diff --git a/Vagrantfile b/Vagrantfile index f5b0e8933a..863b1be769 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -1,5 +1,16 @@ Vagrant.require_version ">= 1.5" +class MyCustomError < StandardError + attr_reader :code + + def initialize(code) + @code = code + end + + def to_s + "[#{code} #{super}]" + end +end # Check to determine whether we're on a windows or linux/os-x host, # later on we use this to launch ansible in the supported way # source: https://stackoverflow.com/questions/2108727/which-in-ruby-checking-if-program-exists-in-path-from-ruby @@ -56,6 +67,7 @@ def config_net(config) vb.customize ["modifyvm", :id, "--hostonlyadapter2", "vboxnet0"] else vb.customize ["modifyvm", :id, "--hostonlyadapter2", "VirtualBox Host-Only Ethernet Adapter"] + vb.customize ["setextradata", :id, "VBoxInternal2/SharedFoldersEnableSymlinksCreate/vagrant", "1"] end end config.hostmanager.ip_resolver = proc do |vm, resolving_vm| @@ -79,7 +91,9 @@ if $env == "mac" else if $env == "linux" $hostIps = `ifconfig | sed -nE 's/[[:space:]]*inet ([0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3})(.*)$/\\1/p'`.split("\n"); else - $hostIps = `resources/ansible/inventories/GetIpAdresses.cmd` + $hostIps = `resources/ansible/inventories/GetIpAdresses.cmd`; + # raise MyCustomError.new($hostIps), "HOST IP" + end end @@ -103,7 +117,7 @@ Vagrant.configure("2") do |config| end config.vm.box = "ubuntu/trusty64" - + config.ssh.forward_agent = true config_net(config) @@ -134,13 +148,19 @@ Vagrant.configure("2") do |config| } end else - config.vm.provision :shell, path: "resources/ansible/windows.sh", args: ["default", $phpVersion] + # raise MyCustomError.new([$hostname, $phpVersion, $hostIps]), "HOST IP" + # raise MyCustomError.new($hostIps), "HOST IP" + # raise MyCustomError.new($hostIps), "HOST IP" + + config.vm.provision :shell, path: "resources/ansible/windows.sh", args: [$hostname, $phpVersion, $hostIps] # config.vm.provision :shell, run: "always", path: "resources/ansible/windows-always.sh", args: ["default"] end if $env == "mac" || $env == "linux" config.vm.synced_folder "./", "/vagrant", type: "nfs", mount_options: ['rw', 'vers=3', 'tcp', 'fsc'] else - config.vm.synced_folder "./", "/vagrant", type: "smb", mount_options: ["vers=3.02","mfsymlinks"] +# config.vm.synced_folder "./", "/vagrant", type: "smb", mount_options: ["vers=3.02","mfsymlinks","noserverino"] + config.vm.synced_folder "./", "/vagrant" + end end \ No newline at end of file diff --git a/lib/Alchemy/Phrasea/Command/Developer/RegenerateSqliteDb.php b/lib/Alchemy/Phrasea/Command/Developer/RegenerateSqliteDb.php index a6d9606dee..9d1f07394f 100644 --- a/lib/Alchemy/Phrasea/Command/Developer/RegenerateSqliteDb.php +++ b/lib/Alchemy/Phrasea/Command/Developer/RegenerateSqliteDb.php @@ -251,6 +251,21 @@ class RegenerateSqliteDb extends Command $application->setClientSecret(\API_OAuth2_Application_OfficePlugin::CLIENT_SECRET); $this->container['manipulator.api-application']->update($application); + + $application = $this->container['manipulator.api-application']->create( + \API_OAuth2_Application_AdobeCCPlugin::CLIENT_NAME, + ApiApplication::DESKTOP_TYPE, + '', + 'http://www.phraseanet.com', + null, + ApiApplication::NATIVE_APP_REDIRECT_URI + ); + + $application->setGrantPassword(true); + $application->setClientId(\API_OAuth2_Application_AdobeCCPlugin::CLIENT_ID); + $application->setClientSecret(\API_OAuth2_Application_AdobeCCPlugin::CLIENT_SECRET); + + $this->container['manipulator.api-application']->update($application); } private function insertAuthFailures(EntityManager $em, \Pimple $DI) diff --git a/lib/Alchemy/Phrasea/Core/Event/Listener/OAuthListener.php b/lib/Alchemy/Phrasea/Core/Event/Listener/OAuthListener.php index ee8535f834..1ccbd0580a 100644 --- a/lib/Alchemy/Phrasea/Core/Event/Listener/OAuthListener.php +++ b/lib/Alchemy/Phrasea/Core/Event/Listener/OAuthListener.php @@ -89,6 +89,12 @@ class OAuthListener return Result::createError($request, 403, 'The use of Office Plugin is not allowed.')->createResponse(); } + if ($oAuth2App->getClientId() == \API_OAuth2_Application_AdobeCCPlugin::CLIENT_ID + && !$conf->get(['registry', 'api-clients', 'adobe_cc-enabled']) + ) { + return Result::createError($request, 403, 'The use of AdobeCC Plugin is not allowed.')->createResponse(); + } + $authentication = $this->getAuthenticator($app); if ($authentication->isAuthenticated()) { diff --git a/lib/Alchemy/Phrasea/Core/Event/Subscriber/PhraseaInstallSubscriber.php b/lib/Alchemy/Phrasea/Core/Event/Subscriber/PhraseaInstallSubscriber.php index 91d7efaaac..da083bd9ea 100644 --- a/lib/Alchemy/Phrasea/Core/Event/Subscriber/PhraseaInstallSubscriber.php +++ b/lib/Alchemy/Phrasea/Core/Event/Subscriber/PhraseaInstallSubscriber.php @@ -38,6 +38,7 @@ class PhraseaInstallSubscriber implements EventSubscriberInterface { $this->createNavigatorApplication(); $this->createOfficePluginApplication(); + $this->createAdobeCCPluginApplication(); $this->generateProxies(); } @@ -77,6 +78,24 @@ class PhraseaInstallSubscriber implements EventSubscriberInterface $this->app['manipulator.api-application']->update($application); } + private function createAdobeCCPluginApplication() + { + $application = $this->app['manipulator.api-application']->create( + \API_OAuth2_Application_AdobeCCPlugin::CLIENT_NAME, + ApiApplication::DESKTOP_TYPE, + '', + 'http://www.phraseanet.com', + null, + ApiApplication::NATIVE_APP_REDIRECT_URI + ); + + $application->setGrantPassword(true); + $application->setClientId(\API_OAuth2_Application_AdobeCCPlugin::CLIENT_ID); + $application->setClientSecret(\API_OAuth2_Application_AdobeCCPlugin::CLIENT_SECRET); + + $this->app['manipulator.api-application']->update($application); + } + private function generateProxies() { $process = new Process('php ' . $this->app['root.path']. '/bin/developer orm:generate:proxies'); diff --git a/lib/classes/API/OAuth2/Application/AdobeCCPlugin.php b/lib/classes/API/OAuth2/Application/AdobeCCPlugin.php new file mode 100644 index 0000000000..c8b7e581e5 --- /dev/null +++ b/lib/classes/API/OAuth2/Application/AdobeCCPlugin.php @@ -0,0 +1,17 @@ +release; + } + + /** + * {@inheritdoc} + */ + public function getDoctrineMigrations() + { + return []; + } + + /** + * {@inheritdoc} + */ + public function require_all_upgrades() + { + return false; + } + + /** + * {@inheritdoc} + */ + public function concern() + { + return $this->concern; + } + + /** + * {@inheritdoc} + */ + public function apply(base $databox, Application $app) + { + // create an api application for adobeCC + /** @var ApiApplicationRepository $repo */ + $repo = $app['repo.api-applications']; + if(!$repo->findByClientId(\API_OAuth2_Application_AdobeCCPlugin::CLIENT_ID)) { + + /** @var ApiApplicationManipulator $manipulator */ + $manipulator = $app['manipulator.api-application']; + + $application = $manipulator->create( + \API_OAuth2_Application_AdobeCCPlugin::CLIENT_NAME, + ApiApplication::DESKTOP_TYPE, + '', + 'http://www.phraseanet.com', + null, + ApiApplication::NATIVE_APP_REDIRECT_URI + ); + + $application->setGrantPassword(true); + $application->setClientId(\API_OAuth2_Application_AdobeCCPlugin::CLIENT_ID); + $application->setClientSecret(\API_OAuth2_Application_AdobeCCPlugin::CLIENT_SECRET); + + $manipulator->update($application); + } + return true; + } +} diff --git a/resources/ansible/inventories/GetIpAdresses.cmd b/resources/ansible/inventories/GetIpAdresses.cmd index 629750f581..0c98a47a08 100644 --- a/resources/ansible/inventories/GetIpAdresses.cmd +++ b/resources/ansible/inventories/GetIpAdresses.cmd @@ -14,8 +14,8 @@ for /f "usebackq tokens=*" %%a in (`ipconfig ^| findstr /i "ipv4"`) do ( set _o3=%%e set _o4=%%f rem strip leading space from first octet - set _3octet=!_o1:~1!.!_o2!.!_o3!. - echo !_3octet! + set _4octet=!_o1:~1!.!_o2!.!_o3!.!_o4! + echo !_4octet! ) ) ) diff --git a/resources/ansible/roles/app/tasks/main.yml b/resources/ansible/roles/app/tasks/main.yml index b31462a3c8..66de8ad0ea 100644 --- a/resources/ansible/roles/app/tasks/main.yml +++ b/resources/ansible/roles/app/tasks/main.yml @@ -32,35 +32,35 @@ - name: Run application setup become: yes become_user: vagrant - shell: 'bin/setup system:install --email=admin@{{ hostname }}.vb --password=admin --db-host=127.0.0.1 --db-port=3306 --db-user={{ mariadb.user }} --db-password={{ mariadb.password }} --db-template=en-simple --appbox={{ mariadb.appbox_db }} --databox={{ mariadb.databox_db }} --server-name=www.{{ hostname }}.vb --data-path=/vagrant/datas -y' + shell: 'php bin/setup system:install --email=admin@{{ hostname }}.vb --password=admin --db-host=127.0.0.1 --db-port=3306 --db-user={{ mariadb.user }} --db-password={{ mariadb.password }} --db-template=en-simple --appbox={{ mariadb.appbox_db }} --databox={{ mariadb.databox_db }} --server-name=www.{{ hostname }}.vb --data-path=/vagrant/datas -y' args: chdir: /vagrant/ - name: Create extra databox become: yes become_user: vagrant - shell: 'bin/console databox:create {{ mariadb.alt_databox_db }} admin@{{ hostname }}.vb' + shell: 'php bin/console databox:create {{ mariadb.alt_databox_db }} admin@{{ hostname }}.vb' args: chdir: /vagrant/ - name: Enable debugger for host IP addresses - shell: bin/setup system:config add debugger.allowed-ips "{{ item }}" + shell: php bin/setup system:config add debugger.allowed-ips "{{ item }}" with_items: '{{ host_addresses }}' args: chdir: /vagrant/ - name: Disable API SSL requirement - shell: bin/setup system:config set main.api_require_ssl false + shell: php bin/setup system:config set main.api_require_ssl false args: chdir: /vagrant/ - name: Enable API routes - shell: bin/setup system:config set registry.api-clients.api-enable true + shell: php bin/setup system:config set registry.api-clients.api-enable true args: chdir: /vagrant/ - name: Create ElasticSearch indexes - shell: bin/console s:i:c + shell: php bin/console s:i:c args: chdir: /vagrant/ diff --git a/resources/ansible/windows.sh b/resources/ansible/windows.sh index 5deb14bfa2..42e9c148ab 100644 --- a/resources/ansible/windows.sh +++ b/resources/ansible/windows.sh @@ -28,4 +28,4 @@ sudo apt-get install -y ansible cp /vagrant/resources/ansible/inventories/dev /etc/ansible/hosts -f chmod 666 /etc/ansible/hosts cat /vagrant/resources/ansible/files/authorized_keys >> /home/vagrant/.ssh/authorized_keys -sudo ansible-playbook /vagrant/resources/ansible/playbook.yml -e hostname=$1 phpversion=$2 --connection=local \ No newline at end of file +sudo ansible-playbook /vagrant/resources/ansible/playbook.yml -e "hostname=$1 phpversion=$2 host_addresses=$3" --connection=local \ No newline at end of file