser();
// sync request from admin
$request = new AdminSummitEventActionSyncWorkRequest();
$request->setSummitEvent($event->getSummitEvent()) ;
$request->setType(AbstractCalendarSyncWorkRequest::TypeUpdate);
if($owner_id > 0){
$member = $member_repository->getById($owner_id);
$request->setCreatedBy($member);
if(!is_null($current_member)){
$request->setCreatedBy($current_member);
}
if($args->hasChangedField('published')){
$pub_old = intval($args->getOldValue('published'));
$pub_new = intval($args->getNewValue('published'));

10
app/Factories/EntityEvents/FloorActionEntityEventFactory.php
View File

@ -32,21 +32,17 @@ final class FloorActionEntityEventFactory
public static function build(FloorAction $event, $type = 'UPDATE')
{
$resource_server_context = App::make(IResourceServerContext::class);
$member_repository = App::make(IMemberRepository::class);
$summit_repository = App::make(ISummitRepository::class);
$summit = $summit_repository->getById($event->getSummitId());
$owner_id = $resource_server_context->getCurrentUserExternalId();
if (is_null($owner_id)) $owner_id = 0;
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent;
$entity_event->setEntityClassName('SummitVenueFloor');
$entity_event->setEntityId($event->getFloorId());
$entity_event->setType($type);
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($summit);

10
app/Factories/EntityEvents/LocationActionEntityEventFactory.php
View File

@ -32,21 +32,17 @@ final class LocationActionEntityEventFactory
public static function build(LocationAction $event, $type = 'UPDATE')
{
$resource_server_context = App::make(IResourceServerContext::class);
$member_repository = App::make(IMemberRepository::class);
$summit_repository = App::make(ISummitRepository::class);
$summit = $summit_repository->getById($event->getSummitId());
$owner_id = $resource_server_context->getCurrentUserExternalId();
if (is_null($owner_id)) $owner_id = 0;
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent;
$entity_event->setEntityClassName($event->getLocationClassName());
$entity_event->setEntityId($event->getLocationId());
$entity_event->setType($type);
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$metadata = '';

10
app/Factories/EntityEvents/LocationImageActionEntityEventFactory.php
View File

@ -28,21 +28,17 @@ final class LocationImageActionEntityEventFactory
public static function build(LocationImageAction $event, $type = 'UPDATE')
{
$resource_server_context = App::make(IResourceServerContext::class);
$member_repository = App::make(IMemberRepository::class);
$summit_repository = App::make(ISummitRepository::class);
$summit = $summit_repository->getById($event->getSummitId());
$owner_id = $resource_server_context->getCurrentUserExternalId();
if (is_null($owner_id)) $owner_id = 0;
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent;
$entity_event->setEntityClassName($event->getImageType());
$entity_event->setEntityId($event->getEntityId());
$entity_event->setType($type);
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$metadata = json_encode( ['location_id' => $event->getLocationId()]);

13
app/Factories/EntityEvents/PresentationMaterialCreatedEntityEventFactory.php
View File

@ -25,19 +25,16 @@ final class PresentationMaterialCreatedEntityEventFactory
* @return SummitEntityEvent
*/
public static function build(PresentationMaterialCreated $event){
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent();
$entity_event = new SummitEntityEvent();
$entity_event->setEntityClassName($event->getMaterial()->getClassName());
$entity_event->setEntityId($event->getMaterial()->getId());
$entity_event->setType('INSERT');
if($owner_id > 0){
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($event->getMaterial()->getPresentation()->getSummit());

11
app/Factories/EntityEvents/PresentationMaterialDeletedEntityEventFactory.php
View File

@ -26,19 +26,16 @@ final class PresentationMaterialDeletedEntityEventFactory
*/
public static function build(PresentationMaterialDeleted $event){
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent();
$entity_event->setEntityClassName($event->getClassName());
$entity_event->setEntityId($event->getMaterialId());
$entity_event->setType('DELETE');
if($owner_id > 0){
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($event->getPresentation()->getSummit());

13
app/Factories/EntityEvents/PresentationMaterialUpdatedEntityEventFactory.php
View File

@ -25,19 +25,16 @@ final class PresentationMaterialUpdatedEntityEventFactory
* @return SummitEntityEvent
*/
public static function build(PresentationMaterialUpdated $event){
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent();
$entity_event = new SummitEntityEvent();
$entity_event->setEntityClassName($event->getMaterial()->getClassName());
$entity_event->setEntityId($event->getMaterial()->getId());
$entity_event->setType('UPDATE');
if($owner_id > 0){
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($event->getMaterial()->getPresentation()->getSummit());

11
app/Factories/EntityEvents/PresentationSpeakerCreatedEntityEventFactory.php
View File

@ -26,10 +26,8 @@ final class PresentationSpeakerCreatedEntityEventFactory
*/
public static function build(PresentationSpeakerCreated $event){
$list = [];
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$owner = $resource_server_context->getCurrentUser();
foreach($event->getPresentationSpeaker()->getRelatedSummits() as $summit) {
@ -38,9 +36,8 @@ final class PresentationSpeakerCreatedEntityEventFactory
$entity_event->setEntityId($event->getPresentationSpeaker()->getId());
$entity_event->setType('INSERT');
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($summit);

17
app/Factories/EntityEvents/PresentationSpeakerDeletedEntityEventFactory.php
View File

@ -25,13 +25,11 @@ final class PresentationSpeakerDeletedEntityEventFactory
* @return SummitEntityEvent[]
*/
public static function build(PresentationSpeakerDeleted $event){
$list = [];
$args = $event->getArgs();
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$params = $args->getParams();
$list = [];
$args = $event->getArgs();
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$owner = $resource_server_context->getCurrentUser();
$params = $args->getParams();
foreach($params['summits'] as $summit) {
@ -40,9 +38,8 @@ final class PresentationSpeakerDeletedEntityEventFactory
$entity_event->setEntityId($params['id']);
$entity_event->setType('DELETE');
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($summit);

13
app/Factories/EntityEvents/PresentationSpeakerUpdatedEntityEventFactory.php
View File

@ -25,11 +25,9 @@ final class PresentationSpeakerUpdatedEntityEventFactory
* @return SummitEntityEvent[]
*/
public static function build(PresentationSpeakerUpdated $event){
$list = [];
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$list = [];
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$owner = $resource_server_context->getCurrentUser();
foreach($event->getPresentationSpeaker()->getRelatedSummits() as $summit) {
@ -38,9 +36,8 @@ final class PresentationSpeakerUpdatedEntityEventFactory
$entity_event->setEntityId($event->getPresentationSpeaker()->getId());
$entity_event->setType('UPDATE');
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($summit);

12
app/Factories/EntityEvents/SummitActionEntityEventFactory.php
View File

@ -31,23 +31,19 @@ final class SummitActionEntityEventFactory
public static function build(SummitAction $event, $type = 'UPDATE')
{
$resource_server_context = App::make(IResourceServerContext::class);
$member_repository = App::make(IMemberRepository::class);
$summit_repository = App::make(ISummitRepository::class);
$summit = $summit_repository->getById($event->getSummitId());
$owner_id = $resource_server_context->getCurrentUserExternalId();
if (is_null($owner_id)) $owner_id = 0;
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent;
$entity_event->setEntityClassName('Summit');
$entity_event->setEntityId($event->getSummitId());
$entity_event->setType($type);
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
if(!is_null($summit))
$entity_event->setSummit($summit);

13
app/Factories/EntityEvents/SummitEventCreatedEntityEventFactory.php
View File

@ -26,19 +26,16 @@ final class SummitEventCreatedEntityEventFactory
*/
public static function build(SummitEventCreated $event)
{
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent();
$entity_event = new SummitEntityEvent();
$entity_event->setEntityClassName($event->getSummitEvent()->getClassName());
$entity_event->setEntityId($event->getSummitEvent()->getId());
$entity_event->setType('INSERT');
if($owner_id > 0){
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($event->getSummitEvent()->getSummit());

11
app/Factories/EntityEvents/SummitEventDeletedEntityEventFactory.php
View File

@ -28,10 +28,8 @@ final class SummitEventDeletedEntityEventFactory
public static function build(SummitEventDeleted $event){
$args = $event->getArgs();
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$owner = $resource_server_context->getCurrentUser();
$params = $args->getParams();
$entity_event = new SummitEntityEvent();
@ -39,9 +37,8 @@ final class SummitEventDeletedEntityEventFactory
$entity_event->setEntityId($params['id']);
$entity_event->setType('DELETE');
if($owner_id > 0){
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($params['summit']);

11
app/Factories/EntityEvents/SummitEventTypeActionEntityEventFactory.php
View File

@ -33,22 +33,17 @@ final class SummitEventTypeActionEntityEventFactory
public static function build(SummitEventTypeAction $event, $type = 'UPDATE')
{
$resource_server_context = App::make(IResourceServerContext::class);
$member_repository = App::make(IMemberRepository::class);
$summit_repository = App::make(ISummitRepository::class);
$summit = $summit_repository->getById($event->getSummitId());
$owner_id = $resource_server_context->getCurrentUserExternalId();
if (is_null($owner_id)) $owner_id = 0;
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent;
$entity_event->setEntityClassName($event->getClassName());
$entity_event->setEntityId($event->getEventTypeId());
$entity_event->setType($type);
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($summit);

15
app/Factories/EntityEvents/SummitEventUpdatedEntityEventFactory.php
View File

@ -29,20 +29,15 @@ final class SummitEventUpdatedEntityEventFactory
$args = $event->getArgs();
if(!$args instanceof PreUpdateEventArgs) return;
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$owner_id = $resource_server_context->getCurrentUserExternalId();
if(is_null($owner_id)) $owner_id = 0;
$entity_event = new SummitEntityEvent();
$resource_server_context = App::make(\models\oauth2\IResourceServerContext::class);
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent();
$entity_event->setEntityClassName($event->getSummitEvent()->getClassName());
$entity_event->setEntityId($event->getSummitEvent()->getId());
$entity_event->setType('UPDATE');
if($owner_id > 0){
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($event->getSummitEvent()->getSummit());

11
app/Factories/EntityEvents/SummitTicketTypeActionEntityEventFactory.php
View File

@ -31,22 +31,17 @@ final class SummitTicketTypeActionEntityEventFactory
public static function build(SummitTicketTypeAction $event, $type = 'UPDATE')
{
$resource_server_context = App::make(IResourceServerContext::class);
$member_repository = App::make(IMemberRepository::class);
$summit_repository = App::make(ISummitRepository::class);
$summit = $summit_repository->getById($event->getSummitId());
$owner_id = $resource_server_context->getCurrentUserExternalId();
if (is_null($owner_id)) $owner_id = 0;
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent;
$entity_event->setEntityClassName('SummitTicketType');
$entity_event->setEntityId($event->getTicketTypeId());
$entity_event->setType($type);
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($summit);

11
app/Factories/EntityEvents/TrackActionEntityEventFactory.php
View File

@ -33,22 +33,17 @@ final class TrackActionEntityEventFactory
public static function build(TrackAction $event, $type = 'UPDATE')
{
$resource_server_context = App::make(IResourceServerContext::class);
$member_repository = App::make(IMemberRepository::class);
$summit_repository = App::make(ISummitRepository::class);
$summit = $summit_repository->getById($event->getSummitId());
$owner_id = $resource_server_context->getCurrentUserExternalId();
if (is_null($owner_id)) $owner_id = 0;
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent;
$entity_event->setEntityClassName('PresentationCategory');
$entity_event->setEntityId($event->getTrackId());
$entity_event->setType($type);
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($summit);

10
app/Factories/EntityEvents/TrackGroupActionActionEntityEventFactory.php
View File

@ -31,21 +31,17 @@ final class TrackGroupActionActionEntityEventFactory
public static function build(TrackGroupAction $event, $type = 'UPDATE')
{
$resource_server_context = App::make(IResourceServerContext::class);
$member_repository = App::make(IMemberRepository ::class);
$summit_repository = App::make(ISummitRepository::class);
$summit = $summit_repository->getById($event->getSummitId());
$owner_id = $resource_server_context->getCurrentUserExternalId();
if (is_null($owner_id)) $owner_id = 0;
$owner = $resource_server_context->getCurrentUser();
$entity_event = new SummitEntityEvent;
$entity_event->setEntityClassName($event->getClassName());
$entity_event->setEntityId($event->getTrackGroupId());
$entity_event->setType($type);
if ($owner_id > 0) {
$member = $member_repository->getById($owner_id);
$entity_event->setOwner($member);
if (!is_null($owner)) {
$entity_event->setOwner($owner);
}
$entity_event->setSummit($summit);

33
app/Http/Controllers/Apis/Protected/Main/OAuth2MembersApiController.php
View File

@ -171,10 +171,7 @@ final class OAuth2MembersApiController extends OAuth2ProtectedController
*/
public function getMyMember(){
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->repository->getById($current_member_id);
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error404();
$fields = Request::input('fields', null);
@ -207,10 +204,9 @@ final class OAuth2MembersApiController extends OAuth2ProtectedController
public function getMemberAffiliations($member_id){
try {
if(strtolower($member_id) == 'me'){
$member_id = $this->resource_server_context->getCurrentUserExternalId();
}
$member = $this->repository->getById($member_id);
$member = (strtolower($member_id) == 'me') ?
$this->resource_server_context->getCurrentUser() :
$this->repository->getById($member_id);
if(is_null($member)) return $this->error404();
$affiliations = $member->getAffiliations()->toArray();
@ -261,11 +257,10 @@ final class OAuth2MembersApiController extends OAuth2ProtectedController
if(!Request::isJson()) return $this->error400();
$data = Input::json();
if(strtolower($member_id) == 'me'){
$member_id = $this->resource_server_context->getCurrentUserExternalId();
}
$member = (strtolower($member_id) == 'me') ?
$this->resource_server_context->getCurrentUser() :
$this->repository->getById($member_id);
$member = $this->repository->getById($member_id);
if(is_null($member)) return $this->error404();
$rules = [
@ -330,11 +325,10 @@ final class OAuth2MembersApiController extends OAuth2ProtectedController
if(!Request::isJson()) return $this->error400();
$data = Input::json();
if(strtolower($member_id) == 'me'){
$member_id = $this->resource_server_context->getCurrentUserExternalId();
}
$member = (strtolower($member_id) == 'me') ?
$this->resource_server_context->getCurrentUser() :
$this->repository->getById($member_id);
$member = $this->repository->getById($member_id);
if(is_null($member)) return $this->error404();
$rules = [
@ -392,11 +386,10 @@ final class OAuth2MembersApiController extends OAuth2ProtectedController
public function deleteAffiliation($member_id, $affiliation_id){
try{
if(strtolower($member_id) == 'me'){
$member_id = $this->resource_server_context->getCurrentUserExternalId();
}
$member = (strtolower($member_id) == 'me') ?
$this->resource_server_context->getCurrentUser() :
$this->repository->getById($member_id);
$member = $this->repository->getById($member_id);
if(is_null($member)) return $this->error404();
$this->member_service->deleteAffiliation($member, $affiliation_id);

30
app/Http/Controllers/Apis/Protected/Main/OAuth2TeamInvitationsApiController.php
View File

@ -55,10 +55,10 @@ final class OAuth2TeamInvitationsApiController extends OAuth2ProtectedController
public function getMyInvitations(){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$invitations = $this->repository->getInvitationsByInvitee($current_member_id);
$invitations = $this->repository->getInvitationsByInvitee($current_member->getId());
$response = new PagingResponse
(
@ -92,10 +92,10 @@ final class OAuth2TeamInvitationsApiController extends OAuth2ProtectedController
public function getMyPendingInvitations(){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$invitations = $this->repository->getPendingInvitationsByInvitee($current_member_id);
$invitations = $this->repository->getPendingInvitationsByInvitee($current_member->getId());
$response = new PagingResponse
(
@ -129,10 +129,10 @@ final class OAuth2TeamInvitationsApiController extends OAuth2ProtectedController
public function getMyAcceptedInvitations(){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$invitations = $this->repository->getAcceptedInvitationsByInvitee($current_member_id);
$invitations = $this->repository->getAcceptedInvitationsByInvitee($current_member->getId());
$response = new PagingResponse
(
@ -166,10 +166,10 @@ final class OAuth2TeamInvitationsApiController extends OAuth2ProtectedController
*/
public function acceptInvitation($invitation_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$team_member = $this->service->acceptInvitation($invitation_id, $current_member_id);
$team_member = $this->service->acceptInvitation($invitation_id, $current_member->getId());
return $this->created(SerializerRegistry::getInstance()->getSerializer($team_member)->serialize($expand = ''));
}
catch (ValidationException $ex1) {
@ -193,9 +193,9 @@ final class OAuth2TeamInvitationsApiController extends OAuth2ProtectedController
*/
public function declineInvitation($invitation_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$this->service->declineInvitation($invitation_id, $current_member_id);
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->service->declineInvitation($invitation_id, $current_member->getId());
return $this->deleted();
}
catch (ValidationException $ex1) {

44
app/Http/Controllers/Apis/Protected/Main/OAuth2TeamsApiController.php
View File

@ -82,11 +82,8 @@ final class OAuth2TeamsApiController extends OAuth2ProtectedController
public function getMyTeams(){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->member_repository->getById($current_member_id);
if (is_null($current_member)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$teams = $this->repository->getTeamsByMember($current_member);
@ -135,10 +132,7 @@ final class OAuth2TeamsApiController extends OAuth2ProtectedController
public function getMyTeam($team_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->member_repository->getById($current_member_id);
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$team = $this->repository->getById($team_id);
@ -213,11 +207,8 @@ final class OAuth2TeamsApiController extends OAuth2ProtectedController
'description',
);
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->member_repository->getById($current_member_id);
if (is_null($current_member)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$team = $this->service->addTeam(HTMLCleaner::cleanData($data->all(), $fields), $current_member);
@ -245,8 +236,8 @@ final class OAuth2TeamsApiController extends OAuth2ProtectedController
public function deleteTeam($team_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->service->deleteTeam($team_id);
@ -303,8 +294,8 @@ final class OAuth2TeamsApiController extends OAuth2ProtectedController
'description',
);
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$team = $this->service->updateTeam(HTMLCleaner::cleanData($data->all(), $fields), $team_id);
@ -382,10 +373,7 @@ final class OAuth2TeamsApiController extends OAuth2ProtectedController
if(is_null($filter)) $filter = new Filter();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->member_repository->getById($current_member_id);
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$team = $this->repository->getById($team_id);
@ -450,8 +438,8 @@ final class OAuth2TeamsApiController extends OAuth2ProtectedController
);
}
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
if(!isset($values['priority']))
$values['priority'] = PushNotificationMessagePriority::Normal;
@ -504,8 +492,8 @@ final class OAuth2TeamsApiController extends OAuth2ProtectedController
);
}
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$invitation = $this->service->addMember2Team($team_id, $member_id, $values['permission']);
return $this->created(SerializerRegistry::getInstance()->getSerializer($invitation)->serialize($expand = 'team,inviter,invitee'));
@ -534,8 +522,8 @@ final class OAuth2TeamsApiController extends OAuth2ProtectedController
public function removedMemberFromMyTeam($team_id, $member_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->service->removeMemberFromTeam($team_id, $member_id);

66
app/Http/Controllers/Apis/Protected/Summit/OAuth2PresentationApiController.php
View File

@ -310,14 +310,8 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
if(!Request::isJson()) return $this->error400();
$member_id = $this->resource_server_context->getCurrentUserExternalId();
if(is_null($member_id))
return $this->error403();
$member = $this->member_repository->getById($member_id);
if(is_null($member))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$data = Input::json();
@ -353,7 +347,7 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
'attendees_expected_learnt',
];
$presentation = $this->presentation_service->submitPresentation($summit, $member, HTMLCleaner::cleanData($data, $fields));
$presentation = $this->presentation_service->submitPresentation($summit, $current_member, HTMLCleaner::cleanData($data, $fields));
return $this->created(SerializerRegistry::getInstance()->getSerializer($presentation)->serialize());
}
@ -387,14 +381,8 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
if(!Request::isJson()) return $this->error400();
$member_id = $this->resource_server_context->getCurrentUserExternalId();
if(is_null($member_id))
return $this->error403();
$member = $this->member_repository->getById($member_id);
if(is_null($member))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$data = Input::json();
@ -433,7 +421,7 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
$presentation = $this->presentation_service->updatePresentationSubmission(
$summit,
$presentation_id,
$member,
$current_member,
HTMLCleaner::cleanData($data, $fields)
);
@ -467,20 +455,14 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$member_id = $this->resource_server_context->getCurrentUserExternalId();
if(is_null($member_id))
return $this->error403();
$member = $this->member_repository->getById($member_id);
if(is_null($member))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$presentation = $this->presentation_service->completePresentationSubmission
(
$summit,
$presentation_id,
$member
$current_member
);
return $this->updated(SerializerRegistry::getInstance()->getSerializer($presentation)->serialize());
@ -513,16 +495,10 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$member = $this->member_repository->getById($current_member_id);
if(is_null($member))
return $this->error403();
$this->presentation_service->deletePresentation($summit, $member, $presentation_id);
$this->presentation_service->deletePresentation($summit, $current_member, $presentation_id);
return $this->deleted();
@ -620,16 +596,15 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$member_id = $this->resource_server_context->getCurrentUserExternalId();
$member = $this->member_repository->getById($member_id);
if(is_null($member) || !$member instanceof Member) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
if(!$member->isAdmin()){
if(!$current_member->isAdmin()){
// check if we could edit presentation
$presentation = $summit->getEvent($presentation_id);
if(is_null($presentation) || !$presentation instanceof Presentation)
return $this->error404();
if(!$member->hasSpeaker() || !$presentation->canEdit($member->getSpeaker()))
if(!$current_member->hasSpeaker() || !$presentation->canEdit($current_member->getSpeaker()))
return $this->error403();
}
@ -699,16 +674,15 @@ final class OAuth2PresentationApiController extends OAuth2ProtectedController
if (is_null($summit)) return $this->error404();
$member_id = $this->resource_server_context->getCurrentUserExternalId();
$member = $this->member_repository->getById($member_id);
if(is_null($member) || !$member instanceof Member) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
if(!$member->isAdmin()){
if(!$current_member->isAdmin()){
// check if we could edit presentation
$presentation = $summit->getEvent($presentation_id);
if(is_null($presentation) || !$presentation instanceof Presentation)
return $this->error404();
if(!$member->hasSpeaker() || !$presentation->canEdit($member->getSpeaker()))
if(!$current_member->hasSpeaker() || !$presentation->canEdit($current_member->getSpeaker()))
return $this->error403();
}

13
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitApiController.php
View File

@ -353,6 +353,9 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$last_event_id = Request::input('last_event_id', null);
$from_date = Request::input('from_date', null);
$limit = Request::input('limit', 25);
@ -400,7 +403,7 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
list($last_event_id, $last_event_date, $list) = $this->summit_service->getSummitEntityEvents
(
$summit,
$this->resource_server_context->getCurrentUserExternalId(),
$current_member->getId(),
$from_date,
intval($last_event_id),
intval($limit)
@ -461,17 +464,15 @@ final class OAuth2SummitApiController extends OAuth2ProtectedController
try {
$summit = SummitFinderStrategyFactory::build($this->repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($member_id)) {
throw new \HTTP401UnauthorizedException;
}
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) throw new \HTTP401UnauthorizedException;
$attendee = $this->summit_service->confirmExternalOrderAttendee
(
new ConfirmationExternalOrderRequest
(
$summit,
intval($member_id),
$current_member->getId(),
trim($external_order_id),
trim($external_attendee_id)
)

20
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitEventsApiController.php
View File

@ -416,11 +416,8 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
if(!Request::isJson()) return $this->error400();
$data = Input::json();
$current_member = null;
$member_id = $this->resource_server_context->getCurrentUserExternalId();
if (!is_null($member_id)){
$current_member = $this->member_repository->getById($member_id);
}
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$rules = [
// summit event rules
@ -650,10 +647,10 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
if (!is_null($attendee_id)) // add filter by attendee, this case me
{
if($attendee_id !== 'me') return $this->error403();
$member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($member_id)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$filter = FilterParser::parse('owner_id=='.$member_id, array
$filter = FilterParser::parse('owner_id=='.$current_member->getId(), array
(
'owner_id' => array('=='),
));
@ -902,11 +899,10 @@ final class OAuth2SummitEventsApiController extends OAuth2ProtectedController
}
$data = $data->all();
$member_id = $this->resource_server_context->getCurrentUserExternalId();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
if (is_null($member_id)) return $this->error400();
$data['member_id'] = intval($member_id);
$data['member_id'] = $current_member->getId();
return [$summit, $event, $data];
}

58
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitMembersApiController.php
View File

@ -65,11 +65,8 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->repository->getById($current_member_id);
if (is_null($current_member)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$fields = Request::input('fields', null);
$relations = Request::input('relations', null);
@ -93,11 +90,8 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->repository->getById($current_member_id);
if (is_null($current_member)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$favorites = array();
foreach ($current_member->getFavoritesSummitEventsBySummit($summit) as $favorite_event)
@ -151,11 +145,8 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->repository->getById($current_member_id);
if (is_null($current_member)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->summit_service->addEventToMemberFavorites($summit, $current_member, intval($event_id));
@ -196,11 +187,8 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->repository->getById($current_member_id);
if (is_null($current_member)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->summit_service->removeEventFromMemberFavorites($summit, $current_member, intval($event_id));
@ -238,13 +226,10 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$current_member = $this->repository->getById($current_member_id);
if (is_null($current_member)) return $this->error404();
$schedule = array();
$schedule = [];
foreach ($current_member->getScheduleBySummit($summit) as $schedule_event)
{
if(!$summit->isEventOnSchedule($schedule_event->getEvent()->getId())) continue;
@ -296,11 +281,8 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->repository->getById($current_member_id);
if (is_null($current_member)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->summit_service->addEventToMemberSchedule($summit, $current_member, intval($event_id));
@ -341,11 +323,8 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->repository->getById($current_member_id);
if (is_null($current_member)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->summit_service->removeEventFromMemberSchedule($summit, $current_member, intval($event_id));
@ -386,11 +365,8 @@ final class OAuth2SummitMembersApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) return $this->error403();
$current_member = $this->repository->getById($current_member_id);
if (is_null($current_member)) return $this->error404();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$event = $summit->getScheduleEvent(intval($event_id));

21
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitNotificationsApiController.php
View File

@ -306,12 +306,7 @@ class OAuth2SummitNotificationsApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member = null;
if(!is_null($this->resource_server_context->getCurrentUserExternalId())){
$current_member = $this->member_repository->getById($this->resource_server_context->getCurrentUserExternalId());
}
$notification = $this->push_notification_service->approveNotification($summit, $current_member, $notification_id);
$notification = $this->push_notification_service->approveNotification($summit, $this->resource_server_context->getCurrentUser(), $notification_id);
return $this->updated(SerializerRegistry::getInstance()->getSerializer($notification)->serialize( Request::input('expand', '')));
} catch (ValidationException $ex1) {
Log::warning($ex1);
@ -335,12 +330,7 @@ class OAuth2SummitNotificationsApiController extends OAuth2ProtectedController
$summit = SummitFinderStrategyFactory::build($this->summit_repository, $this->resource_server_context)->find($summit_id);
if (is_null($summit)) return $this->error404();
$current_member = null;
if(!is_null($this->resource_server_context->getCurrentUserExternalId())){
$current_member = $this->member_repository->getById($this->resource_server_context->getCurrentUserExternalId());
}
$notification = $this->push_notification_service->unApproveNotification($summit, $current_member, $notification_id);
$notification = $this->push_notification_service->unApproveNotification($summit, $this->resource_server_context->getCurrentUser(), $notification_id);
return $this->updated(SerializerRegistry::getInstance()->getSerializer($notification)->serialize( Request::input('expand', '')));
} catch (ValidationException $ex1) {
Log::warning($ex1);
@ -380,12 +370,7 @@ class OAuth2SummitNotificationsApiController extends OAuth2ProtectedController
);
}
$current_member = null;
if(!is_null($this->resource_server_context->getCurrentUserExternalId())){
$current_member = $this->member_repository->getById($this->resource_server_context->getCurrentUserExternalId());
}
$notification = $this->push_notification_service->addPushNotification($summit, $current_member, $data->all());
$notification = $this->push_notification_service->addPushNotification($summit, $this->resource_server_context->getCurrentUser(), $data->all());
return $this->created(SerializerRegistry::getInstance()->getSerializer($notification)->serialize());
}

15
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitPromoCodesApiController.php
View File

@ -384,12 +384,7 @@ final class OAuth2SummitPromoCodesApiController extends OAuth2ProtectedControlle
);
}
$current_member = null;
if(!is_null($this->resource_server_context->getCurrentUserExternalId())){
$current_member = $this->member_repository->getById($this->resource_server_context->getCurrentUserExternalId());
}
$promo_code = $this->promo_code_service->addPromoCode($summit, $data->all(), $current_member);
$promo_code = $this->promo_code_service->addPromoCode($summit, $data->all(), $this->resource_server_context->getCurrentUser());
return $this->created(SerializerRegistry::getInstance()->getSerializer($promo_code)->serialize());
}
@ -435,14 +430,10 @@ final class OAuth2SummitPromoCodesApiController extends OAuth2ProtectedControlle
);
}
$current_member = null;
if (!is_null($this->resource_server_context->getCurrentUserExternalId())) {
$current_member = $this->member_repository->getById($this->resource_server_context->getCurrentUserExternalId());
}
$promo_code = $this->promo_code_service->updatePromoCode($summit, $promo_code_id, $data->all(), $current_member);
$promo_code = $this->promo_code_service->updatePromoCode($summit, $promo_code_id, $data->all(), $this->resource_server_context->getCurrentUser());
return $this->updated(SerializerRegistry::getInstance()->getSerializer($promo_code)->serialize());
} catch (ValidationException $ex1) {
Log::warning($ex1);
return $this->error412(array($ex1->getMessage()));

7
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitRSVPTemplatesApiController.php
View File

@ -288,12 +288,7 @@ final class OAuth2SummitRSVPTemplatesApiController extends OAuth2ProtectedContro
);
}
$current_member = null;
if(!is_null($this->resource_server_context->getCurrentUserExternalId())){
$current_member = $this->member_repository->getById($this->resource_server_context->getCurrentUserExternalId());
}
$template = $this->rsvp_template_service->addTemplate($summit, $current_member, $payload);
$template = $this->rsvp_template_service->addTemplate($summit, $this->resource_server_context->getCurrentUser(), $payload);
return $this->created(SerializerRegistry::getInstance()->getSerializer($template)->serialize());
}

151
app/Http/Controllers/Apis/Protected/Summit/OAuth2SummitSpeakersApiController.php
View File

@ -359,15 +359,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
public function getMySpeaker()
{
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$member = $this->member_repository->getById($current_member_id);
if (is_null($member))
return $this->error403();
$speaker = $this->speaker_repository->getByMember($member);
$speaker = $this->speaker_repository->getByMember($current_member);
if (is_null($speaker)) return $this->error404();
$serializer_type = $this->serializer_type_selector->getSerializerType();
@ -401,22 +396,17 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
public function createMySpeaker()
{
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$member = $this->member_repository->getById($current_member_id);
if (is_null($member))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
// set data from current member ...
$speaker = $this->service->addSpeaker([
'member_id' => $member->getIdentifier(),
'first_name' => $member->getFirstName(),
'last_name' => $member->getLastName(),
'bio' => $member->getBio(),
'twitter' => $member->getTwitterHandle(),
'irc' => $member->getIrcHandle(),
'member_id' => $current_member->getId(),
'first_name' => $current_member->getFirstName(),
'last_name' => $current_member->getLastName(),
'bio' => $current_member->getBio(),
'twitter' => $current_member->getTwitterHandle(),
'irc' => $current_member->getIrcHandle(),
]);
$serializer_type = $this->serializer_type_selector->getSerializerType();
@ -450,15 +440,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
public function updateMySpeaker()
{
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$member = $this->member_repository->getById($current_member_id);
if (is_null($member))
return $this->error403();
$speaker = $this->speaker_repository->getByMember($member);
$speaker = $this->speaker_repository->getByMember($current_member);
if (is_null($speaker)) return $this->error404();
return $this->updateSpeaker($speaker->getId());
@ -667,15 +652,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
public function addMySpeakerPhoto(LaravelRequest $request){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$member = $this->member_repository->getById($current_member_id);
if (is_null($member))
return $this->error403();
$speaker = $this->speaker_repository->getByMember($member);
$speaker = $this->speaker_repository->getByMember($current_member);
if (is_null($speaker)) return $this->error404();
return $this->addSpeakerPhoto($request, $speaker->getId());
@ -702,18 +682,13 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$member = $this->member_repository->getById($current_member_id);
if (is_null($member))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$speaker = $this->speaker_repository->getById($speaker_id);
if (is_null($speaker)) return $this->error404();
if(!$speaker->canBeEditedBy($member)){
if(!$speaker->canBeEditedBy($current_member)){
return $this->error403();
}
@ -782,13 +757,8 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
if (!Request::isJson()) return $this->error400();
$data = Input::json();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$creator = $this->member_repository->getById($current_member_id);
if (is_null($creator))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$rules = [
'title' => 'required|string|max:100',
@ -834,7 +804,7 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
'notes'
];
$speaker = $this->service->addSpeaker(HTMLCleaner::cleanData($data->all(), $fields), $creator);
$speaker = $this->service->addSpeaker(HTMLCleaner::cleanData($data->all(), $fields), $current_member);
return $this->created(SerializerRegistry::getInstance()->getSerializer($speaker, SerializerRegistry::SerializerType_Private)->serialize());
} catch (ValidationException $ex1) {
@ -859,18 +829,13 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
if (!Request::isJson()) return $this->error400();
$data = Input::json();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$member = $this->member_repository->getById($current_member_id);
if (is_null($member))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$speaker = $this->speaker_repository->getById($speaker_id);
if (is_null($speaker)) return $this->error404();
if(!$speaker->canBeEditedBy($member)){
if(!$speaker->canBeEditedBy($current_member)){
return $this->error403();
}
@ -965,15 +930,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
public function getMySpeakerPresentationsByRoleAndBySelectionPlan($role, $selection_plan_id)
{
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$member = $this->member_repository->getById($current_member_id);
if (is_null($member))
return $this->error403();
$speaker = $this->speaker_repository->getByMember($member);
$speaker = $this->speaker_repository->getByMember($current_member);
if (is_null($speaker))
return $this->error403();
@ -1024,15 +984,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
public function getMySpeakerPresentationsByRoleAndBySummit($role, $summit_id)
{
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$member = $this->member_repository->getById($current_member_id);
if (is_null($member))
return $this->error403();
$speaker = $this->speaker_repository->getByMember($member);
$speaker = $this->speaker_repository->getByMember($current_member);
if (is_null($speaker))
return $this->error403();
@ -1082,11 +1037,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
*/
public function addSpeakerToMyPresentation($presentation_id, $speaker_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->summit_service->addSpeaker2Presentation($current_member_id, $speaker_id, $presentation_id);
$this->summit_service->addSpeaker2Presentation($current_member->getId(), $speaker_id, $presentation_id);
return $this->updated();
@ -1109,11 +1063,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
*/
public function addModeratorToMyPresentation($presentation_id, $speaker_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->summit_service->addModerator2Presentation($current_member_id, $speaker_id, $presentation_id);
$this->summit_service->addModerator2Presentation($current_member->getId(), $speaker_id, $presentation_id);
return $this->updated();
@ -1136,11 +1089,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
*/
public function removeSpeakerFromMyPresentation($presentation_id, $speaker_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->summit_service->removeSpeakerFromPresentation($current_member_id, $speaker_id, $presentation_id);
$this->summit_service->removeSpeakerFromPresentation($current_member->getId(), $speaker_id, $presentation_id);
return $this->deleted();
@ -1163,11 +1115,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
*/
public function removeModeratorFromMyPresentation($presentation_id, $speaker_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$this->summit_service->removeModeratorFromPresentation($current_member_id, $speaker_id, $presentation_id);
$this->summit_service->removeModeratorFromPresentation($current_member->getId(), $speaker_id, $presentation_id);
return $this->deleted();
@ -1189,11 +1140,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
*/
public function requestSpeakerEditPermission($speaker_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$request = $this->service->requestSpeakerEditPermission($current_member_id, $speaker_id);
$request = $this->service->requestSpeakerEditPermission($current_member->getId(), $speaker_id);
return $this->created(
SerializerRegistry::getInstance()->getSerializer($request)
@ -1217,11 +1167,10 @@ final class OAuth2SummitSpeakersApiController extends OAuth2ProtectedController
*/
public function getSpeakerEditPermission($speaker_id){
try {
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
return $this->error403();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $this->error403();
$request = $this->service->getSpeakerEditPermission($current_member_id, $speaker_id);
$request = $this->service->getSpeakerEditPermission($current_member->getId(), $speaker_id);
return $this->ok(
SerializerRegistry::getInstance()->getSerializer($request)->serialize()

6
app/Http/Controllers/Apis/Protected/Summit/Strategies/CheckMeAttendeeStrategy.php
View File

@ -46,11 +46,11 @@ class CheckMeAttendeeStrategy implements ICheckAttendeeStrategy
public function check($attendee_id, Summit $summit)
{
if (strtolower($attendee_id) === 'me') {
$member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($member_id)) {
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) {
return null;
}
return $summit->getAttendeeByMemberId($member_id);
return $summit->getAttendeeByMemberId($current_member->getId());
}
return null;
}

6
app/Http/Controllers/Apis/Protected/Summit/Strategies/CheckMeSpeakerStrategy.php
View File

@ -45,11 +45,11 @@ class CheckMeSpeakerStrategy implements ICheckSpeakerStrategy
public function check($speaker_id, Summit $summit)
{
if (strtolower($speaker_id) === 'me') {
$member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($member_id)) {
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) {
return null;
}
return $summit->getSpeakerByMemberId($member_id, false);
return $summit->getSpeakerByMemberId($current_member->getId(), false);
}
return $summit->getSpeaker(intval($speaker_id, false));
}

4
app/Http/Controllers/Apis/Protected/Summit/Strategies/CheckMyOwnAttendeeStrategy.php
View File

@ -32,8 +32,8 @@ final class CheckMyOwnAttendeeStrategy extends CheckMeAttendeeStrategy implement
$attendee = parent::check($attendee_id, $summit);
if(!$attendee) return null;
$attendee_member_id = intval($attendee->getMember()->getId());
$member_id = $this->resource_server_context->getCurrentUserExternalId();
if(is_null($member_id) || ($attendee_member_id !== $member_id))
$current_member = $this->resource_server_context->getCurrentUser();
if(is_null($current_member) || ($attendee_member_id !== $current_member->getId()))
throw new \HTTP401UnauthorizedException;
return $attendee;
}

28
app/Http/Controllers/Apis/Protected/Summit/Traits/SummitBookableVenueRoomApi.php
View File

@ -514,8 +514,9 @@ trait SummitBookableVenueRoomApi
try {
if(!Request::isJson()) return $this->error400();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member))
return $this->error403();
$summit = $summit_id === 'current' ? $this->repository->getCurrent() : $this->repository->getById(intval($summit_id));
@ -527,7 +528,7 @@ trait SummitBookableVenueRoomApi
return $this->error404();
$payload = Input::json()->all();
$payload['owner_id'] = $current_member_id;
$payload['owner_id'] = $current_member->getId();
$rules = SummitRoomReservationValidationRulesFactory::build($payload);
// Creates a Validator instance and validates the data.
$validation = Validator::make($payload, $rules);
@ -572,18 +573,16 @@ trait SummitBookableVenueRoomApi
*/
public function getMyBookableVenueRoomReservations($summit_id){
try{
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member))
return $this->error403();
$summit = $summit_id === 'current' ? $this->repository->getCurrent() : $this->repository->getById(intval($summit_id));
if (is_null($summit)) return $this->error404();
$member = $this->member_repository->getById($current_member_id);
if(is_null($member))
return $this->error403();
$reservations = $member->getReservationsBySummit($summit);
$reservations = $current_member->getReservationsBySummit($summit);
$response = new PagingResponse
(
@ -628,18 +627,15 @@ trait SummitBookableVenueRoomApi
*/
public function cancelMyBookableVenueRoomReservation($summit_id, $reservation_id){
try{
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id))
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member))
return $this->error403();
$summit = $summit_id === 'current' ? $this->repository->getCurrent() : $this->repository->getById(intval($summit_id));
if (is_null($summit)) return $this->error404();
$member = $this->member_repository->getById($current_member_id);
if(is_null($member))
return $this->error403();
$reservation = $this->location_service->cancelReservation($summit, $member, $reservation_id);
$reservation = $this->location_service->cancelReservation($summit, $current_member, $reservation_id);
return $this->updated(SerializerRegistry::getInstance()->getSerializer($reservation)->serialize());
}

4
app/Http/Middleware/CacheMiddleware.php
View File

@ -75,7 +75,9 @@ final class CacheMiddleware
if (str_contains($request->getPathInfo(), '/me'))
{
$key .= ':' . $this->context->getCurrentUserExternalId();
$current_member = $this->context->getCurrentUser();
if(!is_null($current_member))
$key .= ':' .$current_member->getId();
}
$data = $this->cache_service->getSingleValue($key);

9
app/Http/Middleware/OAuth2BearerAccessTokenRequestValidator.php
View File

@ -185,19 +185,22 @@ class OAuth2BearerAccessTokenRequestValidator
}
Log::debug('setting resource server context ...');
//set context for api and continue processing
$context = array
(
$context = [
'access_token' => $access_token_value,
'expires_in' => $token_info->getLifetime(),
'client_id' => $token_info->getClientId(),
'scope' => $token_info->getScope(),
'application_type' => $token_info->getApplicationType()
);
];
if (!is_null($token_info->getUserId()))
{
$context['user_id'] = $token_info->getUserId();
$context['user_external_id'] = $token_info->getUserExternalId();
$context['user_identifier'] = $token_info->getUserIdentifier();
$context['user_email'] = $token_info->getUserEmail();
$context['user_first_name'] = $token_info->getUserFirstName();
$context['user_last_name'] = $token_info->getUserLastName();
}
$this->context->setAuthorizationContext($context);

24
app/Http/Middleware/UserAuthEndpoint.php
View File

@ -11,12 +11,10 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Closure;
use Illuminate\Support\Facades\Response;
use models\main\IMemberRepository;
use models\oauth2\IResourceServerContext;
/**
* Class UserAuthEndpoint
* @package App\Http\Middleware
@ -34,6 +32,11 @@ final class UserAuthEndpoint
*/
private $member_repository;
/**
* UserAuthEndpoint constructor.
* @param IResourceServerContext $context
* @param IMemberRepository $member_repository
*/
public function __construct
(
IResourceServerContext $context,
@ -44,21 +47,22 @@ final class UserAuthEndpoint
$this->member_repository = $member_repository;
}
/**
* @param $request
* @param Closure $next
* @param $required_groups
* @return \Illuminate\Http\JsonResponse|mixed
*/
public function handle($request, Closure $next, $required_groups)
{
$member_id = $this->context->getCurrentUserExternalId();
if (is_null($member_id)) return $next($request);
$member = $this->member_repository->getById($member_id);
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) return $next($request);
if (is_null($member)){
$http_response = Response::json(['error' => 'member not found'], 403);
return $http_response;
}
$required_groups = explode('|', $required_groups);
foreach ($required_groups as $required_group) {
if($member->isOnGroup($required_group))
if($current_member->isOnGroup($required_group))
return $next($request);
}

6
app/ModelSerializers/BaseSerializerTypeSelector.php
View File

@ -53,9 +53,9 @@ final class BaseSerializerTypeSelector implements ISerializerTypeSelector
public function getSerializerType()
{
$serializer_type = SerializerRegistry::SerializerType_Public;
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if(!is_null($current_member_id) && $member = $this->member_repository->getById($current_member_id)){
if($member->isOnGroup(IGroup::SummitAdministrators)){
$current_member = $this->resource_server_context->getCurrentUser();
if(!is_null($current_member)){
if($current_member->isOnGroup(IGroup::SummitAdministrators)){
$serializer_type = SerializerRegistry::SerializerType_Private;
}
}

23
app/Models/Foundation/Main/Member.php
View File

@ -140,6 +140,13 @@ class Member extends SilverstripeBaseModel
*/
private $email_verified_date;
/**
*
* @ORM\Column(name="ExternalUserId", type="integer")
* @var int
*/
private $user_external_id;
/**
* @ORM\ManyToOne(targetEntity="models\main\File")
* @ORM\JoinColumn(name="PhotoID", referencedColumnName="ID")
@ -1277,4 +1284,20 @@ SQL;
}
}
/**
* @return int
*/
public function getUserExternalId(): int
{
return $this->user_external_id;
}
/**
* @param int $user_external_id
*/
public function setUserExternalId(int $user_external_id): void
{
$this->user_external_id = $user_external_id;
}
}

6
app/Models/Foundation/Main/Repositories/IMemberRepository.php
View File

@ -42,4 +42,10 @@ interface IMemberRepository extends IBaseRepository
* @return PagingResponse
*/
public function getAllByPage(PagingInfo $paging_info, Filter $filter = null, Order $order = null);
/**
* @param int $external_id
* @return Member|null
*/
public function getByExternalId(int $external_id):?Member;
}

129
app/Models/OAuth2/AccessToken.php
View File

@ -1,24 +1,24 @@
<?php namespace models\oauth2;
/**
* Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
/**
* Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
/**
* Class AccessToken
* http://tools.ietf.org/html/rfc6749#section-1.4
* @package oauth2\models
*/
class AccessToken extends Token
final class AccessToken extends Token
{
/**
* @var
@ -56,44 +56,51 @@ class AccessToken extends Token
private $user_external_id;
/**
* @param $value
* @param $scope
* @param $client_id
* @param $audience
* @param $user_id
* @param $user_external_id
* @param $lifetime
* @param $application_type
* @param $allowed_return_uris
* @param $allowed_origins
* @var string|null
*/
private $user_identifier;
/**
* @var string|null
*/
private $user_email;
/**
* @var string|null
*/
private $user_first_name;
/**
* @var string|null
*/
private $user_last_name;
private static function getValueFromInfo(string $key, array $token_info){
return isset($token_info[$key])? $token_info[$key] :null;
}
/**
* @param array $token_info
* @return AccessToken
*/
public static function createFromParams(
$value,
$scope,
$client_id,
$audience,
$user_id,
$user_external_id,
$lifetime,
$application_type,
$allowed_return_uris,
$allowed_origins
) {
public static function createFromParams(array $token_info) {
$instance = new self();
$instance->value = $value;
$instance->scope = $scope;
$instance->client_id = $client_id;
$instance->user_id = $user_id;
$instance->user_external_id = $user_external_id;
$instance->value = $token_info['access_token'];
$instance->scope = $token_info['scope'];
$instance->client_id = $token_info['client_id'];
$instance->user_id = self::getValueFromInfo('user_id', $token_info);
$instance->user_external_id = self::getValueFromInfo('user_external_id', $token_info);
$instance->user_identifier = self::getValueFromInfo('user_identifier', $token_info);
$instance->user_email = self::getValueFromInfo('user_email', $token_info);
$instance->user_first_name = self::getValueFromInfo('user_first_name', $token_info);
$instance->user_last_name = self::getValueFromInfo('user_last_name', $token_info);
$instance->auth_code = null;
$instance->audience = $audience;
$instance->audience = $token_info['audience'];
$instance->refresh_token = null;
$instance->lifetime = intval($lifetime);
$instance->lifetime = intval($token_info['expires_in']);
$instance->is_hashed = false;
$instance->allowed_return_uris = $allowed_return_uris;
$instance->application_type = $application_type;
$instance->allowed_origins = $allowed_origins;
$instance->allowed_return_uris = self::getValueFromInfo('allowed_return_uris', $token_info);
$instance->application_type = $token_info['application_type'];
$instance->allowed_origins = self::getValueFromInfo('allowed_origins', $token_info);
return $instance;
}
@ -140,4 +147,36 @@ class AccessToken extends Token
{
}
/**
* @return null|string
*/
public function getUserIdentifier(): ?string
{
return $this->user_identifier;
}
/**
* @return null|string
*/
public function getUserEmail(): ?string
{
return $this->user_email;
}
/**
* @return null|string
*/
public function getUserFirstName(): ?string
{
return $this->user_first_name;
}
/**
* @return null|string
*/
public function getUserLastName(): ?string
{
return $this->user_last_name;
}
}

7
app/Models/OAuth2/IResourceServerContext.php
View File

@ -1,5 +1,7 @@
<?php namespace models\oauth2;
use models\main\Member;
/**
* Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
@ -66,4 +68,9 @@ interface IResourceServerContext
* @return void
*/
public function setAuthorizationContext(array $auth_context);
/**
* @return Member|null
*/
public function getCurrentUser():?Member;
}

87
app/Models/OAuth2/ResourceServerContext.php
View File

@ -11,6 +11,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use libs\utils\ITransactionService;
use models\main\IMemberRepository;
use models\main\Member;
/**
* Class ResourceServerContext
* @package models\oauth2
@ -18,6 +21,27 @@
final class ResourceServerContext implements IResourceServerContext
{
/**
* @var IMemberRepository
*/
private $member_repository;
/**
* @var ITransactionService
*/
private $tx_service;
/**
* ResourceServerContext constructor.
* @param IMemberRepository $member_repository
* @param ITransactionService $tx_service
*/
public function __construct(IMemberRepository $member_repository, ITransactionService $tx_service)
{
$this->member_repository = $member_repository;
$this->tx_service = $tx_service;
}
/**
* @var array
*/
@ -36,7 +60,7 @@ final class ResourceServerContext implements IResourceServerContext
*/
public function getCurrentAccessToken()
{
return isset($this->auth_context['access_token']) ? $this->auth_context['access_token'] : null;
return $this->getAuthContextVar('access_token');
}
@ -45,7 +69,7 @@ final class ResourceServerContext implements IResourceServerContext
*/
public function getCurrentAccessTokenLifetime()
{
return isset($this->auth_context['expires_in']) ? $this->auth_context['expires_in'] : null;
return $this->getAuthContextVar('expires_in');
}
/**
@ -53,7 +77,7 @@ final class ResourceServerContext implements IResourceServerContext
*/
public function getCurrentClientId()
{
return isset($this->auth_context['client_id']) ? $this->auth_context['client_id'] : null;
return $this->getAuthContextVar('client_id');
}
/**
@ -61,7 +85,7 @@ final class ResourceServerContext implements IResourceServerContext
*/
public function getCurrentUserId()
{
return isset($this->auth_context['user_id']) ? intval($this->auth_context['user_id']) : null;
return $this->getAuthContextVar('user_id');
}
/**
@ -74,11 +98,11 @@ final class ResourceServerContext implements IResourceServerContext
}
/**
* @return int
* @return int|null
*/
public function getCurrentUserExternalId()
{
return isset($this->auth_context['user_external_id']) ? intval($this->auth_context['user_external_id']) : null;
return $this->getAuthContextVar('user_external_id');
}
/**
@ -86,6 +110,55 @@ final class ResourceServerContext implements IResourceServerContext
*/
public function getApplicationType()
{
return isset($this->auth_context['application_type']) ? $this->auth_context['application_type'] : null;
return $this->getAuthContextVar('application_type');
}
private function getAuthContextVar(string $varName){
return isset($this->auth_context[$varName]) ? $this->auth_context[$varName] : null;
}
/**
* @return Member|null
* @throws \Exception
*/
public function getCurrentUser(): ?Member
{
return $this->tx_service->transaction(function() {
$member = null;
// legacy test
$id = $this->getCurrentUserExternalId();
if(is_null($id)) return null;
// get by id ( legacy test)
$member = $this->member_repository->getById(intval($id));
// is null
if(is_null($member)){
$id = $this->getCurrentUserId();
if(is_null($id)) return null;
$member = $this->member_repository->getById(intval($id));
}
if(is_null($member)){
$user_external_id = $this->getAuthContextVar('user_id');
$user_first_name = $this->getAuthContextVar('user_first_name');
$user_last_name = $this->getAuthContextVar('user_last_name');
$user_email = $this->getAuthContextVar('user_email');
// at last resort try to get by email
$member = $this->member_repository->getByEmail($user_email);
if(is_null($member)) // user exist on IDP but not in our local DB, proceed to create it
$member = new Member();
$member->setEmail($user_email);
$member->setFirstName($user_first_name);
$member->setLastName($user_last_name);
$member->setUserExternalId($user_external_id);
if($member->getId() == 0)
$this->member_repository->add($member);
}
return $member;
});
}
}

75
app/Models/ResourceServer/AccessTokenService.php
View File

@ -1,5 +1,4 @@
<?php namespace App\Models\ResourceServer;
/**
* Copyright 2015 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
@ -29,6 +28,23 @@ use Illuminate\Support\Facades\Log;
final class AccessTokenService implements IAccessTokenService
{
static $access_token_keys = [
'access_token',
'scope',
'client_id',
'audience',
'expires_in',
'application_type',
'allowed_return_uris',
'allowed_origins',
'user_external_id',
'user_identifier',
'user_id',
'user_email',
'user_first_name',
'user_last_name',
];
/**
* @var ICacheService
*/
@ -58,18 +74,7 @@ final class AccessTokenService implements IAccessTokenService
throw new InvalidGrantTypeException(OAuth2Protocol::OAuth2Protocol_Error_InvalidToken);
}
$token_info = $this->cache_service->getHash(md5($token_value),[
'access_token',
'scope',
'client_id',
'audience',
'user_id',
'user_external_id',
'expires_in',
'application_type',
'allowed_return_uris',
'allowed_origins'
]);
$token_info = $this->cache_service->getHash(md5($token_value), self::$access_token_keys);
if (count($token_info) === 0)
{
@ -109,19 +114,8 @@ final class AccessTokenService implements IAccessTokenService
* @return AccessToken
*/
private function unSerializeToken(array $token_info){
$token = AccessToken::createFromParams
(
$token_info['access_token'],
$token_info['scope'],
$token_info['client_id'],
$token_info['audience'],
isset($token_info['user_id'])? intval($token_info['user_id']):null,
isset($token_info['user_external_id'])? intval($token_info['user_external_id']) : null,
(int)$token_info['expires_in'],
$token_info['application_type'],
isset($token_info['allowed_return_uris']) ? $token_info['allowed_return_uris'] : null,
isset($token_info['allowed_origins']) ? $token_info['allowed_origins'] : null
);
$token = AccessToken::createFromParams($token_info);
$str_token_info = "";
foreach($token_info as $k => $v){
@ -140,7 +134,29 @@ final class AccessTokenService implements IAccessTokenService
Log::debug("getting token from remote call ...");
$cache_lifetime = intval(Config::get('server.access_token_cache_lifetime', 300));
$token_info = $this->doIntrospectionRequest($token_value);
$this->cache_service->storeHash(md5($token_value), $token_info, $cache_lifetime );
// legacy fix
if(!array_key_exists("user_external_id" , $token_info)){
$token_info['user_external_id'] = null;
}
if(!array_key_exists("user_identifier" , $token_info)){
$token_info['user_identifier'] = null;
}
if(!array_key_exists("user_email" , $token_info)){
$token_info['user_email'] = null;
}
if(!array_key_exists("user_first_name" , $token_info)){
$token_info['user_first_name'] = null;
}
if(!array_key_exists("user_last_name" , $token_info)){
$token_info['user_last_name'] = null;
}
$this->cache_service->storeHash(md5($token_value), $token_info, $cache_lifetime);
return $token_info;
}
@ -194,10 +210,7 @@ final class AccessTokenService implements IAccessTokenService
// invalid content type
throw new \Exception($response->getBody());
}
$token_info = json_decode($response->getBody()->getContents(), true);
return $token_info;
return json_decode($response->getBody()->getContents(), true);
}
catch (RequestException $ex) {

8
app/Repositories/SilverStripeDoctrineRepository.php
View File

@ -66,13 +66,9 @@ abstract class SilverStripeDoctrineRepository extends DoctrineRepository
*/
protected static function isCurrentMemberOnGroup($group_code){
$resource_server_ctx = App::make(\models\oauth2\IResourceServerContext::class);
$member_repository = App::make(\models\main\IMemberRepository::class);
$member_id = $resource_server_ctx->getCurrentUserExternalId();
if(is_null($member_id)) return false;
$member = $member_repository->getById($member_id);
if (!is_null($member)){
$member = $resource_server_ctx->getCurrentUser();
if(is_null($member)) return false;
return $member->isOnGroup($group_code);
}
return false;
}
}

11
app/Repositories/Summit/DoctrineMemberRepository.php
View File

@ -152,4 +152,15 @@ final class DoctrineMemberRepository
->getQuery()
->getOneOrNullResult();
}
/**
* @param int $external_id
* @return Member|null
*/
public function getByExternalId(int $external_id): ?Member
{
return $this->findOneBy([
'user_external_id' => $external_id
]);
}
}

25
app/Services/Model/ChatTeamService.php
View File

@ -117,10 +117,8 @@ final class ChatTeamService implements IChatTeamService
*/
function updateTeam(array $data, $team_id){
return $this->tx_service->transaction(function () use($data, $team_id){
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) throw new EntityNotFoundException();
$current_member = $this->member_repository->getById($current_member_id);
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) throw new EntityNotFoundException();
$team = $this->repository->getById($team_id);
@ -146,10 +144,7 @@ final class ChatTeamService implements IChatTeamService
{
$this->tx_service->transaction(function() use($team_id){
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) throw new EntityNotFoundException();
$current_member = $this->member_repository->getById($current_member_id);
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) throw new EntityNotFoundException();
$team = $this->repository->getById($team_id);
@ -176,10 +171,10 @@ final class ChatTeamService implements IChatTeamService
$team = $this->repository->getById($team_id);
if(is_null($team)) throw new EntityNotFoundException();
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) throw new EntityNotFoundException();
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) throw new EntityNotFoundException();
$inviter = $this->member_repository->getById($current_member_id);
$inviter = $this->member_repository->getById($current_member->getId());
if (is_null($inviter)) throw new EntityNotFoundException();
$invitee = $this->member_repository->getById($invitee_id);
@ -284,10 +279,7 @@ final class ChatTeamService implements IChatTeamService
{
$this->tx_service->transaction(function() use($member_id, $team_id){
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) throw new EntityNotFoundException();
$current_member = $this->member_repository->getById($current_member_id);
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) throw new EntityNotFoundException();
$team_member = $this->member_repository->getById($member_id);
@ -318,10 +310,7 @@ final class ChatTeamService implements IChatTeamService
{
return $this->tx_service->transaction(function() use($team_id, $values){
$current_member_id = $this->resource_server_context->getCurrentUserExternalId();
if (is_null($current_member_id)) throw new EntityNotFoundException();
$current_member = $this->member_repository->getById($current_member_id);
$current_member = $this->resource_server_context->getCurrentUser();
if (is_null($current_member)) throw new EntityNotFoundException();
$team = $this->repository->getById($team_id);

51
database/migrations/model/Version20190728200547.php Normal file
View File

@ -0,0 +1,51 @@
<?php namespace Database\Migrations\Model;
/**
* Copyright 2019 OpenStack Foundation
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
use Doctrine\Migrations\AbstractMigration;
use Doctrine\DBAL\Schema\Schema as Schema;
use LaravelDoctrine\Migrations\Schema\Table;
use LaravelDoctrine\Migrations\Schema\Builder;
/**
* Class Version20190728200547
* @package Database\Migrations\Model
*/
class Version20190728200547 extends AbstractMigration
{
/**
* @param Schema $schema
*/
public function up(Schema $schema)
{
$builder = new Builder($schema);
if($schema->hasTable("Member") && !$builder->hasColumn("Member", "ExternalUserId")) {
$builder->table('Member', function (Table $table) {
$table->integer("ExternalUserId")->setNotnull(false);
$table->text("ExternalUserIdentifier")->setNotnull(false);
});
}
}
/**
* @param Schema $schema
*/
public function down(Schema $schema)
{
$builder = new Builder($schema);
if($schema->hasTable("Member") && $builder->hasColumn("Member", "ExternalUserId")) {
$builder->table('Member', function (Table $table) {
$table->dropColumn("ExternalUserId")->setNotnull(false);
$table->dropColumn("ExternalUserIdentifier")->setNotnull(false);
});
}
}
}

30
tests/ProtectedApiTest.php
View File

@ -71,7 +71,20 @@ class AccessTokenServiceStub implements IAccessTokenService
sprintf(SummitScopes::WriteMyBookableRoomsReservationData, $url),
);
return AccessToken::createFromParams('123456789', implode(' ', $scopes), '1', $realm, '1','11624', 3600, 'WEB_APPLICATION', '', '');
return AccessToken::createFromParams(
[
'access_token' => '123456789',
'scope' => implode(' ', $scopes),
'client_id' => '1',
'audience' => $realm,
'user_id' => '1',
'user_external_id' => '11624',
'expires_in' => 3600,
'application_type' => 'WEB_APPLICATION',
'allowed_return_uris' => '',
'allowed_origins' => ''
]
);
}
}
@ -125,7 +138,20 @@ class AccessTokenServiceStub2 implements IAccessTokenService
sprintf(SummitScopes::WriteMyBookableRoomsReservationData, $url),
);
return AccessToken::createFromParams('123456789', implode(' ', $scopes), '1', $realm, null,null, 3600, 'SERVICE', '', '');
return AccessToken::createFromParams(
[
'access_token' => '123456789',
'scope' => implode(' ', $scopes),
'client_id' => '1',
'audience' => $realm,
'user_id' => null,
'user_external_id' => null,
'expires_in' => 3600,
'application_type' => 'SERVICE',
'allowed_return_uris' => '',
'allowed_origins' => ''
]
);
}
}
/**