Cleanup
This commit is contained in:
@@ -10,26 +10,6 @@ namespace Core\API {
|
||||
public function __construct(Context $context, bool $externalCall = false, array $params = array()) {
|
||||
parent::__construct($context, $externalCall, $params);
|
||||
}
|
||||
|
||||
protected function apiKeyExists(int $id): bool {
|
||||
$sql = $this->context->getSQL();
|
||||
$res = $sql->select($sql->count())
|
||||
->from("ApiKey")
|
||||
->whereEq("id", $id)
|
||||
->whereEq("user_id", $this->context->getUser()->getId())
|
||||
->whereGt("valid_until", $sql->currentTimestamp())
|
||||
->whereEq("active", 1)
|
||||
->execute();
|
||||
|
||||
$this->success = ($res !== FALSE);
|
||||
$this->lastError = $sql->getLastError();
|
||||
|
||||
if($this->success && $res[0]["count"] === 0) {
|
||||
return $this->createError("This API-Key does not exist.");
|
||||
}
|
||||
|
||||
return $this->success;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -115,22 +95,20 @@ namespace Core\API\ApiKey {
|
||||
}
|
||||
|
||||
public function _execute(): bool {
|
||||
$sql = $this->context->getSQL();
|
||||
$id = $this->getParam("id");
|
||||
if (!$this->apiKeyExists($id)) {
|
||||
return false;
|
||||
$apiKey = ApiKey::find($sql, $id);
|
||||
if ($apiKey === false) {
|
||||
return $this->createError("Error fetching API-Key details: " . $sql->getLastError());
|
||||
} else if ($apiKey === null) {
|
||||
return $this->createError("API-Key does not exit");
|
||||
}
|
||||
|
||||
$validUntil = (new \DateTime())->modify("+30 DAY");
|
||||
$sql = $this->context->getSQL();
|
||||
$this->success = $sql->update("ApiKey")
|
||||
->set("valid_until", $validUntil)
|
||||
->whereEq("id", $id)
|
||||
->whereEq("user_id", $this->context->getUser()->getId())
|
||||
->execute();
|
||||
$this->success = $apiKey->refresh($sql, 30) !== false;
|
||||
$this->lastError = $sql->getLastError();
|
||||
|
||||
if ($this->success) {
|
||||
$this->result["valid_until"] = $validUntil;
|
||||
$this->result["validUntil"] = $apiKey->getValidUntil()->getTimestamp();
|
||||
}
|
||||
|
||||
return $this->success;
|
||||
@@ -147,17 +125,16 @@ namespace Core\API\ApiKey {
|
||||
}
|
||||
|
||||
public function _execute(): bool {
|
||||
$sql = $this->context->getSQL();
|
||||
$id = $this->getParam("id");
|
||||
if (!$this->apiKeyExists($id)) {
|
||||
return false;
|
||||
$apiKey = ApiKey::find($sql, $id);
|
||||
if ($apiKey === false) {
|
||||
return $this->createError("Error fetching API-Key details: " . $sql->getLastError());
|
||||
} else if ($apiKey === null) {
|
||||
return $this->createError("API-Key does not exit");
|
||||
}
|
||||
|
||||
$sql = $this->context->getSQL();
|
||||
$this->success = $sql->update("ApiKey")
|
||||
->set("active", false)
|
||||
->whereEq("id", $id)
|
||||
->whereEq("user_id", $this->context->getUser()->getId())
|
||||
->execute();
|
||||
$this->success = $apiKey->revoke($sql);
|
||||
$this->lastError = $sql->getLastError();
|
||||
|
||||
return $this->success;
|
||||
|
||||
@@ -128,10 +128,7 @@ namespace Core\API\Groups {
|
||||
|
||||
$sql = $this->context->getSQL();
|
||||
|
||||
$group = new Group();
|
||||
$group->name = $name;
|
||||
$group->color = $color;
|
||||
|
||||
$group = new Group(null, $name, $color);
|
||||
$this->success = ($group->save($sql) !== FALSE);
|
||||
$this->lastError = $sql->getLastError();
|
||||
|
||||
|
||||
26
Core/API/Info.class.php
Normal file
26
Core/API/Info.class.php
Normal file
@@ -0,0 +1,26 @@
|
||||
<?php
|
||||
|
||||
namespace Core\API;
|
||||
|
||||
use Core\Objects\Context;
|
||||
|
||||
class Info extends Request {
|
||||
|
||||
public function __construct(Context $context, bool $externalCall = false) {
|
||||
parent::__construct($context, $externalCall, []);
|
||||
$this->csrfTokenRequired = false;
|
||||
}
|
||||
|
||||
protected function _execute(): bool {
|
||||
|
||||
$settings = $this->context->getSettings();
|
||||
$this->result["info"] = [
|
||||
"registrationAllowed" => $settings->isRegistrationAllowed(),
|
||||
"recaptchaEnabled" => $settings->isRecaptchaEnabled(),
|
||||
"version" => WEBBASE_VERSION,
|
||||
"siteName" => $settings->getSiteName(),
|
||||
];
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -54,18 +54,18 @@ namespace Core\API\Language {
|
||||
|
||||
public function __construct(Context $context, $externalCall = false) {
|
||||
parent::__construct($context, $externalCall, array(
|
||||
'langId' => new Parameter('langId', Parameter::TYPE_INT, true, NULL),
|
||||
'langCode' => new StringType('langCode', 5, true, NULL),
|
||||
'id' => new Parameter('id', Parameter::TYPE_INT, true, NULL),
|
||||
'code' => new StringType('code', 5, true, NULL),
|
||||
));
|
||||
|
||||
}
|
||||
|
||||
private function checkLanguage(): bool {
|
||||
$langId = $this->getParam("langId");
|
||||
$langCode = $this->getParam("langCode");
|
||||
$langId = $this->getParam("id");
|
||||
$langCode = $this->getParam("code");
|
||||
|
||||
if (is_null($langId) && is_null($langCode)) {
|
||||
return $this->createError(L("Either langId or langCode must be given"));
|
||||
return $this->createError(L("Either 'id' or 'code' must be given"));
|
||||
}
|
||||
|
||||
$sql = $this->context->getSQL();
|
||||
@@ -88,15 +88,10 @@ namespace Core\API\Language {
|
||||
}
|
||||
|
||||
private function updateLanguage(): bool {
|
||||
$languageId = $this->language->getId();
|
||||
$userId = $this->context->getUser()->getId();
|
||||
$sql = $this->context->getSQL();
|
||||
|
||||
$this->success = $sql->update("User")
|
||||
->set("language_id", $languageId)
|
||||
->whereEq("id", $userId)
|
||||
->execute();
|
||||
|
||||
$currentUser = $this->context->getUser();
|
||||
$currentUser->language = $this->language;
|
||||
$this->success = $currentUser->save($sql, ["language_id"]);
|
||||
$this->lastError = $sql->getLastError();
|
||||
return $this->success;
|
||||
}
|
||||
|
||||
@@ -27,7 +27,7 @@ namespace Core\API {
|
||||
}
|
||||
|
||||
$route->setActive($active);
|
||||
$this->success = $route->save($sql);
|
||||
$this->success = $route->save($sql, ["active"]);
|
||||
$this->lastError = $sql->getLastError();
|
||||
return $this->success && $this->regenerateCache();
|
||||
}
|
||||
|
||||
@@ -142,13 +142,13 @@ namespace Core\API\TFA {
|
||||
if ($twoFactorToken && $twoFactorToken->isConfirmed()) {
|
||||
return $this->createError("You already added a two factor token");
|
||||
} else if (!($twoFactorToken instanceof TimeBasedTwoFactorToken)) {
|
||||
$twoFactorToken = new TimeBasedTwoFactorToken(generateRandomString(32, "base32"));
|
||||
$sql = $this->context->getSQL();
|
||||
$twoFactorToken = new TimeBasedTwoFactorToken(generateRandomString(32, "base32"));
|
||||
$this->success = $twoFactorToken->save($sql) !== false;
|
||||
$this->lastError = $sql->getLastError();
|
||||
if ($this->success) {
|
||||
$currentUser->setTwoFactorToken($twoFactorToken);
|
||||
$this->success = $currentUser->save($sql);
|
||||
$this->success = $currentUser->save($sql, ["two_factor_token_id"]);
|
||||
$this->lastError = $sql->getLastError();
|
||||
}
|
||||
|
||||
|
||||
@@ -503,7 +503,7 @@ namespace Core\API\User {
|
||||
} else {
|
||||
$user->password = $this->hashPassword($password);
|
||||
$user->confirmed = true;
|
||||
if ($user->save($sql)) {
|
||||
if ($user->save($sql, ["password", "confirmed"])) {
|
||||
$userToken->invalidate($sql);
|
||||
return true;
|
||||
} else {
|
||||
@@ -542,7 +542,7 @@ namespace Core\API\User {
|
||||
return $this->createError("Your email address is already confirmed.");
|
||||
} else {
|
||||
$user->confirmed = true;
|
||||
if ($user->save($sql)) {
|
||||
if ($user->save($sql, ["confirmed"])) {
|
||||
$userToken->invalidate($sql);
|
||||
return true;
|
||||
} else {
|
||||
@@ -826,20 +826,37 @@ namespace Core\API\User {
|
||||
}
|
||||
}
|
||||
|
||||
if ($usernameChanged) $user->name = $username;
|
||||
if ($fullNameChanged) $user->fullName = $fullName;
|
||||
if ($emailChanged) $user->email = $email;
|
||||
if (!is_null($password)) $user->password = $this->hashPassword($password);
|
||||
$columnsToUpdate = [];
|
||||
if ($usernameChanged) {
|
||||
$user->name = $username;
|
||||
$columnsToUpdate[] = "name";
|
||||
}
|
||||
|
||||
if ($fullNameChanged) {
|
||||
$user->fullName = $fullName;
|
||||
$columnsToUpdate[] = "full_name";
|
||||
}
|
||||
|
||||
if ($emailChanged) {
|
||||
$user->email = $email;
|
||||
$columnsToUpdate[] = "email";
|
||||
}
|
||||
|
||||
if (!is_null($password)) {
|
||||
$user->password = $this->hashPassword($password);
|
||||
$columnsToUpdate[] = "password";
|
||||
}
|
||||
|
||||
if (!is_null($confirmed)) {
|
||||
if ($id === $currentUser->getId() && $confirmed === false) {
|
||||
return $this->createError("Cannot make own account unconfirmed.");
|
||||
} else {
|
||||
$user->confirmed = $confirmed;
|
||||
$columnsToUpdate[] = "confirmed";
|
||||
}
|
||||
}
|
||||
|
||||
if ($user->save($sql)) {
|
||||
if (empty($columnsToUpdate) || $user->save($sql, $columnsToUpdate)) {
|
||||
|
||||
$deleteQuery = $sql->delete("UserGroup")->whereEq("user_id", $id);
|
||||
$insertQuery = $sql->insert("UserGroup", array("user_id", "group_id"));
|
||||
@@ -1270,7 +1287,7 @@ namespace Core\API\User {
|
||||
|
||||
if ($this->success) {
|
||||
$currentUser->gpgKey = $gpgKey;
|
||||
if ($currentUser->save($sql)) {
|
||||
if ($currentUser->save($sql, ["gpg_key_id"])) {
|
||||
$this->result["gpg"] = $gpgKey->jsonSerialize();
|
||||
} else {
|
||||
return $this->createError("Error updating user details: " . $sql->getLastError());
|
||||
@@ -1524,7 +1541,7 @@ namespace Core\API\User {
|
||||
|
||||
$sql = $this->context->getSQL();
|
||||
$currentUser->profilePicture = $fileName;
|
||||
if ($currentUser->save($sql)) {
|
||||
if ($currentUser->save($sql, ["profile_picture"])) {
|
||||
$this->result["profilePicture"] = $fileName;
|
||||
} else {
|
||||
return $this->createError("Error updating user details: " . $sql->getLastError());
|
||||
@@ -1551,7 +1568,7 @@ namespace Core\API\User {
|
||||
}
|
||||
|
||||
$currentUser->profilePicture = null;
|
||||
if (!$currentUser->save($sql)) {
|
||||
if (!$currentUser->save($sql, ["profile_picture"])) {
|
||||
return $this->createError("Error updating user details: " . $sql->getLastError());
|
||||
}
|
||||
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
namespace Core\Objects\DatabaseEntity;
|
||||
|
||||
use Core\Driver\SQL\SQL;
|
||||
use Core\Objects\DatabaseEntity\Attribute\MaxLength;
|
||||
use Core\Objects\DatabaseEntity\Controller\DatabaseEntity;
|
||||
|
||||
@@ -25,4 +26,18 @@ class ApiKey extends DatabaseEntity {
|
||||
"validUntil" => $this->validUntil->getTimestamp()
|
||||
];
|
||||
}
|
||||
|
||||
public function getValidUntil(): \DateTime {
|
||||
return $this->validUntil;
|
||||
}
|
||||
|
||||
public function refresh(SQL $sql, int $days): bool {
|
||||
$this->validUntil = (new \DateTime())->modify("+$days days");
|
||||
return $this->save($sql, ["valid_until"]);
|
||||
}
|
||||
|
||||
public function revoke(SQL $sql): bool {
|
||||
$this->active = false;
|
||||
return $this->save($sql, ["active"]);
|
||||
}
|
||||
}
|
||||
@@ -75,6 +75,7 @@ abstract class DatabaseEntity {
|
||||
}
|
||||
}
|
||||
|
||||
// TODO: rather take property names here instead of $columns? and translate then using DatabaseEntityHandler::columns[$propertyName]
|
||||
public function save(SQL $sql, ?array $columns = null, bool $saveNM = false): bool {
|
||||
$handler = self::getHandler($sql);
|
||||
$res = $handler->insertOrUpdate($this, $columns, $saveNM);
|
||||
|
||||
@@ -136,6 +136,6 @@ class GpgKey extends DatabaseEntity {
|
||||
|
||||
public function confirm(SQL $sql): bool {
|
||||
$this->confirmed = true;
|
||||
return $this->save($sql);
|
||||
return $this->save($sql, ["confirmed"]);
|
||||
}
|
||||
}
|
||||
@@ -118,7 +118,7 @@ class MailQueueItem extends DatabaseEntity {
|
||||
$this->status = self::STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
$this->save($context->getSQL());
|
||||
$this->save($context->getSQL(), ["status", "retry_count", "next_try", "error_message"]);
|
||||
return $success;
|
||||
}
|
||||
}
|
||||
@@ -109,7 +109,7 @@ class Session extends DatabaseEntity {
|
||||
public function destroy(): bool {
|
||||
session_destroy();
|
||||
$this->active = false;
|
||||
return $this->save($this->context->getSQL());
|
||||
return $this->save($this->context->getSQL(), ["active"]);
|
||||
}
|
||||
|
||||
public function update(): bool {
|
||||
@@ -120,7 +120,7 @@ class Session extends DatabaseEntity {
|
||||
|
||||
$sql = $this->context->getSQL();
|
||||
return $this->user->update($sql) &&
|
||||
$this->save($sql);
|
||||
$this->save($sql, ["expires", "data"]);
|
||||
}
|
||||
|
||||
public function getCsrfToken(): string {
|
||||
|
||||
@@ -55,7 +55,7 @@ class UserToken extends DatabaseEntity {
|
||||
|
||||
public function invalidate(SQL $sql): bool {
|
||||
$this->used = true;
|
||||
return $this->save($sql);
|
||||
return $this->save($sql, ["used"]);
|
||||
}
|
||||
|
||||
public function getUser(): User {
|
||||
@@ -64,7 +64,7 @@ class UserToken extends DatabaseEntity {
|
||||
|
||||
public function updateDurability(SQL $sql, int $validHours): bool {
|
||||
$this->validUntil = (new \DateTime())->modify("+$validHours HOURS");
|
||||
return $this->save($sql);
|
||||
return $this->save($sql, ["valid_until"]);
|
||||
}
|
||||
|
||||
public function getToken(): string {
|
||||
|
||||
Reference in New Issue
Block a user