From ba1a174e0b946264d75dfdeaf4c7829153dd7e0f Mon Sep 17 00:00:00 2001
From: "florian.azizian" <florian.azizian@maarch.org>
Date: Fri, 16 Apr 2021 12:20:10 +0200
Subject: [PATCH] FEAT #16831 TIME 1:45 Can set/get x509Fingerprint in users
API + doc
---
src/app/user/controllers/UserController.php | 27 +++++++++++++++++++--
src/app/user/models/UserModel.php | 5 ++--
2 files changed, 28 insertions(+), 4 deletions(-)
diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index 9c82bba361..b3d555b8e6 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -46,7 +46,7 @@ class UserController
{
$queryParams = $request->getQueryParams();
- $select = ['id', 'firstname', 'lastname', 'substitute'];
+ $select = ['id', 'firstname', 'lastname', 'substitute', 'x509_fingerprint'];
$where = [];
$queryData = [];
if (empty($queryParams['mode'])) {
@@ -65,8 +65,14 @@ class UserController
'orderBy' => ['lastname', 'firstname']
]);
+ $currentUser = UserModel::getById(['select' => ['"isRest"'], 'id' => $GLOBALS['id']]);
+
foreach ($users as $key => $user) {
$users[$key]['substitute'] = !empty($user['substitute']);
+ if ($currentUser['isRest']) {
+ $users[$key]['x509Fingerprint'] = $users[$key]['x509_fingerprint'];
+ }
+ unset($users[$key]['x509_fingerprint']);
}
return $response->withJson(['users' => $users]);
@@ -125,6 +131,8 @@ class UserController
return $response->withStatus(400)->withJson(['errors' => 'Body lastname is empty or not a string']);
} elseif (empty($body['email']) || !filter_var($body['email'], FILTER_VALIDATE_EMAIL) || !Validator::stringType()->notEmpty()->length(1, 128)->validate($body['email'])) {
return $response->withStatus(400)->withJson(['errors' => 'Body email is empty or not a valid email']);
+ } elseif (!empty($body['x509Fingerprint']) && !Validator::stringType()->validate($body['x509Fingerprint'])) {
+ return $response->withStatus(400)->withJson(['errors' => 'Body x509Fingerprint is not a string']);
}
$body['login'] = strtolower($body['login']);
@@ -132,6 +140,8 @@ class UserController
if (!empty($existingUser)) {
return $response->withStatus(400)->withJson(['errors' => 'Login already exists', 'lang' => 'userLoginAlreadyExists']);
}
+
+ $body['x509_fingerprint'] = $body['x509Fingerprint'];
if (!empty($body['isRest'])) {
$body['"isRest"'] = true;
@@ -191,6 +201,8 @@ class UserController
return $response->withStatus(400)->withJson(['errors' => 'Body lastname is empty or not a string']);
} elseif (empty($body['email']) || !filter_var($body['email'], FILTER_VALIDATE_EMAIL) || !Validator::stringType()->notEmpty()->length(1, 128)->validate($body['email'])) {
return $response->withStatus(400)->withJson(['errors' => 'Body email is empty or not a valid email']);
+ } elseif (!empty($body['x509Fingerprint']) && !Validator::stringType()->validate($body['x509Fingerprint'])) {
+ return $response->withStatus(400)->withJson(['errors' => 'Body x509Fingerprint is not a string']);
}
$user = UserModel::getById(['id' => $args['id'], 'select' => [1]]);
@@ -205,6 +217,11 @@ class UserController
'signature_modes' => []
];
+ $currentUser = UserModel::getById(['select' => ['"isRest"'], 'id' => $GLOBALS['id']]);
+ if ($currentUser['isRest']) {
+ $set['x509_fingerprint'] = $body['x509Fingerprint'];
+ }
+
if (!empty($body['signatureModes'])) {
if (!Validator::arrayType()->validate($body['signatureModes'])) {
return $response->withStatus(400)->withJson(['errors' => 'Body signatureModes is not an array']);
@@ -710,7 +727,7 @@ class UserController
ValidatorModel::notEmpty($args, ['id']);
ValidatorModel::intVal($args, ['id']);
- $user = UserModel::getById(['select' => ['id', 'login', 'email', 'firstname', 'lastname', 'picture', 'preferences', 'substitute', '"isRest"', 'signature_modes'], 'id' => $args['id']]);
+ $user = UserModel::getById(['select' => ['id', 'login', 'email', 'firstname', 'lastname', 'picture', 'preferences', 'substitute', '"isRest"', 'signature_modes', 'x509_fingerprint'], 'id' => $args['id']]);
if (empty($user)) {
return [];
}
@@ -736,6 +753,12 @@ class UserController
}
}
+ $currentUser = UserModel::getById(['select' => ['"isRest"'], 'id' => $GLOBALS['id']]);
+ if ($currentUser['isRest']) {
+ $user['x509Fingerprint'] = $user['x509_fingerprint'];
+ }
+ unset($user['x509_fingerprint']);
+
return $user;
}
}
diff --git a/src/app/user/models/UserModel.php b/src/app/user/models/UserModel.php
index 87e245b07c..0074f0e4bd 100755
--- a/src/app/user/models/UserModel.php
+++ b/src/app/user/models/UserModel.php
@@ -80,7 +80,7 @@ class UserModel
public static function create(array $args)
{
ValidatorModel::notEmpty($args, ['login', 'email', 'firstname', 'lastname', 'picture']);
- ValidatorModel::stringType($args, ['login', 'email', 'firstname', 'lastname', 'picture', 'mode', 'signatureModes']);
+ ValidatorModel::stringType($args, ['login', 'email', 'firstname', 'lastname', 'picture', 'mode', 'signatureModes', 'x509_fingerprint']);
if (empty($args['password'])) {
$args['password'] = AuthenticationModel::generatePassword();
@@ -99,7 +99,8 @@ class UserModel
'"isRest"' => empty($args['isRest']) ? 'false' : 'true',
'picture' => $args['picture'],
'password_modification_date' => 'CURRENT_TIMESTAMP',
- 'signature_modes' => $args['signatureModes']
+ 'signature_modes' => $args['signatureModes'],
+ 'x509_fingerprint' => $args['x509_fingerprint'],
]
]);
--
GitLab