hazza/Phraseanet
1
0
Fork 0
mirror of https://github.com/alchemy-fr/Phraseanet.git synced 2025-10-13 21:13:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Delete references to API_OAuth2_Account class

Browse Source
This commit is contained in:
Nicolas Le Goff
2014-03-06 12:35:56 +01:00
parent 36cabf2d6a
commit fd38ec9b79
9 changed files with 34 additions and 312 deletions
Download Patch File Download Diff File Expand all files Collapse all files

263
lib/classes/API/OAuth2/Account.php
View File

@@ -1,263 +0,0 @@
<?php
/*
* This file is part of Phraseanet
*
* (c) 2005-2014 Alchemy
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
use Alchemy\Phrasea\Application;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Alchemy\Phrasea\Model\Entities\User;
class API_OAuth2_Account
{
/**
*
* @var Application
*/
protected $app;
/**
*
* @var int
*/
protected $id;
/**
*
* @var User
*/
protected $user;
/**
*
* @var API_OAuth2_Application
*/
protected $application;
/**
*
* @var int
*/
protected $application_id;
/**
*
* @var string
*/
protected $api_version;
/**
*
* @var boolean
*/
protected $revoked;
/**
*
* @var DateTime
*/
protected $created_on;
/**
*
* @var string
*/
protected $token;
public function __construct(Application $app, $account_id)
{
$this->app = $app;
$this->id = (int) $account_id;
$sql = 'SELECT api_account_id, usr_id, api_version, revoked
, application_id, created
FROM api_accounts
WHERE api_account_id = :api_account_id';
$stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql);
$stmt->execute([':api_account_id' => $this->id]);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$stmt->closeCursor();
$this->application_id = (int) $row['application_id'];
$this->user = $app['repo.users']->find($row['usr_id']);
$this->api_version = $row['api_version'];
$this->revoked = ! ! $row['revoked'];
$this->created_on = new DateTime($row['created']);
return $this;
}
/**
*
* @return int
*/
public function get_id()
{
return $this->id;
}
/**
*
* @return User
*/
public function get_user()
{
return $this->user;
}
/**
*
* @return string
*/
public function get_api_version()
{
return $this->api_version;
}
/**
*
* @return boolean
*/
public function is_revoked()
{
return $this->revoked;
}
/**
*
* @param boolean $boolean
* @return API_OAuth2_Account
*/
public function set_revoked($boolean)
{
$this->revoked = ! ! $boolean;
$sql = 'UPDATE api_accounts SET revoked = :revoked
WHERE api_account_id = :account_id';
$params = [
':revoked' => ($boolean ? '1' : '0')
, 'account_id' => $this->id
];
$stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql);
$stmt->execute($params);
$stmt->closeCursor();
return $this;
}
/**
*
* @return DateTime
*/
public function get_created_on()
{
return $this->created_on;
}
/**
*
* @return API_OAuth2_Token
*/
public function get_token()
{
if (! $this->token) {
try {
$this->token = new API_OAuth2_Token($this->app['phraseanet.appbox'], $this, $this->app['random.medium']);
} catch (NotFoundHttpException $e) {
$this->token = API_OAuth2_Token::create($this->app['phraseanet.appbox'], $this, $this->app['random.medium']);
}
}
return $this->token;
}
/**
*
* @return API_OAuth2_Application
*/
public function get_application()
{
if ( ! $this->application)
$this->application = new API_OAuth2_Application($this->app, $this->application_id);
return $this->application;
}
/**
*
* @return void
*/
public function delete()
{
$this->get_token()->delete();
foreach (API_OAuth2_AuthCode::load_codes_by_account($this->app, $this) as $code) {
$code->delete();
}
foreach (API_OAuth2_RefreshToken::load_by_account($this->app, $this) as $token) {
$token->delete();
}
$sql = 'DELETE FROM api_accounts WHERE api_account_id = :account_id';
$stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql);
$stmt->execute(['account_id' => $this->id]);
$stmt->closeCursor();
return;
}
public static function create(Application $app, User $user, API_OAuth2_Application $application)
{
$sql = 'INSERT INTO api_accounts
(api_account_id, usr_id, revoked, api_version, application_id, created)
VALUES (null, :usr_id, :revoked, :api_version, :application_id, :created)';
$datetime = new Datetime();
$params = [
':usr_id' => $user->getId()
, ':application_id' => $application->get_id()
, ':api_version' => API_OAuth2_Adapter::API_VERSION
, ':revoked' => 0
, ':created' => $datetime->format("Y-m-d H:i:s")
];
$stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql);
$stmt->execute($params);
$stmt->closeCursor();
$account_id = $app['phraseanet.appbox']->get_connection()->lastInsertId();
return new self($app, $account_id);
}
public static function load_with_user(Application $app, API_OAuth2_Application $application, User $user)
{
$sql = 'SELECT api_account_id FROM api_accounts
WHERE usr_id = :usr_id AND application_id = :application_id';
$params = [
":usr_id" => $user->getId(),
":application_id" => $application->get_id()
];
$stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql);
$stmt->execute($params);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$stmt->closeCursor();
if (! $row) {
throw new NotFoundHttpException('Account nof found.');
}
return new self($app, $row['api_account_id']);
}
}

4
templates/web/account/authorized_apps.html.twig
View File

@@ -31,8 +31,8 @@
{% endif%} {% endif%}
</p> </p>
<p class="app-row"> <p class="app-row">
<span class="status text-error {% if account.is_revoked() == false %}hidden{% endif %}">{{ "Not Allowed" | trans }}</span> <span class="status text-error {% if account.isRevoked() == false %}hidden{% endif %}">{{ "Not Allowed" | trans }}</span>
<span class="status text-success {% if account.is_revoked() == true %}hidden{% endif %}">{{ "Allowed" | trans }}</span> <span class="status text-success {% if account.isRevoked() == true %}hidden{% endif %}">{{ "Allowed" | trans }}</span>
</p> </p>
<p class="app-row">{{ application.get_description()|truncate(120, true, "...") }}</p> <p class="app-row">{{ application.get_description()|truncate(120, true, "...") }}</p>
</div> </div>

19
tests/Alchemy/Tests/Phrasea/Controller/Api/ApiTestCase.php
View File

@@ -64,13 +64,13 @@ abstract class ApiTestCase extends \PhraseanetWebTestCase
}); });
if (!self::$apiInitialized) { if (!self::$apiInitialized) {
self::$account = \API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user-not-admin'], self::$DI['user_notAdmin']); self::$account = self::$DI['app']['repo.api-accounts']->findByUserAndApplication(self::$DI['user_notAdmin'], self::$DI['oauth2-app-user-not-admin']);
self::$account->set_revoked(false); self::$DI['app']['manipulator.api-account']->revokeAccess(self::$account);
self::$token = self::$account->get_token()->get_value(); self::$token = self::$account->getOAuthToken()->getOauthToken();
self::$adminAccount = \API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']); self::$adminAccount = self::$DI['app']['repo.api-accounts']->findByUserAndApplication(self::$DI['user'], self::$DI['oauth2-app-user']);
self::$adminAccount->set_revoked(false); self::$DI['app']['manipulator.api-account']->revokeAccess(self::$adminAccount);
self::$adminToken = self::$adminAccount->get_token()->get_value(); self::$adminAccount = self::$adminAccount->getOAuthToken()->getOauthToken();
self::$apiInitialized = true; self::$apiInitialized = true;
} }
@@ -172,9 +172,10 @@ abstract class ApiTestCase extends \PhraseanetWebTestCase
if (null === $nativeApp) { if (null === $nativeApp) {
throw new \Exception(sprintf('%s not found', \API_OAuth2_Application_Navigator::CLIENT_ID)); throw new \Exception(sprintf('%s not found', \API_OAuth2_Application_Navigator::CLIENT_ID));
} }
$account = \API_OAuth2_Account::create(self::$DI['app'], self::$DI['user'], $nativeApp); $account = self::$DI['app']['manipulator.api-account']->create($nativeApp, self::$DI['user']);
$token = $account->get_token()->get_value(); $token = self::$DI['app']['manipulator.api-oauth-token']->create($account);
$this->setToken($token);
$this->setToken($token->getOauthToken());
self::$DI['client']->request('GET', '/api/v1/databoxes/list/', $this->getParameters(), [], ['HTTP_Accept' => $this->getAcceptMimeType()]); self::$DI['client']->request('GET', '/api/v1/databoxes/list/', $this->getParameters(), [], ['HTTP_Accept' => $this->getAcceptMimeType()]);
$content = $this->unserialize(self::$DI['client']->getResponse()->getContent()); $content = $this->unserialize(self::$DI['client']->getResponse()->getContent());

10
tests/Alchemy/Tests/Phrasea/Controller/Api/OAuth2Test.php
View File

@@ -95,15 +95,7 @@ class OAuth2Test extends \PhraseanetAuthenticatedWebTestCase
public static function getAccount() public static function getAccount()
{ {
$sql = "SELECT api_account_id FROM api_accounts WHERE application_id = :app_id AND usr_id = :usr_id"; return self::$DI['app']['repo.api-accounts']->findByUserAndApplication(self::$DI['user'], self::$DI['oauth2-app-user']);
$t = [":app_id" => self::$DI['oauth2-app-user']->getId(), ":usr_id" => self::$DI['user']->getId()];
$conn = self::$DI['app']['phraseanet.appbox']->get_connection();
$stmt = $conn->prepare($sql);
$stmt->execute($t);
$row = $stmt->fetch(\PDO::FETCH_ASSOC);
$stmt->closeCursor();
return new \API_OAuth2_Account(self::$DI['app'], $row["api_account_id"]);
} }
public function setQueryParameters($parameter, $value) public function setQueryParameters($parameter, $value)

8
tests/Alchemy/Tests/Phrasea/Controller/Root/AccountTest.php
View File

@@ -391,13 +391,9 @@ class AccountTest extends \PhraseanetAuthenticatedWebTestCase
$this->assertObjectHasAttribute('success', $json); $this->assertObjectHasAttribute('success', $json);
$this->assertTrue($json->success); $this->assertTrue($json->success);
$account = \API_OAuth2_Account::load_with_user( $account = self::$DI['app']['repo.api-accounts']->findByUserAndApplication(self::$DI['user'], self::$DI['oauth2-app-user']);
self::$DI['app']
, self::$DI['oauth2-app-user']
, self::$DI['user']
);
$this->assertEquals($expected, $account->is_revoked()); $this->assertEquals($expected, $account->isRevoked());
} }
public function revokeProvider() public function revokeProvider()

31
tests/classes/api/oauthv2/AccountTest.php
View File

@@ -3,43 +3,40 @@
class api_oauthv2_AccountTest extends \PhraseanetTestCase class api_oauthv2_AccountTest extends \PhraseanetTestCase
{ {
/** /**
* @var API_OAuth2_Account * @var ApiApplication
*/ */
protected $object; protected $object;
public function setUp() public function setUp()
{ {
parent::setUp(); parent::setUp();
$this->object = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']); $this->object = self::$DI['app']['repo.api-accounts']->findByUserAndApplication(self::$DI['user'], self::$DI['oauth2-app-user']);
} }
public function testGettersAndSetters() public function testGettersAndSetters()
{ {
$this->assertTrue(is_int($this->object->get_id())); $this->assertTrue(is_int($this->object->getId()));
$this->assertInstanceOf('Alchemy\Phrasea\Model\Entities\User', $this->object->get_user()); $this->assertInstanceOf('Alchemy\Phrasea\Model\Entities\User', $this->object->getUser());
$this->assertEquals(self::$DI['user']->getId(), $this->object->get_user()->getId()); $this->assertEquals(self::$DI['user']->getId(), $this->object->getUser()->getId());
$this->assertEquals('1.0', $this->object->get_api_version()); $this->assertEquals('1.0', $this->object->getApiVersion());
$this->assertTrue(is_bool($this->object->is_revoked())); $this->assertTrue(is_bool($this->object->isRevoked()));
$this->object->set_revoked(true); $this->object->set_revoked(true);
$this->assertTrue($this->object->is_revoked()); $this->assertTrue($this->object->isRevoked());
$this->object->set_revoked(false); $this->object->set_revoked(false);
$this->assertFalse($this->object->is_revoked()); $this->assertFalse($this->object->isRevoked());
$this->assertInstanceOf('DateTime', $this->object->get_created_on()); $this->assertInstanceOf('DateTime', $this->object->getCreated());
$this->assertInstanceOf('ApiApplication', $this->object->getApplication());
$this->assertInstanceOf('API_OAuth2_Token', $this->object->get_token()); $this->assertEquals(self::$DI['oauth2-app-user'], $this->object->getApplication());
$this->assertInstanceOf('ApiApplication', $this->object->get_application());
$this->assertEquals(self::$DI['oauth2-app-user'], $this->object->get_application());
} }
public function testLoad_with_user() public function testLoad_with_user()
{ {
$loaded = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']); $loaded = self::$DI['app']['repo.api-accounts']->findByUserAndApplication(self::$DI['user'], self::$DI['oauth2-app-user']);
$this->assertInstanceOf('API_OAuth2_Account', $loaded); $this->assertInstanceOf('ApiAccount', $loaded);
$this->assertEquals($this->object, $loaded); $this->assertEquals($this->object, $loaded);
} }
} }

4
tests/classes/api/oauthv2/AuthCodeTest.php
View File

@@ -15,7 +15,7 @@ class api_oauthv2_AuthCodeTest extends \PhraseanetTestCase
public function setUp() public function setUp()
{ {
parent::setUp(); parent::setUp();
$this->account = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']); $this->account = self::$DI['app']['repo.api-accounts']->findByUserAndApplication(self::$DI['user'], self::$DI['oauth2-app-user']);
$expires = time() + 100; $expires = time() + 100;
$this->code = self::$DI['app']['random.low']->generateString(8); $this->code = self::$DI['app']['random.low']->generateString(8);
$this->object = API_OAuth2_AuthCode::create(self::$DI['app'], $this->account, $this->code, $expires); $this->object = API_OAuth2_AuthCode::create(self::$DI['app'], $this->account, $this->code, $expires);
@@ -28,7 +28,7 @@ class api_oauthv2_AuthCodeTest extends \PhraseanetTestCase
public function testGet_account() public function testGet_account()
{ {
$this->assertInstanceOf('API_OAuth2_Account', $this->object->get_account()); $this->assertInstanceOf('ApiApplication', $this->object->get_account());
} }
public function testGet_redirect_uri() public function testGet_redirect_uri()

3
tests/classes/api/oauthv2/RefreshTokenTest.php
View File

@@ -14,8 +14,7 @@ class api_oauthv2_RefreshTokenTest extends \PhraseanetTestCase
public function setUp() public function setUp()
{ {
parent::setUp(); parent::setUp();
$this->account = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']); $this->account = self::$DI['app']['repo.api-accounts']->findByUserAndApplication(self::$DI['user'], self::$DI['oauth2-app-user']);
$expires = time() + 100; $expires = time() + 100;
$this->token = self::$DI['app']['random.low']->generateString(8); $this->token = self::$DI['app']['random.low']->generateString(8);
$this->scope = 'scopidou'; $this->scope = 'scopidou';

4
tests/classes/api/oauthv2/TokenTest.php
View File

@@ -10,7 +10,7 @@ class api_oauthv2_TokenTest extends \PhraseanetTestCase
public function setUp() public function setUp()
{ {
parent::setUp(); parent::setUp();
$account = API_OAuth2_Account::load_with_user(self::$DI['app'], self::$DI['oauth2-app-user'], self::$DI['user']); $account = self::$DI['app']['repo.api-accounts']->findByUserAndApplication(self::$DI['user'], self::$DI['oauth2-app-user']);
try { try {
new API_OAuth2_Token(self::$DI['app']['phraseanet.appbox'], $account, self::$DI['app']['random.medium']); new API_OAuth2_Token(self::$DI['app']['phraseanet.appbox'], $account, self::$DI['app']['random.medium']);
@@ -65,7 +65,7 @@ class api_oauthv2_TokenTest extends \PhraseanetTestCase
$this->object->set_scope($scope); $this->object->set_scope($scope);
$this->assertEquals($scope, $this->object->get_scope()); $this->assertEquals($scope, $this->object->get_scope());
$this->assertInstanceOf('API_OAuth2_Account', $this->object->get_account()); $this->assertInstanceOf('ApiApplication', $this->object->get_account());
} }
public function testRenew() public function testRenew()