web-base/Core/API/ApiKeyAPI.class.php

168 lines
4.9 KiB
PHP
Raw Normal View History

2020-06-20 20:13:51 +02:00
<?php
2022-11-18 18:06:46 +01:00
namespace Core\API {
2020-06-20 20:13:51 +02:00
2022-11-18 18:06:46 +01:00
use Core\Objects\Context;
2024-03-27 13:05:37 +01:00
use Core\Objects\DatabaseEntity\ApiKey;
2020-06-20 20:13:51 +02:00
2020-07-01 21:10:25 +02:00
abstract class ApiKeyAPI extends Request {
2020-06-20 20:13:51 +02:00
2022-06-20 19:52:31 +02:00
public function __construct(Context $context, bool $externalCall = false, array $params = array()) {
parent::__construct($context, $externalCall, $params);
}
2024-03-27 13:05:37 +01:00
protected function fetchAPIKey(int $apiKeyId): ApiKey|bool {
$sql = $this->context->getSQL();
$apiKey = ApiKey::find($sql, $apiKeyId);
if ($apiKey === false) {
return $this->createError("Error fetching API-Key details: " . $sql->getLastError());
} else if ($apiKey === null) {
return $this->createError("API-Key does not exit");
}
return $apiKey;
}
2020-06-20 20:13:51 +02:00
}
}
2022-11-18 18:06:46 +01:00
namespace Core\API\ApiKey {
2020-06-20 20:13:51 +02:00
2022-11-18 18:06:46 +01:00
use Core\API\ApiKeyAPI;
use Core\API\Parameter\Parameter;
2023-01-18 14:37:34 +01:00
use Core\API\Traits\Pagination;
2022-11-18 18:06:46 +01:00
use Core\Driver\SQL\Condition\Compare;
use Core\Driver\SQL\Condition\CondAnd;
2023-01-16 21:47:23 +01:00
use Core\Driver\SQL\Query\Insert;
2022-11-18 18:06:46 +01:00
use Core\Objects\Context;
use Core\Objects\DatabaseEntity\ApiKey;
2020-06-20 20:13:51 +02:00
class Create extends ApiKeyAPI {
2022-06-20 19:52:31 +02:00
public function __construct(Context $context, $externalCall = false) {
parent::__construct($context, $externalCall, array());
2020-06-20 20:13:51 +02:00
$this->apiKeyAllowed = false;
$this->loginRequired = true;
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2022-06-20 19:52:31 +02:00
$sql = $this->context->getSQL();
2023-01-18 14:37:34 +01:00
$currentUser = $this->context->getUser();
2020-06-20 20:13:51 +02:00
2023-01-18 14:37:34 +01:00
$apiKey = ApiKey::create($currentUser);
2022-06-20 19:52:31 +02:00
$this->success = $apiKey->save($sql);
2020-06-20 20:13:51 +02:00
$this->lastError = $sql->getLastError();
if ($this->success) {
2023-01-18 14:37:34 +01:00
$this->result["apiKey"] = $apiKey->jsonSerialize(
["id", "validUntil", "token", "active"]
);
2020-06-20 20:13:51 +02:00
}
2022-02-20 16:53:26 +01:00
2020-06-20 20:13:51 +02:00
return $this->success;
}
2023-01-16 21:47:23 +01:00
public static function getDefaultACL(Insert $insert): void {
2024-03-27 14:12:01 +01:00
$insert->addRow(self::getEndpoint(), [], "Allows users to create new API-Keys", true);
2023-01-16 21:47:23 +01:00
}
2020-06-20 20:13:51 +02:00
}
class Fetch extends ApiKeyAPI {
2023-01-18 14:37:34 +01:00
use Pagination;
2022-06-20 19:52:31 +02:00
public function __construct(Context $context, $externalCall = false) {
2023-01-18 14:37:34 +01:00
$params = $this->getPaginationParameters(["token", "validUntil", "active"]);
$params["showActiveOnly"] = new Parameter("showActiveOnly", Parameter::TYPE_BOOLEAN, true, true);
parent::__construct($context, $externalCall, $params);
2020-06-20 20:13:51 +02:00
$this->loginRequired = true;
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2022-06-20 19:52:31 +02:00
$sql = $this->context->getSQL();
2022-02-20 16:53:26 +01:00
2022-06-20 19:52:31 +02:00
$condition = new Compare("user_id", $this->context->getUser()->getId());
2022-02-20 16:53:26 +01:00
if ($this->getParam("showActiveOnly")) {
2022-06-20 19:52:31 +02:00
$condition = new CondAnd(
$condition,
new Compare("valid_until", $sql->currentTimestamp(), ">"),
new Compare("active", true)
);
2022-02-20 16:53:26 +01:00
}
2023-01-18 14:37:34 +01:00
if (!$this->initPagination($sql, ApiKey::class, $condition)) {
return false;
}
$apiKeys = $this->createPaginationQuery($sql)->execute();
$this->success = ($apiKeys !== FALSE && $apiKeys !== null);
2020-06-20 20:13:51 +02:00
$this->lastError = $sql->getLastError();
2022-06-20 19:52:31 +02:00
if ($this->success) {
2023-01-18 14:37:34 +01:00
$this->result["apiKeys"] = [];
2022-06-20 19:52:31 +02:00
foreach($apiKeys as $apiKey) {
2023-01-18 14:37:34 +01:00
$this->result["apiKeys"][] = $apiKey->jsonSerialize();
2020-06-20 20:13:51 +02:00
}
}
return $this->success;
}
2023-01-16 21:47:23 +01:00
public static function getDefaultACL(Insert $insert): void {
2024-03-27 14:12:01 +01:00
$insert->addRow(self::getEndpoint(), [], "Allows users to fetch new API-Keys", true);
2023-01-16 21:47:23 +01:00
}
2020-06-20 20:13:51 +02:00
}
class Refresh extends ApiKeyAPI {
2022-06-20 19:52:31 +02:00
public function __construct(Context $context, $externalCall = false) {
parent::__construct($context, $externalCall, array(
2020-06-20 20:13:51 +02:00
"id" => new Parameter("id", Parameter::TYPE_INT),
));
$this->loginRequired = true;
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2024-03-27 13:05:37 +01:00
$apiKey = $this->fetchAPIKey($this->getParam("id"));
if ($apiKey) {
$sql = $this->context->getSQL();
$this->success = $apiKey->refresh($sql, 30) !== false;
$this->lastError = $sql->getLastError();
if ($this->success) {
$this->result["validUntil"] = $apiKey->getValidUntil()->getTimestamp();
}
2020-06-20 20:13:51 +02:00
}
return $this->success;
}
2023-01-16 21:47:23 +01:00
public static function getDefaultACL(Insert $insert): void {
2024-03-27 14:12:01 +01:00
$insert->addRow(self::getEndpoint(), [], "Allows users to refresh API-Keys", true);
2023-01-16 21:47:23 +01:00
}
2020-06-20 20:13:51 +02:00
}
class Revoke extends ApiKeyAPI {
public function __construct($user, $externalCall = false) {
parent::__construct($user, $externalCall, array(
"id" => new Parameter("id", Parameter::TYPE_INT),
));
$this->loginRequired = true;
}
2022-02-21 13:01:03 +01:00
public function _execute(): bool {
2024-03-27 13:05:37 +01:00
$apiKey = $this->fetchAPIKey($this->getParam("id"));
if ($apiKey) {
$sql = $this->context->getSQL();
$this->success = $apiKey->revoke($sql);
$this->lastError = $sql->getLastError();
2022-06-20 19:52:31 +02:00
}
2020-06-20 20:13:51 +02:00
return $this->success;
}
2023-01-16 21:47:23 +01:00
public static function getDefaultACL(Insert $insert): void {
2024-03-27 14:12:01 +01:00
$insert->addRow(self::getEndpoint(), [], "Allows users to revoke API-Keys", true);
2023-01-16 21:47:23 +01:00
}
2020-06-20 20:13:51 +02:00
}
}